Cisco Secure Firewall vs Stormshield Network Security comparison

Cisco Secure Firewall vs. Stormshield Network Security

Download the complete report

Helped 868,787 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortinet FortiGate

Featured Reviews

Vasu Gala

Manager, Information Technology Operation/Presales at TechMonarch

A stable solution with an intuitive interface and quick customer service

I have been working with Fortinet FortiGate, WatchGuard, Sophos, and SonicWall. I'm not as comfortable with SonicWall because of their UI and limitations. I prefer Fortinet above all other options. When it comes to configuration, I am confident in my ability to handle various tasks, including creating policies such as firewall rules, web policies, and application policies. Additionally, I can configure VPNs and implement load balancing, among other tasks. Overall, I feel much more comfortable working with Fortinet. Fortinet has made significant improvements by integrating AI with firewalls for threat analysis and prevention. In the past 2-3 years, they have launched FortiSASE and SIEM, and they also provide SOC services. Both Palo Alto and Fortinet FortiGate are excellent. While Fortinet FortiGate comes at higher prices, the functionality and support justify the cost. They promptly resolve firmware issues and inform all support providers about configuration changes.

Unified policies streamline network management but complex licensing requires attention

Phil Shiflett

Senior Manager, Network Engineering at TTi Power Equipment

Cisco Secure Firewall has some growth opportunities in terms of visibility and control capabilities regarding managing encrypted traffic. It has the ability to analyze encrypted traffic, and there is potential for more integration with APIs and AI to enhance these capabilities. Cisco Secure Firewall needs improvement in deployment time and the capability to access the CLI during support calls. I often encounter issues when technical support uses a CLI that is not familiar to me while troubleshooting through the GUI. My ongoing complaint for the last six years has been the lack of CLI functionality, which hinders my ability to work on the firewall, alongside concerns regarding deployment time. For the next release, they should look at the features offered by competitors such as Fortinet, including the ability to perform packet capture directly from the interface. If they enhanced their troubleshooting efficiency related to packet capture for each specific rule, it would simplify the process significantly.

The intrusion detection system helps our organization by automatically detecting and responding to potential threats

Benjamin

Network Engineer at ACS2I

The tool's most valuable feature is its dashboard, which helps you manage different aspects of a single page. The intrusion detection system helps our organization by automatically detecting and responding to potential threats. It operates similarly to Darktrace, which detects and responds automatically based on the security rules you apply. Initially, you configure everything to block, and then you can whitelist specific items as needed.

More Fortinet FortiGate pros

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"I appreciate FortiGate for its reliable, powerful, and flexible setups."

"It is a good source for firewall protection."

"Fortinet FortiGate is a scalable solution."

"FortiGate Next Generation Firewall has a stateless balance proposition"

"Fortinet FortiGate has very good support."

"I found the upgrades valuable."

"The secure web gateway module and the application control module are valuable. HA operations are very easy."

"Security management tool that's easy to integrate and easy to work with. No issues found with its stability and scalability."

"The protection and security features, like URL filtering, the inspection, and the IPS feature, are also very valuable for us. We don't have IT staff at most of the sites so for us it's important to have a robust firewall at those sites"

"The most valuable feature is that it's secure."

"This solution is easy to use if you know how to set it up."

"VPN load balancing has been particularly essential for my connections to integrate via multiple time zones."

"I am used to the ASA syntax, therefore it is quite easy to make up new rules. I have found that DNS doctoring rules are useful."

"Cisco's engineer helped us with a lot of scripting to see what existed. Previously, we didn't have a proper policy. In fact, we didn't have any policy because we didn't have any firewall for the data center, so generating a policy was a big challenge. Cisco's engineer helped us to do some scripting and find out what kind of policy we can have and organize those policies. That was nice."

"The IP filter configuration for specific political and Static NAT has been most valuable."

"The stability is very good; there's no vagueness. Either it works or it doesn't, and it's also very easy to find out why."

More Cisco Secure Firewall pros

"It's an easy, straightforward management platform to use."

"Ease of use is the best feature of the product."

"I like that it works fine. Stormshield is a very good solution."

"I like how you can configure the rules. There is the task for the rules and a task for the network configuration. It also provides SMD filtering, and it can be integrated with the active directory for the users, their mission, and the VPN configuration. We are here in Sudan, and Stormshield didn't work in Sudan for more than a decade. Stormshield is a very strong firewall and very easy to configure and maintain. I am just working with the firewall solution, and we don't have any other solutions like endpoint solutions or something like that."

