Cisco Meraki MX Firewalls is a combined UTM and Software-Defined WAN solution. Meraki is managed via the cloud, and provides core firewall services, including site-to-site VPN, plus network monitoring.
$595
per appliance
Palo Alto Networks Next-Generation Firewalls - PA Series
Score 9.0 out of 10
N/A
Palo Alto Network’s Next-Generation Firewalls is a firewall option integrated with other Palo Alto security products. Released in late 2023, the PA-7500 ML-Powered NextGeneration Firewall (NGFW) enables enterprise-scale organizations and service providers to deploy security in high-performance environments.
$1.50
per hour per available zone
Pricing
Cisco Meraki MX
Palo Alto Networks Next-Generation Firewalls - PA Series
Editions & Modules
MX64
$595
per appliance
MX67
$695
per appliance
MX68
$995
per appliance
MX84
$1,995
per appliance
MX100
$4,995
per appliance
MX250
$9,995
per appliance
MX450
$19,995
per appliance
No answers on this topic
Offerings
Pricing Offerings
Cisco Meraki MX
Palo Alto Networks Next-Generation Firewalls - PA Series
Free Trial
Yes
Yes
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
Users may also choose to pay per gigabyte of data used starting at .065/GB. Note that prices listed here reflect installations via Amazon Web Services. Pricing may differ if other service providers are used.
Cisco Meraki MX provides simplicity and scalability while cutting costs. With Meraki MX, you get a Security appliance, router, and Firewall in one appliance and managed with one GUI. These features enable the network engineers to maintain large-scale enterprises with a single …
Meraki is just easier to use and deploy. It’s not the cheapest option, nor is it the most feature rich or performant firewall platform. But when you need something that works and meets PCI/HIPAA compliance, with very little effort to use, this is the ideal platform for you. …
For a small remote office, Cisco Meraki MX was compared to the PaloAlto next gen firewall.
Whilst the company prefers the use of PaloAlto for internet destined traffic, the office features and simplicity of management meant the Cisco Meraki MX was an easy choice for a small …
Cisco Meraki MX is easy if you don't need multi-tenancy solutions and if the routing in the network is not so complex. But Cisco Catalyst SD-WAN solution is more powerful and has more features compared to Meraki.
Cisco Meraki MX is a different product targeted at different markets, not exactly a UTM / NGFW. Centralized management and a single pane of glass add a lot of value. Again there are sites where no MX can replace a PA due to the configuration requirements and performance …
I have primarily used Palo Altos (from the small PA220s to the bigger PA3000s) and while the PAs have a greater learning curve I believe them to be the superior firewall. They are more of a compromise of features/advanced options to ease-of-use, with Meraki leaning more heavily …
Depends on the use case. Meraki shines in the area of ease of management and ease of deployment. This is typically retail customers with many locations or customers with lean IT staff. Meraki MX seems not to do well in complex environments with heavy IT staff requirements. …
Meraki MX's have their place due to the ease of configuration, management, and cost. That is small to mid size businesses. If you require features such as the full suite of NG firewall options, SD-WAN, and granularity of ACL/Policy rules, then Fortinet, Palo Alto and/or …
Palo Alto Networks Next-Generation Firewalls - PA Series
Verified User
Professional
Chose Palo Alto Networks Next-Generation Firewalls - PA Series
These are cheaper (or at least were) than the Meraki firewalls and they allow you to integrate with Palo Alto Wildfire, which is valuable. This allows for a more real time analysis of packets (though we may have to upgrade to a larger firewall to use this). The PA-500 VPN is …
Palo Alto Networks Next-Generation Firewalls - PA Series
Likelihood to Recommend
Cisco
The Meraki MX lineup is well suited for organizations that need centralized management of multiple locations, as it allows for both quick deployment and simple/easy remote administration all from a single pane of glass. It also works very well for providing VPN access for remote workers and helps monitor end-device uptime. It does, however, fall a bit short in its firewall's customization, compared to traditional appliances (like our WatchGuard Firebox), so perhaps less suited for organizations that need more customization, as the Meraki MX lineup is primarily designed for simplicity and straightforward cloud-based management.
It is well-suited for a company needing strong edge security with ease of administration. It comes standard with many features such as VPN, Application ID and "Day-1 Config" that make the networks it protects secure from the very start. Palo is definitely a premium product and is much more expensive than other firewalls, but the value is realized immediately. The robust options for firewall rules/policies allow the administrator to apply security in new and creative ways to hit the sweet spot between security and usability.
The Cisco Meraki MX series is phenomenal at allowing us to remotely manage networks. So the devices usually act as the brain behind our client's networks, which makes it really, really easy for our team to take a look at what's going on in those client network environments, resolve any issues, and make sure that our client's networks are staying secure.
The PA handles VPN connectivity without missing a beat. We have multiple VPN tunnels in use for redundancy to cloud-based services.
The PA has great functionality in supporting failover internet connections, again with the ability to have multiple paths out to our cloud-based services.
