Cisco Secure Workload vs ShieldX vs VMware NSX comparison

Cisco and Fortinet are both solutions in the Microsegmentation Software category. Cisco is ranked #4 with an average rating of 9.5, while Fortinet is ranked #11. Cisco holds a 9.8% mindshare in MS, compared to Fortinet’s 1.2% mindshare. Additionally, 100% of Cisco users are willing to recommend the solution, compared to 100% of Fortinet users who would recommend it.

Cisco Secure Workload

Read 15 Cisco Secure Workload reviews

4,674 Views
2,103 Comparison Views

100% willing to recommend

ShieldX

Read 4 ShieldX reviews

472 Views
203 Comparison Views

100% willing to recommend

VMware NSX

Read 107 VMware NSX reviews

7,852 Views
4,162 Comparison Views

88% willing to recommend

Cisco Secure Workload

ShieldX

VMware NSX

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Cisco Secure Workload, ShieldX, and VMware NSX based on real PeerSpot user reviews.

Find out what your peers are saying about Broadcom, Illumio, Akamai and others in Microsegmentation Software.

To learn more, read our detailed Microsegmentation Software Report (Updated: March 2026).

Buyer's Guide

Microsegmentation Software

March 2026

Download the complete report

Helped 885,789 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Mindshare comparison

As of April 2026, in the Microsegmentation Software category, the mindshare of Cisco Secure Workload is 9.8%, up from 9.8% compared to the previous year. The mindshare of ShieldX is 1.2%, up from 0.2% compared to the previous year. The mindshare of VMware NSX is 15.7%, down from 18.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Microsegmentation Software Mindshare Distribution
Product	Mindshare (%)
VMware NSX	15.7%
Cisco Secure Workload	9.8%
ShieldX	1.2%
Other	73.3%

Microsegmentation Software

Featured Reviews

Raj Metkar

Director, Head of Networks at MUFG, EMEA

Discover internal application dependencies and create a dependency map

We actively seek improvements in integrating the Infoblox DDI platform with Cisco Secure Workload. This integration allows Cisco Secure Workload to learn about our networks and network tags, providing valuable insights into vulnerabilities related to the operating system and various applications installed on our servers. Recently, Cisco announced a new product called HyperShield, an AI-based autonomous micro-segmentation solution. While Cisco has not stated that HyperShield will replace Cisco Secure Workload, it represents a natural evolution for the company. HyperShield features dynamic policy discovery and enforcement; however, once policies are enforced, they do not change until a discovery occurs, requiring a re-enforcement process. This new platform operates autonomously, minimizing the need for user or security engineer intervention. I would have expected Cisco to incorporate more automatic discovery and enforcement features within the existing Cisco Secure Workload product. Instead of enhancing the current product, they have introduced a new solution. Cisco plans to honor existing Tetration licenses, allowing users to transition to HyperShield without additional costs, reflecting the investment enterprises have already made. From Cisco’s perspective, this represents a natural progression in their product line. While the product name changes, it seems more of a rebranding effort. The enhancements are greater autonomy, improved discovery, and automatic enforcement, which are now being introduced in HyperShield. Cisco Secure Workload offers automatic policy enforcement but cannot adjust policies dynamically as the application needs to change. Having used the platform for the past five years, the recent announcement has been reassuring. Cisco has confirmed that our investment in the platform will not go to waste. They will honor our existing licenses, providing a natural migration path to the new solution without any disruption

Read full review

MichaelProcyshyn

IT Director at park holidays uk

Proactively monitors, blocks, and reports what it has blocked; and self-updates meaning there is zero maintenance

The most valuable feature is the automatic scaling. With its microservices, it scales both up and down, depending on traffic and throughput. The traffic through our website depends on holiday bookings. It's very quiet in November through January, and then our traffic picks up quite rapidly and, at our peak, we will take in excess of a million pounds of business a day through our website. The UI was also one of the huge selling points. My web development manager was blown away with the detail and the granularity that you can get out of the UI. It is a very strong and informative UI, with the amount of data it provides. Uptime on the system has been 648 days and we do very little to it because it self-updates and alerts. It does everything that we need it to do, so the administration side of it is zero. One of the beauties about ShieldX is that it's such a good "fire-and-forget" product.

