We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"When it comes to the integration among Cisco tools, we find it easy. It's a very practical integration with other components as well."
"Firepower has been used for quite a few enterprise clients. Most of our clients are Fortune 500 and Firepower is used to improve their end to end firewall functionality."
"It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective."
"The customer service/technical support is very good with this solution."
"The integration of network and workload micro-segmentation helps a lot to provide unified segmentation policies across east-west and north-south traffic. One concrete example is with Cisco ACI for the data center. Not only are we doing what is called a service graph on the ACI to make sure that we can filter traffic east-west between two endpoints in the same network, but when we go north-south or east-west, we can then leverage what we have on the network with SGTs on Cisco ISE. Once you build your matrix, it is very easy to filter in and out on east-west or north-south traffic."
"I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection."
"The most valuable features of this solution are advanced malware protection, IPS, and IDS."
"You do not have to do everything through a command line which makes it a lot easier to apply rules."
"One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface. I don't have to log into one interface for the firewall, another one for the access points, and another one for the switches. These firewalls have access point controller functionality built right into the system, so I don't even have to purchase additional devices to manage them."
"There are lots of features and most of them are deployed for internet security. Users are protected if they accidentally go to some malicious sites."
"The most important feature, normally for small business customers, is link load balancing."
"What's most important is the ease of use."
"The most valuable feature is the web filter."
"I like Fortinet FortiGate's antispam filter, SPN, and clustering features."
"The most valuable features are the possibility of having one fabric for switching on security."
"The customization potential is quite impressive."
"We make use of the new data center, specifically the containerized data center which is built and reviewed by Huawei, including all the device's infrastructure."
"I like that the initial setup is straighforward. It's also a scalable solution."
"The support for the solution has been excellent. If we ever had an issue they would send an engineer to help us with our problem."
"The mapping features and traffic logging are good."
"The user interface is very, very good."
"I had no difficulty using the Huawei NGFW."
"The security is good. It's as effective as anything else on the market."
"Huawei was able to assist us in the installation of their product. The installation was very fast."
"The initial setup was a bit complex. It wasn't a major challenge, but due to our requirements and network, it was not very straightforward but still easy enough."
"The price and SD-WAN capabilities are the areas that need improvement."
"The initial setup could be simplified, as it can be complex for new users."
"When you make any changes, irrespective of whether they are big or small, Firepower takes too much time. It is very time-consuming. Even for small changes, you have to wait for 60 seconds or maybe more, which is not good. Similarly, when you have many IPS rules and policies, it slows down, and there is an impact on its performance."
"The initial setup can be a bit complex for those unfamiliar with the solution."
"Report generation is an area that should be improved."
"Deploying configurations takes longer than it should."
"The change-deployment time can always be improved. Even at 50 seconds, it's longer than some of its competitors. I would challenge Cisco to continue to improve in that area."
"The product does need better support in the cloud environment. It's not exactly cloud-native right now."
"We were not able to build a full-mesh VPN; however, I am not sure if this was the fault of Fortinet FortiGate."
"The solution needs to improve its integration with cybersecurity."
"The biggest "gotcha" is that if the client purchases what they call the UTM shared bundle, which has unified threat management on both, it's not as easy to manage if you have more than one firewall."
"The support is the main thing that needs to be improved."
"A lack of integration between our data centers."
"The initial setup and configuration are not intuitive and require training."
"They sometimes hide some features and if you want to enable them, you have to go in the CLI, enable the feature and configure it through the CLI. Customers, typically, like everything to be done by the GUI."
"Wi-Fi scanning and Wi-Fi analysis would be useful features to include in the future."
"The documentation needs to be improved. When they retire old models, they also retire the documentation. However, if you are still using an older model, you still need access to that documentation. And yet, they go ahead and removed it. It's gone. You are therefore stuck with a device with no documentation and technical support that isn't very helpful as they also remove support assistance as well."
"The solution could be more secure and have better integration."
"I would like to see an antivirus solution included with the product."
"The solution requires a more interactive dashboard. That would make it easier than playing with configurations the way we have to now."
