We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy."
"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government."
"It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS."
"You do not have to do everything through a command line which makes it a lot easier to apply rules."
"The dashboard is the most important thing. It provides good visibility and makes management easy. Firepower also provides us with good application visibility and control."
"Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity."
"The Adversity Malware Protection (AMP) feature is the most valuable. It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard."
"The most valuable features of this solution are advanced malware protection, IPS, and IDS."
"The most valuable feature is SD-WAN."
"The most valuable feature is the console management."
"Forcepoint is a complete package because it has network and systems applications. Other firewalls are only for the network."
"It is a scalable product. I know a customer who has deployed more than 4,000 firewalls in a single deployment."
"Technical support has been quite helpful in the past."
"Forcepoint Next Generation Firewall is very simple, easy to use, and flexible."
"I like the IPS. IPS is the master feature. I depend on the firewall and sandbox."
"I like the Firewall and the IPS."
"I'm the expert when it comes to Linux systems, however, with the pfSense, due to the web interface, the rest of the staff can actually make changes to it as required without me worrying about whether they've opened up ports incorrectly or not. The ease of use for non-expert staff is very good."
"My technicians find the pfSense's web interface very useful. It is very easy to use. pfSense is very reliable and stable. We like the OpenVPN clients that can be deployed using pfSense very much."
"A valuable feature is that the solution is open source."
"The initial setup is straightforward."
"What I like about pfSense is that it works well and runs on an inexpensive appliance."
"The concurrent users are perfect for us."
"I have found pfSense to be stable."
"A free firewall that is a good network security appliance."
"One feature I would like to see, that Firepower doesn't have, is email security. Perhaps in the future, Cisco will integrate Cisco Umbrella with Firepower. I don't see why we should have to pay for two separate products when both could be integrated in one box."
"It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience."
"I would like to see improvement when you create policies on Snort 3 IPS on Cisco Firepower. On Snort 2, it was more like a UI page where you had some multiple choices where you could tweak your config. On Snort 3, the idea is more to build some rules on the text file or JSON file, then push it. So, I would like to see a lot of improvements here."
"The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved."
"Web filtering needs improvement because sometimes the URL is miscategorized."
"The initial setup can be a bit complex for those unfamiliar with the solution."
"FirePOWER does a good job when it comes to providing us with visibility into threats, but I would like to see a more proactive stance to it."
"They need a VTI. I know it's going to be available in the next software version, which is the 6.7 version. However, the problem with that is that the 6.7 is going to deprecate all the older IKEv1 deployment tunnels. Therefore, the problem is that we have a lot of customers which are using older encryptions. If I do that, update it, it's not going to work for me."
"They should have a local vendor who can provide support. Most of the support is overseas, so the time zones can be a problem."
"The company should update the URL filtering database. They need to enhance the URL filtering and make it easier to customize."
"Its management center should be easier to use. The management interface of Forcepoint is unique and a little bit different from some of the firewall solutions on which people might have worked before. Sometimes, the customers say that it is not very friendly, and we help them with how to use this management interface. It just takes a little bit of time, and after some time, it gets easy to manage or use. It is quite similar to Palo Alto, Fortinet, and legacy Juniper solutions. Their support should be faster. We have received complaints that they are not responding fast, which is not good for the vendor and us."
"If I want to allow access to Facebook, yet not allow the user to access videos, then I am not able to do it with this product."
"The ability to dynamically change policies could be improved."
"Its interface is complex when compared with a firewall like FortiGate. Forcepoint Next Generation Firewall needs a management console, whereas FortiGate doesn't need any console. When you have a few devices, a console is not really necessary. It's good to have a private console only when you have a lot of devices."
"The security features need to be improved."
"Something that I've noticed that Forcepoint lacks, is the training that they offer to their end-customers"
"Their support could be better in terms of the response time."
"The integration of pfSense with EPS and EDS could be better. Also, it should be easier to get reports on how many users are connecting simultaneously and how sections connect in real-time."
"The VPN feature of the solution could improve by adding better functionality and providing easier configure ability."
"It needs to be more secure."
"The user interface can be improved to make it easier to add more features. And pfSense could be better integrated with other solutions, like antivirus."
"The main problem with pfSense is that we have to use proxy solutions."
"As an open-source solution, there are so many loopholes happening within the product. By design, no one is taking ownership of it, and that is worrisome to me."
"The usage reports can be better."
"There are additional implementation and validation costs."
"I like the Smart Licensing, because it is more dynamic and easier to keep track of where you are at. If we have a high availability firewall pair and they are deployed in active/standby rather than active/active, I would expect that we would only pay for one set of licenses because you are using only one firewall at any one time. The other is there just for resiliency. The licensing, from a Firepower perspective, still requires you to have two licenses, even if the firewalls are in active/standby, which means that you pay for the two licenses, even though you might only be using one firewall any one time. This is probably not the best way to do it and doesn't represent the best value for money. This could be looked at to see if it could be done in a fairer way."
"When we are fighting against other competitors for customers, whether it is a small or big business, we feel very comfortable with the price that Firepower has today."
"Its price is in the middle range. Both Firepower and FortiGate are not cheap. Palo Alto and Check Point are the cheapest ones. I don't remember any costs in addition to the standard licensing fees."
"Pricing is the same as other competitors. It is comparable. The licensing has gotten better. It has been easier with Smart Licensing."
"It definitely competes with the other vendors in the market."
"For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
"I am happy with the product in general, including the pricing."
"We have found the price could be reduced. It is a little expensive."
"The pricing of the solution is normally competitive with other products."
"The pricing should be more competitive against other vendors in the market."
"Forcepoint is very expensive but it's really secure."
"I consider Forcepoint Next Generation Firewall's price to be good."
"It could be cheaper like Fortinet."
"It is expensive."
"Everything in Forcepoint comes with an individual license, which is kind of a problem. In our last meeting, they said that it may change at the beginning of 2021, and they will try to merge some licenses together. Customers will get more features than what they got previously. We will wait and see."
"Looking at what it does, I think that it is fairly priced."
"Our customers must pay for an annual license."
"The solution is free. However, you need to pay for support."
"I am using the free version of pfSense."
"It is open source."
"It has almost zero cost, and it is open to us. It runs on a small appliance just for a couple of 100 bucks, and I've never had an appliance burn out on me yet."
"The solution software does not require a license, it is free. The support contract is about $600 dollars."
"pfSense is open-source, but the support is something that the customer pays for."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Forcepoint Next Generation Firewall is ranked 20th in Firewalls with 18 reviews while pfSense is ranked 3rd in Firewalls with 54 reviews. Forcepoint Next Generation Firewall is rated 8.0, while pfSense is rated 8.6. The top reviewer of Forcepoint Next Generation Firewall writes "Good console management, but the interface is not user-friendly and application filtering needs finer granularity". On the other hand, the top reviewer of pfSense writes "Feature-rich, well documented, and there is good support available online". Forcepoint Next Generation Firewall is most compared with Fortinet FortiGate, Palo Alto Networks Threat Prevention, Darktrace, Sophos XG and Check Point NGFW, whereas pfSense is most compared with OPNsense, Fortinet FortiGate, Sophos UTM, Sophos XG and Zyxel Unified Security Gateway. See our Forcepoint Next Generation Firewall vs. pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.