We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"One of the most valuable features is the AMP. It's very good and very reliable when it comes to malicious activities, websites, and viruses."
"The feature set is fine and is rarely a problem."
"It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS."
"It's got the capabilities of amassing a lot of throughput with remote access and VPNs."
"One of the most valuable features of Firepower 7.0 is the "live log" type feature called Unified Event Viewer. That view has been really good in helping me get to data faster, decreasing the amount of time it takes to find information, and allowing me to fix problems faster. I've found that to be incredibly valuable because it's a lot easier to get to some points of data now."
"One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful."
"I like the firewall features, Snort, and the Intrusion Prevention System (IPS)."
"The most valuable features of this solution are the integrations and IPS throughput."
"The GUI is simple to use."
"It is a complete security bundle. The cloud-based Sky Advanced Threat Prevention feature is very valuable. I am 100% satisfied with the performance of the Juniper firewall. It has a very good throughput. It works very fine. We use our firewall as a site-to-site VPN or Software-Defined Wide Area Network (SD-WAN). In both cases, it has a very good and optimum performance. Their service support is very good in India. I get really good support from the Juniper team."
"The CLI works perfectly."
"I have used technical support quite a bit, and they are really good."
"The Juniper SRX series is easy to use."
"One of Juniper SRX's most valuable features is the site-to-site VPN."
"When compared to Palo Alto, Juniper is a better choice when it comes to the enterprise network and connectivity."
"Juniper is one of the most powerful network security solutions while remaining simple to use, set up, and scale."
"The solution has many useful features, such as content management, user management, user filtering, and domain controller connectivity mapping."
"The filtering is excellent."
"It's very simple to use and the support is great."
"I like the solution's configuration, interfaces, and user guides."
"User friendly and intuitive."
"The most valuable aspect of the solution is its ability to work like any other firewall."
"Setup is easy. Anyone with basic firewall experience can do it."
"The most valuable feature is the Global Management System."
"This product is managed using the Firepower Management Center (FMC), but it would be better if it also supported the command-line interface (CLI)."
"In a future release, it would be ideal if they could offer an open interface to other security products so that we could easily connect to our own open industry standard."
"The performance should be improved."
"One feature I would like to see, that Firepower doesn't have, is email security. Perhaps in the future, Cisco will integrate Cisco Umbrella with Firepower. I don't see why we should have to pay for two separate products when both could be integrated in one box."
"The initial setup can be a bit complex for those unfamiliar with the solution."
"The visibility for VPN is one big part. The policy administration could be improved in terms of customizations and flexibility for changing it to our needs."
"The price and SD-WAN capabilities are the areas that need improvement."
"Implementations require the use of a console. It would help if the console was embedded."
"While the GUI is pretty good on the Juniper side, there can still be tweaks made to it that will make it even better."
"In the future, I would like to see the UI more responsive"
"The reporting is lacking."
"We purchased three devices and all three have been replaced under RMA."
"It was very difficult to deal with and required a lot of support, and the UI is very poor."
"The training videos that are available need to be improved, and made more educative."
"The interface could be more user-friendly."
"Their models for service providers could improve."
"In terms of improvement, features like App Control do not work properly"
"Some of the configurations could be better."
"You can do zero-trust networking with them, but it's not easy."
"Sometimes I found the GUI and some of the features a little bit hard to navigate, as opposed to Fortigate, which is much more user-friendly."
"Potential improvement around the associated VPN cost"
"We still get phishing emails that manage to come through from time to time."
"It would be useful to have an application firewall that prevents the outside world from seeing your private IPs. You don't need to publicize your private IPs to the outside world, and you can create a barrier, like a proxy server."
"The implementation for VLANs is a little bit cumbersome. It would be good to make that a little bit easier."
"The price is comparable."
"This product is expensive."
"Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
"Cisco pricing is premium. However, they gave us a 50 to 60 percent discount."
"I know that licensing for some of the advanced solutions, like Intrusion Prevention and Secure Malware Analytics, are nominal costs."
"There are additional implementation and validation costs."
"I like the Smart Licensing, because it is more dynamic and easier to keep track of where you are at. If we have a high availability firewall pair and they are deployed in active/standby rather than active/active, I would expect that we would only pay for one set of licenses because you are using only one firewall at any one time. The other is there just for resiliency. The licensing, from a Firepower perspective, still requires you to have two licenses, even if the firewalls are in active/standby, which means that you pay for the two licenses, even though you might only be using one firewall any one time. This is probably not the best way to do it and doesn't represent the best value for money. This could be looked at to see if it could be done in a fairer way."
"When we purchased the firewall, we had to take the security license for IPS, malware protection, and VPN. If we are using high availability, we have to take a license for that. We also have to pay for hardware support and technical support. Its licensing is on a yearly basis."
"It is best suited to an enterprise-level, as the mid-range companies may find that the cost is not affordable."
"There is a licensing fee."
"The price is reasonable."
"The price could improve, it is a bit expensive."
"Compared to other vendors, the pricing of this solution is good."
"When you consider performance, price, and features, maybe Juniper is not so cost-effective compared to other solutions like MikroTik."
"This is an expensive product."
"Its price is reasonable. In India, most of the products have a similar price. There is only a 5% to 10% variation in the price of different brands."
"When implemented properly, the total cost of operation is very low."
"While I don't know the exact amount off the top of my head, I would estimate the licensing package was about $15,000 to $20,000 a year."
"The price is reasonable for what it does."
"You need their analyzer to properly generate reports. This is an expensive, licensed feature, with a complex application or appliance back-end."
"A firewall doing anti-spam might be a low cost solution, but it is not your best strategy."
"SonicWall still is only a dollar or Euro per gigabit. This means, of the IPsec, it's the cheapest solution."
"Licensed features provide application control, content filtering, antivirus, and anti-malware all in a single appliance."
"The pricing is good and we are satisfied with the cost of this solution."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Juniper SRX is ranked 14th in Firewalls with 32 reviews while SonicWall NSa is ranked 16th in Firewalls with 35 reviews. Juniper SRX is rated 7.8, while SonicWall NSa is rated 7.6. The top reviewer of Juniper SRX writes "This best in class Next-Gen firewall is elegant in its ease-of-use and architecture". On the other hand, the top reviewer of SonicWall NSa writes "A rugged solution capable of defeating advanced threats". Juniper SRX is most compared with Fortinet FortiGate, Cisco ASA Firewall, Palo Alto Networks WildFire, pfSense and OPNsense, whereas SonicWall NSa is most compared with Meraki MX, Fortinet FortiGate, WatchGuard Firebox, SonicWall TZ and OPNsense. See our Juniper SRX vs. SonicWall NSa report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.