We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The dashboard is the most important thing. It provides good visibility and makes management easy. Firepower also provides us with good application visibility and control."
"The Adversity Malware Protection (AMP) feature is the most valuable. It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard."
"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government."
"Feature-wise, we mostly use IPS because it is a security requirement to protect against attacks from outside and inside. This is where IPS helps us out a bunch."
"Firepower has been used for quite a few enterprise clients. Most of our clients are Fortune 500 and Firepower is used to improve their end to end firewall functionality."
"If configured, Firepower provides us with application visibility and control."
"The implementation is pretty straightforward."
"Being able to determine our active users vs inactive users has led us to increased productivity through visibility. Also, if an issue was happening with our throughput, then we wouldn't know without research. Now, notifications are more proactively happening."
"The dashboards are a good feature."
"It is very versatile."
"The support is good. We don't have any issues with the technical support."
"The initial setup is very user-friendly."
"It is a complete package, and it has complete offerings. It fit the needs, and our customer is happy with it."
"The solution can scale well."
"In terms of specific features, I like FortiGate's load balancing, interface, and priority on the network."
"The user interface, stability, and scalability are the most valuable features."
"The architecture of the OS in Juniper is very good. It's flexibility, scalability, and the technicality is also good."
"I'm told the solution is the fastest, and, so far, I do find that to be the case."
"The dashboard, customization, API, and pricing are good."
"Juniper is more flexible with the commit check and the commit confirmed command. The design of the forwarding and contract plan in the operating system is very important for the performance when we have very big traffic."
"It's a very powerful solution and the firewalls offer high performance"
"It is deployed on the customer site, and we manage the firewalls on this side."
"The initial setup is pretty simple."
"Web filtering needs improvement because sometimes the URL is miscategorized."
"Cisco Firepower NGFW Firewall can be more secure."
"I believe that the current feature set of the device is very good and the only thing that Cisco should work on is improving the user experience with the device."
"We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve."
"It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience."
"One feature I would like to see, that Firepower doesn't have, is email security. Perhaps in the future, Cisco will integrate Cisco Umbrella with Firepower. I don't see why we should have to pay for two separate products when both could be integrated in one box."
"The product line does not address the SMB market as it is supposed to do. Cisco already has an on-premises sandbox solution."
"On the VPN side, Firepower could be better. It needs more monitoring on VPNs. Right now, it's not that good. You can set up a VPN in Firepower, but you can't monitor it."
"The one thing that could be improved is the integration with the exchange. The gateway level controls can be enhanced a bit more. For example, it's still little here and there. You do get malicious attacks and suspicious emails like spam. It's not like Sophos where we got a lot of spam email, and yet, it's still relatively vulnerable. It can be upgraded, maybe with a fifth-generation firmware that it is ready for unknown threats."
"There are certain GUI features that should be present but are not."
"The reporting is not as good as it is with other firewalls and it should be improved."
"There should be integration with an active directory — with Microsoft."
"There should be a bit more automation."
"The block, the clarity, the quarantine command, is not very user-friendly. You would have to do everything through the command line and I would have preferred if it wasn't a CLI."
"The solution should provide more useful GUI features."
"The licensing needs to be improved. We need longer licensing periods, especially for POCs and trials. It should be for six months. Right now, it's too short of a timeframe."
"VPN access is an area that needs improvement."
"It could use more tutorials."
"We experienced some technical issues during implementation"
"Some people complain that the solution tends to have a steep learning curve. It could be because most people have basic familiarity with Cisco or other similar products and maybe have never worked closely with Juniper products."
"We worked with Cisco's support and Juniper's support and there are some differences, to be honest, Cisco is more available and is more competent at addressing our cases."
"I would like to see an activity sensor for malicious content or sensor for viruses and malware."
"In the next release, I would like to see improvements made to the GUI because it isn't very good."
"The price is comparable."
"It definitely competes with the other vendors in the market."
"The price for Firepower is more expensive than FortiGate. The licensing is very complex. We usually ask for help from Solutel because of its complexity. I have a Cisco account where I can download the VPN client, then connect. Instead, I create an issue with Solutel, then Solutel solves the case."
"When we purchased the firewall, we had to take the security license for IPS, malware protection, and VPN. If we are using high availability, we have to take a license for that. We also have to pay for hardware support and technical support. Its licensing is on a yearly basis."
"We normally license on a yearly basis. The hardware procurement cost should be considered. If you're virtual maybe that cost is eradicated and just the licensing cost is applied. If you have hardware the cost must be covered by you. All the shipping charges will be paid by you also. I don't thing there are any other hidden charges though."
"I like the Smart Licensing, because it is more dynamic and easier to keep track of where you are at. If we have a high availability firewall pair and they are deployed in active/standby rather than active/active, I would expect that we would only pay for one set of licenses because you are using only one firewall at any one time. The other is there just for resiliency. The licensing, from a Firepower perspective, still requires you to have two licenses, even if the firewalls are in active/standby, which means that you pay for the two licenses, even though you might only be using one firewall any one time. This is probably not the best way to do it and doesn't represent the best value for money. This could be looked at to see if it could be done in a fairer way."
"There are additional implementation and validation costs."
"Pricing is the same as other competitors. It is comparable. The licensing has gotten better. It has been easier with Smart Licensing."
"The price could be lower."
"The price is similar to Symantec Endpoint, but it's more expensive than Forcepoint solutions. Fortinet is better than Forcepoint."
"There is a support fee that can be bought on a yearly or two-yearly basis. I don't think they do five years. The best benefit is that the same pricing is guaranteed for that duration. If you can afford it, I would recommend using the longest possible time span."
"Licensing is pretty standard. It's approximately 15% of the total cost per year as a subscription cost."
"There are no additional costs beyond the standard fee."
"It's not a cheap solution but it comes with its benefits."
"There should be a reduction in the setup price and licensing costs."
"There is an annual license required to use the solution."
"As a customer, the pricing is good for us."
"The pricing is reasonable."
"After some research, I think that the cost of Juniper is more than Check Point, Palo Alto, and Fortinet."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
FortiGate Virtual Appliances allow you to mitigate blind spots by implementing critical security controls within your virtual infrastructure. They also allow you to rapidly provision security infrastructure whenever and wherever it is needed. FortiGate virtual appliances feature all of the security and networking services common to traditional hardware-based FortiGate appliances. With the addition of virtual appliances from Fortinet, you can deploy a mix of hardware and virtual appliances, operating together and managed from a common centralized management platform.
Fortinet FortiGate-VM is ranked 12th in Firewalls with 54 reviews while Juniper vSRX is ranked 22nd in Firewalls with 7 reviews. Fortinet FortiGate-VM is rated 8.2, while Juniper vSRX is rated 8.2. The top reviewer of Fortinet FortiGate-VM writes "Slightly unstable, needs a better user interface, and lacks good monitoring capabilities ". On the other hand, the top reviewer of Juniper vSRX writes "Fast with good usability and fairly scalable". Fortinet FortiGate-VM is most compared with Azure Firewall, Fortinet FortiGate, Palo Alto Networks VM-Series, OPNsense and Meraki MX, whereas Juniper vSRX is most compared with Juniper SRX, pfSense, Palo Alto Networks VM-Series, Azure Firewall and OPNsense. See our Fortinet FortiGate-VM vs. Juniper vSRX report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.