Read full review

TAIYAB HASAN

Windows Redhat Linux Vmware & Azure & Cloud & Nutanix Ahv-Vmware & Backup Senior System Administrator at AlDawaa Medical Services

Has improved network visibility and security through micro-segmentation and SDN capabilities

This feature gives us flexibility and allows us to manage everything under one pane. We can see everything on one console, including network operations and behavior. Monitoring and security are among the best features for VMware NSX. For micro-segmentation, it's integrated with our endpoint security. If there are any issues with servers or VMs, it notifies us so we can isolate the servers and investigate. It provides distributed security features such as firewall and intrusion, IDS, IPS. The security level with IPS and IDS in VMware NSX is excellent. It also provides logical switching and routing which gives an extra layer for Layer 2 and Layer 3 switching requirements. The solution provides flexibility, automation, and self-service capabilities, resulting in cost savings as extensive expertise isn't required. Once automation and self-service are implemented, many tasks can be completed automatically. Load balancing is another excellent feature. Multiple servers can run on load balancing features, which is particularly useful since we have many application servers running. Sharing loads between servers provides the best performance.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Generally speaking, Cisco support is considered one of the best in the networking products and stack."

"A complete and powerful micro-segmentation solution."

"The solution is very user-friendly, which clients appreciate."

"This product does everything that you need it to do and more and does a lot to provide visibility in a network environment, save time and money, and make the organization IT operate in a much more streamlined fashion."

"Scalability is its most valuable feature."

"The most valuable feature of this solution is security."

"The most valuable feature of the solution is that we don't have to do packet captures on the network."

"The product offers great visibility into the network so we can enforce security measures."

More Cisco Secure Workload pros

"For other security professions who are looking for something which is low in cost that does microsegmentation, they should look at ShieldX."

"ShieldX has been designed from the very beginning to work well in cloud environments. It understands autoscaling, automation, and auto-configuration. These are the things which are important in today's operating environment."

"The UI was also one of the huge selling points. My web development manager was blown away with the detail and the granularity that you can get out of the UI. It is a very strong and informative UI, with the amount of data it provides."

"Very often, when new challengers come in, what they do is they end up coming in at a lower cost with more functionality."

"It has helped us tighten our security posture. Now, staff can only access things that they should be accessing."

"ShieldX makes it a lot easier and a lot simpler to define your policies and define your rules, and that greatly reduces the opportunity for user error."

"Once you install it you can virtually forget about it; it's very low-maintenance and high-protection."

"We were able to see what devices are talking to each other, giving us more visibility."

More ShieldX pros

"The most valuable features of VMware NSX are the tight integration with the VMware Hypervisor natively and the management console. We have a lot of other integrations where you are able to see the virtual machine's end-to-end visibility."

"The security offered by VMware NSX is the most valuable, plus it's a feature-rich product that's straightforward to install and configure."

"NSX helps us by making IT management and operations more efficient. When VMs spin off from the DC to the DR site, all required settings on the network level are handled automatically."

"It's very important for them to have small footprints and have as much services in their servers, as possible."

"The solution is very stable and reliable."

"The ability to scale from different clouds. At the moment, the scalability of the product is the number one thing that I saw."

"Technically, VMware NSX is more advanced technology-wise when compared to others. We have been studying it and so far, so good. We know that the NSX product is superior when it comes to software virtualized networks. </p> <p>If you are looking to work with new and future technologies, then NSX is one of the best options. It costs less for power consumption since it will be a virtual network and not a pure physical network that consumes more energy."

"The interface is intuitive enough."

More VMware NSX pros

Cons

"There's room for improvement when it comes to Cisco Secure Workload. A couple of internal areas could be refined a little bit. They are trying to solve it, depending on where you suppose the agent is. Suppose you have the agent on both the server and the client, which could be the front-end server or web server connecting to the. In that case, if those two are communicating on RPC, the server can look into its configuration. It could go down and find the configuration file on the FTP server and then set the policies to it. But there are a lot of different FTP servers out there. It's also a complex case for the tool to support all FTP servers."

"Cisco Tetration needs more flags and system alerts that we should get with network capture."

"The interface is really helpful for technical people, but it is not user-friendly."

"The problem is that we can only deploy the particular solution where we have the hardware with Cisco."

"It is not so easy to use and configure. It needs a bunch of further resources to work, which is mainly the biggest downside of it. The deployment is huge."

"The product must be integrated with the cloud."

"They should scale down the hardware a bit. The initial hardware investment is two million dollars so it's a price point problem."

"There was a controversy when Cisco reduced the amount of data they kept, and the solution became quite cost-intensive, which made its adoption challenging….Although they have modified it now, I preferred the previous version, and I wish all the functionality were back under the same product."

