"The Firepower+ISE+AMP for endpoint integration is something that really stands it out with other vendor solutions. They have something called pxGrid and i think it is already endorsed by IETF. This allows all devices on the network to communicate."
"One of the most valuable features is the AMP. It's very good and very reliable when it comes to malicious activities, websites, and viruses."
"I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection."
"The feature set is fine and is rarely a problem."
"Web filtering is a big improvement for us. The previous version we used, the AC520, did not have that feature included. It was not very easy for us, especially because the environment had to be isolated and we needed to get updates from outside, such as Windows patches. That feature has really helped us when we are going outside to pull those patches."
"I like the firewall features, Snort, and the Intrusion Prevention System (IPS)."
"Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity."
"The dashboard is the most important thing. It provides good visibility and makes management easy. Firepower also provides us with good application visibility and control."
"The features that I have found most valuable are the SD-WAN and their IP4 policy."
"The main reason why I purchased the particular unit was that it had good reviews and what other people were saying as far as its completeness and its leading capabilities in terms of endpoint security was very good."
"This is an easy solution to deploy."
"Fortinet FortiGate appears to be scalable."
"The most valuable feature is the ease of use."
"The web tutor and automatic rules by schedule are good features."
"We use the FortiGate Sandbox to detect zero-day vulnerabilities, such as anomalies or malware, that are unknown and have not yet been discovered."
"I like that they have given me a solution at a fair price."
"GajShield has improved our mobile device-based connectivity."
"The price and SD-WAN capabilities are the areas that need improvement."
"This product is managed using the Firepower Management Center (FMC), but it would be better if it also supported the command-line interface (CLI)."
"The initial setup was a bit complex. It wasn't a major challenge, but due to our requirements and network, it was not very straightforward but still easy enough."
"The product line does not address the SMB market as it is supposed to do. Cisco already has an on-premises sandbox solution."
"The initial setup can be a bit complex for those unfamiliar with the solution."
"Implementations require the use of a console. It would help if the console was embedded."
"It would be great if some of the load times were faster."
"I would like to see improvement when you create policies on Snort 3 IPS on Cisco Firepower. On Snort 2, it was more like a UI page where you had some multiple choices where you could tweak your config. On Snort 3, the idea is more to build some rules on the text file or JSON file, then push it. So, I would like to see a lot of improvements here."
"Application management can be improved."
"There are SD-WAN network monitoring, SD-WAN features, Industrial Databases, Internet of Things, Detection, etc., however, we do have not licenses for those features. We thought that if you bought a product, you should have all of the features it offers. Why should you need to make so many extra purchases to enable features? They should have one price for the entire offering."
"Security is a continuous process. In every product, there is a requirement for improvement. Its pricing should also be improved according to Indian market requirements. They must also improve on the reporting part. Its reporting can be more precise. If we can get a real-time report in a specific format, it will be helpful for customers to know about the current status of their security."
"A lack of integration between our data centers."
"It should provide better visibility over the network and more information in the form of reports for the end users. Its installation should also be easier."
"Vulnerability scanning could be improved."
"The central management for the FortiGate Fortinet Firewall needs improvement. They have the manager to do the essential management for both SD-WAN and for the security policy. They should also improve the SD-WAN function."
"It's my understanding that more of the current generation features could be brought in. There could be more integration with EDRs, for example."
"The firewall configuration and administration screens could use some improvement."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
The FortiGate family of NG firewalls provides proven protection with unmatched performance across the network, from internal segments, to data centers, to cloud environments. FortiGates are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.
Traditional firewalls commonly serve as the boundary between the Internet and an organization's network. They offer protection based on controlling specific protocols and ports, and restricting traffic to and from specific IP addresses. These days however, most attacks are web-based, easily passing through http (port 80) and https (port 443). Most firewalls are unable to identify malicious applications or traffic passing through these common ports. Next Generation firewall must evolve to effectively defend against these threats.
Customers get, complete and Proactive security with GajShield Next Generation Appliances. GajShield has inbuild default security policy to deny all out bound traffic from local LAN to the internet. It reacts quickly to attacks with intelligent packet filtering that sets policies and hardens customer network defenses dynamically. GajShield has inbuild default security policy to deny all out bound traffic from local LAN to the internet. In today's organization, application, employees, vendors, clients, and security threats fight for the same network resources. It has become difficult for small to medium enterprises to manage their infrastructure as they are unable to distinguish between good traffic v/s bad traffic. Threats or various productive applications have become smarter as they camouflage data transfer using standard internet ports. Current day security products have failed to distinguish and manage such malicious traffic.
Fortinet FortiGate is ranked 1st in Firewalls with 98 reviews while GajShield Next Generation Firewall is ranked 28th in Firewalls with 1 review. Fortinet FortiGate is rated 8.4, while GajShield Next Generation Firewall is rated 8.0. The top reviewer of Fortinet FortiGate writes "Stable, easy to set up, and offers good ROI". On the other hand, the top reviewer of GajShield Next Generation Firewall writes "Identifies and protects against email borne threats". Fortinet FortiGate is most compared with Cisco ASA Firewall, pfSense, Check Point NGFW, Meraki MX and SonicWall TZ, whereas GajShield Next Generation Firewall is most compared with Sophos XG, Sophos Cyberoam UTM, SonicWall TZ, OPNsense and Cisco ASA Firewall.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.