Cisco Sourcefire SNORT vs WatchGuard Firebox comparison

Cisco and WatchGuard are both solutions in the Intrusion Detection and Prevention Software (IDPS) category. Cisco is ranked #16 with an average rating of 7.7, while WatchGuard is ranked #8 with an average rating of 7.6. Additionally, 95% of Cisco users are willing to recommend the solution, compared to 95% of WatchGuard users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Aug 5, 2025

Cisco Sourcefire SNORT and WatchGuard Firebox are competing network security solutions. WatchGuard Firebox tends to have the upper hand due to its comprehensive features and straightforward deployment.

Features: Cisco Sourcefire SNORT provides robust intrusion prevention, including deep packet inspection and open-source flexibility. WatchGuard Firebox offers user-friendly firewall management, advanced threat detection, and seamless integration options.

Room for Improvement: Cisco Sourcefire SNORT could enhance its user interface for easier management and improve hardware integration. WatchGuard Firebox might focus on reducing costs and offering more advanced customization features. Both could expand their documentation for better user guidance.

Ease of Deployment and Customer Service: WatchGuard Firebox is known for straightforward deployment and strong customer service support. Cisco Sourcefire SNORT requires technical expertise for setup but provides cost-effective customer service options.

Pricing and ROI: Cisco Sourcefire SNORT is noted for low initial setup costs and delivers value through open-source capabilities. WatchGuard Firebox requires a higher upfront investment but offers significant ROI via its comprehensive features and ease of use.

To learn more, read our detailed Intrusion Detection and Prevention Software (IDPS) Report (Updated: July 2025).

Buyer's Guide

Intrusion Detection and Prevention Software (IDPS)

July 2025

Download the complete report

Helped 865,295 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortinet FortiGate

Featured Reviews

Vasu Gala

Manager, Information Technology Operation/Presales at TechMonarch

A stable solution with an intuitive interface and quick customer service

I have been working with Fortinet FortiGate, WatchGuard, Sophos, and SonicWall. I'm not as comfortable with SonicWall because of their UI and limitations. I prefer Fortinet above all other options. When it comes to configuration, I am confident in my ability to handle various tasks, including creating policies such as firewall rules, web policies, and application policies. Additionally, I can configure VPNs and implement load balancing, among other tasks. Overall, I feel much more comfortable working with Fortinet. Fortinet has made significant improvements by integrating AI with firewalls for threat analysis and prevention. In the past 2-3 years, they have launched FortiSASE and SIEM, and they also provide SOC services. Both Palo Alto and Fortinet FortiGate are excellent. While Fortinet FortiGate comes at higher prices, the functionality and support justify the cost. They promptly resolve firmware issues and inform all support providers about configuration changes.

Read full review

Jack Poon

Treasury Specialist at Dah Sing Bank

Offers ease of setup and good documentation

When it comes to the product's deployment phase, we have a lot of vendor support. We have a lot of skills here in Hong Kong. Our company doesn't find any problem deploying Cisco solutions. The solution is deployed on an on-premises version. Speaking about the time required to deploy the solution, I would say that we have quite a lot of previous experience with deploying Cisco products. We have our company's standard design document, which we need to follow. We have a standard testing procedure for all those features. We just take out some appropriate parts and then compile them into one document for an individual project. It is actually quite easy for us to do the documentation, so it just takes one or two hours, and we can do the implementation because all the materials and testing procedures are already in our company standard documents, so it is not that difficult for us.

Read full review

Rajesh Makwana

Regional Pre-Sales Engineer at Roundrobin Tech

Efficient bandwidth management and secure network access with a strong firewall

The primary use case of the Firebox mainly revolves around bandwidth management, unnecessary web blocking, application control, and protection against brute force attacks. It is also implemented for load balancing, SD-WAN, and branch-to-branch connectivity from one location to another. We also use…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"I haven't configured or experienced any stability issues."