"The solution is scalable but it is difficult because you need to purchase new systems, it is not just one click."
"The solution doesn't seem to be very mature. Our networking team says they are experiencing a lot of issues in the firewalls and some routers."
"With the Huawei firewall, none of the features comes at the top. We found out later that customer support is really not good. For this firewall, because of our customers' routine, for example, every six months they'll do a penetration test to find weaknesses. So whenever they came up with VAPT reports, they are looking to Huawei for help. I think that's basically because it's a different culture. Chinese culture and our culture is different. They have always tried to help find some excuses or say some other things that cannot help you solve the problem immediately."
"I am happy with the product in general, including the pricing."
"We normally license on a yearly basis. The hardware procurement cost should be considered. If you're virtual maybe that cost is eradicated and just the licensing cost is applied. If you have hardware the cost must be covered by you. All the shipping charges will be paid by you also. I don't thing there are any other hidden charges though."
"I know that licensing for some of the advanced solutions, like Intrusion Prevention and Secure Malware Analytics, are nominal costs."
"Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
"Cisco pricing is premium. However, they gave us a 50 to 60 percent discount."
"The solution was chosen because of its price compared to other similar solutions."
"Its pricing is good and competitive. There is a maintenance cost. It includes SecureX that makes it cost-effective as compared to the other solutions where you have to pay for XDR and SOAR capabilities."
"This product requires licenses for advanced features including Snort, IPS, and malware detection."
"When you look at these end security systems and firewalls, these firewalls even five years ago were $50,000 or perhaps $25,000 to implement in some types of customer sites. Now we're talking about tools that are $1,000. In this case, it might have been $500 or something like that."
"Fortinet bundles FortiGate with other products and because of this, the price is a little expensive to some SMB enterprises."
"The price could be lower."
"The price of FortiGate is good."
"It's very affordable."
"For our organization, the licensing costs are approximately $7,000 per year."
"The pricing of the solution is very competitive."
"Setup cost may be not so low, as you expect, because it depends on different factors, but TCO for 5 years may pleasantly surprise you."
"Licensing fees are billed on an annual basis."
"When you compare the price with other products, it's quite cost-effective. But the problem is always after, let's say, two years or three years later because they are not able to provide updates or patches very quickly."
"The price of the license of this solution is high."
"I believe that we are entitled to a one-year extension on our licensing."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
The FortiGate family of NG firewalls provides proven protection with unmatched performance across the network, from internal segments, to data centers, to cloud environments. FortiGates are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.
In addition to all the functions of conventional firewalls, Huawei NGFW also provides more advanced security functions, such as IPS and anti-malware functions, to identify applications and prevent application-layer threats. Huawei NGFW provides a global context awareness architecture for granular controls based on application, content, time, user, attack, and location (ACTUAL). The innovative SmartPolicy technology and management interfaces that can be easily integrated simplify the O&M management. The Intelligence Awareness Engine (IAE) uses an integrated architecture to perfectly balance security and performance. Huawei NGFW provides next-generation security featuring comprehensive protection, granular control, and OM simplicity to meet the requirements of enterprise networks on access control, scope of protection, usability, and performance in the new ICT landscape.
Fortinet FortiGate is ranked 1st in Firewalls with 96 reviews while Huawei NGFW is ranked 25th in Firewalls with 8 reviews. Fortinet FortiGate is rated 8.4, while Huawei NGFW is rated 7.2. The top reviewer of Fortinet FortiGate writes "Stable, easy to set up, and offers good ROI". On the other hand, the top reviewer of Huawei NGFW writes "Good interface and easy to set up but needs more documentation". Fortinet FortiGate is most compared with Cisco ASA Firewall, pfSense, Meraki MX, Check Point NGFW and SonicWall TZ, whereas Huawei NGFW is most compared with Cisco ASA Firewall, Check Point NGFW, Palo Alto Networks NG Firewalls, Palo Alto Networks VM-Series and Sophos XG. See our Fortinet FortiGate vs. Huawei NGFW report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.