We just raised a $30M Series A: Read our story

Compare Cisco ASA Firewall vs. Zscaler Cloud Firewall

Cancel
You must select at least 2 products to compare!
Featured Review
Find out what your peers are saying about Cisco ASA Firewall vs. Zscaler Cloud Firewall and other solutions. Updated: November 2021.
553,954 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"The most valuable features of this solution are the integrations and IPS throughput.""Web filtering is a big improvement for us. The previous version we used, the AC520, did not have that feature included. It was not very easy for us, especially because the environment had to be isolated and we needed to get updates from outside, such as Windows patches. That feature has really helped us when we are going outside to pull those patches.""I have integrated it for incidence response. If there is a security event, the Cisco firewall will automatically block the traffic, which is valuable.""Provides good integrations and reporting.""We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government.""A good intrusion prevention system and filtering.""Another benefit has been user integration. We try to integrate our policies so that we can create policies based on active users. We can create policies based on who is accessing a resource instead of just IP addresses and ports.""It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective."

More Cisco Firepower NGFW Firewall Pros »

"It's a flexible solution and is well-known in the community.""The most valuable features for my client are the ASDM and monitoring.""I have found the most valuable feature to be the access control and IPsec VPN.""The most valuable features are the provision of internet access, AnyConnect, and VPN capabilities.""The high-availability and remote VPN features are most valuable.""It is very stable compared to other firewall products.""Simple to deploy, stable.""The interface is user-friendly."

More Cisco ASA Firewall Pros »

"The initial setup is straightforward.""Includes advanced tech protection.""Once you have Zscaler running you have access to configure it however you want.""I like the ease of deployment and its flexibility. We don't need to deal with license, quotes, procurement, delivery, and installation. Everything is software-based, and it's very easy to operate.""The solution offers good sandboxing."

More Zscaler Cloud Firewall Pros »

Cons
"FirePOWER does a good job when it comes to providing us with visibility into threats, but I would like to see a more proactive stance to it.""Web filtering needs improvement because sometimes the URL is miscategorized.""We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve.""The visibility for VPN is one big part. The policy administration could be improved in terms of customizations and flexibility for changing it to our needs.""One feature I would like to see, that Firepower doesn't have, is email security. Perhaps in the future, Cisco will integrate Cisco Umbrella with Firepower. I don't see why we should have to pay for two separate products when both could be integrated in one box.""The performance should be improved.""The initial setup can be a bit complex for those unfamiliar with the solution.""On the VPN side, Firepower could be better. It needs more monitoring on VPNs. Right now, it's not that good. You can set up a VPN in Firepower, but you can't monitor it."

More Cisco Firepower NGFW Firewall Cons »

"It is my understanding that they are in the process of discontinuing this device.""Cisco provides us with application visibility and control, although it's not a complete solution compared to other vendors. Cisco needs to work on the application behavior side of things, in particular when it comes to the behavior of SSL traffic.""Its configuration through GUI as well as CLI can be improved and made easier.""In the future, I would like to be able to use an IP phone over a VPN connection.""The solution has not had any layer upgrades. It does not have layer five and upwards, it only has up to layer four. This has caused some problems for us.""It is hard to collaborate with our filtered environment.""This is an older product and has reached end-of-life.""The graphical interface could be improved. From what I have seen, Fortinet, for example, has a nicer GUI."

More Cisco ASA Firewall Cons »

"The product could improve its integration with some legacy systems.""Because it's on cloud, it doesn't allow application of extra settings.""It would be better if they improved their policy, package visibility, and flexibility while we're creating rules for inspection. It could also be cheaper or more things could be included in the basic package. In the next release, I would like better coverage in the Asia Pacific region and better quality of service.""Data Leak Prevention is only for web filtering and there is no protection for email.""The issue right now is probably that Zscaler is not providing web browser isolation. Another solution, Menlo, offers this. For one customer, we had to send traffic to Menlo to do the isolation for us. It was requested by the customer so that they could integrate any iframe. Zscaler needs to add this type of feature in their next release."

More Zscaler Cloud Firewall Cons »

Pricing and Cost Advice
"Cisco pricing is premium. However, they gave us a 50 to 60 percent discount.""Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain.""Pricing is the same as other competitors. It is comparable. The licensing has gotten better. It has been easier with Smart Licensing.""This product requires licenses for advanced features including Snort, IPS, and malware detection.""There are additional implementation and validation costs.""Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed.""It definitely competes with the other vendors in the market.""I like the Smart Licensing, because it is more dynamic and easier to keep track of where you are at. If we have a high availability firewall pair and they are deployed in active/standby rather than active/active, I would expect that we would only pay for one set of licenses because you are using only one firewall at any one time. The other is there just for resiliency. The licensing, from a Firepower perspective, still requires you to have two licenses, even if the firewalls are in active/standby, which means that you pay for the two licenses, even though you might only be using one firewall any one time. This is probably not the best way to do it and doesn't represent the best value for money. This could be looked at to see if it could be done in a fairer way."

