IT Central Station is now PeerSpot: Here's why

Which product do you recommend and why: Palo Alto Networks VM-Series vs Cisco Firepower Threat Defense Virtual (FTDv)?

Head of the Migration Research Division at International Organization for Migration (IOM)


In my organization (10K+ employees) we have had Cisco products for decades and currently, we're exploring whether Palo Alto Networks VM-Series is a good alternative (vs Cisco FTDv) that can leverage our security posture. 

Dear community members, please share your technical recommendations!

PeerSpot user
44 Answers

Mike Bulyk - PeerSpot reviewer
Top 5Real User

hello. Capability is on par between the two vendors. Your best bet is to think about integration and how the FW will work with other tools/processes in your environment. Thanks

Aws Al-Dabbagh - PeerSpot reviewer
Top 5Real User

I can't say for Palo Alto as I haven't tried them myself, but I'd advise against FTDs and Firepower Management Center.

* Firepower systems take about 4 minutes on average to make config changes (it's referred to as "Deployment", can take 1-6 minutes depending type of change you're making). which makes troubleshooting a nightmare.

* it is overall very buggy, we had to open at least 2-3 tickets per year with Cisco to fix issues with our system that has only 2 firewalls working in HA. some that required upgrading software. some cases required involvement from R&D to diagnose and fix, and took more than a week. I don't want to imagine the administration overhead of having several bugs in several different sites (I'd think "10K+ employees" operate in more than one site) and having to troubleshoot each with the Cisco TAC (Cisco TAC is good compared to other vendors, but it's not their fault the software is buggy).

* I'm not sure this is the case for FTDv, but I don't think that would be different.

I suggest you implement test sites using both solutions through a POC if possible before migrating such a large environment.

Dale Jackaman - PeerSpot reviewer


I'd pick Fortinet's products for a variety of reasons, but the #1 reason being they are easier to use and maintain.  And they are better for TSCM work which is something we specialize in (Technical Surveillance Countermeasures - and within networks).

Evgeny Belenky - PeerSpot reviewer
Community Manager

Hello @Muhammed Eslami, @Mike Bulyk@Javed Hashmi ​, @VishalGilatar. Can you please assist @M Mari

Buyer's Guide
Cisco Firepower NGFW Firewall vs. Palo Alto Networks VM-Series
July 2022
Find out what your peers are saying about Cisco Firepower NGFW Firewall vs. Palo Alto Networks VM-Series and other solutions. Updated: July 2022.
620,987 professionals have used our research since 2012.