We just raised a $30M Series A: Read our story
2021-04-30T01:06:00Z

Which product do you recommend and why: Palo Alto Networks VM-Series vs Cisco Firepower Threat Defense Virtual (FTDv)?

52

Hello,

In my organization (10K+ employees) we have had Cisco products for decades and currently, we're exploring whether Palo Alto Networks VM-Series is a good alternative (vs Cisco FTDv) that can leverage our security posture. 

Dear community members, please share your technical recommendations!

ITCS user
Guest
44 Answers

author avatar
Top 5Real User

hello. Capability is on par between the two vendors. Your best bet is to think about integration and how the FW will work with other tools/processes in your environment. Thanks

2021-04-30T16:30:28Z
author avatar
Top 5Real User

I can't say for Palo Alto as I haven't tried them myself, but I'd advise against FTDs and Firepower Management Center.


* Firepower systems take about 4 minutes on average to make config changes (it's referred to as "Deployment", can take 1-6 minutes depending type of change you're making). which makes troubleshooting a nightmare.


* it is overall very buggy, we had to open at least 2-3 tickets per year with Cisco to fix issues with our system that has only 2 firewalls working in HA. some that required upgrading software. some cases required involvement from R&D to diagnose and fix, and took more than a week. I don't want to imagine the administration overhead of having several bugs in several different sites (I'd think "10K+ employees" operate in more than one site) and having to troubleshoot each with the Cisco TAC (Cisco TAC is good compared to other vendors, but it's not their fault the software is buggy).


* I'm not sure this is the case for FTDv, but I don't think that would be different.


I suggest you implement test sites using both solutions through a POC if possible before migrating such a large environment.

2021-10-03T08:48:08Z
author avatar
User

Neither.  


I'd pick Fortinet's products for a variety of reasons, but the #1 reason being they are easier to use and maintain.  And they are better for TSCM work which is something we specialize in (Technical Surveillance Countermeasures - and within networks).

2021-10-01T01:14:54Z
author avatar
Community Manager

Hello @Muhammed Eslami, @Mike Bulyk@Javed Hashmi ​, @VishalGilatar. Can you please assist @M Mari

2021-04-30T02:35:40Z
Find out what your peers are saying about Cisco Firepower NGFW Firewall vs. Palo Alto Networks VM-Series and other solutions. Updated: November 2021.
552,695 professionals have used our research since 2012.