We performed a comparison between Cisco Secure Firewall and SonicWall NSa based on real PeerSpot user reviews.Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"Fortinet FortiGate has many valuable features, such as IDS, and intrusion detection. It has security features that are in part with the technologies that are available in the market."
"I like Fortinet's cloud management. It allows me to manage all my devices in different branches for three cloud accounts. Even though I use on-prem devices, I can manage everything on the cloud."
"It's very easy to configure."
"The most valuable feature of Fortinet FortiGate is the simple configuration."
"The most valuable features of Fortinet FortiGate are remote access, web filtering, and IPS."
"The performance is good."
"The most valuable features of Fortinet FortiGate are the different types of profiling. It has been the most effective for me. The WAF and the antivirus profile are the most effective in network protection."
"The most valuable features of Fortinet FortiGate are the APIs. They are the most widely known."
"It helped us a lot with our VPNs for the home office during COVID. There has been more security and flexibility for VPNs and other applications."
"The initial setup was not complex."
"You can also put everything into a nice, neat, little package, as far as configuration goes. I was formerly a command-line guy with the ASA, and I was a little nervous about dealing with a GUI interface versus a command line, but after I did my first deployment, I got a lot more comfortable with doing it GUI based."
"The CLI is the most valuable feature. This solution is very flexible and offers different functionality including firewalls and VPN connectivity."
"It just works for us."
"Cisco offers a great educational series to train users on their devices."
"Its security and filtering are most valuable. Every layer of data that comes into the organization goes through it. After setting up the criteria, it automatically filters the traffic. We don't have to check it often."
"I think that the firewall feature is the most valuable to me as it is one of the oldest features for this solution. We also appreciate how stable the VPN is."
"We have not found any vulnerabilities since implementing the solution."
"What I like best about SonicWall NSa is the security it offers compared to other solutions in the market. Its reduction rate is also better than others."
"The most valuable features to us are the security services which is a critical factor in our deployment. Today we need to have all the security services enabled because firewalls are not enough."
"The features I found most valuable are email security and web filtering."
"They offer good antivirus solutions."
"SonicWall has all the usual functions, like LAN configurations, security features, word filters, etc., but it also has the CFS agent, which isn't available in any other firewall. Reporting port support is also there."
"I like that SonicWall NSa is a stable product. It's also a scalable product."
"Overall SonicWall NSa is a good solution for our use case."
"Their software support needs improvement. I would prefer to have better support for bug fixes. Sometimes, we open a ticket, and it is very difficult to get a solution. Specifically, we are not at all happy with their support for load balancing."
"It would be nice if FortiGate incorporated some built-in endpoint protection features. I would also like a built-in SOC dashboard for managing multiple Fortinet firewalls."
"The stability could be a bit better."
"A sandbox would be good in order to be able to inspect the emails containing spam and be able to validate the emails that contain malware, prior to delivering to the customer."
"Fortinet FortiGate could improve by adding enhancements to FortiMail, FortiSOAR, and FortiDeceptor."
"Fortinet FortiGate needs to improve the protection, it did not prevent us from being attacked. Additionally, Fortinet FortiGate could provide more features for WAF devices. I should not have to purchase two solutions, it would be a benefit to combine these features into one solution."
"I would like to see improvements in the product's application rules."
"We sometimes have issues with FortiGate's routing table in the latest firmware update. We had to downgrade the device because our customers complained about bugs."
"In general, they can make it easier to manage the solutions. They can make it easier in terms of administration and provide a single tool for different firewalling solutions. They have different tools to manage different firewalls, such as Firepower or ASA. Sometimes, both are on the same thing. You have ASA with Firepower modules, so you manage some of the things via HTML, and then you manage some of the things via another management tool. It's not seamless."
"The main problem we have is that things work okay until we upgrade the firmware, at which point, everything changes, and the net stops working."
"Cisco still has a lot of work to do. You can convert an ASA over to a Firepower, but the competitors, like Palo Alto and Juniper, are coming in. And believe it or not, they are a little bit more intuitive. Cisco has a little bit more work to do. They're playing catch up."
"A major area of improvement would be to have more functionality in public clouds, especially in terms of simplifying it. The high availability doesn't work right now because of the limitations in the cloud."
"I think that the solution can be improved with the integration of application-centric infrastructure. It could be used to have better solutions in one box."
"The change-deployment time can always be improved. Even at 50 seconds, it's longer than some of its competitors. I would challenge Cisco to continue to improve in that area."
"FMC could be improved because management with FMC is quite difficult compared to using Firepower web-based management."
"The cloud does not precisely mimic what is on-premises."
"The features I would like to see improve are the dashboard and the UI."
"The ongoing service fees are high."
"A room for improvement in SonicWall NSa is the log server because it could be more user-friendly compared to Fortinet and Palo Alto Networks. My company has many rule sets up for review, so sometimes, my team needs to use Excel for filtering, but the UI cannot support the Excel function."
"One area for improvement in SonicWall NSa is the GUI. It isn't easy to understand. The support for SonicWall NSa is mediocre, which is another area for improvement."
"We also use the Sophos Firewall for web configuration, which we don't have in SonicWall. Only Sophos has those options. If SonicWall included that feature, that would be a benefit for us."
"The thing main thing is that there's no user admin and in other firewalls, we can enable the scalable features, but SonicWall doesn't have that feature."
"The solution can be a bit expensive."
"It is not scalable. If your enterprise is growing hard then you have to buy another, bigger product. Maybe if you use it virtually it is more scalable."
Fortinet FortiGate is an innovative line of firewalls that aim to protect organizations from all types of web-based network threats. They come in a wide variety of product types. Fortinet FortiGate’s solutions are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.
