Cisco Meraki MX vs. Palo Alto Networks Next-Generation Firewalls - PA Series

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Cisco Meraki MX
Score 9.1 out of 10
N/A
Cisco Meraki MX Firewalls is a combined UTM and Software-Defined WAN solution. Meraki is managed via the cloud, and provides core firewall services, including site-to-site VPN, plus network monitoring.
$595
per appliance
Palo Alto Networks Next-Generation Firewalls - PA Series
Score 9.5 out of 10
N/A
Palo Alto next-generation firewalls classify all traffic, including encrypted and internal traffic, based on application, application function, user and content. Users can create security policies to enable only authorized users to run sanctioned applications.N/A
Pricing
Cisco Meraki MXPalo Alto Networks Next-Generation Firewalls - PA Series
Editions & Modules
MX64
$595
per appliance
MX67
$695
per appliance
MX68
$995
per appliance
MX84
$1,995
per appliance
MX100
$4,995
per appliance
MX250
$9,995
per appliance
MX450
$19,995
per appliance
No answers on this topic
Offerings
Pricing Offerings
Cisco Meraki MXPalo Alto Networks Next-Generation Firewalls - PA Series
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
Cisco Meraki MXPalo Alto Networks Next-Generation Firewalls - PA Series
Considered Both Products
Cisco Meraki MX
Chose Cisco Meraki MX
For a small remote office, Cisco Meraki MX was compared to the PaloAlto next gen firewall.

Whilst the company prefers the use of PaloAlto for internet destined traffic, the office features and simplicity of management meant the Cisco Meraki MX was an easy choice for a small …
Chose Cisco Meraki MX
Cisco Meraki MX is easy if you don't need multi-tenancy solutions and if the routing in the network is not so complex. But Cisco Catalyst SD-WAN solution is more powerful and has more features compared to Meraki.
Chose Cisco Meraki MX
Flexibility, scalability
Chose Cisco Meraki MX
Meraki is just easier to use and deploy. It’s not the cheapest option, nor is it the most feature rich or performant firewall platform. But when you need something that works and meets PCI/HIPAA compliance, with very little effort to use, this is the ideal platform for you. …
Chose Cisco Meraki MX
Cisco Meraki MX is a different product targeted at different markets, not exactly a UTM / NGFW. Centralized management and a single pane of glass add a lot of value. Again there are sites where no MX can replace a PA due to the configuration requirements and performance …
Chose Cisco Meraki MX
I have primarily used Palo Altos (from the small PA220s to the bigger PA3000s) and while the PAs have a greater learning curve I believe them to be the superior firewall. They are more of a compromise of features/advanced options to ease-of-use, with Meraki leaning more heavily …
Chose Cisco Meraki MX
Depends on the use case. Meraki shines in the area of ease of management and ease of deployment. This is typically retail customers with many locations or customers with lean IT staff. Meraki MX seems not to do well in complex environments with heavy IT staff requirements. …
Chose Cisco Meraki MX
Meraki MX's have their place due to the ease of configuration, management, and cost. That is small to mid size businesses. If you require features such as the full suite of NG firewall options, SD-WAN, and granularity of ACL/Policy rules, then Fortinet, Palo Alto and/or …
Chose Cisco Meraki MX
Meraki was within our budget and fit the size of our organization.
