We performed a comparison between Cisco Secure Firewall and Zscaler Internet Access based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable features of Fortinet FortiGate are the ease of use and there are several operating systems that can include the hardware capacities. In the newer releases, the resources were more useful because they were included in the operating system."
"Overall security features and performance routing is good."
"The pricing is great and very reasonable."
"Fortinet FortiGate's reliability is valuable."
"FortiGate has a very strong unified threat management system."
"Initial setup is straightforward. There weren't too many issues with setting it up. It takes one hour or so."
"It's very good and very stable for businesses. It works very well."
"The solution is very user-friendly."
"There are some hiccups here and there, but compared to the technical support from other vendors, I have had the best experience with Cisco's technical support. I would rate them at nine out of ten."
"Previously, our customers had to always utilize hand-to-hand delivery. Now, they are able to move completely to a secure digital method. They use a strictly dark fiber optics connection from a central location to the endpoint."
"One of the most valuable features is the GUI front end, which is very easy to use. But I'm also a command-line guy, and being able to access the device via command-line for advanced troubleshooting is quite important."
"The stability is very good; there's no vagueness. Either it works or it doesn't, and it's also very easy to find out why."
"The most valuable feature is the Intrusion Prevention System."
"It's very scalable. You can go to different models of the ASAs and they scale up to as big as you want to go."
"Protecting our landscape in general and being able to see logging when things aren't going as set out in policies are valuable features. Our security department is keen on seeing the logging."
"Cisco offers a great educational series to train users on their devices."
"Zscaler Internet Access's roaming user feature is most valuable and is much better compared to other secure web gateways."
"The most valuable feature of the solution is SWG traffic."
"Stability-wise, I rate the solution a nine and a half out of ten...The setup phase was easy."
"I like the granularity of the control of all the traffic, including SSL inspection. I also like the fact that the user interface is intuitive. The latencies with Zscaler are minimal compared to those of any other competitor. Other competitors do not really have the global scale that Zscaler has and cannot promise low latencies."
"The solution replaces multiple vendor technologies with one which makes it worth the cost."
"Zscaler Internet Access has helped us reduce the time that we spend managing security policies by about four hours a week. We can use this time to focus on other things, especially the IT team."
"Zscaler covers all the features needed to replace a VPN or proxy solution. They are good. They've been on the market for 15 years now, so they are mature enough."
"The most valuable feature is the ability to drop packets."
"Fortinet needs to overhaul its documentation."
"My only complaint about FortiGate is a lack of QinQ VLAN tunneling. I haven't found this feature in any Fortinet product. You can do this on all Cisco routers, including the smaller models. However, QinQ isn't available on the biggest, most expensive Fortinet units. They still don't have that. I think now we're on software version 6.0, and they still haven't found a solution for QinQ. It isn't a dealbreaker, but that's my main complaint."
"Fortinet FortiGate could improve by adding FortiAnalyzer to its solution, we should not have to use another solution. FortiAnalyzer can provide more detailed information."
"Its reporting and pricing need improvement."
"There can be more security in hybrid implementations. When a customer has a hybrid environment where some parts are in the cloud, we need a consistent security solution for such scenarios."
"It is very expensive, and their support is not very good. I hope that their technical support will be better in the future."
"Fortinet FortiGate is not very easy to use. The navigation could be improved to make it easier to use."
"I would prefer to have more detailed logs within the FortiGate products themselves rather than relying on a separate tool."
"Cisco still has a lot of work to do. You can convert an ASA over to a Firepower, but the competitors, like Palo Alto and Juniper, are coming in. And believe it or not, they are a little bit more intuitive. Cisco has a little bit more work to do. They're playing catch up."
"Cisco Secure Firewall should be easier to handle. It uses ASDM, which is not easy to understand. It would be better if there was direct access via HTTPS."
"The ability to better integrate with other tools would be an improvement."
"When we first got it, we were doing individual configuring. Now, there is a way to manage from one location."
"The one thing that the ASAs don't have is a central management point. We have a lot of our environments on FTD right now. So, we are using a Firewall Management Center (FMC) to manage all those. The ASAs don't really have that, but they are easy to use if you physically go into them and manage them."
"I'm not a big fan of the FDM (Firepower Device Manager) that comes with Firepower. I found out that you need to use the Firepower Management Center, the FMC, to manage the firewalls a lot better. You can get a lot more granular with the configuration in the FMC, versus the FDM that comes out-of-the-box with it. FDM is like Firepower for dummies."
"The ASAs are being replaced with the new Firepowers and they have a different type of structure in the configuration to be able to migrate from one to the other."
"It integrates with other security products from Cisco, but sometimes, there can be glitches or errors."
"Zscaler Internet Access could improve by adding a VPN feature."
"They block Zscaler IPs when the traffic origin is from Zscaler IPs. They've been blocked by certain government organizations so the end users are not able to visit those websites unless we ask them to unblock those IP. This is a bit problematic."
"Currently, the solution's interface is not that user-friendly."
"The main issue with Zscaler Internet Access is proxy IP detection, which sometimes makes sites inaccessible."
"Zscaler Internet Access's troubleshooting is very limited, and their textbook logs need to be more informative."
"The solution is expensive. They recently revised the pricing and packaging. Some of our existing customers have been asking for alternate solutions for a lower price."
"Zscaler needs to add client-to-client communication. It's always client-to-server communication. The cloud and branch connectors could be improved because we're still dependent on traditional firewalls. They should eliminate this. They should also provide WAN devices should to compete with the SD-WAN solutions also."
"Technical support could be better."
Cisco Secure Firewall is ranked 4th in Firewalls with 111 reviews while Zscaler Internet Access is ranked 2nd in Secure Web Gateways (SWG) with 32 reviews. Cisco Secure Firewall is rated 8.4, while Zscaler Internet Access is rated 8.2. The top reviewer of Cisco Secure Firewall writes "Includes multiple tools that help manage and troubleshoot, but needs SD-WAN for load balancing". On the other hand, the top reviewer of Zscaler Internet Access writes "Configuring policies is user-friendly but challenges with stability". Cisco Secure Firewall is most compared with Meraki MX, Palo Alto Networks WildFire, Netgate pfSense, Sophos XG and Juniper SRX Series Firewall, whereas Zscaler Internet Access is most compared with Cisco Umbrella, Microsoft Defender for Cloud Apps, Netskope , Forcepoint Secure Web Gateway and Appgate SDP. See our Cisco Secure Firewall vs. Zscaler Internet Access report.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.