We just raised a $30M Series A: Read our story

Compare Cisco Firepower NGFW Firewall vs. Zscaler Internet Access

Cancel
You must select at least 2 products to compare!
Featured Review
Find out what your peers are saying about Cisco Firepower NGFW Firewall vs. Zscaler Internet Access and other solutions. Updated: July 2019.
554,529 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"The Firepower+ISE+AMP for endpoint integration is something that really stands it out with other vendor solutions. They have something called pxGrid and i think it is already endorsed by IETF. This allows all devices on the network to communicate.""When it comes to the integration among Cisco tools, we find it easy. It's a very practical integration with other components as well.""One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful.""One of the most valuable features is the AMP. It's very good and very reliable when it comes to malicious activities, websites, and viruses.""Being able to determine our active users vs inactive users has led us to increased productivity through visibility. Also, if an issue was happening with our throughput, then we wouldn't know without research. Now, notifications are more proactively happening.""The implementation is pretty straightforward.""I have access to the web version of Cisco Talos to see the reputation of IP addresses. I find this very helpful. It provides important information for my company to obtain the reputation of IP addresses. The information in Talos is quite complete.""I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection."

More Cisco Firepower NGFW Firewall Pros »

"For our needs, the cloud-native proxy architecture is a very good solution. We are moving away from on-prem appliances and moving more toward cloud-based solutions. Zscaler is a good fit for our strategy. This architecture helps with cyber threats because we inspect most of the traffic and we can see that a lot of threats are stopped directly in the secure web gateway.""The security is excellent.""Zscaler Internet Access protects using data loss prevention. If you have a CASB exposing your cloud out into the network, then Zscaler Internet Access will go ahead and control that unknown cloud application in the CASB, protecting it. There is also data detection with exact data match. This improves the data coming into your cloud so you are protecting it.""The VPN is valuable, as the whole technology is very different from a traditional VPN.""The scanning feature is impressive, because they do not introduce a big latency to the traffic."

More Zscaler Internet Access Pros »

Cons
"Web filtering needs improvement because sometimes the URL is miscategorized.""Deploying configurations takes longer than it should.""The price and SD-WAN capabilities are the areas that need improvement.""One issue with Firepower Management Center is deployment time. It takes seven to 10 minutes and that's a long time for deployment. In that amount of time, management or someone else can ask me to change something or to provide permissions, but during that time, doing so is not possible. It's a drawback with Cisco. Other vendors, like Palo Alto or Fortinet do not have this deployment time issue.""We're getting support but there's a big delay until we get a response from their technical team. They're in the USA and we're in Africa, so that's the difficulty. When they're in the office, they respond.""We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve.""The central management tool is not comfortable to use. You need to have a specific skill set. This is an important improvement for management because I would like to log into Firepower, see the dashboard, and generate a real-time report, then I question my team.""The product line does not address the SMB market as it is supposed to do. Cisco already has an on-premises sandbox solution."

More Cisco Firepower NGFW Firewall Cons »

"There are a few features that are not compatible with the Azure cloud.""The reporting functionality could be a bit easier to use. There is a reporting function, but it's quite hard to do any good reporting, from a user-management perspective. For example, if a department manager wants to know how his department is using the web, there is a way to get the data, but it's quite cumbersome to get it and show it well. And that's true for comparing between departments.""I don't know whether it's Zscaler or not, however, sometimes I can't access my time management. I need to wait and try again a few hours later. Typically, if I let some time pass, I can access it again.""An improvement would be if they could provide an out-of-the-box experience, like 20 to 30 features all ready to go. In comparison, LogRhythm offers out-of-the-box features. With Zscaler Internet Access, there is firewall IPS, multiple security services, filtering, DLP, and CASB browser isolation. These are things that all users are going to be using. However, when an administrator or architect would start building this, I would definitely need to engage professional services to help clients do it.""I would like to see the ability to choose a pool of IPs for my company, set up rules based on them, and know that those IPs are not used by other companies."

More Zscaler Internet Access Cons »

Pricing and Cost Advice
"It definitely competes with the other vendors in the market.""This product requires licenses for advanced features including Snort, IPS, and malware detection.""Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed.""I know that licensing for some of the advanced solutions, like Intrusion Prevention and Secure Malware Analytics, are nominal costs.""When we are fighting against other competitors for customers, whether it is a small or big business, we feel very comfortable with the price that Firepower has today.""Its price is in the middle range. Both Firepower and FortiGate are not cheap. Palo Alto and Check Point are the cheapest ones. I don't remember any costs in addition to the standard licensing fees.""Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain.""I am happy with the product in general, including the pricing."