Palo Alto Networks Next-Generation Firewalls - PA Series
Chose Palo Alto Networks Next-Generation Firewalls - PA Series
These are cheaper (or at least were) than the Meraki firewalls and they allow you to integrate with Palo Alto Wildfire, which is valuable. This allows for a more real time analysis of packets (though we may have to upgrade to a larger firewall to use this). The PA-500 VPN is …
Top Pros
Top Cons
Features
Cisco Meraki MXPalo Alto Networks Next-Generation Firewalls - PA Series
Firewall
Comparison of Firewall features of Product A and Product B
Cisco Meraki MX
8.0
100 Ratings
7% below category average
Palo Alto Networks Next-Generation Firewalls - PA Series
9.4
22 Ratings
9% above category average
Identification Technologies8.196 Ratings10.022 Ratings
Visualization Tools8.694 Ratings8.022 Ratings
Content Inspection7.994 Ratings10.022 Ratings
Policy-based Controls8.092 Ratings10.022 Ratings
Active Directory and LDAP7.483 Ratings9.021 Ratings
Firewall Management Console8.096 Ratings9.022 Ratings
Reporting and Logging7.599 Ratings10.022 Ratings
VPN8.894 Ratings9.022 Ratings
High Availability8.895 Ratings10.021 Ratings
Stateful Inspection8.090 Ratings10.021 Ratings
Proxy Server6.552 Ratings8.810 Ratings
Best Alternatives
Cisco Meraki MXPalo Alto Networks Next-Generation Firewalls - PA Series
Small Businesses
pfSense
pfSense
Score 9.6 out of 10
pfSense
pfSense
Score 9.6 out of 10
Medium-sized Companies
pfSense
pfSense
Score 9.6 out of 10
pfSense
pfSense
Score 9.6 out of 10
Enterprises
Palo Alto Networks Next-Generation Firewalls - PA Series
Palo Alto Networks Next-Generation Firewalls - PA Series
Score 9.5 out of 10
Cisco Meraki MX
Cisco Meraki MX
Score 9.1 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Cisco Meraki MXPalo Alto Networks Next-Generation Firewalls - PA Series
Likelihood to Recommend
9.0
(136 ratings)
10.0
(38 ratings)
Likelihood to Renew
8.8
(6 ratings)
10.0
(1 ratings)
Usability
9.4
(7 ratings)
9.0
(3 ratings)
Availability
9.1
(1 ratings)
-
(0 ratings)
Performance
9.1
(1 ratings)
-
(0 ratings)
Support Rating
8.4
(15 ratings)
8.4
(9 ratings)
Implementation Rating
7.0
(1 ratings)
-
(0 ratings)
Product Scalability
9.0
(103 ratings)
-
(0 ratings)
User Testimonials
Cisco Meraki MXPalo Alto Networks Next-Generation Firewalls - PA Series
Likelihood to Recommend
Cisco
Cisco Meraki MX is great for a short term deployment. An all in one model can combine a cellular router, wireless access point, 10 port switch (with POE). Having a cellular model means seamless failover with a wired link. An included SFP slot on the MX68 series would be beneficial. Maybe in a newer model.
Read full review
Palo Alto Networks
Palo Alto Networks Next-Generation Firewalls - PA Series are extremely versatile. Whether it be a one office location or multiple sites, the Panorama interface allows centralized management. I've found Palo Alto does a great job with their updates and supporting customers. As a cybersecurity professional, I like that Palo Alto's products offer a wide range of controls to support defense in depth. It is easy for security and network infrastructure teams to use the same consoles to deliver performance with security built in.
Read full review
Pros
Cisco
  • It provides a really good single pane of glass so you can really easily identify end to end, what is going on in your environment.
  • It provides the ability for someone that doesn't necessarily need a really deep level of knowledge to be able to operate and maintain it. I think that's probably a big selling point, but I think definitely for the people that I'm selling the products who just having a dashboard and being able to log onto it and see if things are good or bad is quite key. So it does that really well.
Read full review
Palo Alto Networks
  • The PA handles VPN connectivity without missing a beat. We have multiple VPN tunnels in use for redundancy to cloud-based services.
  • The PA has great functionality in supporting failover internet connections, again with the ability to have multiple paths out to our cloud-based services.
  • The PA is updated on the regular with various security updates, we are not concerned with the firewall's ability to see what packets are really flowing across the network. Being able to see beyond just IP and port requests lets you know things are locked down better than traditional firewalls.
  • It is a great overall kit, with URL filtering and other services that fill in the gaps between other solutions without breaking the bank.
Read full review
Cons
Cisco
  • Sometimes can be difficult to find a specific device or options in the dashboard if you can multiple networks in your organization
  • No option to open a CLI session
  • It can improve in the way to troubleshoot a VPN L2L connection to see all the sent messages in case there is a issue with in the negotiation.
Read full review
Palo Alto Networks
  • Our specific model is a bit slow and outdated and takes up to 10 minutes to commit a configuration change.
  • Nested security rules would be helpful instead of a linear approach. But rule creation in general is very simple.
  • Documentation gives a very straight forward answer to some items but is very vague in others.
