We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"If you compare the ASA and the FirePOWER, the best feature with FirePOWER is easy to use GUI. It has most of the same functionality in the Next-Generation FirePOWER, such as IPS, IPS policies, security intelligence, and integration and identification of all the devices or hardware you have in your network. Additionally, this solution is user-friendly."
"There are no issues that we are aware of. It does its job silently in the background."
"The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy."
"One of the most valuable features is the AMP. It's very good and very reliable when it comes to malicious activities, websites, and viruses."
"Being able to determine our active users vs inactive users has led us to increased productivity through visibility. Also, if an issue was happening with our throughput, then we wouldn't know without research. Now, notifications are more proactively happening."
"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government."
"The most important features are the intrusion prevention engine and the application visibility and control. The Snort feature in Firepower is also valuable."
"When it comes to the integration among Cisco tools, we find it easy. It's a very practical integration with other components as well."
"Auto-scaling and zero touch are valuable features."
"I like the firewall and the virtual machine. I also like that it's compatible with Amazon Web Services and Azure."
"Check Point CloudGuard technical support is good."
"The features of the solution which I have found most valuable are its flexibility and agility. It's a fully scalable solution, from our perspective. We can define scaling groups and, based on the load, it will create new instances. It's truly a product which is oriented toward the cloud mindset, cloud agility, and this is a great feature."
"The initial setup is pretty easy."
"Check Point is one of the few solutions that pay attention to cloud security. Many others mostly focus on providing on-premises solutions."
"The most valuable features are the VPN Blade, IPS Blade, the URL filtering, and the Applications Control Blade."
"The most valuable feature is that we can use the same manager server that we use on our own Check Point firewalls. We integrated CloudGuard on that manager and we can use the same kind of protections that we use on the on-prem firewalls, like the IPS and antivirus policy. We can have the same kind of protection on the Cloud environment that we have on-premise."
"Compared to Cisco, SonicWall NSa is much easier to configure."
"The stability is better than other products."
"It is a brilliant product. It is a Unified Threat Management (UTM) system. It has got about 11 security services that take care of your perimeter security. It takes care of any kind of cyber threats that could come in. It takes care of creating VPNs between two SonicWalls instantly and very easily. It has got spyware in it as well as a firewall. It has also got a gateway antivirus and an application firewall that can block things from outside."
"This product has kept us safe and we haven't had any breaches."
"This product is user-friendly and easy to configure."
"One of the main features is the built-in storage capacity."
"The antivirus and items of that nature were quite helpful to have."
"Setup is easy. Anyone with basic firewall experience can do it."
"In a future release, it would be ideal if they could offer an open interface to other security products so that we could easily connect to our own open industry standard."
"The initial setup could be simplified, as it can be complex for new users."
"One of the few things that are brought up is that for the overall management, it would be great to have a cloud instance of that. And not only just a cloud instance, but one of the areas that we've looked at is using an HA type of cloud. To have the ability to have a device file within a cloud. If we had an issue with one, the other one would pick up automatically."
"The initial setup can be a bit complex for those unfamiliar with the solution."
"The solution could offer better control that would allow the ability to restrictions certain features from a website."
"The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore."
"On the VPN side, Firepower could be better. It needs more monitoring on VPNs. Right now, it's not that good. You can set up a VPN in Firepower, but you can't monitor it."
"Implementations require the use of a console. It would help if the console was embedded."
"The API integration is complex, which is an area that should be improved."
"As an administrator, I can say that among all of the Check Point products I have been working with so far, the Virtual Systems solution is one of the most difficult."
"I would like to see a step-by-step initial installation of the firewall. That would be really helpful. Like in Oracle appliances, when you start it asks you, what's your current IP address? An initial setup should be a step by step and intuitive process. You click on "begin," it asks you some simple questions. You fill in the blanks - your current IP address, what you want to do, you want to set up a site to site VPN, for example, that kind of thing. That would be the smartest thing to have."
"I think they have pretty much mastered what can be done. There are some nuances like when you fail over from one cluster member to the other, the external IP address takes about two minutes to fail over."
"For major upgrades, it's still necessary to destroy the VMs and re-create them again. Doing that would mean new public IPs as well."
"In case the device is inaccessible due to some issue such as CPU or memory, there is no separate port or hardware partition provided for troubleshooting purposes."
"The solution lacks the capability to scale effectively."
"The biggest room for improvement is that, for a long time now, they've moved everything over to R80 but they still maintain some of the stuff in the old dashboard. They need to "buy in" and move everything to the modern dashboard so that you don't have to go to one place and to another place, at times, to configure the environment. It's time they just finish what they started and put everything in the new, modern dashboard."
