One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fortigate is very stable, reliable, and consistent. We like that we can manage the entire network from one interface; there is no going back and forth as some other solutions force you to do. Fortinet Fortigate firewalls have access point controller functionality built right into the system; there is no need for additional devices. This solution offers great built-in features for web filtering, and the VPN is an extremely valuable feature.
The reporting with Fortinet Fortigate needs some degree of customization so that more usable reports can be created. If you want extra features, you need to buy extra licenses, which can get expensive quickly. We wish we could get more with the general license. We would also like to see better cloud management.
It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco ecosystem, it is very simple to handle. This solution has traffic inspection and the Firepower engine, which provides good application visibility and control. Cisco ASA gives you full details, traffic monitoring, and threat monitoring. The solution has very solid encryption and multi-factor authentication. It is a great option to enable seamless work-from-home options.
The front-end configuration with Cisco ASA can be tough, though - there are too many steps in this process. It would also be better if there was a clear view of the integrations and the easiest way to complete them. In inexperienced hands, the Cisco ASA interface can be pretty daunting. An improved GUI would make this product much more user-friendly and competitive with other products. This solution can also be very expensive.
We chose Fortinet Fortigate. It is a better fit for us. We have clients that still have many team members working remotely and the VPN that Fortinet Fortigate provides is extremely valuable. The antivirus and the IPS intrusion prevention help add to the overall reliability and stability of Fortinet Fortigate.
Better is very subjective. If you want a firewall that your Cisco-trained engineers can integrate with your Cisco routers and Cisco switches and that supports Cisco proprietary protocols, or you need a firewall that runs at terabit speeds and integrates with FortiSwitch, I bet you know the answer.
Headline, Fortigates are fixed-port appliances, with really good hardware acceleration and a big security integration fabric.
Cisco ASA (and now Firepower) can be modular, where you choose the ports you need, but tend to cost more for the same amount of throughput and tend not to have as much integration with other parts of the security world.
There is a lot more to say but pick the things that are important to you.
I think they are for two different businesses with different digital strategies as well.
On the one hand, we have the option of consolidating everything in a single box and on the other, putting together a solution with parts and pieces that are more robust but also more complex.
And don't forget the look of the technology departments where an option clearly requires less expert level to exploit the acquired infrastructure. This is where the concept of Service appears, which in my understanding has already had to evolve from the traditional times of responses and product catalogs.
CISCO ASA is a great product, easy trouble shooting on Cmd line and GUI interface,best Cisco Support
Which is better and why?
Hi security and IT professionals,
In what cases should an organization choose a Firewall as a Service (FWaaS) solution?
When should FWaaS be a complementary product to the on-premise FW/NGFW?