We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"You do not have to do everything through a command line which makes it a lot easier to apply rules."
"The Adversity Malware Protection (AMP) feature is the most valuable. It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard."
"Another benefit has been user integration. We try to integrate our policies so that we can create policies based on active users. We can create policies based on who is accessing a resource instead of just IP addresses and ports."
"Provides good integrations and reporting."
"There are no issues that we are aware of. It does its job silently in the background."
"I have access to the web version of Cisco Talos to see the reputation of IP addresses. I find this very helpful. It provides important information for my company to obtain the reputation of IP addresses. The information in Talos is quite complete."
"The implementation is pretty straightforward."
"The integration of network and workload micro-segmentation helps a lot to provide unified segmentation policies across east-west and north-south traffic. One concrete example is with Cisco ACI for the data center. Not only are we doing what is called a service graph on the ACI to make sure that we can filter traffic east-west between two endpoints in the same network, but when we go north-south or east-west, we can then leverage what we have on the network with SGTs on Cisco ISE. Once you build your matrix, it is very easy to filter in and out on east-west or north-south traffic."
"Cisco has always been a premium product. There's a lot of other entry-level solutions. This is more robust."
"We are able to filter a lot of traffic especially when a lot of the traffic is in layer 7."
"The product is easy to use."
"The hardware is pretty stable. It's also a very good product performance-wise. Initially, it wasn't mature like a firewall and there were other leaders, but now they have included almost all the features of next-generation security. Basically, it's a good product to work with."
"It covers everything we need it to without looking to secondary solutions."
"Cisco is head-and-shoulders above all of the competition when it comes to technical support."
"The solution is very user-friendly and easy to deal with."
"Completely integrates branch offices with perimeter security."
"In general, Meraki MX is easy to work with."
"I love the simplicity of Meraki MX — specifically, the simplicity of the dashboard."
"It has the most advanced security features, for example, layer 3 and layer 7 firewall capabilities and the end team and IPS protection. It also has IPS, and it has very good functioning of cloning services. You don't actually have to touch the device. If you have multiple companies in different countries, you don't really require this device to be touched. You can get it delivered directly to any office of a country, and then you can simply put your configuration over the cloud. It's very simplified and easy to manage. It gives a very good granular visibility about your network. Earlier, a lot of things were lacking in the network. We were unable to identify where the problem was, but after implementing Meraki MX, we are able to dig down and identify where is the problem. We can easily and quickly identify the sources and the root causes of the issues."
"Point-to-point VPNs can dynamically follow IP changes with no need for static IPs."
"It is very easy to use and manage. It is also very easy to scale."
"Meraki makes it easy to be secure and know where the holes are to fix them. We have been fixing anything that we have ever found for 20 years. We keep up-to-date with firmware upgrades. We just try to stay on top of everything for security, like maintaining updates and getting rid of old systems. I feel like we're on top of it."
"The technical support people from Meraki are brilliant."
"It has very good features; it's easy to use, configure, set up, and deploy."
"It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience."
"The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore."
"One of the few things that are brought up is that for the overall management, it would be great to have a cloud instance of that. And not only just a cloud instance, but one of the areas that we've looked at is using an HA type of cloud. To have the ability to have a device file within a cloud. If we had an issue with one, the other one would pick up automatically."
"One issue with Firepower Management Center is deployment time. It takes seven to 10 minutes and that's a long time for deployment. In that amount of time, management or someone else can ask me to change something or to provide permissions, but during that time, doing so is not possible. It's a drawback with Cisco. Other vendors, like Palo Alto or Fortinet do not have this deployment time issue."
"When you make any changes, irrespective of whether they are big or small, Firepower takes too much time. It is very time-consuming. Even for small changes, you have to wait for 60 seconds or maybe more, which is not good. Similarly, when you have many IPS rules and policies, it slows down, and there is an impact on its performance."
"The initial setup could be simplified, as it can be complex for new users."
"Implementations require the use of a console. It would help if the console was embedded."
"Cisco Firepower NGFW Firewall can be more secure."
"I would love it if it has a link-by-link feature, integration with Unified Threat Management (UTM), and load balancers. They haven't got any link-by-link feature right now, which can be a very attractive option. This link-by-link feature can also be made available for Cisco's UTM firewalls. The link-by-link feature is available in some of the other firewalls. Currently, integration with UTM is missing. Cisco IOS Security also doesn't have the load balancers and a few things that need to be done to get a good UTM firewall. Normally, other firewalls have UTM. As a next-generation firewall, it's good, but as a UTM, it has to do some work."
"The configuration should be easier in the solution."