More Cisco Secure Workload cons

"We are having some issues with their LDAP and integrating it with the Active Directory."

"I would like better reports and in-depth reporting."

"We are having some issues with their LDAP and integrating it with the Active Directory. We can't seem to set it up."

"With any kind of tool like ShieldX, where you're in the cloud instead of a traditional firewall, you're using CPU resources in those environments to provide the protection. So there's a cost associated with CPU resources. I'm pressing upon them to make the product much more efficient and use less CPUs to do the same thing."

"They need to be consistent in performance and capabilities over time, given the fact that this is new and I want to see where this goes in the next year or so."

"There should be a bit more customer care, with regular review meetings on it or regular reports. It would be nice to have a quarterly or biannual review of what ShieldX has blocked."

"They need to be consistent in performance and capabilities over time, given the fact that this is new and I want to see where this goes in the next year or so. As the vendor continues to evolve and add future functionality, we want to make sure that we are still keeping up with the integrations, etc. Time will be the key factor here. The proper support for some of the latest technologies, Docker containers, etc. They need to keep up with threat landscape, so we will see how the security get layered. This is what we are going to be keeping an eye on."

More ShieldX cons

"VMware NSX provides a lot of automation capabilities, but there is still room for improvement."

"The support needs improvement."

"Just being more knowledgeable about the different functions."

"They have to work more and more on the integration for public cloud services and have cyber security platform integration."

"The integration with other brands is not the best and could be better."

"Pricing and licensing could be improved as we are a government entity."

"Quite a complex solution."

"If you're worried that NSX is too complex, I would tell you to take another look. If you compare NSX to a similar solution you might find it to be a bit more complex. Usually, the guy that comes in to implement NSX isn't the network guy and will lack the knowledge for the program. He can lack the knowledge for this program and will therefore think it's complex. You need somebody with network experience."

More VMware NSX cons

Pricing and Cost Advice

"The price is based on how many computers you're going to install it on."

"The pricing is a bit higher than we anticipated."

"The cost for the hardware is around 300k."

"Pricing depends on the scope of the application and the features. Larger installations save more."

"The price is outrageous. If you have money to throw at the product, then do it."

"Regarding price, Cisco Secure Workload can be expensive if you don't have a budget. If you're not doing micro-segmentation, every extra security measure or enforcement you're putting on top of your existing environment will be an extra cost. It's not a cheap solution at all. But from my point of view, if you need to do micro-segmentation, this is one of the best tools I've seen for it. I can't compare that to Microsoft's solution because I haven't looked into it. I've looked into VMware and Cisco. Those are the only two that I know of. I didn't know that Microsoft could do micro-segmentation at all. Maybe they can, but I haven't heard anything about it."

"It is not cheap and pricing may limit scalability."

"For other security professions who are looking for something which is low in cost that does microsegmentation, they should look at ShieldX. It might not be the big name out there, but it does everything that you are looking for in microsegmentation at a very low price."

"We are actually expecting our costs to drop in the coming year, but it is just a matter of the licensing expiring. That is going to happen in the next six months or so. Then, we will start to see a decrease in overall spend."

"For a three-year deal we paid £55,000 plus tax... But, and this is a big "but," this was over two years ago. ShieldX had only just hit the market. We were the first company in Europe to buy ShieldX."

"ShieldX ensures that we can have the separation needed for our environment to avoid drastically increasing the cost on the licensing side. From this perspective, it's been very positive and helpful."

"Security policies are now applied as applications are going up. Because it's automated, we don't have the three to four week delay. The insertion of applications in the cloud for us dropped from an average of three to four weeks to a couple of days."

"We are very happy with the pricing and licensing. It's about getting a site-wide license. One of the challenges that we've had with our previous vendor had been the cost of licensing."

"ShieldX also enables us to migrate to cloud environments faster. That is an important part of it for sure because it takes the exact same policies that we would apply to our on-premise environment and enables us to simply apply them to the cloud. It becomes one policy for both on-prem and for the cloud."

"It is an expensive product, but cheaper than some competing solutions."

"VMware has always been geared towards enterprise and their pricing options are a bit high. Their price is higher than other options in the market."

"The pricing is higher than other options from Palo Alto, Fortinet, and Cisco because it is sold in a bundle."

"We haven't had to hire a dedicated network engineer because NSX handles 90 percent of it. The reduced overhead in terms of managing networks has been the biggest plus."