  • Support could be a little better. An issue we had a tech was insistent it was the "other guy" and it ended up being the very latest PAN OS upgrade.
Read full review
Likelihood to Renew
Cisco
As we have it in place now, we will continue to keep it at our remote sites. Future expansion is something we are reviewing, and may well start with some of the larger switches as they seem to offer good performance and management at a reasonable price. Wireless is also something we're investing in and their devices are great for that.
Read full review
Palo Alto Networks
The PA5220s have far exceeded what we have expected out of them. It was a bit of a learning curve coming from another vendor, but everything falls into place now with ease. The capabilities of the solution still surprise us, allowing us to remove other costly hardware and providing a single point of management needed
Read full review
Usability
Cisco
The Cisco Meraki MX series is very easy to use. Setting up user VPN access, site to site VPN to tie multiple locations together and managing all your devices. You can even download the latest firmware and install without ever leaving the dashboard. Meraki is the very definition of easy to use
Read full review
Palo Alto Networks
In my opinion, the Palo Alto Firewall is the simplest firewall in terms of management interfaces; though it has more advanced options that apply to more advanced use cases. Configuring basic features on the firewall is nearly self-explanatory; configuring more advanced features can be met with very thorough vendor documentation.
Read full review
Support Rating
Cisco
I haven't ever had a bad experience with Meraki support. On the few occasions where I wasn't understanding the UI or needed some clarification about what a setting actually would do, I contacted them and they were very quickly able to provide help. Returns are simple and fast, too. We had to return a defective device one time and they shipped the replacement before we had even un-racked the one that was faulty. Unlike many other vendors, they didn't ask use to a do long list of scripted diagnostics, they just took my word for it that the device was broken and sent out a replacement immediately
Read full review
Palo Alto Networks
We've run into a couple undocumented bugs, but that seems to happen with every brand and technology. Any time we've had to engage Palo Alto support they've always been professional, knowledgeable and prompt. In almost all cases we've been able to resolve our issues without having to escalate our tickets.
Read full review
Implementation Rating
Cisco
Good product and simple to use.
Read full review
Palo Alto Networks
No answers on this topic
Alternatives Considered
Cisco
Compared to the regular Cisco devices, the greatest thing will always be the ease of configuration that the Cisco Meraki MX gives by having a dashboard to eliminate a command line that can be difficult for some beginners, it is easier to identify if you make mistakes and fix them since everything is saved and visually you can see something that is not so good.
Read full review
Palo Alto Networks
We are using Cisco ASA before in our environment but when it comes to deep scanning & layer 7 security it doesn't have that capability. After using Palo Alto Networks Next-Generation Firewall we are using sandboxing & advance malware protection that provides high-level end-user security. Also after implementing it we can easily monitor user-level traffic.
Read full review
Scalability
Cisco
Scalability is pretty decent. We run into some issues with the more hubs we create. We've had to tune out the deployment between whether something's a hub or a spoke regionally. So as long as not everything is a hub in this environment and you're creating spokes that talk directly to hubs, that takes a lot of the CPU utilization off of anything that's deemed a hub.
Read full review
Palo Alto Networks
No answers on this topic
Return on Investment
Cisco
  • I'm going to say positive impact. The biggest thing is especially coming from having a third party taking care of our network to us doing it ourselves. The ease of this with the overall high level visual that we can get as to how our day is starting and running reports to see how many outages have we had, what areas have they actually been in running these reports and being able to gather if it's a certain service provider that's causing an issue in a general area, maybe we need to switch service providers for ISP. So it's been great in that mannerism for us. Ease of manage, I mean, we have a limited number of staff, we have a lot of different offices across the country. And then this is relatively new for us because we did have a previous provider doing all of this for us.
Read full review
Palo Alto Networks
  • Overall, even though the device is very expensive (both hardware and licensing), the product does produce a decent ROI, given that one (or HA pair) of devices can do so many things, such as anti-virus, anti-malware, URL filtering, SSL decryption, SSL VPN, routing, etc.
  • There will definitely be sticker shock when you're renewal comes up annually (or after 3 years), so be sure to look very carefully at the recurring costs of this product, with respect to licensing and hardware/software maintenance.
Read full review
ScreenShots