More Cisco Firepower NGFW Firewall Pricing and Cost Advice »

"The pricing is fair based on its competitive market."

More Zscaler Internet Access Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
554,529 professionals have used our research since 2012.
Questions from the Community
Top Answer:  When you compare these firewalls you can identify them with different features, advantages, practices and usage at large. In my opinion, Fortinet would be the best option and l use… more »
Top Answer:  The Cisco Firepower NGFW Firewall is a very powerful and very complex piece of anti-viral software. When one considers that fact, it is all the more impressive that the setup is a fairly… more »
Top Answer: It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco ecosystem, it is very simple to handle. This solution has traffic inspection and… more »
Top Answer:  Cisco Umbrella and Zscaler Internet Access are two broad-spectrum Internet security solutions that I have tried. Zscaler Internet Access is a good option for carrying out multiple security… more »
Top Answer: We researched Netskope but ultimately chose Zscaler. Netskope is a cloud access security broker that helps identify and manage cloud applications, protecting your sensitive data from exfiltration.… more »
Top Answer: For our needs, the cloud-native proxy architecture is a very good solution. We are moving away from on-prem appliances and moving more toward cloud-based solutions. Zscaler is a good fit for our… more »
Ranking
4th
out of 47 in Firewalls
Views
43,244
Comparisons
30,805
Reviews
39
Average Words per Review
1,045
Rating
8.4
Views
39,242
Comparisons
31,649
Reviews
5
Average Words per Review
1,231
Rating
8.6
Comparisons
Also Known As
Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
ZIA
Learn More
Overview

Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

Zscaler Web Security provides unmatched security, visibility and control, going beyond the basics of web content filtering. Delivered in the cloud, Zscaler includes award-winning web security integrated with our robust network security platform that features advanced threat protection, real-time analytics and forensics. You'll get protection across every user, location and device, including laptops, smartphones, tablets and Internet of Things devices.

For more details: 
https://www.zscaler.com/produc...

Offer
Learn more about Cisco Firepower NGFW Firewall
Learn more about Zscaler Internet Access
Sample Customers
Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield
Ulster-Greene ARC, BanRegio, HDFC, Ralcorp Holdings Inc., British American Tobacco, Med America Billing Services Inc., Lanco Group, Aquafil, Telefonica, Swisscom, Brigade Group
Top Industries
REVIEWERS
Comms Service Provider22%
Financial Services Firm16%
Non Profit8%
Government8%
VISITORS READING REVIEWS
Comms Service Provider32%
Computer Software Company21%
Government7%
Manufacturing Company4%
REVIEWERS
Comms Service Provider33%
Media Company11%
Pharma/Biotech Company11%
Engineering Company11%
VISITORS READING REVIEWS
Computer Software Company28%
Comms Service Provider24%
Financial Services Firm6%
Government5%
Company Size
REVIEWERS
Small Business43%
Midsize Enterprise28%
Large Enterprise29%
VISITORS READING REVIEWS
Small Business21%
Midsize Enterprise13%
Large Enterprise66%
REVIEWERS
Small Business44%
Midsize Enterprise11%
Large Enterprise44%
VISITORS READING REVIEWS
Small Business14%
Midsize Enterprise13%
Large Enterprise73%
Find out what your peers are saying about Cisco Firepower NGFW Firewall vs. Zscaler Internet Access and other solutions. Updated: July 2019.
554,529 professionals have used our research since 2012.

Cisco Firepower NGFW Firewall is ranked 4th in Firewalls with 41 reviews while Zscaler Internet Access is ranked 2nd in Secure Web Gateways (SWG) with 5 reviews. Cisco Firepower NGFW Firewall is rated 8.4, while Zscaler Internet Access is rated 8.6. The top reviewer of Cisco Firepower NGFW Firewall writes "The ability to implement dynamic policies for dynamic environments is important, given the fluidity in the world of security". On the other hand, the top reviewer of Zscaler Internet Access writes " AI decision-making on quarantined documents reduces manual work". Cisco Firepower NGFW Firewall is most compared with Fortinet FortiGate, Cisco ASA Firewall, Palo Alto Networks WildFire, Meraki MX and Azure Firewall, whereas Zscaler Internet Access is most compared with Cisco Umbrella, Netskope CASB, Prisma SaaS by Palo Alto Networks, Microsoft Defender for Cloud Apps and Palo Alto Networks WildFire. See our Cisco Firepower NGFW Firewall vs. Zscaler Internet Access report.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.