We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Firepower has been used for quite a few enterprise clients. Most of our clients are Fortune 500 and Firepower is used to improve their end to end firewall functionality."
"Being able to determine our active users vs inactive users has led us to increased productivity through visibility. Also, if an issue was happening with our throughput, then we wouldn't know without research. Now, notifications are more proactively happening."
"Feature-wise, we mostly use IPS because it is a security requirement to protect against attacks from outside and inside. This is where IPS helps us out a bunch."
"It's got the capabilities of amassing a lot of throughput with remote access and VPNs."
"The Adversity Malware Protection (AMP) feature is the most valuable. It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard."
"One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful."
"We have not had to deal with stability issues."
"Provides good integrations and reporting."
"I like that Juniper SRX is easy to use, scalable, and stable with good performance."
"It is a complete security bundle. The cloud-based Sky Advanced Threat Prevention feature is very valuable. I am 100% satisfied with the performance of the Juniper firewall. It has a very good throughput. It works very fine. We use our firewall as a site-to-site VPN or Software-Defined Wide Area Network (SD-WAN). In both cases, it has a very good and optimum performance. Their service support is very good in India. I get really good support from the Juniper team."
"Technical support is good. They quickly respond, and they even have local help here. They can actually give you an answer very quickly."
"The Juniper SRX series is easy to use."
"When compared to Palo Alto, Juniper is a better choice when it comes to the enterprise network and connectivity."
"The solution has been good for fulfilling our basic needs."
"One of Juniper SRX's most valuable features is the site-to-site VPN."
"It's fine, and it's good. It's very stable."
"Both the scalability and the scalability are great with Meraki MX."
"In general, Meraki MX is easy to work with."
"Point-to-point VPNs can dynamically follow IP changes with no need for static IPs."
"It is easy to manage, which is one of the most important things for us. It is also flexible, stable, and scalable."
"Its ease of configuration and management is very useful for us and for other companies that don't have an onsite IT person. It is easy to configure and easy to manage. It is easy to configure the VPN with the Auto VPN feature."
"It is very easy to use and manage. It is also very easy to scale."
"I love the simplicity of Meraki MX — specifically, the simplicity of the dashboard."
"Meraki MX offers advanced filtration options, plus it behaves like a router and a firewall at the same time."
"Cisco Firepower NGFW Firewall can be more secure."
"The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore."
"On the VPN side, Firepower could be better. It needs more monitoring on VPNs. Right now, it's not that good. You can set up a VPN in Firepower, but you can't monitor it."
"They need a VTI. I know it's going to be available in the next software version, which is the 6.7 version. However, the problem with that is that the 6.7 is going to deprecate all the older IKEv1 deployment tunnels. Therefore, the problem is that we have a lot of customers which are using older encryptions. If I do that, update it, it's not going to work for me."
"An area of improvement for this solution is the console visualization."
"One issue with Firepower Management Center is deployment time. It takes seven to 10 minutes and that's a long time for deployment. In that amount of time, management or someone else can ask me to change something or to provide permissions, but during that time, doing so is not possible. It's a drawback with Cisco. Other vendors, like Palo Alto or Fortinet do not have this deployment time issue."
"It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience."
"The solution could offer better control that would allow the ability to restrictions certain features from a website."
"Their models for service providers could improve."
"The user interface is something that Juniper needs to improve."
"The solution could cost less. It's a bit expensive right now."
"The capacity can be limiting. We have outgrown its capacity. You can only scale up to a certain extent, depending on the device purchased."
"As a networking person, I don't really have any major issues with this device. Based on my experience of using it in a cluster, it could be more stable. I had an incident when one of the SRXs in a cluster couldn't learn ARP. It is a good solution, but firewalls don't seem to be an area of development for Juniper. They are focusing on data centers, routers, and switches, not firewalls."
"It could be more secure."
"It must be 5G ready. The 5G network is rolling out soon in India, and Juniper must upgrade their firewall slot to the 5G network, or they must manufacture a 5G dongle card for the Juniper firewall. I want Juniper to upgrade their dongle from 4G to 5G. Presently, they have an expansion slot in the SRX 322 series and higher firewalls. In that expansion slot, they can put a 4G mobility SIM card so that whenever our primary link is down, it will automatically connect through this GSM network and form a tunnel."
"Ongoing costs are something that we need to manage and make sure that we're getting value on."
"From the improvement perspective, we need more monitoring capabilities. We want to have full-based access visibility, such as, what is happening when something is trying to reach and it is denying. We cannot see some parts of it. The integration of active directory with this product is not very fruitful. It has some bugs or lacks in the functionality of active directory integration. We are unable to identify where exactly and whether it has really applied our policy."
