We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"There are no issues that we are aware of. It does its job silently in the background."
"It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective."
"Firepower NGFW has improved my organization in several ways. Before, we were trying to stamp out security threats and issues, it was a one-off type of way to attack it. I spent a lot of manpower trying to track down the individual issues or flare-ups that we would see. With Cisco's Firepower Management, we're able to have that push up to basically one monitor and one UI and be able to track that and stop threats immediately. It also gives us a little more granularity on what those threats might be."
"We have not had to deal with stability issues."
"The dashboard is the most important thing. It provides good visibility and makes management easy. Firepower also provides us with good application visibility and control."
"The feature set is fine and is rarely a problem."
"I like the firewall features, Snort, and the Intrusion Prevention System (IPS)."
"I have integrated it for incidence response. If there is a security event, the Cisco firewall will automatically block the traffic, which is valuable."
"The solution is very easy to understand. It's not overly complex."
"The SD-WAN feature is the most valuable. This feature evolved from link load balancing. It has helped us in terms of our uptime and privatizing applications whenever we experience an outage. The SD-WAN feature has been a plus for us. Two-factor authentication has allowed us to add more users in terms of remote working. We have two-factor authentication for remote workers to authenticate them before they get on the network."
"The threat prevention is the solution's most valuable aspect."
"The customization potential is quite impressive."
"I only deal with it from a security analyst's point of view. I don't really get into the features of the actual FortiGate. From the security point of view, it works, and it does its job."
"The management console is pretty simple, so anyone who understands networking can initially deploy the solution."
"We are using the FortiGate 100D series. VPN, firewall, anti-malware, OTM, and intrusion prevention are useful features."
"It's super reliable. I don't think I've ever had a reliability issue with it."
"You have better control because you define apps. You just don't define ports. You define apps, and the apps are monitored in the traffic. It is more specific than the Cisco firewall when it comes to our needs."
"The solution is easy to use and the Panorama feature is good. The software management or the malware blocking and some authentication management system are good."
"The solution is completely integrated with all the other Palo Alto products. I think that it is the best part for endpoint protection. The firewall features include URL and DNS filtering, threat protection, and antivirus."
"The backup is the best feature."
"The solution has plenty of features."
"The most valuable feature of this solution is how it keeps up-to-date with viruses."
"What I like about Palo Alto is that it is a complete product, with everything in it."
"The most valuable features of this solution are sandbox capabilities."
"Implementations require the use of a console. It would help if the console was embedded."
"Report generation is an area that should be improved."
"There is limited data storage on the appliance itself. So, you need to ship it out elsewhere in order for you to store it. The only point of consideration is around that area, basically limited storage on the machine and appliance. Consider logging it elsewhere or pushing it out to a SIEM to get better controls and manipulation over the data to generate additional metrics and visibility."
"One of the few things that are brought up is that for the overall management, it would be great to have a cloud instance of that. And not only just a cloud instance, but one of the areas that we've looked at is using an HA type of cloud. To have the ability to have a device file within a cloud. If we had an issue with one, the other one would pick up automatically."
"The solution could offer better control that would allow the ability to restrictions certain features from a website."
"Web filtering needs improvement because sometimes the URL is miscategorized."
"FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively."
"One issue with Firepower Management Center is deployment time. It takes seven to 10 minutes and that's a long time for deployment. In that amount of time, management or someone else can ask me to change something or to provide permissions, but during that time, doing so is not possible. It's a drawback with Cisco. Other vendors, like Palo Alto or Fortinet do not have this deployment time issue."
"The solution lacks multi-language support."
"They can do more tests before they release new versions because I would like to be more assured. We had some experiences where they release something new and great, but some of the old features are disabled or they don't work well, which impacts the product satisfaction. The manufacturer should be able to prove that everything works or not only that it might work. This is applicable to most of the other services, software, and hardware companies. They all should work on this. We cannot trust every new release, such as a beta release, on the first day. We wait for some comments on the forums and from other companies that we know. We always wait a few weeks before we use the updated version. They should also extend the VPN client application, especially for Linux versions. Currently, it has an application for Linux devices, but it doesn't work the way we want to connect to the VPN. They use only the old connection, not the new one. They have VPN client applications for Windows and Mac, but they can add more useful features to better manage the devices and monitor the current health of each device. Such features would be helpful for our company."