"The content filter needs to be improved."
"The scalability is something that should be improved."
"You can do zero-trust networking with them, but it's not easy."
"It doesn't require much improvement. The only improvement area is that cloud reporting, assessment reporting, and other reporting features should be available with the subscription. They should provide reporting features with the subscription base, which is currently not there. We bought the reporting tool, but there are some complications. They have made some changes to the application, and now the reporting management is completely on the cloud."
"SonicWall does not support DynDNS, yet this is an important feature for smaller companies that do not have a static IP address."
"In terms of improvement, features like App Control do not work properly"
"It would help us a lot of SonicWall sent us more information about the latest updates and things that are changing."
"The reporting and monitoring are a bit complex and should be easier in SonicWall NSa because other firewalls I have experienced have been more simple, such as Palo Alto. We are able to receive a clear view of our network. As a general user with little experience, it would be difficult for them to handle."
"Its price is in the middle range. Both Firepower and FortiGate are not cheap. Palo Alto and Check Point are the cheapest ones. I don't remember any costs in addition to the standard licensing fees."
"The solution was chosen because of its price compared to other similar solutions."
"Pricing is the same as other competitors. It is comparable. The licensing has gotten better. It has been easier with Smart Licensing."
"Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
"For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
"The price is comparable."
"Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed."
"This product requires licenses for advanced features including Snort, IPS, and malware detection."
"The pricing and licensing have been good. We just had to do a license increase for our portion of it. We had that done within a couple of days. Given the fact that it's purely a software-based license, it ends up being even quicker than doing it for an on-prem firewall."
"Although I don't have specifics for pricing, based on my overall experience, I can conclude that Check Point provides the best pricing when comparing to other vendors."
"Pricing of CloudGuard is pretty fair when you have a single account. It's comparable with other cloud providers. But for our use case, it got really pricey when we had to deploy multiple CloudGuards on multiple accounts in different regions, because you can't have CloudGuard protecting multiple regions. That's the big thing."
"The price could be better."
"Licensing is simply by the number of hosts that you are looking to protect within your environment. It makes it much easier to ensure that you are covering your environment."
"The cost is on the higher side, as it is based on workload, hence we need to decide which VPC or workload needs to be part of CloudGuard."
"It is not expensive, but it is a little bit above the middle range. There are other solutions that are a little more expensive than this, but they also have some interesting features."
"The pricing is pretty high, not just for your capital, for what you have to pay upfront, but for what you pay for your annual software renewals as well, compared to a lot of other vendors. Check Point is near the top, as far as how much it's going to cost you."
"SonicWall is not an expensive solution."
"You need their analyzer to properly generate reports. This is an expensive, licensed feature, with a complex application or appliance back-end."
"A firewall doing anti-spam might be a low cost solution, but it is not your best strategy."
"There is a license required for this solution and you can purchase a one, two, or three year term. Typically businesses choose the one year subscription and then later choose the three year licensing option if they are satisfied."
"The CPUs are not able to compete with a similar price point to the Fortinet, WatchGuard, or Palo Alto product."
"Normally, when we buy any product, we buy it with a five-year service built into it. Later on, depending on the growth of the organization, we go for a new one or an upgrade."
"The pricing and value are good."
"The price is reasonable for what it does."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Check Point CloudGuard provides unified cloud native security for all your assets and workloads, giving you the confidence to automate security, prevent threats, and manage posture – everywhere – across your multi-cloud environment.
Check Point CloudGuard Network Security is ranked 7th in Firewalls with 25 reviews while SonicWall NSa is ranked 16th in Firewalls with 35 reviews. Check Point CloudGuard Network Security is rated 8.6, while SonicWall NSa is rated 7.6. The top reviewer of Check Point CloudGuard Network Security writes "Unified Security Management has enabled us to combine our on-prem appliances and cloud environments". On the other hand, the top reviewer of SonicWall NSa writes "A rugged solution capable of defeating advanced threats". Check Point CloudGuard Network Security is most compared with Fortinet FortiGate, Palo Alto Networks NG Firewalls, Cisco ASA Firewall, Azure Firewall and Cisco Secure Workload, whereas SonicWall NSa is most compared with Meraki MX, Fortinet FortiGate, WatchGuard Firebox, SonicWall TZ and Palo Alto Networks NG Firewalls. See our Check Point CloudGuard Network Security vs. SonicWall NSa report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.