"There is a license required for this solution and there is also a support license available. The price of the solution could be better."

"VMware has a subscription and perpetual license. In the New Year, they're changing many things about the licensing model. Previously, NSX was licensed according to the number of sockets inside the appliance, so we bought VMware licenses based on that. However, that may have changed this year. We are still contacting the vendors to understand the new licensing strategy."

"The licensing is renewed every three years. The cost for implementation and renovation are a huge portion of that price."

"The solution is very expensive."

More VMware NSX pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Microsegmentation Software solutions are best for your needs.

See recommendations

885,789 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Manufacturing Company

13%

Financial Services Firm

10%

Computer Software Company

Government

No data available

Financial Services Firm

11%

Manufacturing Company

10%

Computer Software Company

10%

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	5
Midsize Enterprise	3
Large Enterprise	8

No data available

By reviewers
Company Size	Count
Small Business	34
Midsize Enterprise	23
Large Enterprise	69

Questions from the Community

What is your experience regarding pricing and costs for Cisco Secure Workload?

CloudStrike offers antivirus capabilities and firewall features for servers and VDI but lacks automatic policy discov...

See all answers

What needs improvement with Cisco Secure Workload?

We actively seek improvements in integrating the Infoblox DDI platform with Cisco Secure Workload. This integration a...

See all answers

What is your primary use case for Cisco Secure Workload?

When we onboarded Cisco Secure Workload, the usual use case was to discover internal application dependencies and cre...

See all answers

Ask a question

Earn 20 points

What are the biggest differences between Cisco ACI and VMware NSX?

There are some very major differences between both the Products and to name a few. -Cisco ACI have physical network g...

See all answers

What are the biggest differences between Cisco ACI and VMware NSX?

Once you know your way around the Cisco ecosystem, using Cisco ACI is not so difficult. It is a global product, so wh...

See all answers

What is your experience regarding pricing and costs for VMware NSX?

When measuring complexity and costs for our organization, we consider some parameters for effectiveness. In terms of ...

See all answers

Comparisons

Illumio vs Cisco Secure Workload

Compared 16% of the time

Akamai Guardicore Segmentation vs Cisco Secure Workload

Compared 14% of the time

Cisco Hypershield vs Cisco Secure Workload

Compared 8% of the time

Cisco ACI vs Cisco Secure Workload

Compared 6% of the time

TrendAI Deep Security vs Cisco Secure Workload

Compared 6% of the time

More Cisco Secure Workload Competitors

Illumio vs ShieldX

Compared 31% of the time

Akamai Guardicore Segmentation vs ShieldX

Compared 24% of the time

Check Point CloudGuard Network Security vs ShieldX

Compared 19% of the time

Nutanix Flow Network Security vs ShieldX

Compared 14% of the time

More ShieldX Competitors

Nutanix Flow Network Security vs VMware NSX

Compared 13% of the time

Illumio vs VMware NSX

Compared 12% of the time

Akamai Guardicore Segmentation vs VMware NSX

Compared 9% of the time

Cisco ACI vs VMware NSX

Compared 5% of the time

TrendAI Deep Security vs VMware NSX

Compared 4% of the time

More VMware NSX Competitors

Product Reports

Buyer's Guide

Cisco Secure Workload

March 2026

Download Cisco Secure Workload product report

Buyer's Guide

ShieldX

March 2026

Download ShieldX product report

Buyer's Guide

VMware NSX

March 2026

Download VMware NSX product report

Also Known As

Cisco Tetration

APEIRO, ShieldX APEIRO

VMware Nicira, Lastline Defender

Overview

Cisco Secure Workload is a cloud and data security solution that offers a zero-trust policy of keeping an organization’s application workloads safe and secure throughout the entire on-premise and cloud data center ecosystems.

Cisco Secure Workload will consistently provide protection by discovering workload process anomalies, stopping threats immediately, minimizing the risk threat surface, and aborting any lateral movement.

Today’s ecosystems are very elastic, and in the application-focused dynamic of today’s aggressive marketplace, Cisco Secure Workload delivers a robust security solution that works effectively with today’s most popular applications. The solution uniquely surrounds each and every workload to ensure organizations are able to keep their data, network, and applications safe and secure at all times. Cisco Secure Workload ensures that enterprise organizations can maintain secure applications by consistently building firewalls around every workload level throughout the entire ecosystem. The solution can manage applications that are deployed on containers, virtual machines, or bare-metal servers.

