We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection."
"A good intrusion prevention system and filtering."
"The solution offers very easy configurations."
"You do not have to do everything through a command line which makes it a lot easier to apply rules."
"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government."
"The Adversity Malware Protection (AMP) feature is the most valuable. It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard."
"One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful."
"I like the firewall features, Snort, and the Intrusion Prevention System (IPS)."
"Its stability is the most valuable."
"It's inexpensive compared to some of the other technology out there."
"We are a visual effects company, and there have been a number of high profile security issues in our industry. This has brought us to a higher standard of security, which our clients are very keen on these days."
"The solution is stable."
"What I like the most is the configuration and that it's simple, and straightforward to maintain."
"The solution is very easy to understand. It's not overly complex."
"The SD-WAN function is very developed. It has SD-WAN functionality with security features in one device. We can manage from one single console SD-WAN and the security policy."
"The most valuable feature is the ease of configuration."
"It is a very good product. The threat monitoring process is the most valuable feature."
"The most valuable feature is ransomware protection."
"I would recommend UTM over XG because it's easier to manage."
"Sophos UTM is the simplest of these products to setup."
"The most valuable feature is the price. I've been requesting prices all over these years between different solutions like Fortinet, Palo Alto, and Check Point and Sophos has been the cheapest and the best of all of them that I have tried. I have been working with Fortinet, it's a fact that the price is surprisingly better."
"The stability, overall, is excellent. I haven't had a problem in the last two years."
"What I like about the solution is the ease of use."
"Technical support is very responsive."
"Deploying configurations takes longer than it should."
"The initial setup was a bit complex. It wasn't a major challenge, but due to our requirements and network, it was not very straightforward but still easy enough."
"Implementations require the use of a console. It would help if the console was embedded."
"The solution could offer better control that would allow the ability to restrictions certain features from a website."
"I would like to see improvement when you create policies on Snort 3 IPS on Cisco Firepower. On Snort 2, it was more like a UI page where you had some multiple choices where you could tweak your config. On Snort 3, the idea is more to build some rules on the text file or JSON file, then push it. So, I would like to see a lot of improvements here."
"Web filtering needs improvement because sometimes the URL is miscategorized."
"When you make any changes, irrespective of whether they are big or small, Firepower takes too much time. It is very time-consuming. Even for small changes, you have to wait for 60 seconds or maybe more, which is not good. Similarly, when you have many IPS rules and policies, it slows down, and there is an impact on its performance."
"We're getting support but there's a big delay until we get a response from their technical team. They're in the USA and we're in Africa, so that's the difficulty. When they're in the office, they respond."
"The product does need better support in the cloud environment. It's not exactly cloud-native right now."
"The solution could be more user friendly."
"The command line is complicated, and the interface could be better."
"One of the problems I was having was with user mapping, and it is an issue for which I have escalated tickets with Fortinet support."
"I don't like that anything more than very basic reporting is not included."
"They are doing good, but they can improve the distributor assignment. The availability of the product and the timeline of delivery are the main things. The distribution should be swift, and the distributor should not reach out to end customers directly. They should work as a distributor. There should also be one more local distributor. Currently, there is only one distributor in Pakistan, and the rest of them are in UAE. It is difficult to work with only one distributor. Sometimes, you don't get along with the same distributor, and that's why they should have one more distributor. Their licensing should also be improved. The activation or renewal of the product should be done from the date of renewal, not from the date on which the license expired."
"Security is a continuous process. In every product, there is a requirement for improvement. Its pricing should also be improved according to Indian market requirements. They must also improve on the reporting part. Its reporting can be more precise. If we can get a real-time report in a specific format, it will be helpful for customers to know about the current status of their security."
"They sometimes hide some features and if you want to enable them, you have to go in the CLI, enable the feature and configure it through the CLI. Customers, typically, like everything to be done by the GUI."
"It's stable, but the reaction time of the GUI is terrible."
"Monitoring and reporting are areas that need improvement."
"Updates come out agonizingly slowly, a trickle."
"The solution needs to do better at covering mobile devices, although they may have an integrated solution for that purpose."
"The five-factor authentication needs improvement."
"We need to speed up the support."
"Sophos should be more user-friendly, have more dashboards, and an easier implementation."
"The logs are not clear, which means that you need an additional piece of software in order to read them clearly."
"I like the Smart Licensing, because it is more dynamic and easier to keep track of where you are at. If we have a high availability firewall pair and they are deployed in active/standby rather than active/active, I would expect that we would only pay for one set of licenses because you are using only one firewall at any one time. The other is there just for resiliency. The licensing, from a Firepower perspective, still requires you to have two licenses, even if the firewalls are in active/standby, which means that you pay for the two licenses, even though you might only be using one firewall any one time. This is probably not the best way to do it and doesn't represent the best value for money. This could be looked at to see if it could be done in a fairer way."
"There are additional implementation and validation costs."
"The price is comparable."
"It definitely competes with the other vendors in the market."
"Its price is in the middle range. Both Firepower and FortiGate are not cheap. Palo Alto and Check Point are the cheapest ones. I don't remember any costs in addition to the standard licensing fees."
"When we are fighting against other competitors for customers, whether it is a small or big business, we feel very comfortable with the price that Firepower has today."
"I know that licensing for some of the advanced solutions, like Intrusion Prevention and Secure Malware Analytics, are nominal costs."
"For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
"The price of FortiGate support is too expensive."
"It's a very full-featured and it's priced well solution."
"The price of FortiGate is average and I would say that based on the top five products available on the market, it is in the affordable range."
"The price is fair compared to the other competitors."
"I think the price of Fortinet FortiGate is very reasonable."
"It has a competitive price."
"Fortinet Secure SD-WAN delivered the lowest total cost of ownership (TCO) per Mbps among all other vendors."
"The pricing of the solution is very competitive."
"The solution is very low cost compared to competitors. You have a good firewall, a lot of functions for less than the price of some omni firewall competitors."
"We pay for the service on a yearly basis. The last time we paid was in June, for a year. At the time, it was about $20,000."
"Our licensing fees are paid on a monthly basis."
"The appliance should be purchased and there is a fee for the license."
"The prices can be better, they could make it a lot cheaper."
"It is necessary to pay for a licence to use the solution, but it is not very expensive."
"It is the cheapest product available. It's good if you have a low budget."
"This product is free for home users. The more expensive products have better performance."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
The FortiGate family of NG firewalls provides proven protection with unmatched performance across the network, from internal segments, to data centers, to cloud environments. FortiGates are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.
Fortinet FortiGate is ranked 1st in Firewalls with 97 reviews while Sophos UTM is ranked 2nd in Unified Threat Management (UTM) with 21 reviews. Fortinet FortiGate is rated 8.4, while Sophos UTM is rated 8.4. The top reviewer of Fortinet FortiGate writes "Stable, easy to set up, and offers good ROI". On the other hand, the top reviewer of Sophos UTM writes "Great web and email filtering with reasonable pricing". Fortinet FortiGate is most compared with Cisco ASA Firewall, pfSense, Meraki MX, Check Point NGFW and Juniper SRX, whereas Sophos UTM is most compared with pfSense, Sophos XG, Untangle NG Firewall, OPNsense and Palo Alto Networks NG Firewalls. See our Fortinet FortiGate vs. Sophos UTM report.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.