"Security solution with a straightforward and quick setup. It's a stable and scalable product."

"I'm looking forward to FortiGate's dashboard features, insights, application oversight, and monitoring, which could help us significantly."

"Fortinet FortiGate is stable. It's used across all the countries, this is the way most multinationals run their system."

"The main benefit is the grouping of our security monitoring."

"Fortinet FortiGate is a security device. It can optimize security on the networks of a company. It actually protects the company from attacks from outside. With FortiGate, you can categorize the users. You can create a group of users that can access all of the websites for their work. You can limit other users' access."

"FortiGate firewalls are user-friendly, and I like the security profiling features."

"The SD-WAN feature of Fortinet FortiGate has been most impactful in maintaining our network's integrity."

More Fortinet FortiGate pros

"The whole solution is very good, and stable."

"Solid intrusion detection and prevention that scales easily in very large environments."

"In general, the features are all great. However, if I need to take hardware for ASA, because they need to upgrade to Firepower, we want to create rules. For that, most of the time we go to the command line. Right now Firepower is working really hard on the grid. You can apply all those rules to the grid. Even if you want to monitor the logs, for example, the activity will tell you which particular user has been blocked because of that rule. Firepower's monitoring interface is very good, because you can see each and every piece. ASA also had it, but there you needed to type the command and be under the server to see all that stuff. In Firepower you have the possibility to go directly to the firewall. The way the monitoring is displayed is also very nice. The feature I appreciate most in Firepower is actually the grid. The grid has worked very well."

"Cisco Sourcefire SNORT is easy to configure and the reporting is great. It's also very user-friendly."

"The most valuable feature of this solution is the filtering."

"It simplifies the configuration process by offering pre-defined base configurations, including security and connectivity settings."

"The most valuable feature is the ability to automatically learn the traffic in our environment, and change the merit recommendations based on that."

"The product is inexpensive compared to leading brands such as Palo Alto or Fortinet."

More Cisco Sourcefire SNORT pros

"It saves us time in the respect that we now have the template built for it so we can get in and get it done. We've had much less problem supporting Voice over IP technologies from different companies. Because our client base has grown over the years, we're probably saving 20 to 30 man-hours a month now that we've got this on a good stable level."

"Simple to move settings between WatchGuard boxes."

"WatchGuard Firebox is easy to configure and has a nice user interface."

"We have witnessed an ROI as it has helped with security measures."

"The solution has increased productivity with our outside salespeople being able to connect into their computers and use those remotely."

"It does the job of what it says it does. We set it to what we want it to block and then it blocks it."

"The most effective and helpful features of WatchGuard Firebox, especially when purchased with the full suite of applications, are its bundled applications and subscriptions for comprehensive protection against various threats."

"The ease of use is most valuable. You can quickly train someone who hasn't seen a firewall in life. You can get people up to speed, and in a few months, they are able to manage this product very easily. It is a very user-friendly, scalable, and stable product. Its price is also spot-on."

More WatchGuard Firebox pros

Cons

"The solution lacks sufficient filtering."

"There are just some services that aren't available. For example, the Ethernet or point-to-point protocols. They could add these services to their product offering - especially services for ISPs."

"Some features in Fortinet FortiGate need improvement as we discover when calling support that certain actions must be done from the command line."

"I would like to see improvements in Fortinet FortiGate regarding the active-active scenario. The active-active scenario is supported but not recommended, whereas other vendors are implementing active-active without issues."

"FortiGate should have a better way of detecting and managing the system memory because otherwise if the memory is too low, a system restart is required."

"Some features of Fortinet FortiGate are actually fee enabled that are inconvenient for deploying in production. Other issues relate to isolation with Cisco products and your server."

"FortiGate can only retain logs for 24 hours or 7 days. I'm not sure if it holds them for a longer period, such as for a month."