Cisco Secure workload is able to meet an organization's busy needs and offers flexible options such as Software-as-a-Service (SaaS) and on-premises options. Using the Secure Workload SaaS options, users receive all the benefits of Cisco Secure Workload protection without the hassle of having to deploy and maintain the platform on premises. Users are responsible for acquiring the necessary software licensing and deploying software agents. Using SaaS, Secure Workload runs in the cloud and is operated and maintained by Cisco. This option offers the ability to scale easily and is a popular choice for SaaS-first and SaaS-only clients. Many organizations find they get the best TCO and achieve the best productivity and profitability using the SaaS options.

When choosing on-premises options, organizations choose between hardware-based appliance models (large or small form factors). Platform selection is dependent on scalability goals, the desired fidelity level of flow telemetry, and the actual number of workloads. When a user chooses to configure Cisco Secure Workload for a conversation-only flow telemetry for all workloads, each platform has the capability to scale up vertically twice the default platform scale. Additionally, with Secure Workload, it is possible for the platform to be scaled horizontally in order to satisfy the demands of extra large widely distributed enterprise environments using federation capabilities.

Cisco Secure Workload also provides a robust disaster recovery (DR) tool, which helps to make it a complete, comprehensive solution. The DR allows for continuous restore and backup capabilities that enable users to quickly remediate operations and data to a standby cluster in the event of a drastic failure or disaster.

Reviews from Real Users

“The solution offers 100% telemetry coverage. The telemetry you collect is not sampled, it's not intermittent. It's complete. You see everything in it, including full visibility of all activities on your endpoints and in your network. Other valuable features include vast support for annotations, flexible user applications, machine learning, automatic classification, and hierarchical policies.” - CTO at a tech vendor

Cisco

The ShieldX Elastic Security Platform dynamically scales to deliver comprehensive and consistent controls to protect data centers, cloud infrastructure, applications and data no matter where they are or where they go to make the cloud more secure than on-premise deployments. Our frictionless approach leverages agentless technology as well as the ShieldX Adaptive Intention Engine which autonomously translates and enforces intention into a set of comprehensive controls - microsegmentation, firewall, IPS and more - making security the easiest thing you do in the cloud.

Fortinet

VMware NSX is a comprehensive tool for network virtualization and security, offering advanced features like micro-segmentation and multi-cloud networking to enhance scalability and management efficiency within enterprises.

VMware NSX revolutionizes enterprise networking by integrating security and scalability into one streamlined platform. With capabilities like dynamic policy updates and automation, it simplifies complex configurations and provides robust API integration. Its support for Layer 4 and 7 load balancing, along with its seamless integration in multi-cloud environments, makes it a preferred choice among companies. Although deployment speed and management console features require refinement, NSX is an effective solution for private cloud and hybrid environments, enabling centralized orchestration and management of complex networks.

What are the key features of VMware NSX?

Micro-segmentation: Provides secure, granular network segmentation for enhanced security.
Distributed Firewall: Offers policy-driven firewall capabilities across all network endpoints.
Automation: Enables dynamic policy updates and simplifies network configurations.
API Integration: Facilitates seamless third-party integrations and improves configuration processes.
Multi-Cloud Networking: Supports seamless integration across various cloud environments.

What benefits and ROI should users consider?

Scalability: Offers significant improvements in network scalability and management efficiency.
Security: Ensures enhanced security through advanced features like micro-segmentation.
Cost-Effectiveness: Potential to reduce costs through network automation and efficiency improvements.
Flexibility: Supports various enterprise requirements with its comprehensive feature set.

In the tech industry, VMware NSX is instrumental in managing private and hybrid cloud environments, allowing companies to replace traditional networking with software-defined networks. In finance, it helps secure transactional data through micro-segmentation. Healthcare organizations leverage its flexibility for managing sensitive patient information securely and integrating cloud services.

Broadcom

Sample Customers

ADP, University of North Carolina Charlotte (UNCC)

Iowa State University

City of Avondale, Lumeta, Kroll Ontrack, Heartland Payment Systems, Baystate Heallth, Exostar, Tribune Media, iGATE, NTT Communications, Synergent, California Natural Resources Agency, Bloomington Public Schools, Columbia Sportswear, Join Experience S.A, Schuberg Philis

Buyer's Guide

Microsegmentation Software

March 2026

Download Free Report

Find out what your peers are saying about Broadcom, Illumio, Akamai and others in Microsegmentation Software. Updated: March 2026.

DOWNLOAD NOW

885,789 professionals have used our research since 2012.