Cisco Secure Firewall vs Stormshield Network Security comparison

Cisco Secure Firewall vs. Stormshield Network Security

June 2025

Download the complete report

Helped 860,632 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortinet FortiGate

Featured Reviews

Vasu Gala

Manager, Information Technology Operation/Presales at TechMonarch

A stable solution with an intuitive interface and quick customer service

I have been working with Fortinet FortiGate, WatchGuard, Sophos, and SonicWall. I'm not as comfortable with SonicWall because of their UI and limitations. I prefer Fortinet above all other options. When it comes to configuration, I am confident in my ability to handle various tasks, including creating policies such as firewall rules, web policies, and application policies. Additionally, I can configure VPNs and implement load balancing, among other tasks. Overall, I feel much more comfortable working with Fortinet. Fortinet has made significant improvements by integrating AI with firewalls for threat analysis and prevention. In the past 2-3 years, they have launched FortiSASE and SIEM, and they also provide SOC services. Both Palo Alto and Fortinet FortiGate are excellent. While Fortinet FortiGate comes at higher prices, the functionality and support justify the cost. They promptly resolve firmware issues and inform all support providers about configuration changes.

Unified policies streamline network management but complex licensing requires attention

Phil Shiflett

Senior Manager, Network Engineering at TTi Power Equipment

Cisco Secure Firewall has some growth opportunities in terms of visibility and control capabilities regarding managing encrypted traffic. It has the ability to analyze encrypted traffic, and there is potential for more integration with APIs and AI to enhance these capabilities. Cisco Secure Firewall needs improvement in deployment time and the capability to access the CLI during support calls. I often encounter issues when technical support uses a CLI that is not familiar to me while troubleshooting through the GUI. My ongoing complaint for the last six years has been the lack of CLI functionality, which hinders my ability to work on the firewall, alongside concerns regarding deployment time. For the next release, they should look at the features offered by competitors such as Fortinet, including the ability to perform packet capture directly from the interface. If they enhanced their troubleshooting efficiency related to packet capture for each specific rule, it would simplify the process significantly.

The intrusion detection system helps our organization by automatically detecting and responding to potential threats

Benjamin

Network Engineer at ACS2I

The tool's most valuable feature is its dashboard, which helps you manage different aspects of a single page. The intrusion detection system helps our organization by automatically detecting and responding to potential threats. It operates similarly to Darktrace, which detects and responds automatically based on the security rules you apply. Initially, you configure everything to block, and then you can whitelist specific items as needed.

More Fortinet FortiGate pros

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"On a scale of one to ten, I rate this solution 10 out of 10."

"It performs very well."

"We can detect any attack of viruses or malware at the first point of contact."

"I would advise others considering or evaluating the Fortinet FortiGate to buy it."

"The most valuable features of Fortinet FortiGate are the APIs. They are the most widely known."

"Mainly the FortiGate reporting system is very good. It guides us through all the expectations of security. Fortinet provides us all that we need for security. Also, Fortinet FortiGate is a next-generation firewall. It is much more advanced than others."

"I am "headache free" that I don't have to categorize all the websites and that security has been pre categorized by the people, and that the services are getting updated. At least one part of my problem is over."

"Fortinet FortiGate is easy to use."

"The most valuable features of Cisco firewalls are the IPS and IDS items. We find them very helpful. Those are the biggest things because we have some odd, custom-made products in our environment. What we've found through their IPS and IDS is that their vulnerability engines have caught things that are near-Zero-day items, inside of our network."

"Their hardware can handle substantial amounts of data without causing latency."

"The feature of Cisco Secure Firewall that I prefer the most is the use of ASDM where we visually are able to see all of our traffic when it comes through the firewall."

"The Firepower IPS, based on Snort technology, has an amazing detection engine and historical analysis capability of files that eases threat investigations a lot."

"I am used to the ASA syntax, therefore it is quite easy to make up new rules. I have found that DNS doctoring rules are useful."

"The most valuable feature for the customers is that they can control what communication is allowed and what is not allowed. That is, they can allow or deny client traffic."

"Regarding the zero-trust security model, Cisco Secure Firewall helps our company. Our students and staff have the ability to do whatever they need to do with their research. It helps them while keeping security top of mind."

"The Adversity Malware Protection (AMP) feature is the most valuable. It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard."

