Cisco Secure Firewall vs Zscaler Internet Access comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Cisco Secure Firewall and Zscaler Internet Access based on real PeerSpot user reviews.

Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Cisco Secure Firewall vs. Zscaler Internet Access Report (Updated: July 2019).
745,775 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most valuable features of Fortinet FortiGate are the ease of use and there are several operating systems that can include the hardware capacities. In the newer releases, the resources were more useful because they were included in the operating system.""Overall security features and performance routing is good.""The pricing is great and very reasonable.""Fortinet FortiGate's reliability is valuable.""FortiGate has a very strong unified threat management system.""Initial setup is straightforward. There weren't too many issues with setting it up. It takes one hour or so.""It's very good and very stable for businesses. It works very well.""The solution is very user-friendly."

More Fortinet FortiGate Pros →

"There are some hiccups here and there, but compared to the technical support from other vendors, I have had the best experience with Cisco's technical support. I would rate them at nine out of ten.""Previously, our customers had to always utilize hand-to-hand delivery. Now, they are able to move completely to a secure digital method. They use a strictly dark fiber optics connection from a central location to the endpoint.""One of the most valuable features is the GUI front end, which is very easy to use. But I'm also a command-line guy, and being able to access the device via command-line for advanced troubleshooting is quite important.""The stability is very good; there's no vagueness. Either it works or it doesn't, and it's also very easy to find out why.""The most valuable feature is the Intrusion Prevention System.""It's very scalable. You can go to different models of the ASAs and they scale up to as big as you want to go.""Protecting our landscape in general and being able to see logging when things aren't going as set out in policies are valuable features. Our security department is keen on seeing the logging.""Cisco offers a great educational series to train users on their devices."

More Cisco Secure Firewall Pros →

"Zscaler Internet Access's roaming user feature is most valuable and is much better compared to other secure web gateways.""The most valuable feature of the solution is SWG traffic.""Stability-wise, I rate the solution a nine and a half out of ten...The setup phase was easy.""I like the granularity of the control of all the traffic, including SSL inspection. I also like the fact that the user interface is intuitive. The latencies with Zscaler are minimal compared to those of any other competitor. Other competitors do not really have the global scale that Zscaler has and cannot promise low latencies.""The solution replaces multiple vendor technologies with one which makes it worth the cost.""Zscaler Internet Access has helped us reduce the time that we spend managing security policies by about four hours a week. We can use this time to focus on other things, especially the IT team.""Zscaler covers all the features needed to replace a VPN or proxy solution. They are good. They've been on the market for 15 years now, so they are mature enough.""The most valuable feature is the ability to drop packets."

More Zscaler Internet Access Pros →

Cons
"Fortinet needs to overhaul its documentation.""My only complaint about FortiGate is a lack of QinQ VLAN tunneling. I haven't found this feature in any Fortinet product. You can do this on all Cisco routers, including the smaller models. However, QinQ isn't available on the biggest, most expensive Fortinet units. They still don't have that. I think now we're on software version 6.0, and they still haven't found a solution for QinQ. It isn't a dealbreaker, but that's my main complaint.""Fortinet FortiGate could improve by adding FortiAnalyzer to its solution, we should not have to use another solution. FortiAnalyzer can provide more detailed information.""Its reporting and pricing need improvement.""There can be more security in hybrid implementations. When a customer has a hybrid environment where some parts are in the cloud, we need a consistent security solution for such scenarios.""It is very expensive, and their support is not very good. I hope that their technical support will be better in the future.""Fortinet FortiGate is not very easy to use. The navigation could be improved to make it easier to use.""I would prefer to have more detailed logs within the FortiGate products themselves rather than relying on a separate tool."

More Fortinet FortiGate Cons →

"Cisco still has a lot of work to do. You can convert an ASA over to a Firepower, but the competitors, like Palo Alto and Juniper, are coming in. And believe it or not, they are a little bit more intuitive. Cisco has a little bit more work to do. They're playing catch up.""Cisco Secure Firewall should be easier to handle. It uses ASDM, which is not easy to understand. It would be better if there was direct access via HTTPS.""The ability to better integrate with other tools would be an improvement.""When we first got it, we were doing individual configuring. Now, there is a way to manage from one location.""The one thing that the ASAs don't have is a central management point. We have a lot of our environments on FTD right now. So, we are using a Firewall Management Center (FMC) to manage all those. The ASAs don't really have that, but they are easy to use if you physically go into them and manage them.""I'm not a big fan of the FDM (Firepower Device Manager) that comes with Firepower. I found out that you need to use the Firepower Management Center, the FMC, to manage the firewalls a lot better. You can get a lot more granular with the configuration in the FMC, versus the FDM that comes out-of-the-box with it. FDM is like Firepower for dummies.""The ASAs are being replaced with the new Firepowers and they have a different type of structure in the configuration to be able to migrate from one to the other.""It integrates with other security products from Cisco, but sometimes, there can be glitches or errors."

