We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Another benefit has been user integration. We try to integrate our policies so that we can create policies based on active users. We can create policies based on who is accessing a resource instead of just IP addresses and ports."
"The implementation is pretty straightforward."
"They wanted to leverage something which is equivalent that can give them the next gen features like application awareness and intrusion protection. So that is a major reason they were looking forward to this. The original ASA firewall did not have these features. This was the major reason the customer moved on to Cisco Firepower Threat Defense (FTD). Now they can go ahead and leverage those functionalities."
"The dashboard is the most important thing. It provides good visibility and makes management easy. Firepower also provides us with good application visibility and control."
"Firepower NGFW has improved my organization in several ways. Before, we were trying to stamp out security threats and issues, it was a one-off type of way to attack it. I spent a lot of manpower trying to track down the individual issues or flare-ups that we would see. With Cisco's Firepower Management, we're able to have that push up to basically one monitor and one UI and be able to track that and stop threats immediately. It also gives us a little more granularity on what those threats might be."
"Web filtering is a big improvement for us. The previous version we used, the AC520, did not have that feature included. It was not very easy for us, especially because the environment had to be isolated and we needed to get updates from outside, such as Windows patches. That feature has really helped us when we are going outside to pull those patches."
"Feature-wise, we mostly use IPS because it is a security requirement to protect against attacks from outside and inside. This is where IPS helps us out a bunch."
"I have integrated it for incidence response. If there is a security event, the Cisco firewall will automatically block the traffic, which is valuable."
"The feature that I have found the most valuable is the control over the network permissions and the network."
"The solution has many useful features. For example, the solution allows users to create virtual IP addresses."
"Performance and stability are the key features of this product."
"Network filtering is valuable. The scalability capability from the cloud-native service helps us a lot because it simplifies our day-to-day maintenance activity."
"We secure the entry point to the virtual data center with the firewall."
"The solution is very stable. When comparing it to other environments, it's actually quite impressive."
"The solution should be capable of self-scaling, which is one of the features we like about it."
"I can easily configure it."
"They have a command center that makes it easy to log into and see all of your appliances nationwide."
"Easy to set up and easy to integrate."
"All features are useful. We are using premium features such as bandwidth sharing, failover, web filters, SSL controls, antivirus, and VPN. We use these features to the fullest. These features are available in the paid firewall license, not the free one."
"The most valuable features are IPS, MAPI, NAT, and VPN."
"Its detection, antivirus, and filtering features are the most valuable. The facility to connect by using the VPN connection is also a very valuable feature. It is very strong, secure, and reliable. We have implemented the Untangle solution in all hardware. It is also a user-friendly solution. It is easy to learn and easy to configure."
"There is limited data storage on the appliance itself. So, you need to ship it out elsewhere in order for you to store it. The only point of consideration is around that area, basically limited storage on the machine and appliance. Consider logging it elsewhere or pushing it out to a SIEM to get better controls and manipulation over the data to generate additional metrics and visibility."
"One of the few things that are brought up is that for the overall management, it would be great to have a cloud instance of that. And not only just a cloud instance, but one of the areas that we've looked at is using an HA type of cloud. To have the ability to have a device file within a cloud. If we had an issue with one, the other one would pick up automatically."
"FirePOWER does a good job when it comes to providing us with visibility into threats, but I would like to see a more proactive stance to it."
"The initial setup was a bit complex. It wasn't a major challenge, but due to our requirements and network, it was not very straightforward but still easy enough."
"Web filtering needs improvement because sometimes the URL is miscategorized."
"When you make any changes, irrespective of whether they are big or small, Firepower takes too much time. It is very time-consuming. Even for small changes, you have to wait for 60 seconds or maybe more, which is not good. Similarly, when you have many IPS rules and policies, it slows down, and there is an impact on its performance."
"The change-deployment time can always be improved. Even at 50 seconds, it's longer than some of its competitors. I would challenge Cisco to continue to improve in that area."
"FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively."
"You have to have a defined IP range within your network to associate it with your network. The problem is you have to plan ahead of time if you expect to use the firewall in the future so that you don't have to reconfigure your subnets or that specific IP range. Other than that, I don't any issues. I use it for basic configuration for a single application, so I really don't try to leverage it for multiple applications where I might find some complexity or challenges."
"Azure Firewall has limited visibility for IDPS, no TLS inspection, no app ID, no user ID, no content ID, no device ID. There is no antivirus or anti-spyware. Azure Firewall doesn't scan traffic for malware unless it triggers an IDPS signature. There is no sandbox or machine learning functionality, meaning we are not protected from Zero-day threats. There is no DNS security and limited web categories."
