We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The integration of network and workload micro-segmentation helps a lot to provide unified segmentation policies across east-west and north-south traffic. One concrete example is with Cisco ACI for the data center. Not only are we doing what is called a service graph on the ACI to make sure that we can filter traffic east-west between two endpoints in the same network, but when we go north-south or east-west, we can then leverage what we have on the network with SGTs on Cisco ISE. Once you build your matrix, it is very easy to filter in and out on east-west or north-south traffic."
"The Firepower+ISE+AMP for endpoint integration is something that really stands it out with other vendor solutions. They have something called pxGrid and i think it is already endorsed by IETF. This allows all devices on the network to communicate."
"The feature set is fine and is rarely a problem."
"Another benefit has been user integration. We try to integrate our policies so that we can create policies based on active users. We can create policies based on who is accessing a resource instead of just IP addresses and ports."
"The Adversity Malware Protection (AMP) feature is the most valuable. It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard."
"There are no issues that we are aware of. It does its job silently in the background."
"Feature-wise, we mostly use IPS because it is a security requirement to protect against attacks from outside and inside. This is where IPS helps us out a bunch."
"Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity."
"Their GPS possibilities and the security that it has, especially the SD-WAN functionality, is very good."
"Scalability is good; the company wants to be able to handle large customers."
"Its stability and SD-WAN features are the most valuable."
"Its ability to block incoming attacks is valuable. Its logging, traffic monitoring, and VPN capabilities are also valuable."
"Ability to manage multiple firewalls."
"Good identity fire walling, malware protection and application control features."
"What I like best about this product are the support and the features."
"The interface is very user-friendly and it is quite easy to use."
"The initial setup is pretty simple."
"The dashboard, customization, API, and pricing are good."
"It is deployed on the customer site, and we manage the firewalls on this side."
"I'm told the solution is the fastest, and, so far, I do find that to be the case."
"Juniper is more flexible with the commit check and the commit confirmed command. The design of the forwarding and contract plan in the operating system is very important for the performance when we have very big traffic."
"It's a very powerful solution and the firewalls offer high performance"
"The solution could offer better control that would allow the ability to restrictions certain features from a website."
"The central management tool is not comfortable to use. You need to have a specific skill set. This is an important improvement for management because I would like to log into Firepower, see the dashboard, and generate a real-time report, then I question my team."
"The performance should be improved."
"Report generation is an area that should be improved."
"The product line does not address the SMB market as it is supposed to do. Cisco already has an on-premises sandbox solution."
"I would like to see improvement when you create policies on Snort 3 IPS on Cisco Firepower. On Snort 2, it was more like a UI page where you had some multiple choices where you could tweak your config. On Snort 3, the idea is more to build some rules on the text file or JSON file, then push it. So, I would like to see a lot of improvements here."
"Cisco Firepower NGFW Firewall can be more secure."
"The change-deployment time can always be improved. Even at 50 seconds, it's longer than some of its competitors. I would challenge Cisco to continue to improve in that area."
"The analytics are weak."
"The biggest issue that I have with this solution is that it is not super intuitive. Once you know what to do, things make sense, but you can't just open the program and start doing things. It would be great if there was a little bit more guided usage inside the program."
"Command line could be more user friendly."
"If you experience an attack it can take a very long time to find a solution."
"The interface should be more user-friendly and it should be easier to configure."
"Technical support used to be at a very high level but it is now a bit less so."
"The administration UI could be better. It should also have better application detection policies."
"If you have another brand of VPN where you have to put an SSL VPN between two devices, Barracuda doesn't support that at a certain point. You can't actually build the VPN between Barracuda and a different device of a different brand."
"It could use more tutorials."
"We worked with Cisco's support and Juniper's support and there are some differences, to be honest, Cisco is more available and is more competent at addressing our cases."
"I would like to see an activity sensor for malicious content or sensor for viruses and malware."
"We experienced some technical issues during implementation"
"Some people complain that the solution tends to have a steep learning curve. It could be because most people have basic familiarity with Cisco or other similar products and maybe have never worked closely with Juniper products."
"VPN access is an area that needs improvement."
"It definitely competes with the other vendors in the market."
"This product requires licenses for advanced features including Snort, IPS, and malware detection."
"Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed."
"The price is comparable."
"Its pricing is good and competitive. There is a maintenance cost. It includes SecureX that makes it cost-effective as compared to the other solutions where you have to pay for XDR and SOAR capabilities."
"I know that licensing for some of the advanced solutions, like Intrusion Prevention and Secure Malware Analytics, are nominal costs."
"Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
"There are additional implementation and validation costs."
"The solution costs more than 800 Euros to purchase an F18, which is an entry model, and then another 500 Euros for instant replacement, and 500 Euros for energized updates. The total package would be around 1,900 Euros for five years license and all updates for an entry model."
"Its licensing is on a yearly basis. There is an upfront purchase price, and there is also an annual maintenance fee. There are no additional fees."
"The 600 series is about USD $10,000 a year and the 80 is USD $400 a year."
"The pricing is reasonable."
"As a customer, the pricing is good for us."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Barracuda's Cloud Generation Firewalls redefine the role of the Firewall from a perimeter security solution to a distributed network optimization solution that scales across any number of locations and applications, connects on-premises and cloud infrastructures, and helps organizations transform their business.
Barracuda CloudGen Firewall is ranked 24th in Firewalls with 8 reviews while Juniper vSRX is ranked 22nd in Firewalls with 6 reviews. Barracuda CloudGen Firewall is rated 7.8, while Juniper vSRX is rated 8.2. The top reviewer of Barracuda CloudGen Firewall writes "Good SIEM and a dynamic VPN with good scalability". On the other hand, the top reviewer of Juniper vSRX writes "Fast with good usability and fairly scalable". Barracuda CloudGen Firewall is most compared with Fortinet FortiGate, Sophos XG, Cisco ASA Firewall, SonicWall TZ and Sophos UTM, whereas Juniper vSRX is most compared with Juniper SRX, pfSense, Fortinet FortiGate-VM, Palo Alto Networks VM-Series and Trend Micro Deep Security. See our Barracuda CloudGen Firewall vs. Juniper vSRX report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.