We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The customer service/technical support is very good with this solution."
"I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection."
"When it comes to the integration among Cisco tools, we find it easy. It's a very practical integration with other components as well."
"I have access to the web version of Cisco Talos to see the reputation of IP addresses. I find this very helpful. It provides important information for my company to obtain the reputation of IP addresses. The information in Talos is quite complete."
"One of the most valuable features is the AMP. It's very good and very reliable when it comes to malicious activities, websites, and viruses."
"You do not have to do everything through a command line which makes it a lot easier to apply rules."
"There are no issues that we are aware of. It does its job silently in the background."
"Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity."
"All policies can be deployed and managed in a very simple way."
"It secures my organization. With the application blade, I can make security as application based and the custom application is also very useful. With identity awareness blades we get insights on our local users who are accessing/passing through the respective rule as users. We also use the DLP, IPS, and VPN features."
"It improves user productivity and frees up system resources."
"I love the interface of R.80.30. The R.80 interface is very nicely thought out with everything in one place, which makes Check Point easier to use."
"The solution is scalable."
"The QoS blade is very good for controlling traffic such as Windows patches, mail traffic and other stuff."
"The easy and standardized management interface, now with a complete and functional API mechanism, provides the administrator several ways of managing the solution."
"The performance has been very good."
"Huawei was able to assist us in the installation of their product. The installation was very fast."
"The support for the solution has been excellent. If we ever had an issue they would send an engineer to help us with our problem."
"I had no difficulty using the Huawei NGFW."
"The mapping features and traffic logging are good."
"We make use of the new data center, specifically the containerized data center which is built and reviewed by Huawei, including all the device's infrastructure."
"The security is good. It's as effective as anything else on the market."
"The user interface is very, very good."
"I like that the initial setup is straighforward. It's also a scalable solution."
"The central management tool is not comfortable to use. You need to have a specific skill set. This is an important improvement for management because I would like to log into Firepower, see the dashboard, and generate a real-time report, then I question my team."
"The product line does not address the SMB market as it is supposed to do. Cisco already has an on-premises sandbox solution."
"The initial setup was a bit complex. It wasn't a major challenge, but due to our requirements and network, it was not very straightforward but still easy enough."
"I would like it to have faster deployment times. A typical deployment could take two to three minutes. Sometimes, it depends on the situation. It is better than it was in the past, but it could always use improvement."
"My team tells me that other solutions such as Fortinet and Palo Alto are easier to implement."
"We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve."
"Deploying configurations takes longer than it should."
"I believe that the current feature set of the device is very good and the only thing that Cisco should work on is improving the user experience with the device."
"When I was creating the VPN on it and the client side through the portal, that feature was very annoying. I could not use it. It was much more usable after downloading it to the laptop. That was very good compared to using it directly from the browser."
"The command line is very difficult to use, which is one of the biggest drawbacks of this solution."
"The client for the central tools is very big - maybe using web access in future releases, similar to other vendors should be possible."
"The VPN setup could be simplified. We had to engage professional services for that. That's not a problem, but compared to other products we've used, it was a little more complex."
"Geo-blocking would be very useful. There are too many attempts to infiltrate by non-country users. I can block access by IP address or IP network, however, a country-level blocking would be more useful and much quicker to implement."
"The only thing which I think should be improved is that training should be increased. In my position I also interview potential employees and I haven't found many people in the market, nowadays, who are familiar with the Check Point firewall. They are more familiar with Palo Alto and Cisco ASA and they are more comfortable with them."
"I hope for product simplification. It would be better to use one security console, instead of many of them (for licensing and monitoring). The solution is hard for newcomers and takes much time to deep in. Also, I want a historical graph for throughput and system resources usage. Maybe it will be great to make easy step-by-step installation and configuration cookbooks as Fortinet did, and integrate the documentation within the solution."
"The improvement could come from better monitoring of traffic data in and out of the firewall."
"The solution could be more secure and have better integration."
"With the Huawei firewall, none of the features comes at the top. We found out later that customer support is really not good. For this firewall, because of our customers' routine, for example, every six months they'll do a penetration test to find weaknesses. So whenever they came up with VAPT reports, they are looking to Huawei for help. I think that's basically because it's a different culture. Chinese culture and our culture is different. They have always tried to help find some excuses or say some other things that cannot help you solve the problem immediately."
