We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"If you compare the ASA and the FirePOWER, the best feature with FirePOWER is easy to use GUI. It has most of the same functionality in the Next-Generation FirePOWER, such as IPS, IPS policies, security intelligence, and integration and identification of all the devices or hardware you have in your network. Additionally, this solution is user-friendly."
"The most important feature is the intensive way you can troubleshoot Cisco Firepower Firewalls. You can go to the bit level to see why traffic is not handled in the correct way, and the majority of the time it's a networking issue and not a firewall issue. You can solve any problem without Cisco TAC help, because you can go very deeply under the hood to find out how traffic is flowing and whether it is not flowing as expected. That is something I have never seen with other brands."
"It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective."
"The most valuable feature is the access control list (ACL)."
"Firepower NGFW has improved my organization in several ways. Before, we were trying to stamp out security threats and issues, it was a one-off type of way to attack it. I spent a lot of manpower trying to track down the individual issues or flare-ups that we would see. With Cisco's Firepower Management, we're able to have that push up to basically one monitor and one UI and be able to track that and stop threats immediately. It also gives us a little more granularity on what those threats might be."
"The Firepower+ISE+AMP for endpoint integration is something that really stands it out with other vendor solutions. They have something called pxGrid and i think it is already endorsed by IETF. This allows all devices on the network to communicate."
"We have not had to deal with stability issues."
"Another benefit has been user integration. We try to integrate our policies so that we can create policies based on active users. We can create policies based on who is accessing a resource instead of just IP addresses and ports."
"I think that one of the best features is definitely the premium version, along with the IDPs in terms of the intrusion detection and prevention system."
"Network filtering is valuable. The scalability capability from the cloud-native service helps us a lot because it simplifies our day-to-day maintenance activity."
"The solution is very stable. When comparing it to other environments, it's actually quite impressive."
"The solution should be capable of self-scaling, which is one of the features we like about it."
"Microsoft's technical support is very good. They're quite knowledgable and responsive."
"Performance and stability are the key features of this product."
"Great security and connectivity."
"I can easily configure it."
"Juniper supports their products very well."
"The EEE security controls allow us to make policy restrictions, so I can customize port numbers to allow or limit control."
"The scalability is fine."
"The firewall features and the routing capability are the most valuable."
"The GUI is simple to use."
"What I like the most about Juniper is that they have the same CLI on all routers, switches, and firewalls. If you have worked with any Juniper device, such as a Juniper router, you will be able to work with an SRX, which is really cool. It is a nice experience to work with every device of Juniper, not only firewalls."
"The IPSec configuration is going well."
"When compared to Palo Alto, Juniper is a better choice when it comes to the enterprise network and connectivity."
"We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve."
"Report generation is an area that should be improved."
"It would be great if some of the load times were faster."
"The initial setup was a bit complex. It wasn't a major challenge, but due to our requirements and network, it was not very straightforward but still easy enough."
"The visibility for VPN is one big part. The policy administration could be improved in terms of customizations and flexibility for changing it to our needs."
"The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore."
"They need a VTI. I know it's going to be available in the next software version, which is the 6.7 version. However, the problem with that is that the 6.7 is going to deprecate all the older IKEv1 deployment tunnels. Therefore, the problem is that we have a lot of customers which are using older encryptions. If I do that, update it, it's not going to work for me."
"It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience."
"The reporting, logging, and monitoring features, as well as the flexibility of the policies, need to be improved."
"The product could be made more customizable."
"Currently, it only supports IP addresses, so you have to be specific about the IPs that are in your environment."
"This solution is not mature when it comes to handling perimeter traffic like internet browsing."
"We find it's different implementing it region-to-region. It might help if it was universal across all regions."
"Azure should be able to work better as a balancer also, instead of just being a firewall. It should have a wider mandate."
"They can improve the pricing of Azure Firewall."
"The interface could be improved, it's not very user friendly."
"Ongoing costs are something that we need to manage and make sure that we're getting value on."
"In the next release, I would like to have a better web interface. It needs to be more user-friendly. Right now, you can only access many features through the console."
"While the GUI is pretty good on the Juniper side, there can still be tweaks made to it that will make it even better."
"The user interface and the GUI need improvement."
"There are a lot of features that customers do not know about and I think that better documentation would help when it comes to learning how to use the product."
"The capacity can be limiting. We have outgrown its capacity. You can only scale up to a certain extent, depending on the device purchased."
"The solution is quite advanced. You need a lot of training to use it effectively."
"The configuration is difficult and it should be easier."
"When we purchased the firewall, we had to take the security license for IPS, malware protection, and VPN. If we are using high availability, we have to take a license for that. We also have to pay for hardware support and technical support. Its licensing is on a yearly basis."
"Cisco pricing is premium. However, they gave us a 50 to 60 percent discount."
"I like the Smart Licensing, because it is more dynamic and easier to keep track of where you are at. If we have a high availability firewall pair and they are deployed in active/standby rather than active/active, I would expect that we would only pay for one set of licenses because you are using only one firewall at any one time. The other is there just for resiliency. The licensing, from a Firepower perspective, still requires you to have two licenses, even if the firewalls are in active/standby, which means that you pay for the two licenses, even though you might only be using one firewall any one time. This is probably not the best way to do it and doesn't represent the best value for money. This could be looked at to see if it could be done in a fairer way."
"For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
"The solution was chosen because of its price compared to other similar solutions."
"Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed."
"This product is expensive."
"This product requires licenses for advanced features including Snort, IPS, and malware detection."
"The total cost of ownership is much less than Palo Alto, Cisco, or any other brand."
"The licensing module is good."
"Azure Firewall is more expensive. If Microsoft can make Azure Firewall cheaper, I can see that all clients will think of using it. One client used FortiGate because it is much cheaper. Some clients ask me for Cisco, but in the cloud estimate, I found its cost is the same as Azure Firewall."
"It is pay-as-you-go. So, you pay based on the usage. If I remember it well, there is a basic fee, and there is a traffic fee. It is not per month. It is per hour or something like that. It is not so expensive."
"Azure Firewall is quite an expensive product."
"The price is reasonable."
"It is best suited to an enterprise-level, as the mid-range companies may find that the cost is not affordable."
"There was no additional licensing cost because there were no IPS services. It was just a firewall IP circuit router so they have the default licensing. We just need to renew the support yearly."
"This is an expensive product."
"In general, their price definitely couldn't be cheaper."
"The product itself is costly and the price of migration is very high."
"When you consider performance, price, and features, maybe Juniper is not so cost-effective compared to other solutions like MikroTik."
"There is a licensing fee."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Azure Firewall is a managed, cloud-based network security service that protects your Azure Virtual Network resources. It is a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability.
To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.
Azure Firewall is ranked 16th in Firewalls with 19 reviews while Juniper SRX is ranked 13th in Firewalls with 33 reviews. Azure Firewall is rated 7.4, while Juniper SRX is rated 7.8. The top reviewer of Azure Firewall writes "Good value for your money, good URL filtering, supports intrusion prevention, and is stable". On the other hand, the top reviewer of Juniper SRX writes "This best in class Next-Gen firewall is elegant in its ease-of-use and architecture". Azure Firewall is most compared with Palo Alto Networks NG Firewalls, Palo Alto Networks VM-Series, Fortinet FortiGate-VM, Check Point NGFW and Cisco ASA Firewall, whereas Juniper SRX is most compared with Fortinet FortiGate, Cisco ASA Firewall, Palo Alto Networks WildFire, pfSense and WatchGuard Firebox. See our Azure Firewall vs. Juniper SRX report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.