"The solution doesn't offer the same capabilities of Fortinet. It should offer intrusion prevention and advance filtering. These are two very useful features offered on Fortinet that Azure lacks."
"Azure should be able to work better as a balancer also, instead of just being a firewall. It should have a wider mandate."
"The reporting, logging, and monitoring features, as well as the flexibility of the policies, need to be improved."
"The solution lacks artificial intelligence and machine learning. It might be in the roadmap. However, currently, it's not available."
"For larger enterprises, they need to adjust the scalability."
"It needs a lot of improvement, especially on intruder detection. They are working hard on that."
"Web-filtering policies could be improved."
"The common center facility that Untangle provides should be available on-premises. There are great corporations here in Mexico that like the Untangle solution, but they don't like the fact that the monitoring and access to the appliance are in the cloud. They request for the common center facility to be available and installed on-premises."
"We seek the availability of the hardware in our region. The hardware-based firewall from Untangle is currently not available in our region. It should have threat protection on a real-time basis. This feature, available in Check Point and Sandstorm kind of scenario, is currently missing in Untangle NG Firewall."
"They don't have any feature that allows you to drop the session."
"The pricing should be reduced because it is expensive."
"For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
"Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
"This product requires licenses for advanced features including Snort, IPS, and malware detection."
"The solution was chosen because of its price compared to other similar solutions."
"I like the Smart Licensing, because it is more dynamic and easier to keep track of where you are at. If we have a high availability firewall pair and they are deployed in active/standby rather than active/active, I would expect that we would only pay for one set of licenses because you are using only one firewall at any one time. The other is there just for resiliency. The licensing, from a Firepower perspective, still requires you to have two licenses, even if the firewalls are in active/standby, which means that you pay for the two licenses, even though you might only be using one firewall any one time. This is probably not the best way to do it and doesn't represent the best value for money. This could be looked at to see if it could be done in a fairer way."
"When we are fighting against other competitors for customers, whether it is a small or big business, we feel very comfortable with the price that Firepower has today."
"Its price is in the middle range. Both Firepower and FortiGate are not cheap. Palo Alto and Check Point are the cheapest ones. I don't remember any costs in addition to the standard licensing fees."
"I am happy with the product in general, including the pricing."
"The licensing module is good."
"Azure Firewall is quite an expensive product."
"The total cost of ownership is much less than Palo Alto, Cisco, or any other brand."
"It is pay-as-you-go. So, you pay based on the usage. If I remember it well, there is a basic fee, and there is a traffic fee. It is not per month. It is per hour or something like that. It is not so expensive."
"Azure Firewall is more expensive. If Microsoft can make Azure Firewall cheaper, I can see that all clients will think of using it. One client used FortiGate because it is much cheaper. Some clients ask me for Cisco, but in the cloud estimate, I found its cost is the same as Azure Firewall."
"It is not expensive. The best part is that it is based on the pay-per-use kind of scenario. An increase or decrease in the number of people doesn't make any difference. We are really happy about using this particular scenario."
"The pricing model is better than with SonicWall."
"It is not expensive. It is cheaper than Fortinet."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Azure Firewall is a managed, cloud-based network security service that protects your Azure Virtual Network resources. It is a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability.
To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.
Untangle NG Firewall takes the complexity out of network security—saving you time, money and frustration. Get everything you need in a single, modular platform that fits the evolving needs of your organization without the headaches of multiple point solutions.
Enjoy the flexibility to deploy Untangle’s award-winning NG Firewall software on third party hardware, as a virtual machine, or as a turnkey appliance.
Rest assured that the browser-based, responsive and intuitive interface will enable you to create policies quickly and easily. Then, drill down into database-driven reports—the most comprehensive and detailed in the industry—to get visibility into exactly what’s happening on your network.
Azure Firewall is ranked 16th in Firewalls with 19 reviews while Untangle NG Firewall is ranked 21st in Firewalls with 5 reviews. Azure Firewall is rated 7.4, while Untangle NG Firewall is rated 9.4. The top reviewer of Azure Firewall writes "Good value for your money, good URL filtering, supports intrusion prevention, and is stable". On the other hand, the top reviewer of Untangle NG Firewall writes "Good VPN features, helpful reporting and alerting, built-in content filtering, and excellent support". Azure Firewall is most compared with Palo Alto Networks NG Firewalls, Palo Alto Networks VM-Series, Fortinet FortiGate-VM, Check Point NGFW and Cisco ASA Firewall, whereas Untangle NG Firewall is most compared with OPNsense, pfSense, Sophos UTM and Sophos XG. See our Azure Firewall vs. Untangle NG Firewall report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.