Fortinet FortiGate provides users with next-generation firewall solutions that provide proven protection with unmatched performance across the network, from internal segments to data centers to cloud environments. You can protect every part of your network without exception. Additionally, your protections can be managed from a single central location. This ensures that the task of protecting your network is infinitely easier to accomplish.
Benefits of Fortinet FortiGate
Some of the benefits of using Fortinet FortiGate include:
Reviews from Real Users
Fortinet FortiGate’s firewall solutions are cutting edge. They stand out from competitors for a number of reasons. Two major ones are the robustness and power of their firewalls. Fortinet FortiGate’s firewall provides users with many valuable features that allow them to maximize what they can do with the solution. These firewalls enable users to use a single piece of software to accomplish tasks that often require the use of multiple pieces of software.
PeerSpot user Eric S., a Solutions Engineer and Consultant at a tech-services company, notes the robustness of this solution when he writes, "One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface.”
PeerSpot user Jim M., a network admin at Penobscot Valley Hospital, notes the power of Fortinet FortiGate’s security software when he writes, "It does a lot for you for intrusion protection and as an antivirus. The threat management bundle is worth the money. You don't need another company to monitor your web traffic for you. You can do everything yourself on the firewall. You restrict your own black list for people on the firewall.”
Cisco Secure Firewall, including Firepower, is a powerful perimeter security solution used for network security, data center protection, advanced malware protection, and site-to-site VPNs. Its most valuable features include NGIPS, application visibility and control, VLAN implementations, intrusion prevention, threat defense, and NAT.
The solution has helped organizations discover their environment, improve security, implement dynamic policies, reduce operational costs, and protect against threats from outside and within the data center. Overall, Cisco Secure Firewall is a valuable tool for securing organizations and providing visibility into threats.
SonicWall NSa dispenses advanced threat protection using a high-performance security platform. The NSa series implements intuitive deep learning technologies in the SonicWall Capture Cloud Platform to dispatch the automated real-time threat detection and deterrence enterprise organizations need today. SonicWall Network Security appliance (NSa) series is best for mid-sized organizations to distributed enterprises and data centers.
SonicWall NSa series next-generation firewalls (NFGWS) combine two very robust security ideologies to deliver advanced threat protection to keep users’ networks safe. Boosting SonicWall’s multi-engine advanced threat protection (ATP) is their Real-time Deep Memory Inspection (RTDMI™). The RTDMI intuitively identifies and stops aggressive zero-day threats and vicious malware by investigating memory directly. This real-time process allows SonicWall RTDMI to be accurate, lessen false positives and discover and alleviate malicious threats and attacks. SonicWall’s single-pass Reassembly-Free Deep Packet Inspection (RFDPI) will audit every byte of each and every packet by investigating both outbound and inbound traffic on the firewall. By combining the SonicWall Capture Cloud Platform along with on-box offerings such as intrusion prevention, web/URL filtering, and anti-malware, the NSa series is able to block the most malicious and dangerous threats at the gateway.
Additionally, SonicWall firewalls supply absolute protection by executing complete inspection and decryption of SSH and TLS/SSL encryption connections - no matter the port or protocol. The firewall takes a deep dive into each and every packet (the header and data) routing out any anomalies, zero-day intrusions, threats, and protocol non-compliance. Users can also define unique criteria specific to their organization to ensure their networks remain safe. This aggressive deep packet inspection is able to identify and block malicious attacks, stop dangerous malware downloads, prevent the spread of infections, and defeat command and control (C&C) communications and data exfiltration. Protocols involving inclusion and exclusion allow users complete control to decide, based on specific governance policies, organizational policies, or government or legal compliance, which traffic is to be investigated for decryption or inspection.
SonicWall Nsa offers enterprise organizations the network control and fluid flexibility they desire using an intrusion prevention system (IPS), VPN, real-time visualization, and other advanced powerful security features, making it a popular firewall solution in today's marketplace.
Reviews from Real Users
“The features that I have found most valuable are the firewalling, which is very good, and the GUI which is very intuitive. It is easy to use and provides great security.” - Network Engineer at a maritime company
“What's valuable in SonicWall NSa is the ATP (advanced threat protection). It can protect users from malicious links. SonicWall NSa also has a Sandboxing service that is very helpful for us, especially when end users accidentally click on malicious links. Another valuable feature of this solution is that it is very useful for site-to-site VPN connectivity issues. SonicWall NSa has very good hardware. I also love that SonicWall has very good technical support, who are very knowledgeable, provide good suggestions, and they're easy to reach.” - Mohammed M., Network Administrator at Transgulf Readymix
Cisco Secure Firewall is ranked 3rd in Firewalls with 113 reviews while SonicWall NSa is ranked 16th in Firewalls with 27 reviews. Cisco Secure Firewall is rated 8.4, while SonicWall NSa is rated 8.0. The top reviewer of Cisco Secure Firewall writes "The ability to implement dynamic policies for dynamic environments is important, given the fluidity in the world of security". On the other hand, the top reviewer of SonicWall NSa writes "Easy to scale advanced threat protection solution with knowledgeable technical support, but has occasional bugs". Cisco Secure Firewall is most compared with Meraki MX, Palo Alto Networks WildFire, Netgate pfSense, Juniper SRX Series Firewall and Palo Alto Networks VM-Series, whereas SonicWall NSa is most compared with SonicWall TZ, Meraki MX, Sophos XG, WatchGuard Firebox and Netgate pfSense. See our Cisco Secure Firewall vs. SonicWall NSa report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.