We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"There are no issues that we are aware of. It does its job silently in the background."
"We have not had to deal with stability issues."
"The integration of network and workload micro-segmentation helps a lot to provide unified segmentation policies across east-west and north-south traffic. One concrete example is with Cisco ACI for the data center. Not only are we doing what is called a service graph on the ACI to make sure that we can filter traffic east-west between two endpoints in the same network, but when we go north-south or east-west, we can then leverage what we have on the network with SGTs on Cisco ISE. Once you build your matrix, it is very easy to filter in and out on east-west or north-south traffic."
"The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy."
"Another benefit has been user integration. We try to integrate our policies so that we can create policies based on active users. We can create policies based on who is accessing a resource instead of just IP addresses and ports."
"One of the most valuable features is the AMP. It's very good and very reliable when it comes to malicious activities, websites, and viruses."
"I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection."
"Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity."
"The support is great. They also have very good categorization. It's very good. It captures a lot of threats."
"It is stable and scalable. In addition, their support is great. When you ask them for something, they provide support, and if required, they also involve the R&D team to help you to resolve the issues in your configuration."
"Technical support has been quite helpful in the past."
"I don't have anything bad to say about the product. I absolutely love it."
"I like the Firewall and the IPS."
"The most valuable feature is the console management."
"Forcepoint is a complete package because it has network and systems applications. Other firewalls are only for the network."
"The feature that we like the most about Forcepoint is that we know the technology and have confidence in it. We can have several functionalities to simplify operations and management. We can combine functionalities like log ownership to review the number of devices in the infrastructure."
"Dual WAN connections are greatly simplified and point-to-point VPNs automatically connect regardless of what WAN connection is active."
"In general, Meraki MX is easy to work with."
"Meraki makes it easy to be secure and know where the holes are to fix them. We have been fixing anything that we have ever found for 20 years. We keep up-to-date with firmware upgrades. We just try to stay on top of everything for security, like maintaining updates and getting rid of old systems. I feel like we're on top of it."
"Its ease of configuration and management is very useful for us and for other companies that don't have an onsite IT person. It is easy to configure and easy to manage. It is easy to configure the VPN with the Auto VPN feature."
"They have very good technical support and I have relied heavily on them."
"The technical support people from Meraki are brilliant."
"It has very good features; it's easy to use, configure, set up, and deploy."
"Point-to-point VPNs can dynamically follow IP changes with no need for static IPs."
"FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively."
"The product line does not address the SMB market as it is supposed to do. Cisco already has an on-premises sandbox solution."
"On the VPN side, Firepower could be better. It needs more monitoring on VPNs. Right now, it's not that good. You can set up a VPN in Firepower, but you can't monitor it."
"Web filtering needs improvement because sometimes the URL is miscategorized."
"The solution could offer better control that would allow the ability to restrictions certain features from a website."
"The initial setup can be a bit complex for those unfamiliar with the solution."
"The central management tool is not comfortable to use. You need to have a specific skill set. This is an important improvement for management because I would like to log into Firepower, see the dashboard, and generate a real-time report, then I question my team."
"FirePOWER does a good job when it comes to providing us with visibility into threats, but I would like to see a more proactive stance to it."
"The company should update the URL filtering database. They need to enhance the URL filtering and make it easier to customize."
"Something that I've noticed that Forcepoint lacks, is the training that they offer to their end-customers"
"Making this solution easier to use would be an improvement."
"The network interface could be better, and it could be cheaper."
"My team is looking for more throughput and better integration with our security framework."
"Its interface is complex when compared with a firewall like FortiGate. Forcepoint Next Generation Firewall needs a management console, whereas FortiGate doesn't need any console. When you have a few devices, a console is not really necessary. It's good to have a private console only when you have a lot of devices."
"They should have a local vendor who can provide support. Most of the support is overseas, so the time zones can be a problem."
"They need to increase the local support here. There are also some bugs or fixes on which they need to work. They very well know about these bugs. In terms of licensing, I would like them to either increase the number of features in a single license or make licensing more flexible."