More Cisco Secure Firewall pros

"The tool's most valuable feature is its dashboard, which helps you manage different aspects of a single page. The intrusion detection system helps our organization by automatically detecting and responding to potential threats. It operates similarly to Darktrace, which detects and responds automatically based on the security rules you apply. Initially, you configure everything to block, and then you can whitelist specific items as needed."

"A very robust product."

"Easily manageable in a variety of environments."

"The scalability of the solution is good."

"The most valuable features are the IPS, the firewall function, and the price."

"It's an easy, straightforward management platform to use."

"I like how you can configure the rules. There is the task for the rules and a task for the network configuration. It also provides SMD filtering, and it can be integrated with the active directory for the users, their mission, and the VPN configuration. We are here in Sudan, and Stormshield didn't work in Sudan for more than a decade. Stormshield is a very strong firewall and very easy to configure and maintain. I am just working with the firewall solution, and we don't have any other solutions like endpoint solutions or something like that."

"The tool's most valuable feature is its dashboard, which helps you manage different aspects of a single page."

More Stormshield Network Security pros

Cons

"I'm not sure if it's something that they already have or are developing something, however, we need some dedicated features for container security."

"I want some additional features. For example, I want something to ensure that when we are using Google email or Microsoft email, or Google Workspace, emails can only be accessed on designated machines given to our employees. I would like them to access data from designated machines, not from any machine. It should work for designated mobiles and laptops. I don't know if Fortinet provides something like that out of the box."

"For Fortinet FortiGate, their code development would definitely be something they need to improve on to reduce vulnerabilities that need to be patched."

"The people we are working with are not able to configure MFA. They are having some technical issues. Fortinet needs to ensure that its partners are well-trained."

"I think there could be more QoS features"

"We faced difficulties with the configuration because there are many features we could optimize using Fortinet FortiGate, but our reseller didn't have a good understanding of it. So, we just use it on a basic level, not with the best practice for using FortiGate."

"We would like to have the ability to disable some of the security functionalities."

"It could use better throughput on some of the smaller boxes for the branch offices."

More Fortinet FortiGate cons

"Regarding stability and reliability, I have experienced false negative alerts with the CS models, which indicate that my switch has gone down when in reality, it has not. That is a fix that is needed."

"I would like it to be easier to work with and have a better user interface. It is not straightforward. You need to know the Cisco command-line interface."

"Intrusion prevention, we currently need to apply deep bracket inspection manually to use web filtering."

"The pricing is a bit high."

"Migration with other appliances is not easy. It has to be done manually, and this takes a long time."

"Cisco Secure Firewall could be improved in terms of the GUI and management."

"My team tells me that other solutions such as Fortinet and Palo Alto are easier to implement."

"The SSL VPN is, and always has been, painful to configure and the Java plugin does not guarantee a uniform deployment."

More Cisco Secure Firewall cons

"With Stormshield, there are difficulties joining things, and it can be complex depending on the architecture."

"Stormshield Network Security is quite expensive."

"Not all the fields are activated yet and we were informed that it will take at least one month."

"It could be better if it were more user-friendly. It's too complicated for us to use it. The price could be better as well."

"A more user-friendly interface would be helpful."

"The filtering configuration could be better. We have some difficulties with the filtering configuration and the filter extension. It's not that easy. It's not that straightforward. In the next release, I would like to see a reporting system. Stormshield doesn't have any tutorials on how to do the configuration and things like that. They just have documentation on the website. If you want to configure, for example, Cisco or Fortinet, you can find tutorials on YouTube. They show you how to configure the features, and so on. In Stormshield, there is nothing on social media or the internet on how to configure different things. The lack of documentation or the lack of material makes it difficult for others to adopt this solution."

"This solution has a big problem with web filtering and it needs to be improved."

"Improvement is needed in terms of the technical support of the manufacturer."

More Stormshield Network Security cons

Pricing and Cost Advice

"The pricing is fair."

"It was worth the money overall. It's good value."

"The price of Fortinet FortiGate is better than Cisco, Check Point, and Palo Alto. In terms of pricing, it's probably a better-priced firewall solution overall."

"For the performance that we get, the price is reasonable. There are cheaper options, but they may not deliver the same kind of performance that we want. For the performance they provide, the price is acceptable."

"The price could be lower."

