Cisco vs FireEye for Continuous Security

Posted by UpGuard

Cisco vs. FireEye

Who provides better continuous security: the world's largest maker of networking equipment or the first cybersecurity firm certified by the U.S. Department of Homeland Security? Due to key acquisitions over the years, both Cisco and FireEye possess a comprehensive suite of enterprise security solutions. In this article, we'll find out how they stack up against each other when it comes to continuous enterprise cyber threat protection.

Both vendors have been actively swallowing up smaller players to round out their cybersecurity offerings. In January of this year, FireEye picked up iSight Partners to augment its threat intelligence capabilities. This follows several other key purchases including the 2014 acquisition of Mandiant, a move that yielded FireEye an endpoint security platform and additional security intelligence for its existing product line. Cisco is of course perpetually in M&A mode, having picked up SourceFire for its next-generation intrusion protection system (IPS), firewall, and malware protection solutions in 2013. In light of these activities, how do the two vendors' solutions compare when it comes to protecting enterprises against cyber threats?

Download Security Monitoring eBook

Cisco Systems

How much does a network equipment manufacturer know about security? A lot or a little, depending on who you ask. On the one hand, Cisco obviously deals intimately with issues on the data and network levels. At the end of day, however, the company is not a security vendor, per se. Cisco's acquisition of SourceFire clearly fills out a large missing security piece in its networking equipment line, enhancing its existing next-generation firewall products with SourceFire's Advanced Malware Protection (AMP) and Snort-based Next-Generation Intrusion Prevention System (NGIPS).


Milpitas, CA-based security vendor FireEye builds solutions that focus on network, email, endpoint, mobile, and content security. Additionally, it provides analytics and forensics through its consulting arm Mandiant (acquired in 2014). Its NX network security devices and HX series endpoint security solutions are widely considered best-in-class but have taken a hit recently following the discovery of several critical product vulnerabilities.

Side-by-Side Scoring: Cisco vs. FireEye

1. Capability Set

Both are leaders in their respective categories but FireEye focuses exclusively on providing cyber security solutions. In contrast, Cisco plays in the vast space of networking and digital communications and approaches security as an integral component of all its offerings. Its principle strategem for improving product line security has been strategic acquisitions, as opposed to engineering in-house; for example, its ASA-series NGFWs are heavily fortified by its advanced malware protection (AMP), FirePOWER Services, and Next Generation Intrusion Prevention System (NGIPS)—all former SourceFire products now integrated with Cisco's products. 

FireEye has also expanded its security capability set with recent acquisitions, the biggest of which was Mandiant in 2014, followed by nPulse Technologies, iSIGHT Partners, and Invotas. Collectively, the capabilites gained through these acquisitions give FireEye an end-to-end platform for threat detection to activity (as it's happening) to a historical review of what happened, as well as a security incident response platform for handling intrusions. 

Capability Set

Cisco 4 out of 5 stars
FireEye 4 out of 5 stars

2. Ease of Use

FireEye's NX-series devices are reportedly straightforward and easy to set up by operators, sysadmins, and network administrators. Cisco solutions require more expertise to deploy and manage. For example, proficiency with the CLI is advised for those configuring and deploying its Adaptive Security Appliance (ASA) line of products. And while Cisco does offer a simplified GUI-based firewall appliance managerthe Adaptive Security Device Manager (ASDM)—it is primarily recommended for small or simple deployments. Also keep in mind that ASDM is written in Java and could ultimately impact the security posture of the device. 

Ease of Use

Cisco 2 out of 5 stars
FireEye 4 out of 5 stars

3. Community Support

Both Cisco and FireEye's security products are mature offerings with sizable customer bases across the globe. Community support and resources are therefore plentiful: FireEye maintains its own community portal while Cisco's Communities and Support Forums hold a wealth of support and experiential knowledge. Additionally, a plethora of 3rd party-maintained community websites exist to find solutions for more unique issues.

Community Support

Cisco 5 out of 5 stars
FireEye 5 out of 5 stars

4. Release Rate

Both vendors' solutions are continually updated and patched—this is not surprising given the sheer number of installations across the globe. That said, Cisco is arguably at the mercy of larger market forces than FireEye when it comes to releases and product viability. For example, customers using the popular Cisco PIX Security Appliances were advised to migrate to the Cisco ASA 5500 Series, as the former is no longer supported. 

Release Rate

Cisco 4 out of 5 stars
FireEye 4 out of 5 stars

5. Pricing and Support

Both Cisco and FireEye's products are priced appropriately as enterprise-grade solutions but can vary quite a bit on the low-end. For example, FireEye’s entry-level NX 900 appliance has a list price of $9,600, while the entry level Cisco ASA 5505 appliance goes for $1,500.00.