"The tool's most valuable feature is its dashboard, which helps you manage different aspects of a single page."

"The solution has improved my organization because I can see what traffic is happening and I can use it to block and prevent attacks."

"This solution is quick and easy to configure."

"The scalability of the solution is good."

More Stormshield Network Security pros

Cons

"Its reporting can be improved. Sometimes, I don't get proper reports."

"The main aspect of FortiGate that could be improved is load balancing. Our management team does not want to buy another appliance for only load balancing."

"One of the problems I was having was with user mapping, and it is an issue for which I have escalated tickets with Fortinet support."

"They are doing good, but they can improve the distributor assignment. The availability of the product and the timeline of delivery are the main things. The distribution should be swift, and the distributor should not reach out to end customers directly. They should work as a distributor. There should also be one more local distributor. Currently, there is only one distributor in Pakistan, and the rest of them are in UAE. It is difficult to work with only one distributor. Sometimes, you don't get along with the same distributor, and that's why they should have one more distributor. Their licensing should also be improved. The activation or renewal of the product should be done from the date of renewal, not from the date on which the license expired."

"The IPS monitoring can be improved."

"One of the features that I would like to have is to do with endpoint production, it should be integrated. For example, the firewall gets notified of any kind of forensic event that needs to be done, such as if there is a ransomware attack and how it originated, all those records have to be available from the firewall, which is not."

"There could be more modifications."

"I would like to have logs, monitoring, and reporting for a month without extra fees."

More Fortinet FortiGate cons

"Other products are becoming easier to access and configure. They are providing UI interfaces to configure, take backup, synchronize redundant machines, and so on. It is very easy to take backup and upgrade the images in those products. Cisco ASA should have such features. If one redundant machine is getting upgraded, the technology and support should be there to upgrade other redundant machines. In a single window, we should be able to do more in terms of backups, restores, and upgrades."

"The user interface for the Firepower management console is a little bit different from traditional Cisco management tools. If you look at products we already use, like Cisco Prime or other products that are cloud-based, they have a more modern user interface for managing the products. For Firepower, the user interface is not very user-friendly. It's a little bit confusing sometimes."

"We would like to be able to manage a set of firewalls rather than individual firewalls. We haven't really looked into it or yet implemented it, but a single pane of glass would be helpful. We also use another vendor's firewalls, and they have a centralized management infrastructure that we have implemented, which makes it a little bit easier when you're managing lots of firewalls."

"The solution needs to have better logging features."

"There's a little bit of a disconnect between Firepower’s management and the rest of the products, like DNA and Prime. The solution should have fewer admin portals for network, security, and firewalls."

"The solution's deployment is time-consuming, which should be minimized and made more user-friendly for us."

"ASDM needs to be able to customize applets."

"I'm not a big fan of the FDM (Firepower Device Manager) that comes with Firepower. I found out that you need to use the Firepower Management Center, the FMC, to manage the firewalls a lot better. You can get a lot more granular with the configuration in the FMC, versus the FDM that comes out-of-the-box with it. FDM is like Firepower for dummies."

More Cisco Secure Firewall cons

"With Stormshield, there are difficulties joining things, and it can be complex depending on the architecture."

"The biggest issue was their support department was not able to help us, then everything stops. This is a no-go area for me."

"Stormshield Network Security is quite expensive."

"This solution has a big problem with web filtering and it needs to be improved."

"Improvement is needed in terms of the technical support of the manufacturer."

"The SD card could be more secure."

"A more user-friendly interface would be helpful."

"The filtering configuration could be better. We have some difficulties with the filtering configuration and the filter extension. It's not that easy. It's not that straightforward. In the next release, I would like to see a reporting system. Stormshield doesn't have any tutorials on how to do the configuration and things like that. They just have documentation on the website. If you want to configure, for example, Cisco or Fortinet, you can find tutorials on YouTube. They show you how to configure the features, and so on. In Stormshield, there is nothing on social media or the internet on how to configure different things. The lack of documentation or the lack of material makes it difficult for others to adopt this solution."

More Stormshield Network Security cons

Pricing and Cost Advice

"The solution is offered as an annual license."

"I had to pay for the license for the firewall, but it is guaranteed to have updates. I expect a good service for it. It was about €1000 for a year, and there was no additional cost."

"The product is expensive compared to one of its competitors."

"In the Asian economy in which we operate, FortiGate is expensive."

"The pricing for this solution is good."

"Its price is good."

"It is not expensive as compared to Cisco."