"The Fortinet FortiGate security features cost approximately $1,500 a year. The firewall itself doesn't have a recurring cost. It's the security features on top of that that you pay for."

"We just pay a flat monthly fee to the vendor for the support."

"Compared to Palo Alto, which we have used in the past, pricing and licensing are okay."

More Fortinet FortiGate pricing and cost advice

"There are additional implementation and validation costs."

"The one-time cost is affordable, but the maintenance cost and the Smart Net costs need to be reduced. They're too high."

"The pricing could always be cheaper."

"The solution was chosen because of its price compared to other similar solutions."

"The licensing models that are available for Cisco Secure Firewall are okay. You have nearly every option that you need. You can pick filtering, advanced malware protection, or all the available features. It's sufficient. In terms of pricing, there are, for sure, some cheaper vendors, but overall, it's nearly the same. It has a fair price."

"Cisco pricing is premium. However, they gave us a 50 to 60 percent discount."

"We are in the process of renewing our three-year license, which costs approximately $24,000 USD for the thirty-six months."

"We looking for a possible new solution because of the licensing and VPN."

More Cisco Secure Firewall pricing and cost advice

"For mid-sized companies, they sell their appliances for good prices."

"We chose Stormshield for its price, as the Azure firewall was too expensive."

"The SN200 series costs between $500 USD and $600 USD per year, whereas the SN700 series costs approximately $1,000 annually."

"The price of this solution and the price of support are ok."

"I think the price is good."

"The pricing could be better."

"We bought a three-year license, and we renew it whenever it expires. The price could be better. It's always very expensive."

See which vendors are best for you

Use our free recommendation engine to learn which Firewalls solutions are best for your needs.

See recommendations

860,632 professionals have used our research since 2012.

Comparison Review

it_user206346

Security Consultant at Webernetz.net - Network Security Consulting

Mar 11, 2015

Cisco ASA vs. Palo Alto Networks

Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning…

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

Top Industries

By visitors reading reviews

Computer Software Company

15%

Educational Organization

11%

Comms Service Provider

Manufacturing Company

Educational Organization

31%

Computer Software Company

16%

University

Manufacturing Company

Computer Software Company

21%

Comms Service Provider

15%

Government

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

When you compare these firewalls you can identify them with different features, advantages, practices and usage a...

What is the biggest difference between Sophos XG and FortiGate?

From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?

As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...

Which is better - Fortinet FortiGate or Cisco ASA Firewall?

One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fort...

How does Cisco's ASA firewall compare with the Firepower NGFW?

It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cis...

Which is better - Meraki MX or Cisco ASA Firewall?

Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports netw...

What do you like most about Stormshield Network Security?

Ease of use is the best feature of the product.

What is your experience regarding pricing and costs for Stormshield Network Security?

We pay for the quality we receive.

What needs improvement with Stormshield Network Security?

The product must improve its pricing.

Sophos XG vs Fortinet FortiGate

Comparisons

Compared 20% of the time

Netgate pfSense vs Fortinet FortiGate

Compared 12% of the time

WatchGuard Firebox vs Fortinet FortiGate

Compared 5% of the time

SonicWall TZ vs Fortinet FortiGate

Compared 5% of the time

Meraki MX vs Fortinet FortiGate

Compared 5% of the time

More Fortinet FortiGate Competitors

Palo Alto Networks WildFire vs Cisco Secure Firewall

Compared 9% of the time

Palo Alto Networks NG Firewalls vs Cisco Secure Firewall

Compared 7% of the time

Netgate pfSense vs Cisco Secure Firewall

Compared 5% of the time

OPNsense vs Cisco Secure Firewall

Compared 4% of the time

Meraki MX vs Cisco Secure Firewall

Compared 3% of the time

More Cisco Secure Firewall Competitors

Netgate pfSense vs Stormshield Network Security

Compared 14% of the time

OPNsense vs Stormshield Network Security

Compared 7% of the time

WatchGuard Firebox vs Stormshield Network Security

Compared 7% of the time

Palo Alto Networks NG Firewalls vs Stormshield Network Security

Compared 6% of the time

Fortinet FortiGate-VM vs Stormshield Network Security

Compared 3% of the time

More Stormshield Network Security Competitors

Product Reports

Download Fortinet FortiGate product report

Fortinet FortiGate

July 2025

Download Cisco Secure Firewall product report

Cisco Secure Firewall

July 2025

Stormshield Network Security

June 2025

Download Stormshield Network Security product report

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall

Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Adaptive Security Appliance, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall

NETASQ Firewalls

Overview

Fortinet FortiGate offers comprehensive network security and firewall protection across multiple locations. It effectively manages data traffic and secures environments with features like VPN, intrusion prevention, and UTM controls.

