We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"A good intrusion prevention system and filtering."
"The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy."
"Provides good integrations and reporting."
"The feature set is fine and is rarely a problem."
"The integration of network and workload micro-segmentation helps a lot to provide unified segmentation policies across east-west and north-south traffic. One concrete example is with Cisco ACI for the data center. Not only are we doing what is called a service graph on the ACI to make sure that we can filter traffic east-west between two endpoints in the same network, but when we go north-south or east-west, we can then leverage what we have on the network with SGTs on Cisco ISE. Once you build your matrix, it is very easy to filter in and out on east-west or north-south traffic."
"Feature-wise, we mostly use IPS because it is a security requirement to protect against attacks from outside and inside. This is where IPS helps us out a bunch."
"The solution offers very easy configurations."
"Another benefit has been user integration. We try to integrate our policies so that we can create policies based on active users. We can create policies based on who is accessing a resource instead of just IP addresses and ports."
"What I like the most about Juniper is that they have the same CLI on all routers, switches, and firewalls. If you have worked with any Juniper device, such as a Juniper router, you will be able to work with an SRX, which is really cool. It is a nice experience to work with every device of Juniper, not only firewalls."
"The solution has been good for fulfilling our basic needs."
"The GUI is simple to use."
"It is very fast and very easy to maintain. Another nice part of it is that you can easily extract the logs and move them over to a security operations center."
"I like that Juniper SRX is easy to use, scalable, and stable with good performance."
"Juniper is one of the most powerful network security solutions while remaining simple to use, set up, and scale."
"It is a complete security bundle. The cloud-based Sky Advanced Threat Prevention feature is very valuable. I am 100% satisfied with the performance of the Juniper firewall. It has a very good throughput. It works very fine. We use our firewall as a site-to-site VPN or Software-Defined Wide Area Network (SD-WAN). In both cases, it has a very good and optimum performance. Their service support is very good in India. I get really good support from the Juniper team."
"The most valuable feature is robustness."
"The solution is more cost-effective than FortiGate, Cisco and Palo Alto, which have very expensive licenses."
"The solution was able to be integrated well with exciting hardware and software and in multiple business sectors."
"It's a product that is in continuous improvement and is following what the customer is asking for. They are taking inputs and designing new releases specifically according to the client and their needs."
"Content filtering and intrusion prevention are most valuable. Our customers are fully satisfied with the performance of Sophos. It has all the features that they require in a firewall."
"The initial setup is pretty simple."
"I have found the solution easy to use and fully integrated."
"A valuable feature involves the solution's manageability."
"I like how you can integrate with other endpoints and Intercept X in one central management platform. I think it's a perfect solution. Sophos will manage everything in one container. You can manage many firewalls or endpoints within one panel."
"It would be great if some of the load times were faster."
"There is limited data storage on the appliance itself. So, you need to ship it out elsewhere in order for you to store it. The only point of consideration is around that area, basically limited storage on the machine and appliance. Consider logging it elsewhere or pushing it out to a SIEM to get better controls and manipulation over the data to generate additional metrics and visibility."
"The product line does not address the SMB market as it is supposed to do. Cisco already has an on-premises sandbox solution."
"One of the few things that are brought up is that for the overall management, it would be great to have a cloud instance of that. And not only just a cloud instance, but one of the areas that we've looked at is using an HA type of cloud. To have the ability to have a device file within a cloud. If we had an issue with one, the other one would pick up automatically."
"I would like it to have faster deployment times. A typical deployment could take two to three minutes. Sometimes, it depends on the situation. It is better than it was in the past, but it could always use improvement."
"I believe that the current feature set of the device is very good and the only thing that Cisco should work on is improving the user experience with the device."
"The configuration in Firepower Management Center is very slow. Deployment takes two to three minutes. You spend a lot of time on modifications. Whereas, in FortiGate, you press a button, and it takes one second."
"An area of improvement for this solution is the console visualization."
"It should be easier to escalate support tickets."
"Sometimes committing configurations takes a lot of time in Juniper because of the connections, and it could be a little bit faster."
"I've noticed that the management interface could use some updates and upgrades."
"It could have features that other products support like blade options and stand-alone endpoint security."