"As far as what needs to be improved — nothing really comes to mind. It does what we need it to do."
"When we do API integrations with Meraki, they have always been hard as well as tedious to build. The data that we want out of the API integrations has been only recently available. Six months ago, it was hard to get someone to build something correctly or useful with Meraki APIs. Recently, they have made more data available on the API, but it is just a start. They need to do more."
"In the next release, because the security is pretty basic, I think they could include additional security features."
"They need to improve the link between Meraki and Active Directory."
"It would be nice if the different services, including the SIEM SOC and endpoint detection and response (EDR) were integrated into one, so that I don't have to go to different vendors for different services."
"We have been having a problem with the VPN. When the energy goes down and is back again, the VPN link doesn't get established. We have to manually turn off the modems and other pieces of equipment and manually establish the VPN. It has been around one month since we have been having this problem, and we don't have enough support from Meraki to solve the problem."
"Meraki tech support staff have a lot more visibility into your network than you do, which is frustrating at times. I understand the approach is to keep the dashboard easier to understand. This will frustrate more advanced users at times."
"This product requires licenses for advanced features including Snort, IPS, and malware detection."
"Its price is in the middle range. Both Firepower and FortiGate are not cheap. Palo Alto and Check Point are the cheapest ones. I don't remember any costs in addition to the standard licensing fees."
"When we are fighting against other competitors for customers, whether it is a small or big business, we feel very comfortable with the price that Firepower has today."
"The price is comparable."
"The price for Firepower is more expensive than FortiGate. The licensing is very complex. We usually ask for help from Solutel because of its complexity. I have a Cisco account where I can download the VPN client, then connect. Instead, I create an issue with Solutel, then Solutel solves the case."
"Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
"The solution was chosen because of its price compared to other similar solutions."
"The price of Firepower is not bad compared to other products."
"It is best suited to an enterprise-level, as the mid-range companies may find that the cost is not affordable."
"The product itself is costly and the price of migration is very high."
"The price could improve, it is a bit expensive."
"There is a licensing fee."
"In general, their price definitely couldn't be cheaper."
"When you consider performance, price, and features, maybe Juniper is not so cost-effective compared to other solutions like MikroTik."
"Its price is reasonable. In India, most of the products have a similar price. There is only a 5% to 10% variation in the price of different brands."
"This is an expensive product."
"It is a good global solution in terms of the price and features, but because we sell this solution in dollars, sometimes we don't get to sell this solution in Brazil because the dollar is very expensive. The price of every project is different. It varies depending upon the project, scenario, and client."
"Its licensing cost could be better."
"We just have to pay for the product and the license. We have a license for three years, and it is renewed every three years. It costs $1,200 for three years for one endpoint. Meraki had a good promotion for remote workers or remote workforce. The discount is very good. This promotion continues till the next fiscal year of Cisco."
"Other content filtering solutions that I have used had more bells and whistles, but given the cost, complexity, and management overhead, I am very pleased with Meraki’s solution."
"The price varies depending on the hardware platform as well as the type of license and whether you're adding security or not."
"Like any Cisco product, the license is really expensive for small business clients. It needs to be cheaper. If you look it up, you might go, "That doesn't make any sense.""
"Meraki is the best option — based on the price and the features available."
"The license cost depends on the box. We acquired a different product line. We are dealing with MX appliance now, that is, MX6, MX54, MX100, MX250, MX450. Every box has got an identity, and it has got its own specification. Every box has got a different license fee. We deployed Meraki MX in UAE when it was not a mature product. We took a risk, but we were successful. We saved a huge amount of money after implementing and removing all the MPLS and leased lines. We got a broadband connection because Meraki MX could work on a broadband connection. We have drastically saved a very good amount of money, which was one of the successful things apart from the successful solution."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Juniper SRX is ranked 4th in Unified Threat Management (UTM) with 32 reviews while Meraki MX is ranked 1st in Unified Threat Management (UTM) with 17 reviews. Juniper SRX is rated 7.8, while Meraki MX is rated 8.4. The top reviewer of Juniper SRX writes "This best in class Next-Gen firewall is elegant in its ease-of-use and architecture". On the other hand, the top reviewer of Meraki MX writes "Makes it easy to stay on top of everything for security". Juniper SRX is most compared with Fortinet FortiGate, Cisco ASA Firewall, Palo Alto Networks WildFire, pfSense and Palo Alto Networks VM-Series, whereas Meraki MX is most compared with Fortinet FortiGate, Cisco ASA Firewall, Sophos XG, Palo Alto Networks NG Firewalls and Sophos UTM. See our Juniper SRX vs. Meraki MX report.
We monitor all Unified Threat Management (UTM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.