More Cisco Secure Firewall Cons →

"Zscaler Internet Access could improve by adding a VPN feature.""They block Zscaler IPs when the traffic origin is from Zscaler IPs. They've been blocked by certain government organizations so the end users are not able to visit those websites unless we ask them to unblock those IP. This is a bit problematic.""Currently, the solution's interface is not that user-friendly.""The main issue with Zscaler Internet Access is proxy IP detection, which sometimes makes sites inaccessible.""Zscaler Internet Access's troubleshooting is very limited, and their textbook logs need to be more informative.""The solution is expensive. They recently revised the pricing and packaging. Some of our existing customers have been asking for alternate solutions for a lower price.""Zscaler needs to add client-to-client communication. It's always client-to-server communication. The cloud and branch connectors could be improved because we're still dependent on traditional firewalls. They should eliminate this. They should also provide WAN devices should to compete with the SD-WAN solutions also.""Technical support could be better."

More Zscaler Internet Access Cons →

Pricing and Cost Advice
  • "It is more expensive than Sophos. Fortinet is overall more expensive than Sophos. The small range of Fortinet, such as 60F and 80F, is more expensive than the small range of Sophos. Sophos is cheaper. In addition, if you jump from 80F Series to 100F Series, the price doubles."
  • "The license is yearly. We pay for the top end. It's called 360."
  • "Here in Brazil, we're going through difficult economic times and the tax on the dollar is high. All the solutions from minor competitors are growing in the market. The prices have come more competitive."
  • "Licensing for Fortinet FortiGate is on a yearly basis. Pricing for it is a bit high. It could be cheaper."
  • "The licensing scheme of Fortinet is better than Cisco. It is more logical."
  • "The solution requires a license annually, it is not a user license, you can have as many users as your want. I must renew the license regularly per device."
  • "It was probably about $2,500 per firewall. It was all included. It included support, services, threat management software, and 24/7 FortiCare on it. Cisco products are more expensive."
  • "There is a license to use Fortinet FortiGate."
  • More Fortinet FortiGate Pricing and Cost Advice →

  • "Pricing for Cisco is expensive. There are additional costs for the licensing part, support, and even the hardware part. The device cost is very high. I would be very happy with an improvement on the price."
  • "The pricing was pretty comparable to other solutions when we purchased it."
  • "Cisco is cheaper than Check Point although it is not as cheap as Fortigate. But with the latest improvements in hardware and speed, the pricing is okay."
  • "The licensing package is good, but the licensing fee should be decreased."
  • "Once you know what the product is, it is not that bad. Yes, it is expensive. When you try to get a license, it is like, "Well, I don't know which one of these I need. And, if I don't buy it now, then I will probably be back later. Now, I have to justify the money." Typically, you end up just buying everything that you don't use most of the time. It is one of those solutions where you get what you pay for. If you don't know what you need, just buy everything. We have additional licenses that we don't use."
  • "The pricing is too high and the licensing is too confusing."
  • "It was pretty good and not expensive on the subscription side. Cisco is doing a good job on this."
  • "I wish there was an easier way to license the product in closed environments. I have worked in a number of closed environments, then it is a lot of head scratching. I know that we could put servers in these networks and that would help with the licensing. I have never been in a situation where we connected multiple networks, i.e., having an external network as well as an internal network, as those kinds of solutions are not always the best. I think licensing is always a headache for everyone, and I don't know if there is a simple solution."
  • More Cisco Secure Firewall Pricing and Cost Advice →

  • "The price is competitive. It's not cheap and it's not expensive."
  • "The pricing for Zscaler Internet Access could be made cheaper."
  • "The price of Zscaler Internet Access should improve, it is expensive."
  • "We have found the solution to be expensive."
  • "Licenses are available on a per-host basis. Some features like sandboxing require an additional fee, but most standard features are included in the license."
  • "We pay around 6,500 INR per user per year, which is very expensive. I would rate Zscaler's pricing one out of five."
  • "Because it's a cloud solution, we pay on a yearly basis. It is affordable and includes tech support and all features."
  • "It is quite expensive. It does its job, but it is quite expensive for what we need."
  • More Zscaler Internet Access Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    745,775 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and usage at… more »
    Top Answer:From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know… more »
    Top Answer:As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite… more »
    Top Answer:One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet… more »
    Top Answer:It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
    Top Answer: Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports… more »
    Top Answer: Cisco Umbrella and Zscaler Internet Access are two broad-spectrum Internet security solutions that I have tried.… more »
    Top Answer:We researched Netskope but ultimately chose Zscaler Netskope is a cloud access security broker that helps identify… more »
    Comparisons
    Also Known As
    FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
    Cisco ASA Firewall, Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
    ZIA
    Learn More
    Overview

    Fortinet FortiGate is an innovative line of firewalls that aim to protect organizations from all types of web-based network threats. They come in a wide variety of product types. Fortinet FortiGate’s solutions are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.