"The Fortinet FortiGate security features cost approximately $1,500 a year. The firewall itself doesn't have a recurring cost. It's the security features on top of that that you pay for."

More Fortinet FortiGate pricing and cost advice

"They have a lot of different models but most of them are really expensive."

"It is a great solution for medium or big enterprises, not so much for small businesses, mainly due to the financial costs."

"It is expensive. There is a cost for everything. There is per year license cost and support cost. There is also a cost for any training, any application, and any resource. Things are very costly to do with Cisco. Other brands are cheaper. They are also more flexible in terms of training, subscription, and licensing. They give lots and lots of years free. They provide more than Cisco."

"The pricing seems fair. It is above average."

"Pricing varies on the model and the features we are using. It could be anywhere from $600 to $1000 to up to $7,000 per year, depending on what model and what feature sets are available to us."

"It definitely competes with the other vendors in the market."

"The pricing and licensing are getting more complicated, and I'd like that to be simpler."

"We paid about $7,000 for the Cisco firewall, plus another small Cisco router and the lead switch. It was under the combined license. It's a final agreement."

More Cisco Secure Firewall pricing and cost advice

"We chose Stormshield for its price, as the Azure firewall was too expensive."

"I think the price is good."

"The pricing could be better."

"The SN200 series costs between $500 USD and $600 USD per year, whereas the SN700 series costs approximately $1,000 annually."

"We bought a three-year license, and we renew it whenever it expires. The price could be better. It's always very expensive."

"For mid-sized companies, they sell their appliances for good prices."

"The price of this solution and the price of support are ok."

See which vendors are best for you

Use our free recommendation engine to learn which Firewalls solutions are best for your needs.

See recommendations

868,787 professionals have used our research since 2012.

Comparison Review

it_user206346

Security Consultant at Webernetz.net - Network Security Consulting

Mar 11, 2015

Cisco ASA vs. Palo Alto Networks

Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning…

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

Top Industries

By visitors reading reviews

Computer Software Company

15%

Comms Service Provider

Manufacturing Company

Financial Services Firm

Computer Software Company

20%

University

Manufacturing Company

Educational Organization

Computer Software Company

19%

Comms Service Provider

18%

Government

10%

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	350
Midsize Enterprise	130
Large Enterprise	187

By reviewers
Company Size	Count
Small Business	180
Midsize Enterprise	126
Large Enterprise	212

By reviewers
Company Size	Count
Small Business	9
Midsize Enterprise	5
Large Enterprise	2

Questions from the Community

When you compare these firewalls you can identify them with different features, advantages, practices and usage a...

What is the biggest difference between Sophos XG and FortiGate?

From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?

As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...

Which is better - Fortinet FortiGate or Cisco ASA Firewall?

One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fort...

How does Cisco's ASA firewall compare with the Firepower NGFW?

It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cis...

Which is better - Meraki MX or Cisco ASA Firewall?

Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports netw...

What advice do you have for others considering Stormshield Network Security?

The tool is like a firewall and works well. I don't have any issue with it. I rate it an eight out of ten.

Sophos XG vs Fortinet FortiGate

Comparisons

Compared 17% of the time

Netgate pfSense vs Fortinet FortiGate

Compared 9% of the time

OPNsense vs Fortinet FortiGate

Compared 4% of the time

Cisco Meraki MX vs Fortinet FortiGate

Compared 4% of the time

WatchGuard Firebox vs Fortinet FortiGate

Compared 4% of the time

More Fortinet FortiGate Competitors

Palo Alto Networks WildFire vs Cisco Secure Firewall

Compared 8% of the time

Palo Alto Networks NG Firewalls vs Cisco Secure Firewall

Compared 8% of the time

Netgate pfSense vs Cisco Secure Firewall

Compared 4% of the time

OPNsense vs Cisco Secure Firewall

Compared 4% of the time

Cisco Meraki MX vs Cisco Secure Firewall

Compared 3% of the time

More Cisco Secure Firewall Competitors

Netgate pfSense vs Stormshield Network Security

Compared 13% of the time

OPNsense vs Stormshield Network Security

Compared 9% of the time

WatchGuard Firebox vs Stormshield Network Security

Compared 7% of the time

Palo Alto Networks NG Firewalls vs Stormshield Network Security

Compared 5% of the time

Sophos XG vs Stormshield Network Security

Compared 4% of the time

More Stormshield Network Security Competitors

Product Reports

Fortinet FortiGate

Download Fortinet FortiGate product report

Cisco Secure Firewall

Download Cisco Secure Firewall product report

Stormshield Network Security

Download Stormshield Network Security product report

Also Known As

No data available

Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Adaptive Security Appliance, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall, Cisco Secure Firewall ASA Virtual - BYOL

NETASQ Firewalls

Overview

Fortinet FortiGate excels in providing integrated VPN, firewalling, and Unified Threat Management (UTM) with centralized management and high availability. It supports remote access and comprehensive threat protection, making it a preferred choice for securing networks.