In terms of support, both vendors offer competent enterprise and paid support options.

Pricing and Support

Cisco 4 out of 5 stars
FireEye 4 out of 5 stars

6. API and Extensibility

Cisco provides a well-documented REST API for creating custom applications for configuring and managing individual Cisco ASA firewalls. Using standard HTTP methods, admins can access current configuration information and issue additional configuration parameters. Similary, FireEye provides APIs across most of its offerings, as well as integrations via API to third-party threat intelligence sources. 

API and Extensibility

Cisco 4 out of 5 stars
FireEye 4 out of 5 stars

7. 3rd Party Integrations

Both Cisco and FireEye products are commonly integrated with 3rd party solutions to scaffold an organization's layered, continuous security framework. This includes integrating with popular SIEM solutions like Splunk, security incident response platforms, and application delivery controllers like Citrix's NetScaler ADC.

3rd Party Integrations

Cisco 5 out of 5 stars
FireEye 5 out of 5 stars

8. Companies that Use It

Cisco's products are ubiquitous. When it comes to the ASA line, there are more than one million appliances deployed globally. Some customers include Hertz, First American Financial Corp., Genzyme, and the Frankfurt Airport, among others. Similarly, FireEye products are in use by Fortune 500s across the world. Customers include Finansbank, Japan Advanced Institute of Science and Technology, Investis, and D-Wave Systems, among others.

Companies that Use It

Cisco 5 out of 5 stars
FireEye 5 out of 5 stars

9. Learning Curve

Cisco and FireEye security device configuration and management is not for the faint of heart. However, to get the most out of Cisco devices (e.g., Cisco ASA), it's recommended to forego the GUI for the CLI—which of course, presents a steep learning itself. Learning how deploy a rudimentary FireEye installation is trivial but can be difficult when dealing with more expansive infrastructures.

Learning Curve

Cisco 3 out of 5 stars
FireEye 3 out of 5 stars

10. CSTAR Score

Per our external website scanner, Cisco scores an 884 while FireEye scores 836. Both companies have competent perimeter security measures in place and score strong in areas such as communications security and legal/industry landscape.


Cisco CSTAR Score: Cisco CSTAR Score: FireEye FireEye

Scoreboard and Summary

  Cisco FireEye
Capability Set 4 out of 5 stars 4 out of 5 stars
Ease of Use 2 out of 5 stars 4 out of 5 stars
Community Support 5 out of 5 stars 5 out of 5 stars
Release Rate 4 out of 5 stars 4 out of 5 stars
Pricing and Support 4 out of 5 stars 4 out of 5 stars
API and Extensibility 4 out of 5 stars 4 out of 5 stars
3rd Party Integrations 5 out of 5 stars 5 out of 5 stars
Companies that Use It 5 out of 5 stars 5 out of 5 stars
Learning Curve 3 out of 5 stars 3 out of 5 stars
CSTAR Score 884 (Good) 836 (Good)
Total  4 out of 5  4.2 out of 5

Despite years of competition between the two, FireEye has long been a rumored acquisition target for Cisco—in fact, speculation around the latter's plans for buying the security vendor have resurfaced earlier this year. Indeed, missed earnings and steadily tumbling stock prices—brought on at least in part by recent critical vulnerabilities discovered in FireEye's security productsmaking it a prime buyout candidate. 

When it comes to continuous security, firewalls and network devices only form one part of the equation. A strong security posture requires that all IT assets in your environment—including Cisco and FireEye appliances—are regularly scanned and monitored for misconfigurations and vulnerabilities. Regardless of how expansive or disparate your firm's infrastructure is, UpGuard's platform for cyber resilience can provide this integrity validation across all systems—security devices, switches, IoT devices, web apps, and more.

What's your score?

Read next: Tanium Vs. CloudPassage 

More Articles

How CSTAR Works

All the information needed to perform a CSTAR assessment is bundled into the UpGuard platform. Learn more about CSTAR.
Read Article >

What's In the Website Risk Grader?

The UpGuard Website Risk Grader provides a low friction way to get an initial assessment of a business' risk profile.
Read Article >

UpGuard and Retrospective Security

We've all heard the saying: hindsight is 20/20. This applies to many scenarios but is seldom the case when it comes to IT security.
Read Article 

Topics: infosec, IT security


  Featured Download – The DevOps Toolchain eBook
UpGuard customers