    Fortinet FortiGate provides users with next-generation firewall solutions that provide proven protection with unmatched performance across the network, from internal segments to data centers to cloud environments. You can protect every part of your network without exception. Additionally, your protections can be managed from a single central location. This ensures that the task of protecting your network is infinitely easier to accomplish.

    Benefits of Fortinet FortiGate

    Some of the benefits of using Fortinet FortiGate include:

    • The ability to manage your firewalls from a centralized automated control console. Fortinet FortiGate’s FortiManager enables administrators to exercise control of their firewalls in a streamlined manner. Administrators have full visibility and control over their system from a single location. It utilizes automation that collects information in real time, which greatly simplifies and reduces the cost of running various types of workflows. Administrators can free up resources by automating the most basic tasks.
    • The ability to produce uniform, appropriate, and coordinated responses to threats across networks. Fortinet FortiGate’s FortiGuard feature generates system protections in near real time. This allows administrators to address threats to the system with custom-made solutions that can be uniformly enforced.
    • The ability to scale up your security to fit your changing security needs. Fortinet FortiGate’s design allows users to accelerate the transfer of data between users and escalate the number of users that are covered without compromising security of performance. This means that users can grow their networks and continue to collaborate without worrying about the system slowing down or coming under attack.

    Reviews from Real Users

    Fortinet FortiGate’s firewall solutions are cutting edge. They stand out from competitors for a number of reasons. Two major ones are the robustness and power of their firewalls. Fortinet FortiGate’s firewall provides users with many valuable features that allow them to maximize what they can do with the solution. These firewalls enable users to use a single piece of software to accomplish tasks that often require the use of multiple pieces of software.

    PeerSpot user Eric S., a Solutions Engineer and Consultant at a tech-services company, notes the robustness of this solution when he writes, "One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface.”

    PeerSpot user Jim M., a network admin at Penobscot Valley Hospital, notes the power of Fortinet FortiGate’s security software when he writes, "It does a lot for you for intrusion protection and as an antivirus. The threat management bundle is worth the money. You don't need another company to monitor your web traffic for you. You can do everything yourself on the firewall. You restrict your own black list for people on the firewall.”

    Cisco Secure Firewall, including Firepower, is a powerful perimeter security solution used for network security, data center protection, advanced malware protection, and site-to-site VPNs. Its most valuable features include NGIPS, application visibility and control, VLAN implementations, intrusion prevention, threat defense, and NAT. 

    The solution has helped organizations discover their environment, improve security, implement dynamic policies, reduce operational costs, and protect against threats from outside and within the data center. Overall, Cisco Secure Firewall is a valuable tool for securing organizations and providing visibility into threats.

    Zscaler Internet Access is a cloud-native security service edge (SSE) platform. Its main purpose is to provide AI-powered protection for all users, all applications, and all locations. The solution replaces other legacy network security solutions to stop advanced attacks and prevent data loss by using a comprehensive zero trust approach.

    Zscaler Internet Access Features

    Zscaler Internet Access has many valuable key features. Some of the most useful ones include:

    • Proxy (native SSL)
    • IPS and advanced protection
    • Cloud sandbox
    • DNS security
    • Cloud firewall
    • URL filtering
    • Bandwidth control
    • DNS filtering
    • Cloud DLP w/EDM and IDM
    • Cloud access security broker (CASB)
    • Cloud security posture management (CSPM)
    • CloudBrowser isolation
    • Cloud secure web gateway (SWG)
    • Zero trust network access (ZTNA)
    • Digital experience monitoring

    Zscaler Internet Access Benefits

    There are several benefits to implementing Zscaler Internet Access. Some of the biggest advantages the solution offers include:

    • Fast access with zero infrastructure: Zscaler Internet Access creates a fast, seamless user experience because of its direct-to-cloud architecture. With no infrastructure, Zscaler Internet Access helps you eliminate backhauling, which improves performance and simplifies network administration.
    • Threat intelligence: By using threat intelligence, Zscaler Internet Access can stop ransomware, zero-day malware, and advanced attacks via Inline inspection of all internet traffic, including SSL decryption, and a suite of AI-powered cloud security services. 
    • Consistent security: With Zscaler Internet Access, your security policy goes everywhere your users go. When you move security to the cloud, all users, applications, devices, and locations remain protected and secure based on identity and context.
    • Hybrid workforce: Zscaler Internet Access enables secure access to all external and internal apps from anywhere, so remote work is not an issue. You can also enforce business policies that follow the user, making security identical regardless of location.

