We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity."
"If you compare the ASA and the FirePOWER, the best feature with FirePOWER is easy to use GUI. It has most of the same functionality in the Next-Generation FirePOWER, such as IPS, IPS policies, security intelligence, and integration and identification of all the devices or hardware you have in your network. Additionally, this solution is user-friendly."
"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government."
"The most important feature is the intensive way you can troubleshoot Cisco Firepower Firewalls. You can go to the bit level to see why traffic is not handled in the correct way, and the majority of the time it's a networking issue and not a firewall issue. You can solve any problem without Cisco TAC help, because you can go very deeply under the hood to find out how traffic is flowing and whether it is not flowing as expected. That is something I have never seen with other brands."
"The Firepower+ISE+AMP for endpoint integration is something that really stands it out with other vendor solutions. They have something called pxGrid and i think it is already endorsed by IETF. This allows all devices on the network to communicate."
"Firepower NGFW has improved my organization in several ways. Before, we were trying to stamp out security threats and issues, it was a one-off type of way to attack it. I spent a lot of manpower trying to track down the individual issues or flare-ups that we would see. With Cisco's Firepower Management, we're able to have that push up to basically one monitor and one UI and be able to track that and stop threats immediately. It also gives us a little more granularity on what those threats might be."
"One of the most valuable features of Firepower 7.0 is the "live log" type feature called Unified Event Viewer. That view has been really good in helping me get to data faster, decreasing the amount of time it takes to find information, and allowing me to fix problems faster. I've found that to be incredibly valuable because it's a lot easier to get to some points of data now."
"It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective."
"The interface and the dashboard are the most valuable features of this solution."
"OPNsense is easy to scale when running on the hardware."
"The most valuable features are reporting, the Sensei plugin, and firewall capabilities."
"The graphic user interface is very good and it is user-friendly which makes the product easy-to-use."
"The system in general is quite flexible."
"The initial implementation process is simple."
"The solution is good for a basic firewall for a small business or for home use."
"I have found the solution has some great features overall, such as guest access capabilities, dashboards, and ease of use. There is plenty of documentation and support and it has the plugins that I needed."
"Includes advanced tech protection."
"The initial setup is straightforward."
"The solution offers good sandboxing."
"Once you have Zscaler running you have access to configure it however you want."
"I like the ease of deployment and its flexibility. We don't need to deal with license, quotes, procurement, delivery, and installation. Everything is software-based, and it's very easy to operate."
"This product is managed using the Firepower Management Center (FMC), but it would be better if it also supported the command-line interface (CLI)."
"It would be great if some of the load times were faster."
"It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience."
"The solution could offer better control that would allow the ability to restrictions certain features from a website."
"We're getting support but there's a big delay until we get a response from their technical team. They're in the USA and we're in Africa, so that's the difficulty. When they're in the office, they respond."
"The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved."
"An area of improvement for this solution is the console visualization."
"FirePOWER does a good job when it comes to providing us with visibility into threats, but I would like to see a more proactive stance to it."
"The solution could be more secure."
"The ability to set the VPN IP address would be a welcome addition."
"The logging could improve in OPNsense."
"I would like to see better SD-WAN performance."
"The interface needs to be simplified. It is not user-friendly."
"The interface isn't so friendly user. But we have some technicians here who are quite confident with this tool. OPNSense could maybe add sets of rules so it's simpler to manage different groups with particular needs."
"The solution would not be suitable for anything large-scale."
"There should be more technical documentation."
"The issue right now is probably that Zscaler is not providing web browser isolation. Another solution, Menlo, offers this. For one customer, we had to send traffic to Menlo to do the isolation for us. It was requested by the customer so that they could integrate any iframe. Zscaler needs to add this type of feature in their next release."
"Data Leak Prevention is only for web filtering and there is no protection for email."
"Because it's on cloud, it doesn't allow application of extra settings."
"It would be better if they improved their policy, package visibility, and flexibility while we're creating rules for inspection. It could also be cheaper or more things could be included in the basic package. In the next release, I would like better coverage in the Asia Pacific region and better quality of service."
"The product could improve its integration with some legacy systems."
"Cisco pricing is premium. However, they gave us a 50 to 60 percent discount."
"For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
"When we purchased the firewall, we had to take the security license for IPS, malware protection, and VPN. If we are using high availability, we have to take a license for that. We also have to pay for hardware support and technical support. Its licensing is on a yearly basis."
"This product is expensive."
"It definitely competes with the other vendors in the market."
"Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
"I know that licensing for some of the advanced solutions, like Intrusion Prevention and Secure Malware Analytics, are nominal costs."
"Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed."
"The solution is not expensive."
"It is not an expensive product. Basically, I deployed it because it was the fastest solution to satisfy our needs in open source."
"OPNsense is an open-source solution and it is free to use."
"As an appliance, it's in the medium price range."
"OPNsense is open source software so at this time it is free for us to use."
"OPNsense is a well known open-source tool."
"There are licensing costs, and I would not say that it's a cheap vendor."
"The licensing is on a yearly basis. It is somewhere around 30 or 40 pounds per user for our organization."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
OPNsense is an open source, easy-to-use and easy-to-build FreeBSD based firewall and routing platform. OPNsense includes most of the features available in expensive commercial firewalls, and more in many cases. It brings the rich feature set of commercial offerings with the benefits of open and verifiable sources.
Zscaler enables the world’s leading organizations to securely transform their networks and applications for a mobile and cloud first world. Its flagship services, Zscaler Internet Access and Zscaler Private Access, create fast, secure connections between users and applications, regardless of device, location, or network. Zscaler services are 100% cloud-delivered and offer the simplicity, enhanced security, and improved user experience that traditional appliances or hybrid solutions are unable to match. Used in more than 185 countries, Zscaler operates the world’s largest cloud security platform, protecting thousands of enterprises and government agencies from cyberattacks and data loss.
Check more details: https://www.zscaler.com/produc...
OPNsense is ranked 12th in Firewalls with 11 reviews while Zscaler Cloud Firewall is ranked 29th in Firewalls with 5 reviews. OPNsense is rated 8.0, while Zscaler Cloud Firewall is rated 8.0. The top reviewer of OPNsense writes "A solution that detects and blocks malicious content with good reporting and visibility, but the reliability needs improvement". On the other hand, the top reviewer of Zscaler Cloud Firewall writes "Good sandboxing and URL filtering with capability to scale". OPNsense is most compared with pfSense, Untangle NG Firewall, Sophos XG, Sophos UTM and Fortinet FortiGate, whereas Zscaler Cloud Firewall is most compared with Menlo Security Cloud Firewall, pfSense, Check Point NGFW, Cisco ASA Firewall and Fortinet FortiGate. See our OPNsense vs. Zscaler Cloud Firewall report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.