We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"I have integrated it for incidence response. If there is a security event, the Cisco firewall will automatically block the traffic, which is valuable."
"It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS."
"We have not had to deal with stability issues."
"One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful."
"The most important feature is the intensive way you can troubleshoot Cisco Firepower Firewalls. You can go to the bit level to see why traffic is not handled in the correct way, and the majority of the time it's a networking issue and not a firewall issue. You can solve any problem without Cisco TAC help, because you can go very deeply under the hood to find out how traffic is flowing and whether it is not flowing as expected. That is something I have never seen with other brands."
"The dashboard is the most important thing. It provides good visibility and makes management easy. Firepower also provides us with good application visibility and control."
"One of the most valuable features of Firepower 7.0 is the "live log" type feature called Unified Event Viewer. That view has been really good in helping me get to data faster, decreasing the amount of time it takes to find information, and allowing me to fix problems faster. I've found that to be incredibly valuable because it's a lot easier to get to some points of data now."
"The most valuable features of this solution are the integrations and IPS throughput."
"I can easily configure it."
"Great security and connectivity."
"The most valuable feature is the integration into the overall cloud platform."
"The solution has many useful features. For example, the solution allows users to create virtual IP addresses."
"Among the most valuable features are the DDoS protection that protects your virtual machines, the threat intelligence, and traffic filtering."
"Microsoft's technical support is very good. They're quite knowledgable and responsive."
"The solution is very stable. When comparing it to other environments, it's actually quite impressive."
"The solution should be capable of self-scaling, which is one of the features we like about it."
"Firewall and overall management are valuable features."
"There are a lot of features that we like within the solution. The resources or performance of the firewall is very good. However, the real selling point is the fact that the solution offers so many features, it gives our clients a lot of extras that they can work with. There's a lot on offer."
"There are many useful features, such as web security and advanced threat detection."
"Has a very simple OS and a good price point."
"The information security features are the most valuable."
"All networks are security-driven, we get throughputs and security. We feel that the people at Fortinet are easy to deal with from a support standpoint. If they need to jump in and help us, they're very willing to do that. Their email filtering, their data loss prevention, their intrusion prevention, type of products in the newest OSs has been outstanding."
"Performance-wise, I think FortiOS is much better than its Juniper counterpart. Based on our actual experience and performance metrics, FortiOS-based products are much better than Juniper."
"It is more robust than SonicWall, particularly on the VPN from site to site."
"When you make any changes, irrespective of whether they are big or small, Firepower takes too much time. It is very time-consuming. Even for small changes, you have to wait for 60 seconds or maybe more, which is not good. Similarly, when you have many IPS rules and policies, it slows down, and there is an impact on its performance."
"The performance should be improved."
"The initial setup can be a bit complex for those unfamiliar with the solution."
"We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve."
"Deploying configurations takes longer than it should."
"The initial setup could be simplified, as it can be complex for new users."
"One issue with Firepower Management Center is deployment time. It takes seven to 10 minutes and that's a long time for deployment. In that amount of time, management or someone else can ask me to change something or to provide permissions, but during that time, doing so is not possible. It's a drawback with Cisco. Other vendors, like Palo Alto or Fortinet do not have this deployment time issue."
"It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience."
"They can improve the pricing of Azure Firewall."
"This solution is not mature when it comes to handling perimeter traffic like internet browsing."
"Currently, it only supports IP addresses, so you have to be specific about the IPs that are in your environment."
"The threat intelligence part could be better. I don't see why our customers have to get an additional solution with Azure Firewall. It would be great if they made it on par with Palo Alto."
"There are a number of things that need to be simplified, but it's mostly costs. It needs to be simplified because it's pretty expensive."
"We find it's different implementing it region-to-region. It might help if it was universal across all regions."
"You have to have a defined IP range within your network to associate it with your network. The problem is you have to plan ahead of time if you expect to use the firewall in the future so that you don't have to reconfigure your subnets or that specific IP range. Other than that, I don't any issues. I use it for basic configuration for a single application, so I really don't try to leverage it for multiple applications where I might find some complexity or challenges."
"The interface could be improved, it's not very user friendly."
"The implementation could be simplified."
"The solution could improve the log retention and reports."
"I can only compare it with SonicWall, and it is missing many advanced features that SonicWall has."
"It would be great if they can push the Microsoft updates through Fortinet OS and provide a centralized patch management system. They should also include the data loss prevention (DLP) and data leakage prevention features. They could also add network monitoring more effectively."
"FortiOS doesn't work well with all browsers. I think they need to do a better job of making it compatible with the various browsers that are out there."
"The pricing model makes this product far more expensive than similar solutions."
"Fortinet needs to make this solution even more robust. Sometimes when we get a DDoS attack, the cannot withstand it. We can run out of sessions very easily. That said, I suppose if you want more a robust system, then you could purchase higher-end solutions, which are more expensive. Still, I would like to see more protection from even in the low-end version."
"Right now, it's very trendy to integrate everything into the cloud. This solution would be more effective if they did more integration in that regard."
"The solution was chosen because of its price compared to other similar solutions."
"We normally license on a yearly basis. The hardware procurement cost should be considered. If you're virtual maybe that cost is eradicated and just the licensing cost is applied. If you have hardware the cost must be covered by you. All the shipping charges will be paid by you also. I don't thing there are any other hidden charges though."
"Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed."
"There are additional implementation and validation costs."
"Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
"This product requires licenses for advanced features including Snort, IPS, and malware detection."
"Pricing is the same as other competitors. It is comparable. The licensing has gotten better. It has been easier with Smart Licensing."
"It definitely competes with the other vendors in the market."
"The licensing module is good."
"Azure Firewall is quite an expensive product."
"The total cost of ownership is much less than Palo Alto, Cisco, or any other brand."
"Azure Firewall is more expensive. If Microsoft can make Azure Firewall cheaper, I can see that all clients will think of using it. One client used FortiGate because it is much cheaper. Some clients ask me for Cisco, but in the cloud estimate, I found its cost is the same as Azure Firewall."
"It is pay-as-you-go. So, you pay based on the usage. If I remember it well, there is a basic fee, and there is a traffic fee. It is not per month. It is per hour or something like that. It is not so expensive."
"The software costs roughly half what the hardware costs. Overall, the product is expensive."
"The price of Fortinet FortiOS has been reasonable."
"There is a license required for the solution and the price is fair."
"The support contracts are usually about $100 - $200 a device."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Azure Firewall is a managed, cloud-based network security service that protects your Azure Virtual Network resources. It is a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability.
To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.
Control all the security and networking capabilities in all your FortiGates across your entire network with one intuitive operating system. Improve your protection and visibility while reducing operating expenses and saving time with a truly consolidated next generation enterprise firewall platform.
Azure Firewall is ranked 16th in Firewalls with 19 reviews while Fortinet FortiOS is ranked 20th in Firewalls with 13 reviews. Azure Firewall is rated 7.4, while Fortinet FortiOS is rated 8.4. The top reviewer of Azure Firewall writes "Good value for your money, good URL filtering, supports intrusion prevention, and is stable". On the other hand, the top reviewer of Fortinet FortiOS writes "Robust, scales well using FortiManager, and you have a choice of two different modes to run in". Azure Firewall is most compared with Palo Alto Networks NG Firewalls, Palo Alto Networks VM-Series, Fortinet FortiGate-VM, Check Point NGFW and Sophos XG, whereas Fortinet FortiOS is most compared with Fortinet FortiWeb, Zyxel Unified Security Gateway, Darktrace, Fortinet FortiManager and Infoblox Advanced DNS Protection. See our Azure Firewall vs. Fortinet FortiOS report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.