We performed a comparison between Cisco Secure Firewall and WatchGuard Firebox based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The two solutions are very comparable. WatchGuard Firebox received slightly better ratings because it is easier to deploy than Cisco Secure Firewall.
"The most valuable features of Fortinet FortiGate are it is one of the most mature firewalls in the UTM bundle."
"The scalability is good in Fortinet FortiGate."
"Fortinet FortiGate's reliability is valuable."
"The license management is very valuable. You can get a new license each year, or you can enroll every two to four years. You can get the logs, and you will get the information on the risk in your network and the entire organization. With this information, you can take action on your actives, computers, or devices. You can bring your own device as an SSE."
"The security on offer is very good."
"The most valuable feature is the web filter."
"Its performance in fulfilling our requirements has been satisfactory."
"Some of the key features of the solution is that it has good reporting, you can receive many details from the connection, for example, clients and website information."
"It is a secure product."
"The GUI is among the most valuable features,"
"The stability of Cisco ASA is excellent compared to other products on the market. Because of our customer experience as an integrator company, our clients never report any performance problems. We have a good performance reputation with Cisco ASA."
"It is a highly stable product. We rarely receive any serious outdates, so it works quite well."
"Its security and filtering are most valuable. Every layer of data that comes into the organization goes through it. After setting up the criteria, it automatically filters the traffic. We don't have to check it often."
"The traffic inspection and the Firepower engine are the most valuable features. It gives you full details, application details, traffic monitoring, and the threats. It gives you all the containers the user is using, especially at the application level. The solution also provides application visibility and control."
"It is a comprehensive suite and complete package."
"The integration and configuration were pretty straightforward."
"If there is any conflict, the reporting feature will kick out all types of information, which is great."
"I like intrusion detection the most."
"It also provides us with layered security. It has onboard virus scanning features that allow it to scan before something gets to the host. It will also stop a person from going to a site that is known to be bad."
"Because we bought two firewalls... we need a central place to manage the policies and deploy them to both devices. It's good that it provides a system management console that is able to manipulate and manage policies in one place and deploy them to different locations."
"The main reason we went with it was the security protocols. They were more robust on this device."
"Intrusion Prevention is my primary focus so that's what I find most useful. The why is straightforward: It's to prevent intrusion."
"The solution has increased productivity with our outside salespeople being able to connect into their computers and use those remotely."
"It provides us with Layer 2 and Layer 3 security."
"There are some cloud-based features that could be much more flexible than they currently are."
"One of the features that I would like to have is to do with endpoint production, it should be integrated. For example, the firewall gets notified of any kind of forensic event that needs to be done, such as if there is a ransomware attack and how it originated, all those records have to be available from the firewall, which is not."
"Its reporting can be improved. Sometimes, I don't get proper reports."
"The solution is very expensive."
"The license renewal process, annual renewal price, and the web application firewall features should be improved."
"There are some problems that support cannot give you a logical reason as to why it happened. For example, I had a case where I was dealing with a WhatsApp application that was giving issues. Technical support gave more than one reason it could be giving issues, but none of them solved the problem. Eventually I solved the problem, but it was far from the solutions that support had given."
"For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial."
"I don't really have anything negative to say as far as Fortinet firewalls are concerned. If anything, they can support a user a little bit better. They can stop being so time-sensitive about how much time the support call has taken, and they can help you do it yourself."
"UTM features would be nice or some NextGen features."
"The installation and integration of Cisco ASA with FirePOWER can be improved. The management with Fortigate is easier than Cisco ASA on FirePOWER. The management side of Cisco ASA can be improved so it can be more easily configured and used."
"I needed to be well-versed with all the command lines for Cisco ASA in order to fully utilize it. I missed this info and wasted some operational costs."
"This solution could be more granular and user-friendly."
"The virtual firewalls don't work very well with Cisco AnyConnect."
"It is my understanding that they are in the process of discontinuing this device."
"Most users do not have awareness of this product's functionality and features. Cisco should do something to make them aware of them. That would be quite excellent and useful to organizations that are still using legacy data-center-security products."
"You need to have a little bit of knowledge to be able to configure it. Otherwise, it would be very difficult to configure because there is no GUI. The latest software available in the market has a GUI and probably zero-touch provisioning and auto-configuration. All these things are not available in our version. You need to manually go and configure everything in the switch. In terms of new features, we would definitely want to have URL-based filtering, traffic steering, and probably a little bit steering in the bandwidth based on the per-user level and per-user group. We will definitely need some of these features in the near future."
"There's always room for improvement, especially if the threats are getting more sophisticated and the IT department cannot sufficiently meet this kind of sophistication with their own knowledge and experience. Knowing that this solution can get up to the level of addressing a lot of these threats is something that everybody wishes for. If we look at the dark web and the lawful web, they are two opposites, and if these two good and bad collide in the world of the internet, you want the best possible product—especially if you cannot get to that point of knowledge. I am just an individual and end user, with limited knowledge of usage. That's why I say there's always room for improvement, from their side and also from mine, because by knowing exactly what they can achieve and the knowledge that they can get on an everyday basis, and the portion that is understandable to me, it's an improvement for them as well."
"It would be wonderful if the WatchGuard team develops nice products for threat intelligence."
"This is a great product and offers great protection but they don't hear the customers' needs. They don't make improvements as per the customers' requests."
"I haven’t dug deeply into the reporting features yet or if they are working well. However, I have generated several reports and there was too much unnecessary information, in comparison with the reporting features in the Sophos firewall. Sophos' reporting is more readable and easier to configure."
"They are working on cloud-based options. However, they do not have the options fully functional in their solution at this time."
"The pricing could be improved. It is definitely one of the more expensive products."
"In terms of what could be improved, I would say their web blocker feature. It is still quite a confusing setup, especially when you want to filter out a particular category for granularity. For example, you do not want to filter Facebook but you do want to filter Facebook games only. It can be done, but the process to do it is very confusing."
"The area where I think this product can be improved is the user interface and the reporting. It can be quite difficult to find the correct logs and to actually find out what is going on. The digging can be time-consuming."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while WatchGuard Firebox is ranked 13th in Firewalls with 78 reviews. Cisco Secure Firewall is rated 8.2, while WatchGuard Firebox is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of WatchGuard Firebox writes "Offers a streamlined deployment, intuitive interface and robust security features". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Sophos UTM, whereas WatchGuard Firebox is most compared with Netgate pfSense, Sophos XG, OPNsense, SonicWall TZ and Sophos UTM. See our Cisco Secure Firewall vs. WatchGuard Firebox report.
See our list of best Firewalls vendors and best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.