"I prefer Palo Alto over Fortinet FortiGate. Its IPS engine is not better than the Palo Alto version. The monitoring tool needs improvement, and the syslog configuration needs enhancement."

More Fortinet FortiGate cons

"The cloud can be improved."

"Performance needs improvement."

"The customization of the rules can be simplified."

"While the alerts they offer are good, it could improve it in the sense that they should be more detailed to make the alerts more useful to us in general. Sometimes the solution will offer up false positives. Due to the fact that the alerts aren't detailed, we have to go dig around to see why is it being blocked. The solution would be infinitely better if there was just a bit more detail in the alert information and logging we receive."

"The pricing needs to be improved. We have lots of low-budget clients around us. Budget constraints are always a deterrent in our market."

"The main dashboard of Cisco Sourcefire SNORT could improve."

"With the next release, I would like to see some PBR, so that you can do the configuration with the features."

"I don't think this solution is a time-based control system, because one cannot filter traffic based on time."

More Cisco Sourcefire SNORT cons

"The VPN aspect of the WatchGuard Firebox is an area that could potentially benefit from improvement. We encountered difficulties while attempting to integrate Windows 11 laptops into the system, which resulted in unreliable connections. After some research, we discovered that this was primarily due to compatibility issues with Windows 11 and required a patch. However, it was still a challenge as it seemed that even when we tried to keep the laptops on Windows 10, they still exhibited the same issues as Windows 11 machines. Despite WatchGuard attributing the problem to Microsoft, we were eventually able to find a solution and all the machines are now functioning seamlessly."

"Once you start getting into proxy actions and setting up: "Okay, cool. Once this rule gets triggered, what actions have to happen?" I do know a few people who use WatchGuard and they still have to get assistance when they look at that. So I would file that as a con for WatchGuard. Proxy actions can be a little bit complicated."

"I believe there is room for improvement in policies, with the potential to enhance the margins further."

"A 12-hour power outage... got our batteries."

"One other shortcoming is that there is no backup for it. We really haven't figured out how we might solve that problem. We may want to put a duplicate in... With WatchGuard, we just have the one box. If that were to fail, we'd probably be really hurting."

"Its graphical user interface could be improved because not everybody is technical. There is a lack of knowledge, and they can give some training for this solution."

"There are a couple of things I wished that it would do, but I can't think of those off the top of my head."

"The website must provide more information on the product."

More WatchGuard Firebox cons

Pricing and Cost Advice

"The pricing of Fortinet FortiGate is average, not cheap or overly expensive compared to other firewall solutions in the market. It's effective and affordable for customers."

"The pricing for this solution is good."

"If you are looking for a quality product, it will come at a higher price. Expecting them to be significantly cheaper is unrealistic. In terms of pricing, it is a bit costly. However, the functionality and support offered are worth it."

"The price is fair compared to the other competitors."

"Fortinet is the least expensive solution."

"It's very competitive."

"Compared to Palo Alto, which we have used in the past, pricing and licensing are okay."

"I do not have first-hand experience with the rice of Fortinet FortiGate, but I have heard the price was reasonable."

More Fortinet FortiGate pricing and cost advice

"I don't know the exact amount, but most of the time when I go to a company with a proposition, they will say, "This thing that you are selling is good, but it's expensive. Why don't you propose something like FortiGate, Check Point, or Palo Alto?" Cisco device are expensive compared to other devices."

"We have a three-year license for this solution."

"Licensing for this solution is paid on a yearly basis."

"If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five."

"The cost is per port and can be expensive but it does include training and support for three years."

"I think the tool is quite competitive compared to the other brands."

"We only license our corporate one and the one we have at our DR site, we don't worry about the branches. It doesn't pay for us to license the ones at the branches. What they charge for what they call basic maintenance is extremely high for those little fireboxes."

"The price of the WatchGuard Firebox is reasonable."

"There is an additional cost for support on top of licensing. When I bought my new unit, I received additional time added to my support."