Fortinet FortiGate offers a robust security platform with features such as strong intrusion prevention, application control, and web filtering. Its integration with Active Directory and SD-WAN functionality provides scalable solutions for large networks. Users appreciate its ease of use through centralized management interfaces, ensuring robust security with flexible configurations. However, FortiGate could enhance its graphical interface and technical support responsiveness, address firmware bugs and costly licensing, improve logging, integrate better with third-party tools, and strengthen scalability and memory for log storage. Complexity in configuration and the need for intuitive features are noted challenges, and there's a demand for advanced security, zero-trust capabilities, and AI integration.

What are the key features of Fortinet FortiGate?

VPN: Secure remote access and connectivity.
Firewalling: Protects networks from unauthorized access and attacks.
UTM: Offers a comprehensive approach to threat management.
SD-WAN: Optimizes traffic routing for efficient network performance.
Web Filtering: Controls and monitors web access and ensures Internet security.

What benefits or ROI should be considered?

Centralized Management: Simplifies administration and monitoring.
High Availability: Ensures consistent security and network availability.
Scalability: Adapts to the needs of growing networks.
Comprehensive Threat Protection: Provides robust security measures.
Ease of Use: Minimizes the complexity of security management.

Fortinet FortiGate is widely implemented across industries like education, finance, and government. Companies use it for firewall protection, VPN, and SD-WAN capabilities, ensuring secure perimeter and data center security. It facilitates remote access management and traffic routing optimization, offering reliable security and connectivity solutions.

Fortinet

Cisco Secure Firewall provides comprehensive network security with advanced features such as application visibility, URL filtering, and malware protection. It combines a user-friendly interface with robust VPN capabilities, making it a reliable choice for varying network environments and industry applications.

Cisco Secure Firewall offers exceptional protection with its integration into Cisco's broader ecosystem, ensuring enhanced threat detection and policy unification. Despite its complexity in command-line interfaces and management, Cisco Secure Firewall remains a potent tool for safeguarding data. It is widely adopted for edge security, VPN services, perimeter defense, and traffic segmentation, especially in hybrid settings. Essential sectors like banking and telecom benefit from its stable connectivity and centralized security management. Though there are challenges with costs and support for third-party APIs, the firewall's scalability and high availability provide comprehensive support for protecting network assets.

What are the key features of Cisco Secure Firewall?

Application Visibility: Offers in-depth visibility of application traffic to monitor and protect against threats.
Advanced Malware Protection: Protects against known and emerging malware threats with powerful detection capabilities.
URL Filtering: Manages and restricts access to websites, enhancing organizational data security.
VPN Capabilities: Ensures secure remote access and encrypted communication through strong VPN features.
Integration with Cisco Ecosystem: Enhances security measures with seamless integration with Cisco's suite of security tools.

What benefits and ROI should be expected from Cisco Secure Firewall?

Comprehensive Protection: Offers multi-layered security for diverse network environments, increasing overall data protection.
Performance Efficiency: High availability and scalability lead to improved network performance and resource management.
Management Simplification: Centralized security management streamlines policy deployment across networks.
Enhanced Threat Detection: Integration capabilities improve threat detection and mitigation for better security posture.

Cisco Secure Firewall is widely implemented across sectors like banking, education, ISPs, and telecoms. It fortifies data centers and network edge security, delivering strong protection for client access, hybrid environments, and intrusion prevention. In these industries, firewall solutions ensure secure connectivity and manage RTU traffic effectively, leveraging centralized management and integration with Cisco's security tools.

Cisco

NETASQ's integrated intrusion prevention engine uses protocol conformity analysis, application filtering and antivirus analysis to inspect authorized traffic flows and strengthen application security. NETASQ enables you to establish and configure user-based security policies, giving you greater control over which network resources each user is authorized to access.

Stormshield

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya

There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.

ACESUR group, Ministry of Education Oman, Anios Laboratories, Zain, DLM Location

Cisco Secure Firewall vs. Stormshield Network Security