"Technical support needs to be improved."
"Fortinet currently has many products bundled with FortiGate including the basic firewall and load balancer, and I think that that they need to have separate product portfolios for each of these specialized services."
"The cloud features can be improved."
"The license renewal process, annual renewal price, and the web application firewall features should be improved."
"To some degree, it's almost a question as to why some of this stuff isn't simpler. For example, for an AP deployment, while it's integrated, the number of steps that you have to go through in order to get the AP up, seems like a lot."
"Technical support is good but the response time could be faster."
"The size of Palo Alto's cloud is big but it could be easier to use from a product management perspective."
"Management and web filtering can be improved. There should also be better reporting, particularly around web filtering."
"When comparing this solution to others it is not as good overall."
"Our main concern is that everything has to be synced with the WildFire Cloud and has to be checked through the subscription."
"The system performance degrades after the solution has been deployed for some time. The data that it gives us becomes a little bit slow. When you try to get some data for troubleshooting, it seems like it's working hard to extract that data."
"The configuration should be made a little bit easier. I understand why it is as it is, but there should be a way to make it easier from the user side."
"The support is good but they could be faster."
"The automation and responsiveness need improvement."
"Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed."
"This product requires licenses for advanced features including Snort, IPS, and malware detection."
"Its pricing is good and competitive. There is a maintenance cost. It includes SecureX that makes it cost-effective as compared to the other solutions where you have to pay for XDR and SOAR capabilities."
"Cisco pricing is premium. However, they gave us a 50 to 60 percent discount."
"The price of Firepower is not bad compared to other products."
"I know that licensing for some of the advanced solutions, like Intrusion Prevention and Secure Malware Analytics, are nominal costs."
"It definitely competes with the other vendors in the market."
"For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
"The price of FortiGate support is too expensive."
"I had to pay for the license for the firewall, but it is guaranteed to have updates. I expect a good service for it. It was about €1000 for a year, and there was no additional cost."
"The licensing costs are very low."
"The Indian market is different than the European and American markets. When you compare they need to be a bit more aggressive on pricing."
"As far as I'm aware, in our case, it's just a yearly pricing arrangement with no additional licensing costs."
"It's a very full-featured and it's priced well solution."
"Fortinet Secure SD-WAN delivered the lowest total cost of ownership (TCO) per Mbps among all other vendors."
"We purchased a five-year bundle package, which worked out cheaper than competing solutions."
"The price is a bit higher than the other products such as TrendMicro, or FireEye."
"WildFire is a little bit pricey. Sometimes it's difficult to sell it to customers at the current price."
"The price of the Palo Alto Networks WildFire license is expensive. When it came time to renew the solution the price doubled."
"It depends on the features. Additional features cost additional money as well."
"I think they should lower the price of this solution"
"The physical appliance is around €3,000 or €4,000, and then, you have the licensing for a year for around €3,000."
"The pricing is highly expensive."
"Pricing could be improved."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
The FortiGate family of NG firewalls provides proven protection with unmatched performance across the network, from internal segments, to data centers, to cloud environments. FortiGates are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.
Fortinet FortiGate is ranked 1st in Firewalls with 97 reviews while Palo Alto Networks WildFire is ranked 1st in Advanced Threat Protection (ATP) with 18 reviews. Fortinet FortiGate is rated 8.4, while Palo Alto Networks WildFire is rated 8.2. The top reviewer of Fortinet FortiGate writes "Stable, easy to set up, and offers good ROI". On the other hand, the top reviewer of Palo Alto Networks WildFire writes "Good technical support and provides automatic analysis that saves us time in filtering email". Fortinet FortiGate is most compared with Cisco ASA Firewall, pfSense, Meraki MX, Check Point NGFW and Palo Alto Networks NG Firewalls, whereas Palo Alto Networks WildFire is most compared with Cisco ASA Firewall, Proofpoint Email Protection, Juniper SRX, Zscaler Internet Access and Cloudflare.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.