Organizations rely on Fortinet FortiGate for its robust integration with advanced security policies, ensuring significant protection for enterprises, cloud environments, and educational sectors. It facilitates network segmentation, application-level security, and authentication management, securing communication within and between locations such as branches and data centers. Its efficient SD-WAN and UTM features enable streamlined data management and enhanced threat protection capabilities. Users appreciate its centralized management, facilitating seamless operations across diverse environments.

What are the key features of Fortinet FortiGate?

VPN Capabilities: Ensure secure remote access for users and seamless site-to-site connections.
Intrusion Prevention System (IPS): Detect and prevent security threats and vulnerabilities.
Advanced Firewall: Offers robust firewalling with application control and web filtering.
SD-WAN: Optimizes application performance and enhances bandwidth management.
SSL VPN: Provides reliable and secure access for remote workers.

What benefits should users expect from Fortinet FortiGate?

High-performance Security: Delivers effective threat mitigation with high availability.
Centralized Management: Simplifies network operations with cloud-based management tools.
Detailed Analytics: Provides comprehensive insights into network activity and security threats.
Load Balancing: Ensures optimal resource distribution and traffic management.

Fortinet FortiGate is crucial in sectors like education, offering robust networks for secure data flow between campuses and facilitating remote learning. In enterprise environments, it allows efficient management of application traffic and security across multiple branches, while in the cloud, it seamlessly integrates with diverse platforms to enhance security infrastructure.

Fortinet

Cisco Secure Firewall stands as a robust and adaptable security solution, catering to organizations of all sizes. It's designed to shield networks from a diverse array of cyber threats, such as ransomware, malware, and phishing attacks. Beyond mere protection, it also offers secure access to corporate resources, beneficial for employees, partners, and customers alike. One of its key functions includes network segmentation, which serves to isolate critical assets and minimize the risk of lateral movement within the network.

The core features of Cisco Secure Firewall are multifaceted:

Advanced threat protection is achieved through a combination of intrusion prevention, malware detection, and URL filtering technologies.
For secure access, the firewall presents multiple options, including VPN, remote access, and single sign-on.
Its network segmentation capability is vital in creating barriers within the network to safeguard critical assets.
The firewall is scalable, effectively serving small businesses to large enterprises.
Management is streamlined through Cisco DNA Center, a central management system.

The benefits of deploying Cisco Secure Firewall are substantial. It significantly reduces the risk of cyberattacks, thereby enhancing the security posture of an organization. This security also translates into increased productivity, as secure access means uninterrupted work. Compliance with industry regulations is another advantage, as secure access and network segmentation align with many regulatory standards. Additionally, it helps in reducing IT costs by automating security tasks and simplifying management processes.

In practical scenarios, Cisco Secure Firewall finds diverse applications. It's instrumental in protecting branch offices from cyberattacks, securing remote access for various stakeholders, safeguarding cloud workloads, and segmenting networks to isolate sensitive areas.

User reviews from PeerSpot reflect an overall positive experience with the Cisco Secure Firewall. Users appreciate its ease of configuration, good management capabilities, robust protection, user-friendly interface, and scalability. However, some areas for improvement include better integration capabilities with other vendors, maturity, control over bandwidth for end-users, and addressing software bugs.

In summary, Cisco Secure Firewall is a comprehensive, versatile, and reliable security solution that effectively meets the security needs of various organizations. It offers a balance of advanced protection, user-friendly management, and scalability, making it a valuable asset in the realm of network security.

Cisco

NETASQ's integrated intrusion prevention engine uses protocol conformity analysis, application filtering and antivirus analysis to inspect authorized traffic flows and strengthen application security. NETASQ enables you to establish and configure user-based security policies, giving you greater control over which network resources each user is authorized to access.

Stormshield

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya

There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.

ACESUR group, Ministry of Education Oman, Anios Laboratories, Zain, DLM Location