"The training videos that are available need to be improved, and made more educative."
"The solution could cost less. It's a bit expensive right now."
"The user interface is something that Juniper needs to improve."
"The setup process should be improved."
"They should improve the hardware. If they can do that, it will be a very good product."
"They can lower its price. It is very expensive. We are looking for a less expensive solution depending on our budget. They can also improve it in terms of firewall protection."
"It is a very basic and entry-level firewall. It doesn't give very granular control over the traffic. It should have more granular control over the traffic. This feature should be there similar to Palo Alto and Cisco. It should have such advanced features."
"The number of ports, especially on the entry-level appliances, should be increased."
"The interface could be simplified and diagnostic system graphs improved."
"In the Firewall, the Intrusion Prevention System can be improved."
"When upgrading the firewalls, the process could be easier."
"The pricing has gotten much higher."
"The solution was chosen because of its price compared to other similar solutions."
"The price for Firepower is more expensive than FortiGate. The licensing is very complex. We usually ask for help from Solutel because of its complexity. I have a Cisco account where I can download the VPN client, then connect. Instead, I create an issue with Solutel, then Solutel solves the case."
"I know that licensing for some of the advanced solutions, like Intrusion Prevention and Secure Malware Analytics, are nominal costs."
"Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
"It definitely competes with the other vendors in the market."
"This product requires licenses for advanced features including Snort, IPS, and malware detection."
"Cisco pricing is premium. However, they gave us a 50 to 60 percent discount."
"I like the Smart Licensing, because it is more dynamic and easier to keep track of where you are at. If we have a high availability firewall pair and they are deployed in active/standby rather than active/active, I would expect that we would only pay for one set of licenses because you are using only one firewall at any one time. The other is there just for resiliency. The licensing, from a Firepower perspective, still requires you to have two licenses, even if the firewalls are in active/standby, which means that you pay for the two licenses, even though you might only be using one firewall any one time. This is probably not the best way to do it and doesn't represent the best value for money. This could be looked at to see if it could be done in a fairer way."
"Its price is reasonable. In India, most of the products have a similar price. There is only a 5% to 10% variation in the price of different brands."
"The price is reasonable."
"There is a licensing fee."
"When you consider performance, price, and features, maybe Juniper is not so cost-effective compared to other solutions like MikroTik."
"The product itself is costly and the price of migration is very high."
"In general, their price definitely couldn't be cheaper."
"Compared to other vendors, the pricing of this solution is good."
"It is best suited to an enterprise-level, as the mid-range companies may find that the cost is not affordable."
"Sophos allows for its product to be evaluated without any financial commitment."
"The price is in the mid-range and it is very good for small to medium-sized businesses."
"I paid for a license for the solution for three years costing approximately $11,000. Additionally, I received the Web Appliance fee for paying for the full licencing."
"Its licensing cost is around 700 bucks a year or something like that. It is 100 bucks a month at the most. It seems to be standard licensing with no additional costs."
"Currently, we have a contract for three years. It would be good if its price is reduced before we renew the contract. We will buy the equipment if it is cheaper."
"We have a three-year license."
"The price is cheaper than that of some competing vendors."
"It is not that expensive compared to the other solutions. It is about the same price range as Fortigate, which we used previously. Licensing is on a yearly basis."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Sophos XG Firewall is next gen firewall that is optimized for today’s business, delivering all the protection and insights you need in a single, powerful appliance that’s easy to manage.
Juniper SRX is ranked 14th in Firewalls with 32 reviews while Sophos XG is ranked 5th in Firewalls with 119 reviews. Juniper SRX is rated 7.8, while Sophos XG is rated 8.0. The top reviewer of Juniper SRX writes "This best in class Next-Gen firewall is elegant in its ease-of-use and architecture". On the other hand, the top reviewer of Sophos XG writes "Light and stable with excellent real-time control ". Juniper SRX is most compared with Fortinet FortiGate, Cisco ASA Firewall, Palo Alto Networks WildFire, pfSense and Sophos UTM, whereas Sophos XG is most compared with Fortinet FortiGate, pfSense, Meraki MX, Palo Alto Networks NG Firewalls and Sophos Cyberoam UTM. See our Juniper SRX vs. Sophos XG report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.