    Reviews from Real Users

    Below are some reviews and helpful feedback written by Zscaler Internet Access users.

    A Service Manager at a construction company says, "There are a bunch of different capabilities that are valuable within the platform. We use quite a lot of them, but not everything. The ones that are most important to us are the URL Filtering and the application control. For our needs, the cloud-native proxy architecture is a very good solution. This architecture helps with cyber threats because we inspect most of the traffic and we can see that a lot of threats are stopped directly in the secure web gateway."

    Owen N., Security Architect at Claro Enterprise Solutions, explains that the solution’s most valuable features include “The integration of the gateway that inspects all ports and protocols. So, there is threat prevention; The cloud sandbox; VNS security; Access control that will protect URL filtering and the cloud firewall; Data protection that will protect your gateway, like your CASB or your cloud DLP; The capabilities of this will point your traffic to Zscaler Cloud.”

    An Architecture Senior Manager at an insurance company mentions, "The data loss prevention feature is the most valuable. It stops our users from inadvertently leaking our customers' data to the Internet or anywhere else it shouldn't go." He also adds, “The solution provides quick access to cloud services, securing our data and allowing us to inspect all our traffic.”

    Offer
    Learn more about Fortinet FortiGate
    Learn more about Cisco Secure Firewall
    Learn more about Zscaler Internet Access
    Sample Customers
    Pittsburgh Steelers, LUSH Cosmetics, NASDAQ, Verizon, Arizona State University, Levi Strauss & Co. Whitepaper and case studies here
    There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
    Ulster-Greene ARC, BanRegio, HDFC, Ralcorp Holdings Inc., British American Tobacco, Med America Billing Services Inc., Lanco Group, Aquafil, Telefonica, Swisscom, Brigade Group
    Top Industries
    REVIEWERS
    Comms Service Provider16%
    Computer Software Company9%
    Financial Services Firm8%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Educational Organization21%
    Computer Software Company15%
    Comms Service Provider8%
    Manufacturing Company5%
    REVIEWERS
    Financial Services Firm15%
    Comms Service Provider12%
    Computer Software Company12%
    Manufacturing Company8%
    VISITORS READING REVIEWS
    Educational Organization18%
    Computer Software Company16%
    Comms Service Provider9%
    Government7%
    REVIEWERS
    Comms Service Provider31%
    Computer Software Company15%
    Pharma/Biotech Company12%
    Financial Services Firm12%
    VISITORS READING REVIEWS
    Educational Organization19%
    Computer Software Company14%
    Financial Services Firm9%
    Manufacturing Company8%
    Company Size
    REVIEWERS
    Small Business48%
    Midsize Enterprise23%
    Large Enterprise30%
    VISITORS READING REVIEWS
    Small Business27%
    Midsize Enterprise32%
    Large Enterprise41%
    REVIEWERS
    Small Business35%
    Midsize Enterprise24%
    Large Enterprise42%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise28%
    Large Enterprise46%
    REVIEWERS
    Small Business29%
    Midsize Enterprise16%
    Large Enterprise55%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise28%
    Large Enterprise54%
    Buyer's Guide
    Cisco Secure Firewall vs. Zscaler Internet Access
    July 2019
    Find out what your peers are saying about Cisco Secure Firewall vs. Zscaler Internet Access and other solutions. Updated: July 2019.
    745,775 professionals have used our research since 2012.

    Cisco Secure Firewall is ranked 4th in Firewalls with 111 reviews while Zscaler Internet Access is ranked 2nd in Secure Web Gateways (SWG) with 32 reviews. Cisco Secure Firewall is rated 8.4, while Zscaler Internet Access is rated 8.2. The top reviewer of Cisco Secure Firewall writes "Includes multiple tools that help manage and troubleshoot, but needs SD-WAN for load balancing". On the other hand, the top reviewer of Zscaler Internet Access writes "Configuring policies is user-friendly but challenges with stability". Cisco Secure Firewall is most compared with Meraki MX, Palo Alto Networks WildFire, Netgate pfSense, Sophos XG and Juniper SRX Series Firewall, whereas Zscaler Internet Access is most compared with Cisco Umbrella, Microsoft Defender for Cloud Apps, Netskope , Forcepoint Secure Web Gateway and Appgate SDP. See our Cisco Secure Firewall vs. Zscaler Internet Access report.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.