We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"When it comes to the integration among Cisco tools, we find it easy. It's a very practical integration with other components as well."
"Web filtering is a big improvement for us. The previous version we used, the AC520, did not have that feature included. It was not very easy for us, especially because the environment had to be isolated and we needed to get updates from outside, such as Windows patches. That feature has really helped us when we are going outside to pull those patches."
"I have integrated it for incidence response. If there is a security event, the Cisco firewall will automatically block the traffic, which is valuable."
"It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective."
"Being able to determine our active users vs inactive users has led us to increased productivity through visibility. Also, if an issue was happening with our throughput, then we wouldn't know without research. Now, notifications are more proactively happening."
"One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful."
"It's got the capabilities of amassing a lot of throughput with remote access and VPNs."
"The dashboard is the most important thing. It provides good visibility and makes management easy. Firepower also provides us with good application visibility and control."
"The configuration, graphical interface and command line are easy to use."
"The stability of the solution is good. We haven't faced any issues at all while using the product."
"Overall, it's an excellent solution."
"The dashboards are a good feature."
"In spite of the solution being inexpensive, it has everything one would need."
"While the stability maybe isn't quite to the level of Cisco, it is a very cost-effective solution. It's cheap compared to Cisco."
"In terms of administration, it's perfect."
"The most valuable feature is the WAN optimization."
"The central management tool is not comfortable to use. You need to have a specific skill set. This is an important improvement for management because I would like to log into Firepower, see the dashboard, and generate a real-time report, then I question my team."
"It would be great if some of the load times were faster."
"The configuration in Firepower Management Center is very slow. Deployment takes two to three minutes. You spend a lot of time on modifications. Whereas, in FortiGate, you press a button, and it takes one second."
"Cisco makes horrible UIs, so the interface is something that should be improved."
"Report generation is an area that should be improved."
"The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore."
"Its interface is sometimes is a little bit slow, and it can be improved. When you need to put your appliance in failover mode, it is a little difficult to do it remotely because you need to turn off the appliance in Cisco mode. In terms of new features, it would be good to have AnyConnect VPN with Firepower. I am not sure if it is available at the moment."
"One feature I would like to see, that Firepower doesn't have, is email security. Perhaps in the future, Cisco will integrate Cisco Umbrella with Firepower. I don't see why we should have to pay for two separate products when both could be integrated in one box."
"The interface of the solution could be improved."
"Not a ten because I think that Cisco is better."
"Technical support could be improved."
"Some issues with connecting to the VPN from home after firmware updates."
"It has a monitoring tool, but it could be improved."
"The product may not be as robust as Palo Alto. However, unless you are a big bank, you probably won't need it to be."
"It would be better if it could provide you with options before completely blocking anything through the web filter. If you are doing a deep SSL inspection on the site if it says it's expired, it doesn't give you the option to continue at your own risk. I can't say that it's bad, but SSL internally isn't really a requirement. However, its security features can help. Right now, we have people going out and spending on purchasing the SSL certificates for internal sites."
"It is difficult to size the VM in terms of machine resources, and for this reason, clients prefer the appliance."
"This product requires licenses for advanced features including Snort, IPS, and malware detection."
"When we are fighting against other competitors for customers, whether it is a small or big business, we feel very comfortable with the price that Firepower has today."
"I know that licensing for some of the advanced solutions, like Intrusion Prevention and Secure Malware Analytics, are nominal costs."
"This solution is expensive and other solutions, such as FortiGate, are cheaper."
"When we purchased the firewall, we had to take the security license for IPS, malware protection, and VPN. If we are using high availability, we have to take a license for that. We also have to pay for hardware support and technical support. Its licensing is on a yearly basis."
"Cisco pricing is premium. However, they gave us a 50 to 60 percent discount."
"For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
"Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
"Licensing is pretty standard. It's approximately 15% of the total cost per year as a subscription cost."
"There should be a reduction in the setup price and licensing costs."
"It's not a cheap solution but it comes with its benefits."
"There are yearly or monthly licenses which you can choose from."
"The customer must buy his own license."
"The price is similar to Symantec Endpoint, but it's more expensive than Forcepoint solutions. Fortinet is better than Forcepoint."
"There is an annual license required to use the solution."
"There is a support fee that can be bought on a yearly or two-yearly basis. I don't think they do five years. The best benefit is that the same pricing is guaranteed for that duration. If you can afford it, I would recommend using the longest possible time span."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
FortiGate Virtual Appliances allow you to mitigate blind spots by implementing critical security controls within your virtual infrastructure. They also allow you to rapidly provision security infrastructure whenever and wherever it is needed. FortiGate virtual appliances feature all of the security and networking services common to traditional hardware-based FortiGate appliances. With the addition of virtual appliances from Fortinet, you can deploy a mix of hardware and virtual appliances, operating together and managed from a common centralized management platform.
Cisco Firepower NGFW Firewall is ranked 4th in Firewalls with 41 reviews while Fortinet FortiGate-VM is ranked 13th in Firewalls with 58 reviews. Cisco Firepower NGFW Firewall is rated 8.4, while Fortinet FortiGate-VM is rated 8.2. The top reviewer of Cisco Firepower NGFW Firewall writes "The ability to implement dynamic policies for dynamic environments is important, given the fluidity in the world of security". On the other hand, the top reviewer of Fortinet FortiGate-VM writes "Slightly unstable, needs a better user interface, and lacks good monitoring capabilities ". Cisco Firepower NGFW Firewall is most compared with Fortinet FortiGate, Cisco ASA Firewall, Palo Alto Networks WildFire, Meraki MX and Azure Firewall, whereas Fortinet FortiGate-VM is most compared with Azure Firewall, Fortinet FortiGate, Palo Alto Networks VM-Series, OPNsense and Sophos XG. See our Cisco Firepower NGFW Firewall vs. Fortinet FortiGate-VM report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.