More Cisco Firepower NGFW Firewall Pricing and Cost Advice »

"Cisco is considered to be an expensive solution.""They have a lot of different models but most of them are really expensive.""I just bought it off the shelf, and I'm using it with my previous one, so I have not spent that much.""It is expensive. There is a cost for everything. There is per year license cost and support cost. There is also a cost for any training, any application, and any resource. Things are very costly to do with Cisco. Other brands are cheaper. They are also more flexible in terms of training, subscription, and licensing. They give lots and lots of years free. They provide more than Cisco.""I like its licensing because you buy the license once, and it is yours. We don't have to go for a subscription. So, I liked how they licensed Cisco ASA. Our clients are also very satisfied with its licensing model.""We are happy with its price. Licensing is on a yearly basis for technical support. There is one license for technical support. There is another license for IP Version 2 VPN and IPS.""They seem to be at the top end in terms of pricing, but they are worth the price. They are probably a little bit lower than Palo Alto. If the customers are relying on Cisco products and they are thinking more in terms of scaling to another layer in a year, it is pretty much in a good price range.""It's very competitive with other products."

More Cisco ASA Firewall Pricing and Cost Advice »

"The licensing is on a yearly basis. It is somewhere around 30 or 40 pounds per user for our organization.""There are licensing costs, and I would not say that it's a cheap vendor."

More Zscaler Cloud Firewall Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
553,954 professionals have used our research since 2012.
Questions from the Community
Top Answer:  When you compare these firewalls you can identify them with different features, advantages, practices and… more »
Top Answer:  The Cisco Firepower NGFW Firewall is a very powerful and very complex piece of anti-viral software. When one considers… more »
Top Answer: It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
Top Answer: One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet… more »
Top Answer:  Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports… more »
Top Answer: When looking to change our ASA Firewall, we looked into Palo Alto’s WildFire. It works especially in preventing advanced… more »
Top Answer: Netscope, Zscaler if they continue route they are on now. FIrewalls needs great deal of automation on each end… more »
Top Answer: The initial setup is straightforward.
Top Answer: The licensing is on a yearly basis. It is somewhere around 30 or 40 pounds per user for our organization.
Comparisons
Also Known As
Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAv
Learn More
Overview

Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

Cisco ASA firewalls deliver enterprise-class firewall functionality with highly scalable and flexible VPN capabilities to meet diverse needs, from small/branch offices to high performance data centers and service providers. Available in a wide range of models, Cisco ASA can be deployed as a physical or virtual appliance. Flexible VPN capabilities include support for remote access, site-to-site, and clientless VPN. Also, select appliances support clustering for increased performance, VPN load balancing to optimize available resources, advanced high availability configurations, and more.

Cisco ASAv is the virtualized version of the Cisco ASA firewall. Widely deployed in leading private and public clouds, Cisco ASAv is ideal for remote worker and multi-tenant environments. The solution scales up/down to meet performance requirements and high availability provides resilience. Also, Cisco ASAv can deliver micro-segmentation to protect east-west network traffic.

Cisco firewalls provide consistent security policies, enforcement, and protection across all your environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables greater simplicity, visibility, and efficiency.

Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

Zscaler enables the world’s leading organizations to securely transform their networks and applications for a mobile and cloud first world. Its flagship services, Zscaler Internet Access and Zscaler Private Access, create fast, secure connections between users and applications, regardless of device, location, or network. Zscaler services are 100% cloud-delivered and offer the simplicity, enhanced security, and improved user experience that traditional appliances or hybrid solutions are unable to match. Used in more than 185 countries, Zscaler operates the world’s largest cloud security platform, protecting thousands of enterprises and government agencies from cyberattacks and data loss.

Check more details: https://www.zscaler.com/produc...

Offer
Learn more about Cisco Firepower NGFW Firewall
Learn more about Cisco ASA Firewall
Learn more about Zscaler Cloud Firewall
Sample Customers
Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
Zenith Live, Azure, Carlsberg Group
Top Industries
REVIEWERS
Comms Service Provider22%
Financial Services Firm16%
Government8%
Non Profit8%
VISITORS READING REVIEWS
Comms Service Provider32%
Computer Software Company21%
Government7%
Manufacturing Company4%
REVIEWERS
Financial Services Firm17%
Comms Service Provider13%
Manufacturing Company10%
University6%
VISITORS READING REVIEWS
Comms Service Provider35%
Computer Software Company21%
Government5%
Educational Organization4%
VISITORS READING REVIEWS
Computer Software Company28%
Comms Service Provider23%
Government6%
Financial Services Firm6%
Company Size
REVIEWERS
Small Business43%
Midsize Enterprise28%
Large Enterprise29%
VISITORS READING REVIEWS
Small Business21%
Midsize Enterprise13%
Large Enterprise66%
REVIEWERS
Small Business35%
Midsize Enterprise26%
Large Enterprise39%
VISITORS READING REVIEWS
Small Business28%
Midsize Enterprise16%
Large Enterprise56%
No Data Available
Find out what your peers are saying about Cisco ASA Firewall vs. Zscaler Cloud Firewall and other solutions. Updated: November 2021.
553,954 professionals have used our research since 2012.

Cisco ASA Firewall is ranked 6th in Firewalls with 62 reviews while Zscaler Cloud Firewall is ranked 29th in Firewalls with 5 reviews. Cisco ASA Firewall is rated 8.0, while Zscaler Cloud Firewall is rated 8.0. The top reviewer of Cisco ASA Firewall writes "Robust solution that integrates well with both Cisco products and products from other vendors". On the other hand, the top reviewer of Zscaler Cloud Firewall writes "Good sandboxing and URL filtering with capability to scale". Cisco ASA Firewall is most compared with Fortinet FortiGate, Palo Alto Networks WildFire, Meraki MX, Juniper SRX and SonicWall TZ, whereas Zscaler Cloud Firewall is most compared with Menlo Security Cloud Firewall, OPNsense, pfSense, Check Point NGFW and Fortinet FortiGate. See our Cisco ASA Firewall vs. Zscaler Cloud Firewall report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.