"The price is comparable."

"As per my knowledge, the product is more affordable than alternatives."

"The solution is not expensive and customers pay for a yearly license."

"I usually tell people that it's really affordable as well, particularly compared to Cisco."

More WatchGuard Firebox pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.

See recommendations

865,295 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

16%

Comms Service Provider

Manufacturing Company

Financial Services Firm

Computer Software Company

13%

Financial Services Firm

10%

University

Comms Service Provider

Computer Software Company

14%

Comms Service Provider

11%

Retailer

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

When you compare these firewalls you can identify them with different features, advantages, practices and usage a...

See all answers

What is the biggest difference between Sophos XG and FortiGate?

From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...

See all answers

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?

As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...

See all answers

What do you like most about Cisco Sourcefire SNORT?

The product is inexpensive compared to leading brands such as Palo Alto or Fortinet.

See all answers

What is your experience regarding pricing and costs for Cisco Sourcefire SNORT?

If one is an extremely expensive product, and ten is cheap, I rate the tool's price as a five. There are some other t...

See all answers

What needs improvement with Cisco Sourcefire SNORT?

Cisco offers the Cisco DNA Center, which is a source that provides crucial information for us to monitor performance,...

See all answers

What is your primary use case for WatchGuard Firebox?

We are providing our services to all WatchGuard customers in the region.

See all answers

What is your primary use case for WatchGuard Firebox?

We just use it as a secondary WiFi device. We're a small office and we needed to set up a WiFi device for a few of ou...

See all answers

What is your primary use case for WatchGuard Firebox?

We're a hospital and we use it for developing our incoming and outgoing policies, and we also use it for VPN.

See all answers

Comparisons

Sophos XG vs Fortinet FortiGate

Compared 20% of the time

Cisco Secure Firewall vs Fortinet FortiGate

Compared 12% of the time

Netgate pfSense vs Fortinet FortiGate

Compared 11% of the time

Meraki MX vs Fortinet FortiGate

Compared 5% of the time

OPNsense vs Fortinet FortiGate

Compared 4% of the time

More Fortinet FortiGate Competitors

Fortinet FortiGate IPS vs Cisco Sourcefire SNORT

Compared 21% of the time

Palo Alto Networks Advanced Threat Prevention vs Cisco Sourcefire SNORT

Compared 19% of the time

Cisco Secure IPS (NGIPS) vs Cisco Sourcefire SNORT

Compared 18% of the time

Trend Micro TippingPoint Threat Protection System vs Cisco Sourcefire SNORT

Compared 9% of the time

ExtremeCloud IQ vs Cisco Sourcefire SNORT

Compared 8% of the time

More Cisco Sourcefire SNORT Competitors

OPNsense vs WatchGuard Firebox

Compared 6% of the time

SonicWall TZ vs WatchGuard Firebox

Compared 5% of the time

Netgate pfSense vs WatchGuard Firebox

Compared 5% of the time

Sophos XG vs WatchGuard Firebox

Compared 5% of the time

Sophos UTM vs WatchGuard Firebox

Compared 4% of the time

More WatchGuard Firebox Competitors

Product Reports

Buyer's Guide

Fortinet FortiGate

August 2025

Download Fortinet FortiGate product report

Buyer's Guide

Cisco Sourcefire SNORT

August 2025

Download Cisco Sourcefire SNORT product report

Buyer's Guide

WatchGuard Firebox

July 2025

Download WatchGuard Firebox product report

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall

Sourcefire SNORT

WatchGuard Threat Detection and Response, WatchGuard Application Control, WatchGuard Data Loss Prevention, WatchGuard Gateway AntiVirus, WatchGuard Intrusion Prevention Service

Overview

Fortinet FortiGate offers comprehensive network security and firewall protection across multiple locations. It effectively manages data traffic and secures environments with features like VPN, intrusion prevention, and UTM controls.