"The company needs to make its solution more affordable to make it more accessible to larger markets. Otherwise, it's seen as an enterprise-level solution that small or medium-sized organizations can't afford and therefore they won't even look at it."
"I think they should bring back remote VPN for users."
"It would be ideal if the solution had more capacity."
"The pricing is the only con for this product."
"The user interface needs to be improved."
"There could be a bit more functions on offer that could make it easier to use."
"The whole Cisco Meraki range requires easier access for cameras. For a security center, it would be helpful to have easier access to cameras through the portal. Its licensing cost could also be better."
"In general, the SD-WAN feature needs to be improved. The load sharing and load balancing of the traffic should be improved. I have had some problems with these features in the past."
"They need to improve the link between Meraki and Active Directory."
"Meraki tech support staff have a lot more visibility into your network than you do, which is frustrating at times. I understand the approach is to keep the dashboard easier to understand. This will frustrate more advanced users at times."
"We have been having a problem with the VPN. When the energy goes down and is back again, the VPN link doesn't get established. We have to manually turn off the modems and other pieces of equipment and manually establish the VPN. It has been around one month since we have been having this problem, and we don't have enough support from Meraki to solve the problem."
"From the improvement perspective, we need more monitoring capabilities. We want to have full-based access visibility, such as, what is happening when something is trying to reach and it is denying. We cannot see some parts of it. The integration of active directory with this product is not very fruitful. It has some bugs or lacks in the functionality of active directory integration. We are unable to identify where exactly and whether it has really applied our policy."
"As far as what needs to be improved — nothing really comes to mind. It does what we need it to do."
"You can only have one tunnel in the whole infrastructure — one tunnel with one device."
"I am happy with the product in general, including the pricing."
"The price is comparable."
"Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
"This solution is expensive and other solutions, such as FortiGate, are cheaper."
"This product is expensive."
"There are additional implementation and validation costs."
"I know that licensing for some of the advanced solutions, like Intrusion Prevention and Secure Malware Analytics, are nominal costs."
"This product requires licenses for advanced features including Snort, IPS, and malware detection."
"The pricing is okay. It is competitive. It costs more when you need get more features."
"Price is certainly something that the IOS technology has fallen behind the competition on."
"It is necessary to pay for a license in order to use the solution. It is on a yearly basis and the price is high."
"It is an expensive solution."
"The price of the solution should be cheaper, and the license is purchase annually."
"Palo Alto networks are more expensive than this solution and this is why you will see more products like this one in Mexico."
"Other content filtering solutions that I have used had more bells and whistles, but given the cost, complexity, and management overhead, I am very pleased with Meraki’s solution."
"Its licensing cost could be better."
"Meraki is the best option — based on the price and the features available."
"It is a good global solution in terms of the price and features, but because we sell this solution in dollars, sometimes we don't get to sell this solution in Brazil because the dollar is very expensive. The price of every project is different. It varies depending upon the project, scenario, and client."
"The price varies depending on the hardware platform as well as the type of license and whether you're adding security or not."
"The price is slightly increased, but reasonable."
"We just have to pay for the product and the license. We have a license for three years, and it is renewed every three years. It costs $1,200 for three years for one endpoint. Meraki had a good promotion for remote workers or remote workforce. The discount is very good. This promotion continues till the next fiscal year of Cisco."
"The license cost depends on the box. We acquired a different product line. We are dealing with MX appliance now, that is, MX6, MX54, MX100, MX250, MX450. Every box has got an identity, and it has got its own specification. Every box has got a different license fee. We deployed Meraki MX in UAE when it was not a mature product. We took a risk, but we were successful. We saved a huge amount of money after implementing and removing all the MPLS and leased lines. We got a broadband connection because Meraki MX could work on a broadband connection. We have drastically saved a very good amount of money, which was one of the successful things apart from the successful solution."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Cisco IOS Security is ranked 19th in Firewalls with 10 reviews while Meraki MX is ranked 1st in Unified Threat Management (UTM) with 17 reviews. Cisco IOS Security is rated 7.8, while Meraki MX is rated 8.4. The top reviewer of Cisco IOS Security writes "Prevent unauthorized use of network resources and integrate branch offices with reliability". On the other hand, the top reviewer of Meraki MX writes "Makes it easy to stay on top of everything for security". Cisco IOS Security is most compared with Zyxel Unified Security Gateway, Cisco ASA Firewall, Fortinet FortiGate, pfSense and Fortinet FortiManager, whereas Meraki MX is most compared with Fortinet FortiGate, Cisco ASA Firewall, Sophos XG, Palo Alto Networks NG Firewalls and SonicWall NSa. See our Cisco IOS Security vs. Meraki MX report.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.