"Management can be improved in Meraki MX."
"It would be nice if the different services, including the SIEM SOC and endpoint detection and response (EDR) were integrated into one, so that I don't have to go to different vendors for different services."
"They need to improve the link between Meraki and Active Directory."
"In general, the SD-WAN feature needs to be improved. The load sharing and load balancing of the traffic should be improved. I have had some problems with these features in the past."
"The security is not as strong as it could be"
"You can only have one tunnel in the whole infrastructure — one tunnel with one device."
"You cannot use switching behaviors as you see on the Meraki switch."
"In the next release, because the security is pretty basic, I think they could include additional security features."
"I like the Smart Licensing, because it is more dynamic and easier to keep track of where you are at. If we have a high availability firewall pair and they are deployed in active/standby rather than active/active, I would expect that we would only pay for one set of licenses because you are using only one firewall at any one time. The other is there just for resiliency. The licensing, from a Firepower perspective, still requires you to have two licenses, even if the firewalls are in active/standby, which means that you pay for the two licenses, even though you might only be using one firewall any one time. This is probably not the best way to do it and doesn't represent the best value for money. This could be looked at to see if it could be done in a fairer way."
"Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed."
"This product is expensive."
"The price is comparable."
"The price for Firepower is more expensive than FortiGate. The licensing is very complex. We usually ask for help from Solutel because of its complexity. I have a Cisco account where I can download the VPN client, then connect. Instead, I create an issue with Solutel, then Solutel solves the case."
"The price of Firepower is not bad compared to other products."
"This product requires licenses for advanced features including Snort, IPS, and malware detection."
"It definitely competes with the other vendors in the market."
"The training that they offer to their end-customers. It's quite expensive, I believe it costs roughly $11,000"
"It could be cheaper like Fortinet."
"We have found the price could be reduced. It is a little expensive."
"Forcepoint is very expensive but it's really secure."
"It is expensive."
"We would love to take other solution from Forcepoint, but unfortunately the price is too high. That's why we are not considering using Forcepoing for our proxy and DLB. They have a very good DLB, but the matter in the end is the cost."
"The pricing should be more competitive against other vendors in the market."
"I consider Forcepoint Next Generation Firewall's price to be good."
"The price is slightly increased, but reasonable."
"The price could be lower, but compared to the TCO of other products, it's not really that expensive."
"It is a good global solution in terms of the price and features, but because we sell this solution in dollars, sometimes we don't get to sell this solution in Brazil because the dollar is very expensive. The price of every project is different. It varies depending upon the project, scenario, and client."
"Meraki is the best option — based on the price and the features available."
"Its licensing cost could be better."
"Like any Cisco product, the license is really expensive for small business clients. It needs to be cheaper. If you look it up, you might go, "That doesn't make any sense.""
"Other content filtering solutions that I have used had more bells and whistles, but given the cost, complexity, and management overhead, I am very pleased with Meraki’s solution."
"The price varies depending on the hardware platform as well as the type of license and whether you're adding security or not."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Forcepoint Next Generation Firewall is ranked 18th in Firewalls with 19 reviews while Meraki MX is ranked 1st in Unified Threat Management (UTM) with 17 reviews. Forcepoint Next Generation Firewall is rated 8.0, while Meraki MX is rated 8.4. The top reviewer of Forcepoint Next Generation Firewall writes "Good console management, but the interface is not user-friendly and application filtering needs finer granularity". On the other hand, the top reviewer of Meraki MX writes "Makes it easy to stay on top of everything for security". Forcepoint Next Generation Firewall is most compared with Fortinet FortiGate, Palo Alto Networks Threat Prevention, Darktrace, pfSense and Versa FlexVNF, whereas Meraki MX is most compared with Fortinet FortiGate, Cisco ASA Firewall, Sophos XG, Palo Alto Networks NG Firewalls and SonicWall NSa. See our Forcepoint Next Generation Firewall vs. Meraki MX report.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.