We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The feature set is fine and is rarely a problem."
"The most important features are the intrusion prevention engine and the application visibility and control. The Snort feature in Firepower is also valuable."
"The implementation is pretty straightforward."
"When it comes to the integration among Cisco tools, we find it easy. It's a very practical integration with other components as well."
"The Adversity Malware Protection (AMP) feature is the most valuable. It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard."
"The most valuable feature is the access control list (ACL)."
"Another benefit has been user integration. We try to integrate our policies so that we can create policies based on active users. We can create policies based on who is accessing a resource instead of just IP addresses and ports."
"Feature-wise, we mostly use IPS because it is a security requirement to protect against attacks from outside and inside. This is where IPS helps us out a bunch."
"Overall, it's an excellent solution."
"I find the simplicity to be most valuable."
"Its performance is adequate. We are quite satisfied with its performance. The fact that it is a complete ecosystem with all kinds of integrations is valuable. It did take us a couple of months to get a grip on the new software, but all in all, it replaced our on-premise and single-point solution environment."
"Primarily, the VPN solution is most valuable. It allows you to have more flexibility in terms of what is there on the end-user device, and what is not there. You can check and make sure that they're current. It has more flexibility than just a straight VPN solution. It works really well. It has the features that 99% of people need."
"The standard features, including the filtering, are quite good. All the basic features are pretty useful for us."
"The most valuable features we have found to be the VPN, ease of use, and overall simplicity."
"Fortinet-VM is more scalable than the hardware version. If you're using an appliance, there are limitations in terms of hardware specs. So if you want a more scalable firewall, you can get a VM and install it on a high-end server."
"While the stability maybe isn't quite to the level of Cisco, it is a very cost-effective solution. It's cheap compared to Cisco."
"It's fine, and it's good. It's very stable."
"The solution has been good for fulfilling our basic needs."
"One of Juniper SRX's most valuable features is the site-to-site VPN."
"The Juniper SRX series is easy to use."
"Juniper supports their products very well."
"The firewall features and the routing capability are the most valuable."
"The IPSec configuration is going well."
"Technical support is good. They quickly respond, and they even have local help here. They can actually give you an answer very quickly."
"Report generation is an area that should be improved."
"The product line does not address the SMB market as it is supposed to do. Cisco already has an on-premises sandbox solution."
"We're getting support but there's a big delay until we get a response from their technical team. They're in the USA and we're in Africa, so that's the difficulty. When they're in the office, they respond."
"It would be great if some of the load times were faster."
"We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve."
"The performance should be improved."
"When you make any changes, irrespective of whether they are big or small, Firepower takes too much time. It is very time-consuming. Even for small changes, you have to wait for 60 seconds or maybe more, which is not good. Similarly, when you have many IPS rules and policies, it slows down, and there is an impact on its performance."
"FirePOWER does a good job when it comes to providing us with visibility into threats, but I would like to see a more proactive stance to it."
"The price model is not transparent by any means and should be made more clear. What's included in the packages is often not very obvious."
"In the next release, I would like to see integration capability with SIEM tools, such as QRadar, and LogRhythm."
"It has a monitoring tool, but it could be improved."
"It is difficult to size the VM in terms of machine resources, and for this reason, clients prefer the appliance."
"It should have the SD-WAN feature. This would increase the number of features that are available in the box."
"The product does not have a good graphical interface."
"Their offering for MFA isn't the cleanest."
"The one thing that could be improved is the integration with the exchange. The gateway level controls can be enhanced a bit more. For example, it's still little here and there. You do get malicious attacks and suspicious emails like spam. It's not like Sophos where we got a lot of spam email, and yet, it's still relatively vulnerable. It can be upgraded, maybe with a fifth-generation firmware that it is ready for unknown threats."
"It was very difficult to deal with and required a lot of support, and the UI is very poor."
"While the GUI is pretty good on the Juniper side, there can still be tweaks made to it that will make it even better."
"IPS is one that I would definitely want to be improved. I would also like SSL VPN to be integrated."
"In the future, I would like to see the UI more responsive"
"I would like to have a better web UI for administration. Juniper could simplify the web UI and make it more compatible with mobile devices."
"The training videos that are available need to be improved, and made more educative."
"Their models for service providers could improve."
"The user interface and the GUI need improvement."
"I like the Smart Licensing, because it is more dynamic and easier to keep track of where you are at. If we have a high availability firewall pair and they are deployed in active/standby rather than active/active, I would expect that we would only pay for one set of licenses because you are using only one firewall at any one time. The other is there just for resiliency. The licensing, from a Firepower perspective, still requires you to have two licenses, even if the firewalls are in active/standby, which means that you pay for the two licenses, even though you might only be using one firewall any one time. This is probably not the best way to do it and doesn't represent the best value for money. This could be looked at to see if it could be done in a fairer way."
"Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
"It definitely competes with the other vendors in the market."
"When we are fighting against other competitors for customers, whether it is a small or big business, we feel very comfortable with the price that Firepower has today."
"This product is expensive."
"The price is comparable."
"For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
"This solution is expensive and other solutions, such as FortiGate, are cheaper."
"It's a mid-ranged product."
"This solution is very expensive."
"With Fortinet FortiGate-VM you can bring your own licensing, or it can be paid on a yearly basis."
"At present, the SD-WAN licenses are on an annual basis."
"There should be a reduction in the setup price and licensing costs."
"There are no additional costs beyond the standard fee."
"There is a benefit in terms of the cost of using this solution because the price is very good."
"There is an annual license required to use the solution."
"When you consider performance, price, and features, maybe Juniper is not so cost-effective compared to other solutions like MikroTik."
"There is a licensing fee."
"This is an expensive product."
"Compared to other vendors, the pricing of this solution is good."
"Its price is reasonable. In India, most of the products have a similar price. There is only a 5% to 10% variation in the price of different brands."
"The price is reasonable."
"The price could improve, it is a bit expensive."
"The product itself is costly and the price of migration is very high."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
FortiGate Virtual Appliances allow you to mitigate blind spots by implementing critical security controls within your virtual infrastructure. They also allow you to rapidly provision security infrastructure whenever and wherever it is needed. FortiGate virtual appliances feature all of the security and networking services common to traditional hardware-based FortiGate appliances. With the addition of virtual appliances from Fortinet, you can deploy a mix of hardware and virtual appliances, operating together and managed from a common centralized management platform.
Fortinet FortiGate-VM is ranked 12th in Firewalls with 54 reviews while Juniper SRX is ranked 13th in Firewalls with 33 reviews. Fortinet FortiGate-VM is rated 8.2, while Juniper SRX is rated 7.8. The top reviewer of Fortinet FortiGate-VM writes "Slightly unstable, needs a better user interface, and lacks good monitoring capabilities ". On the other hand, the top reviewer of Juniper SRX writes "This best in class Next-Gen firewall is elegant in its ease-of-use and architecture". Fortinet FortiGate-VM is most compared with Azure Firewall, Fortinet FortiGate, Palo Alto Networks VM-Series, OPNsense and Meraki MX, whereas Juniper SRX is most compared with Fortinet FortiGate, Cisco ASA Firewall, Palo Alto Networks WildFire, pfSense and Palo Alto Networks VM-Series. See our Fortinet FortiGate-VM vs. Juniper SRX report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.