The purpose of this article is to share the differences between Cisco Meraki MX Firewall vs Fortinet FortiGate firewalls.
Cisco Meraki MX Firewalls
Meraki MX Firewalls have gained a lot of momentum and customers over the past ten years since Cisco acquired them.
The primary attractions to Cisco Meraki MX Firewalls include:
- Cloud Management
- Integration with Meraki Network and Wireless solutions
- Owned and supported by Cisco
- Scalability to thousands of sites/locations
- Ease of use for a lean IT staff
- Ease of visibility across all locations in a map based layout
- Simplicity and visibility for large-scale deployments (see the Large Deployments Whitepaper)
- Template-based Deployments
- Clone-based deployments
- Zero-touch deployments
The primary downsides of Cisco Meraki MX Firewalls include:
- High availability (Warm Spare)
- Limitations with NAT
- Limited QoS Policies
- OSPF and BGP are in Beta
- No command line scripting or automation scripting
- No IPv6
- More can be read here
Cisco Meraki MX Firewalls are enterprise-grade firewalls with a large customer base in all market segments including SMB, mid-market, enterprise, and large enterprise. They fit a niche use-case for lean IT teams with anywhere from ten branch sites all the way up to thousands of locations. Cisco Meraki MX firewalls do lack some routing and enterprise grade features like true high availability with sub-second failover, however, many organizations do not need that level of sophistication at the branch level. The trade-off is worth the ease of use, management, and deployment that comes with Cisco Meraki MX firewalls.
Contact a Firewall Specialist
If you would like to learn more about Cisco Meraki MX Firewalls and how they would fit your needs, please fill out the form below. We will put you in touch with a firewall Specialist and Engineer who can answer any of your questions and lead you down the right path.
Fortinet FortiGate Firewalls
The FortiGate firewall is Fortinet’s flagship product and was released in 2002. Later on, Fortinet would release many other products including antivirus, antispam, and most recently has acquired companies like enSilo which is now their FortiEDR (Endpoint Detection and Response) product.
FortiGate firewalls are enterprise-grade solutions that fit a multitude of use cases including:
- Secure on-premise and cloud workloads (available in Azure and AWS marketplaces)
- Network Access Control through native FortiLink feature when paired with FortiSwitches
- Securing OT and IoT environments
- Decrypt HTTPS traffic to reveal hidden ransomware and other threats without a performance hit against the firewall
The primary attractions for clients selecting FortiGate firewalls include:
- Layer 7 Application Firewall – Identifies thousands of applications inside your network for deep inspection and granular policy enforcement.
- SSL/TLS inspection for protection against encrypted threats
- Native IPSec/SSL VPN client for easy secure remote access
- Ability to scan files over 5MB for ransomware/malware
- SD-WAN: Application visibility and prioritization for over 5,000 applications
- SD-WAN: Multiple links including LTE
- SD-WAN: sub-second failover
- True High Availability (sub-second failover)
- Full enterprise routing stack
- BGP Support
- Web application firewall
Cisco Meraki MX Firewall vs Fortinet FortiGate
Cisco Meraki MX Firewalls vs Fortinet FortiGate’s comes down to individual needs of the organization and cost. Traditionally, Cisco Meraki MX firewalls are found within leaner IT staff that do not have strong routing or firewall expertise – and do not need it. The traditional Cisco Meraki customer is one who has a lot of small sites to manage with a small user count at each site. These sites are all tied together with VPN. They leverage Meraki’s auto-VPN feature to automatically establish site-to-site VPNs across the WAN.
Fortinet FortiGate firewalls are also managed via a GUI, but customers who have larger than 10 locations should have FortiManager, which is an extra license. FortiGate firewalls require sophisticated network, routing, and security skills to implement and manage when leveraging the advanced capabilities that FortiGate has to offer. This likely requires professional implementation and management skills from a third-party solutions provider, such as a VAR.
The cost of both solutions can vary widely depending on the licensing model and needs of the organization. Meraki, for example has Enterprise and Advanced Licenses. Fortinet has licensing from different bundles like UTM and additional features which may be required, such as FortiAnalyzer and FortiManager.
Contact a Firewall Specialist
In both cases, you should work with a third party who you can leverage to make sure you are down the right path. If you would like to speak with a firewall specialist and solutions engineer to get started, please fill out the form below.