We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Web filtering is a big improvement for us. The previous version we used, the AC520, did not have that feature included. It was not very easy for us, especially because the environment had to be isolated and we needed to get updates from outside, such as Windows patches. That feature has really helped us when we are going outside to pull those patches."
"The dashboard is the most important thing. It provides good visibility and makes management easy. Firepower also provides us with good application visibility and control."
"A good intrusion prevention system and filtering."
"I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection."
"It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective."
"Another benefit has been user integration. We try to integrate our policies so that we can create policies based on active users. We can create policies based on who is accessing a resource instead of just IP addresses and ports."
"Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity."
"The most important features are the intrusion prevention engine and the application visibility and control. The Snort feature in Firepower is also valuable."
"The security is good. It's as effective as anything else on the market."
"The user interface is very, very good."
"Huawei was able to assist us in the installation of their product. The installation was very fast."
"I like that the initial setup is straighforward. It's also a scalable solution."
"The support for the solution has been excellent. If we ever had an issue they would send an engineer to help us with our problem."
"I had no difficulty using the Huawei NGFW."
"We make use of the new data center, specifically the containerized data center which is built and reviewed by Huawei, including all the device's infrastructure."
"The mapping features and traffic logging are good."
"This solution does everything and anything a firewall can do."
"The product offers many great features."
"Technical support is responsive."
"The web application firewall reverse proxy is very good."
"It is easy to implement."
"The VPN is easy and has good logging, monitoring and notifications."
"The most valuable features are the central management, the user VPN, and communications."
"The initial setup could be simplified, as it can be complex for new users."
"It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience."
"Cisco Firepower NGFW Firewall can be more secure."
"We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve."
"The initial setup was a bit complex. It wasn't a major challenge, but due to our requirements and network, it was not very straightforward but still easy enough."
"The initial setup can be a bit complex for those unfamiliar with the solution."
"Cisco makes horrible UIs, so the interface is something that should be improved."
"I would like it to have faster deployment times. A typical deployment could take two to three minutes. Sometimes, it depends on the situation. It is better than it was in the past, but it could always use improvement."
"The solution doesn't seem to be very mature. Our networking team says they are experiencing a lot of issues in the firewalls and some routers."
"I would like to see an antivirus solution included with the product."
"With the Huawei firewall, none of the features comes at the top. We found out later that customer support is really not good. For this firewall, because of our customers' routine, for example, every six months they'll do a penetration test to find weaknesses. So whenever they came up with VAPT reports, they are looking to Huawei for help. I think that's basically because it's a different culture. Chinese culture and our culture is different. They have always tried to help find some excuses or say some other things that cannot help you solve the problem immediately."
"The solution is scalable but it is difficult because you need to purchase new systems, it is not just one click."
"The solution requires a more interactive dashboard. That would make it easier than playing with configurations the way we have to now."
"The documentation needs to be improved. When they retire old models, they also retire the documentation. However, if you are still using an older model, you still need access to that documentation. And yet, they go ahead and removed it. It's gone. You are therefore stuck with a device with no documentation and technical support that isn't very helpful as they also remove support assistance as well."
"Wi-Fi scanning and Wi-Fi analysis would be useful features to include in the future."
"The solution could be more secure and have better integration."
"I wish to see an antivirus feature added to the solution."
"I'd like the dashboard to be improved. It could be a bit more customizable."
"Some of the firewall rules are complicated for us to understand, they should be simplified."
"The first area that needs to be improved is customer support."
"The user interface could be better."
"When upgrading the firewalls, the process could be easier."
"The user interface could be improved and more bandwidth management would be helpful."
"They can lower its price. It is very expensive. We are looking for a less expensive solution depending on our budget. They can also improve it in terms of firewall protection."
"Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
"When we purchased the firewall, we had to take the security license for IPS, malware protection, and VPN. If we are using high availability, we have to take a license for that. We also have to pay for hardware support and technical support. Its licensing is on a yearly basis."
"Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed."
"Its price is in the middle range. Both Firepower and FortiGate are not cheap. Palo Alto and Check Point are the cheapest ones. I don't remember any costs in addition to the standard licensing fees."
"Cisco pricing is premium. However, they gave us a 50 to 60 percent discount."
"This product is expensive."
"Pricing is the same as other competitors. It is comparable. The licensing has gotten better. It has been easier with Smart Licensing."
"It definitely competes with the other vendors in the market."
"Licensing fees are billed on an annual basis."
"I believe that we are entitled to a one-year extension on our licensing."
"When you compare the price with other products, it's quite cost-effective. But the problem is always after, let's say, two years or three years later because they are not able to provide updates or patches very quickly."
"The price of the license of this solution is high."
"When compared to other products, Sophos licensing is very affordable."
"This is a budget-friendly product with reasonable pricing."
"For our company, the price was reasonable."
"The price is fair."
"It comes at a fair price as compared to some of the other products out there. Its price is in the middle. It is not the cheapest, and it is also not as expensive as Juniper, Check Point, and definitely Cisco. Nowadays, everybody is very cost-sensitive, and people don't want to spend unnecessary money, but even before that, it was a fairly priced product. You've got your choice of what license you want. There are basically two types of licenses, and it depends on what you need to do, and everything is included in that license. There is no cost for VPN and DMZ. You purchase the license, and you know upfront what you're getting or what you're not getting, and that's it. It is one license fee and done and dusted."
"At first, I thought the price was very high. But when I read about the machine's features, we decided to go with it."
"When comparing with Palo Alto and Cisco, Sophos is cheaper."
"We generally buy it for a three-year license."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
In addition to all the functions of conventional firewalls, Huawei NGFW also provides more advanced security functions, such as IPS and anti-malware functions, to identify applications and prevent application-layer threats. Huawei NGFW provides a global context awareness architecture for granular controls based on application, content, time, user, attack, and location (ACTUAL). The innovative SmartPolicy technology and management interfaces that can be easily integrated simplify the O&M management. The Intelligence Awareness Engine (IAE) uses an integrated architecture to perfectly balance security and performance. Huawei NGFW provides next-generation security featuring comprehensive protection, granular control, and OM simplicity to meet the requirements of enterprise networks on access control, scope of protection, usability, and performance in the new ICT landscape.
Sophos XG Firewall is next gen firewall that is optimized for today’s business, delivering all the protection and insights you need in a single, powerful appliance that’s easy to manage.
Huawei NGFW is ranked 25th in Firewalls with 8 reviews while Sophos XG is ranked 6th in Firewalls with 116 reviews. Huawei NGFW is rated 7.2, while Sophos XG is rated 8.2. The top reviewer of Huawei NGFW writes "Good interface and easy to set up but needs more documentation". On the other hand, the top reviewer of Sophos XG writes "Light and stable with excellent real-time control ". Huawei NGFW is most compared with Fortinet FortiGate, Cisco ASA Firewall, Check Point NGFW, Palo Alto Networks NG Firewalls and Juniper SRX, whereas Sophos XG is most compared with Fortinet FortiGate, pfSense, Sophos UTM, Meraki MX and Sophos Cyberoam UTM. See our Huawei NGFW vs. Sophos XG report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.