The PA is updated on the regular with various security updates, we are not concerned with the firewall's ability to see what packets are really flowing across the network. Being able to see beyond just IP and port requests lets you know things are locked down better than traditional firewalls.
It is a great overall kit, with URL filtering and other services that fill in the gaps between other solutions without breaking the bank.
Layer seven firewall rules. Just making them more granular. We've been in meetings with Cisco SES where I've said feature requests many times and that's one of the big ones where it's just a little cumbersome to implement layer seven rules right now.
Just making them more granular. We've been in meetings with Cisco SES where I've said feature requests many times and that's one of the big ones where it's just a little cumbersome to implement layer seven rules right now.
The simplicity and ease of use for the Meraki Dashboard make it an easy choice for our organization to renew our Meraki Enterprise Agreement. We will likely continue using the Meraki MC67-C, MX450, and other MX models in their catalog until we shift away from Meraki completely
The PA5220s have far exceeded what we have expected out of them. It was a bit of a learning curve coming from another vendor, but everything falls into place now with ease. The capabilities of the solution still surprise us, allowing us to remove other costly hardware and providing a single point of management needed
Some features simply aren't there, but the ones that are there are pretty easy to use. Sometimes it is easy to get lost when trying to find the specific device you want to work on, but that's mostly due to how rarely we have to go into the interface.
It can be a little tricky at first if you have never used the product or a firewall before. If you have experience with firewalls in general, it does not take long to learn the Palo Alto Networks Next-Generation Firewalls - PA Series interface. They offer great training resources and knowledge base articles to help get up to speed.
Meraki MX devices support high availability (HA) configurations, which ensures minimal downtime if one device goes offline. This feature has helped us maintain a stable and reliable network, even in cases of hardware failures. ince Meraki is cloud-managed, we've noticed that the cloud infrastructure is generally highly reliable, with minimal service interruptions or downtime. This makes it easier to manage the network remotely without significant availability concerns. Meraki automatically pushes firmware updates and patches, which helps maintain system stability without requiring manual intervention. These updates are rolled out in a manner that ensures minimal disruption to service.
The interface is pretty responsive. The lower end devices are easy to overwhelm if you have a lot of throughput. Be sure the model you get is rated for the amount of traffic you will have. Overbuild if possible, otherwise you won't be fully leveraging the connection from your ISP.
I haven't ever had a bad experience with Meraki support. On the few occasions where I wasn't understanding the UI or needed some clarification about what a setting actually would do, I contacted them and they were very quickly able to provide help. Returns are simple and fast, too. We had to return a defective device one time and they shipped the replacement before we had even un-racked the one that was faulty. Unlike many other vendors, they didn't ask use to a do long list of scripted diagnostics, they just took my word for it that the device was broken and sent out a replacement immediately
We've run into a couple undocumented bugs, but that seems to happen with every brand and technology. Any time we've had to engage Palo Alto support they've always been professional, knowledgeable and prompt. In almost all cases we've been able to resolve our issues without having to escalate our tickets.
great when they offered it, really tested your knowledge with hands on and see what your peers from other orgs know. glad to see that we were ahead of the curve of what our peers knew
Implementing Meraki MX devices in phases—starting with a pilot group or select branch offices—was invaluable. This allowed us to identify potential configuration issues, troubleshoot problems, and refine our setup before rolling it out company-wide. It also helped to get feedback from early users and adjust the deployment strategy accordingly. The SD-WAN capabilities in Meraki MX were essential for optimizing our WAN traffic and ensuring better application performance across various locations.
Cisco Meraki MX provides simplicity and scalability while cutting costs. With Meraki MX, you get a Security appliance, router, and Firewall in one appliance and managed with one GUI. These features enable the network engineers to maintain large-scale enterprises with a single dashboard from a remote site or anywhere with internet, all thanks to the Meraki cloud dashboard
We are using Cisco ASA before in our environment but when it comes to deep scanning & layer 7 security it doesn't have that capability. After using Palo Alto Networks Next-Generation Firewall we are using sandboxing & advance malware protection that provides high-level end-user security. Also after implementing it we can easily monitor user-level traffic.
When I first started with my company we had various infrastructure and a mix of tech. Since going to Cisco Meraki MX we have noticed better network performance and our new sites are much easier to bring online. Users have noticed an improvement in VPN connection and getting into all our systems.
From a positive impact? Basically it allows us to set up shop very quickly. It allowed us to add sites to our network very quickly. From a negative perspective, I think the only thing is that I can see from a negative perspective is I have a preference to working with ACLI in terms of how I engage with the youth tool At the moment, the only way to actually engage with a tool is on a gui and sometimes what I'd actually like is more detailed information in terms of actual configuration that you'll actually get out of ACLI.
We used to outsource our Firewall and it's management. Not only did we find their SLA's to be lacking, in general, but communication between us was horrible. Many times we could not understand them and that resulted in less than desirable rule creation or troubleshooting.
Since we no longer have to pay a company for 24/7 management (and SLOW SLA's) we are saving a ton of money each year. Also our fellow employee's are much happier that things can be resolved in a timely manner.