Organizations rely on Fortinet FortiGate for its robust integration with advanced security policies, ensuring significant protection for enterprises, cloud environments, and educational sectors. It facilitates network segmentation, application-level security, and authentication management, securing communication within and between locations such as branches and data centers. Its efficient SD-WAN and UTM features enable streamlined data management and enhanced threat protection capabilities. Users appreciate its centralized management, facilitating seamless operations across diverse environments.

What are the key features of Fortinet FortiGate?

VPN Capabilities: Ensure secure remote access for users and seamless site-to-site connections.
Intrusion Prevention System (IPS): Detect and prevent security threats and vulnerabilities.
Advanced Firewall: Offers robust firewalling with application control and web filtering.
SD-WAN: Optimizes application performance and enhances bandwidth management.
SSL VPN: Provides reliable and secure access for remote workers.

What benefits should users expect from Fortinet FortiGate?

High-performance Security: Delivers effective threat mitigation with high availability.
Centralized Management: Simplifies network operations with cloud-based management tools.
Detailed Analytics: Provides comprehensive insights into network activity and security threats.
Load Balancing: Ensures optimal resource distribution and traffic management.

Fortinet FortiGate is crucial in sectors like education, offering robust networks for secure data flow between campuses and facilitating remote learning. In enterprise environments, it allows efficient management of application traffic and security across multiple branches, while in the cloud, it seamlessly integrates with diverse platforms to enhance security infrastructure.

Fortinet

Snort is an open-source, rule-based, intrusion detection and prevention system. It combines the benefits of signature-, protocol-, and anomaly-based inspection methods to deliver flexible protection from malware attacks. Snort gained notoriety for being able to accurately detect threats at high speeds.

Cisco

WatchGuard Firebox is a high-performance firewall known for its ease of setup, offering robust security with layered protection and centralized management capabilities.

WatchGuard Firebox stands out for its intuitive management and high throughput, addressing security needs with features like VPN, web filtering, and threat detection. Its centralized control and reporting abilities, along with Active Directory integration, make it popular among varied organizations. Its user-friendly interface and ongoing updates enhance usability and reliability. However, there's a call for better cloud-based administration, scalability, and improved integration with third-party vendors.

What are the key features of WatchGuard Firebox?

Ease of Setup: Quick and straightforward installation process.
GUI: User-friendly graphical interface for simplified navigation.
VPN Features: Secure and efficient virtual private network management.
Web Filtering: Advanced filtering for safer browsing experiences.
Threat Detection: Proactive monitoring and detection of cyber threats.

What benefits or ROI should be evaluated?

Centralized Control: Streamlined management from a single point.
High Throughput: Efficient data handling and processing capacity.
Stable Performance: Consistent and reliable operational functionality.
Active Directory Integration: Seamless connection with user directories.
Customer Service: Strong support service for customer inquiries.

WatchGuard Firebox is implemented across industries to secure internet gateways and protect data in multi-site businesses. Its applications span from Unified Threat Management (UTM) and intrusion prevention to compliance support in business environments requiring secure connectivity through VPNs.

WatchGuard

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya

CareCore, City of Biel, Dimension Data, LightEdge, Lone Star College System, National Rugby League, Port Aventura, Smart City Networks, Telecom Italia, The Department of Education in Western Australia

Ellips, Diecutstickers.com, Clarke Energy, NCR, Wrest Park, Homeslice Pizza, Fortessa Tableware Solutions, The Phoenix Residence

Buyer's Guide

Intrusion Detection and Prevention Software (IDPS)

July 2025

Download Free Report

Find out what your peers are saying about Darktrace, Check Point Software Technologies, Fortinet and others in Intrusion Detection and Prevention Software (IDPS). Updated: July 2025.

DOWNLOAD NOW

865,295 professionals have used our research since 2012.

See our list of best Intrusion Detection and Prevention Software (IDPS) vendors and best Firewalls vendors.

We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.