We just raised a $30M Series A: Read our story

Compare Cisco Firepower NGFW Firewall vs. Zscaler Cloud Firewall

Cancel
You must select at least 2 products to compare!
Featured Review
Find out what your peers are saying about Cisco Firepower NGFW Firewall vs. Zscaler Cloud Firewall and other solutions. Updated: November 2021.
553,954 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"I have access to the web version of Cisco Talos to see the reputation of IP addresses. I find this very helpful. It provides important information for my company to obtain the reputation of IP addresses. The information in Talos is quite complete.""Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity.""One of the most valuable features is the AMP. It's very good and very reliable when it comes to malicious activities, websites, and viruses.""It's got the capabilities of amassing a lot of throughput with remote access and VPNs.""There are no issues that we are aware of. It does its job silently in the background.""The implementation is pretty straightforward.""The feature set is fine and is rarely a problem.""One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful."

More Cisco Firepower NGFW Firewall Pros »

"Includes advanced tech protection.""The initial setup is straightforward.""I like the ease of deployment and its flexibility. We don't need to deal with license, quotes, procurement, delivery, and installation. Everything is software-based, and it's very easy to operate.""Once you have Zscaler running you have access to configure it however you want.""The solution offers good sandboxing."

More Zscaler Cloud Firewall Pros »

Cons
"The central management tool is not comfortable to use. You need to have a specific skill set. This is an important improvement for management because I would like to log into Firepower, see the dashboard, and generate a real-time report, then I question my team.""My team tells me that other solutions such as Fortinet and Palo Alto are easier to implement.""Cisco Firepower NGFW Firewall can be more secure.""The change-deployment time can always be improved. Even at 50 seconds, it's longer than some of its competitors. I would challenge Cisco to continue to improve in that area.""Report generation is an area that should be improved.""FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively.""I would like it to have faster deployment times. A typical deployment could take two to three minutes. Sometimes, it depends on the situation. It is better than it was in the past, but it could always use improvement.""They need a VTI. I know it's going to be available in the next software version, which is the 6.7 version. However, the problem with that is that the 6.7 is going to deprecate all the older IKEv1 deployment tunnels. Therefore, the problem is that we have a lot of customers which are using older encryptions. If I do that, update it, it's not going to work for me."

More Cisco Firepower NGFW Firewall Cons »

"It would be better if they improved their policy, package visibility, and flexibility while we're creating rules for inspection. It could also be cheaper or more things could be included in the basic package. In the next release, I would like better coverage in the Asia Pacific region and better quality of service.""The issue right now is probably that Zscaler is not providing web browser isolation. Another solution, Menlo, offers this. For one customer, we had to send traffic to Menlo to do the isolation for us. It was requested by the customer so that they could integrate any iframe. Zscaler needs to add this type of feature in their next release.""Because it's on cloud, it doesn't allow application of extra settings.""The product could improve its integration with some legacy systems.""Data Leak Prevention is only for web filtering and there is no protection for email."

More Zscaler Cloud Firewall Cons »

Pricing and Cost Advice
"Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed.""This solution is expensive and other solutions, such as FortiGate, are cheaper.""I know that licensing for some of the advanced solutions, like Intrusion Prevention and Secure Malware Analytics, are nominal costs.""This product requires licenses for advanced features including Snort, IPS, and malware detection.""For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive.""There are additional implementation and validation costs.""The price of Firepower is not bad compared to other products.""When we purchased the firewall, we had to take the security license for IPS, malware protection, and VPN. If we are using high availability, we have to take a license for that. We also have to pay for hardware support and technical support. Its licensing is on a yearly basis."

More Cisco Firepower NGFW Firewall Pricing and Cost Advice »

"There are licensing costs, and I would not say that it's a cheap vendor.""The licensing is on a yearly basis. It is somewhere around 30 or 40 pounds per user for our organization."

More Zscaler Cloud Firewall Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
553,954 professionals have used our research since 2012.
Questions from the Community
Top Answer:  When you compare these firewalls you can identify them with different features, advantages, practices and usage at large. In my opinion, Fortinet would be the best option and l use… more »
Top Answer:  The Cisco Firepower NGFW Firewall is a very powerful and very complex piece of anti-viral software. When one considers that fact, it is all the more impressive that the setup is a fairly… more »
Top Answer: It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco ecosystem, it is very simple to handle. This solution has traffic inspection and… more »
Top Answer: Netscope, Zscaler if they continue route they are on now. FIrewalls needs great deal of automation on each end, datacenter and endpoint. In between you have branch office. So blending EPP and firewall… more »
Top Answer: The initial setup is straightforward.
Top Answer: The licensing is on a yearly basis. It is somewhere around 30 or 40 pounds per user for our organization.
Ranking
4th
out of 47 in Firewalls
Views
43,244
Comparisons
30,805
Reviews
39
Average Words per Review
1,045
Rating
8.4
29th
out of 47 in Firewalls
Views
1,051
Comparisons
596
Reviews
3
Average Words per Review
533
Rating
8.0
Comparisons
Also Known As
Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
Learn More
Overview

Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

Zscaler enables the world’s leading organizations to securely transform their networks and applications for a mobile and cloud first world. Its flagship services, Zscaler Internet Access and Zscaler Private Access, create fast, secure connections between users and applications, regardless of device, location, or network. Zscaler services are 100% cloud-delivered and offer the simplicity, enhanced security, and improved user experience that traditional appliances or hybrid solutions are unable to match. Used in more than 185 countries, Zscaler operates the world’s largest cloud security platform, protecting thousands of enterprises and government agencies from cyberattacks and data loss.

Check more details: https://www.zscaler.com/produc...

Offer
Learn more about Cisco Firepower NGFW Firewall
Learn more about Zscaler Cloud Firewall
Sample Customers
Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield
Zenith Live, Azure, Carlsberg Group
Top Industries
REVIEWERS
Comms Service Provider22%
Financial Services Firm16%
Manufacturing Company8%
Non Profit8%
VISITORS READING REVIEWS
Comms Service Provider32%
Computer Software Company21%
Government7%
Manufacturing Company4%
VISITORS READING REVIEWS
Computer Software Company28%
Comms Service Provider23%
Government6%
Financial Services Firm6%
Company Size
REVIEWERS
Small Business43%
Midsize Enterprise28%
Large Enterprise29%
VISITORS READING REVIEWS
Small Business21%
Midsize Enterprise13%
Large Enterprise66%
No Data Available
Find out what your peers are saying about Cisco Firepower NGFW Firewall vs. Zscaler Cloud Firewall and other solutions. Updated: November 2021.
553,954 professionals have used our research since 2012.

Cisco Firepower NGFW Firewall is ranked 4th in Firewalls with 41 reviews while Zscaler Cloud Firewall is ranked 29th in Firewalls with 5 reviews. Cisco Firepower NGFW Firewall is rated 8.4, while Zscaler Cloud Firewall is rated 8.0. The top reviewer of Cisco Firepower NGFW Firewall writes "The ability to implement dynamic policies for dynamic environments is important, given the fluidity in the world of security". On the other hand, the top reviewer of Zscaler Cloud Firewall writes "Good sandboxing and URL filtering with capability to scale". Cisco Firepower NGFW Firewall is most compared with Fortinet FortiGate, Cisco ASA Firewall, Palo Alto Networks WildFire, Meraki MX and Azure Firewall, whereas Zscaler Cloud Firewall is most compared with Menlo Security Cloud Firewall, OPNsense, pfSense, Check Point NGFW and Cisco ASA Firewall. See our Cisco Firepower NGFW Firewall vs. Zscaler Cloud Firewall report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.