"The solution doesn't seem to be very mature. Our networking team says they are experiencing a lot of issues in the firewalls and some routers."
"The solution is scalable but it is difficult because you need to purchase new systems, it is not just one click."
"Wi-Fi scanning and Wi-Fi analysis would be useful features to include in the future."
"The documentation needs to be improved. When they retire old models, they also retire the documentation. However, if you are still using an older model, you still need access to that documentation. And yet, they go ahead and removed it. It's gone. You are therefore stuck with a device with no documentation and technical support that isn't very helpful as they also remove support assistance as well."
"I would like to see an antivirus solution included with the product."
"The solution requires a more interactive dashboard. That would make it easier than playing with configurations the way we have to now."
"The price is comparable."
"Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
"The price of Firepower is not bad compared to other products."
"This product is expensive."
"This product requires licenses for advanced features including Snort, IPS, and malware detection."
"We normally license on a yearly basis. The hardware procurement cost should be considered. If you're virtual maybe that cost is eradicated and just the licensing cost is applied. If you have hardware the cost must be covered by you. All the shipping charges will be paid by you also. I don't thing there are any other hidden charges though."
"I know that licensing for some of the advanced solutions, like Intrusion Prevention and Secure Malware Analytics, are nominal costs."
"When we are fighting against other competitors for customers, whether it is a small or big business, we feel very comfortable with the price that Firepower has today."
"The pricing and licensing are the worst part of Check Point. I usually don't know what I really am buying. When I have to do an inventory of the license, I don't know what it is being used for. Sometimes I feel I am being cheated, and the others times, I feel it is a bargain. Nobody knows! Even the Check Point representatives, they aren't clear on somethings, such as, what is the right license for what I need."
"Check Point brings good value for the money and is competitive in the market."
"In terms of quality versus price, Check Point is very balanced."
"I think that the pricing is different for every organization."
"The price is too high."
"It is quite an expensive product, although security is a top priority."
"The pricing and licensing are expensive. If you compare it with Fortinet, then it is cheaper on a yearly basis. However, Check Point is the most expensive firewall right now in terms of licenses and its appliance. My recommendation is if you want a long-term investment, then you should use an open server. If you use an open server, then the latency is really low. If you pay for a full appliance, it's more expensive."
"If you use the features then it's cost-effective. Otherwise, it's expensive."
"When you compare the price with other products, it's quite cost-effective. But the problem is always after, let's say, two years or three years later because they are not able to provide updates or patches very quickly."
"Licensing fees are billed on an annual basis."
"I believe that we are entitled to a one-year extension on our licensing."
"The price of the license of this solution is high."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Offered via the Check Point Infinity architecture, Check Point’s NGFW includes 23 Firewall models optimized for running all threat prevention technologies simultaneously, including full SSL traffic inspection, without compromising on security or performance. Learn More about Next Generation Firewall and What is Firewall?
In addition to all the functions of conventional firewalls, Huawei NGFW also provides more advanced security functions, such as IPS and anti-malware functions, to identify applications and prevent application-layer threats. Huawei NGFW provides a global context awareness architecture for granular controls based on application, content, time, user, attack, and location (ACTUAL). The innovative SmartPolicy technology and management interfaces that can be easily integrated simplify the O&M management. The Intelligence Awareness Engine (IAE) uses an integrated architecture to perfectly balance security and performance. Huawei NGFW provides next-generation security featuring comprehensive protection, granular control, and OM simplicity to meet the requirements of enterprise networks on access control, scope of protection, usability, and performance in the new ICT landscape.
Check Point NGFW is ranked 2nd in Firewalls with 147 reviews while Huawei NGFW is ranked 25th in Firewalls with 8 reviews. Check Point NGFW is rated 8.8, while Huawei NGFW is rated 7.2. The top reviewer of Check Point NGFW writes "Central architecture means we can see an end-to-end picture of attacks". On the other hand, the top reviewer of Huawei NGFW writes "Good interface and easy to set up but needs more documentation". Check Point NGFW is most compared with Fortinet FortiGate, Azure Firewall, Palo Alto Networks NG Firewalls, Meraki MX and Kerio Control, whereas Huawei NGFW is most compared with Fortinet FortiGate, Cisco ASA Firewall, Palo Alto Networks NG Firewalls, Palo Alto Networks VM-Series and Sophos XG. See our Check Point NGFW vs. Huawei NGFW report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.