"The most valuable feature is stability."
"Feature-wise, we mostly use IPS because it is a security requirement to protect against attacks from outside and inside. This is where IPS helps us out a bunch."
"If configured, Firepower provides us with application visibility and control."
"It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS."
"It's got the capabilities of amassing a lot of throughput with remote access and VPNs."
"Web filtering is a big improvement for us. The previous version we used, the AC520, did not have that feature included. It was not very easy for us, especially because the environment had to be isolated and we needed to get updates from outside, such as Windows patches. That feature has really helped us when we are going outside to pull those patches."
"The Adversity Malware Protection (AMP) feature is the most valuable. It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard."
"It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective."
"The graphical interface is easy to troubleshoot because it has a drill-down sequence. It is easy to monitor traffic."
"The structure is much faster and more sophisticated than Cisco."
"The most valuable feature is WildFire, which blocks sophisticated attacks and distinguishes it from other traditional firewall functions."
"I like that it has high security."
"The management options are good."
"Palo Alto NGFW’s unified platform has helped our customers eliminate security holes. With a unified platform, customers can deploy the NG Firewall both in the data center edge, inside the data center, and in the product/public cloud environments. They have the same user interfaces and platform, so they can be maintained by a single unified platform called Panorama. Customers can use Palo Alto Network NG Firewalls in all the places where they need to protect their environments. This helps to decrease security holes."
"It's quite nice. It's very user-friendly, powerful, and there are barely any bugs."
"The strengths of Palo Alto Networks NG Firewalls are application visibility and application awareness. Their strong point is identifying applications for traffic. So all of the policies that are configured are related to the application and not to a port."
"We've found the technical support to be helpful."
"The most valuable features are the WAN optimization, the internet access gateway (IAG), and the central console, which allows us to implement on their firewall."
"In terms of the most valuable features, the IPS report is quick and updated. Performance is also valuable."
"Sangfor NGAF works accordingly with our customers. The solution has good performance, easy to use, and integrates well with the endpoints."
"While the features are not dissimilar to other brands, configuration is much more simple, which works out great for Indonesian people."
"In four steps one can configure the entire firewall."
"Sangfor has the best capabilities for securing connections, securing web browsers, securing servers, and general threat protection."
"It's a very simple to use product."
"The performance should be improved."
"One issue with Firepower Management Center is deployment time. It takes seven to 10 minutes and that's a long time for deployment. In that amount of time, management or someone else can ask me to change something or to provide permissions, but during that time, doing so is not possible. It's a drawback with Cisco. Other vendors, like Palo Alto or Fortinet do not have this deployment time issue."
"It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience."
"The change-deployment time can always be improved. Even at 50 seconds, it's longer than some of its competitors. I would challenge Cisco to continue to improve in that area."
"The initial setup could be simplified, as it can be complex for new users."
"One feature I would like to see, that Firepower doesn't have, is email security. Perhaps in the future, Cisco will integrate Cisco Umbrella with Firepower. I don't see why we should have to pay for two separate products when both could be integrated in one box."
"Deploying configurations takes longer than it should."
"The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved."
"Its scalability for on-prem deployments can be better. For an on-prem deployment, the hardware has to be replaced if the volume goes up to a certain level."
"Its price can be better. They should also provide some more examples of configurations online."
"Having a better pricing model would make this product more competitive, and more affordable for our customers."
"When it comes to their support, we have to select every single component that we want to include in a particular bundle. That is a very tedious process. T"
"I would like a collaboration system and reporting ASA policy needs to be smarter."
"Currently, they don't have email protection. They can maybe add it in the future. Currently, if you want to do so, you need to go with another solution."
"I wish that the Palos had better system logging for the hardware itself."
"The scalability of the firewalls could be improved."
"I believe that IAM and NGFW need to merge into a single box, instead of there being two separate box solutions."
"They need to increase the number of ports in the firewall."
"Occasional issues with breaches which are dealt with expediently."
"An area for improvement would be the number of ports defined on the box. In the next release, I would like them to develop their provisioning stage of enrolling end devices."
"The web interface needs to be improved, making it more user-friendly."
"The solution has too many bugs and these slow down the implementation."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Palo Alto Networks' next-generation firewalls secure your business with a prevention-focused architecture and integrated innovations that are easy to deploy and use. Now, you can accelerate growth and eliminate risks at the same time.
Sangfor Next Generation Firewall (also known as NGAF) is a converged security solution providing protection against advanced threat, malware, viruses, ransomware and web-based attacks using integrated security features like firewall, IPS, anti-virus, anti-malware, APT, URL filtering, Cloud Sandbox, and WAF. As the world's first AI-enabled and fully integrated Next Generation Firewall & Web Application Firewall (WAF), NGAF offering the security visibility, real-time detection and response, simplified operation and maintenance and high-performance application layer security needed to operate an enterprise network in total security. Tested and proven to provide cutting-edge network security by ICSA Labs and endorsed by Gartner Inc., NGAF harnesses the power of Sangfor’s Neural-X threat intelligence and analytics platform and Engine Zero’s innovative malware detection to provide next-generation protection for today’s enterprise.
Palo Alto Networks NG Firewalls is ranked 7th in Firewalls with 72 reviews while Sangfor NGAF is ranked 23rd in Firewalls with 8 reviews. Palo Alto Networks NG Firewalls is rated 8.6, while Sangfor NGAF is rated 8.2. The top reviewer of Palo Alto Networks NG Firewalls writes "The product stability and level of security are second to none in the industry". On the other hand, the top reviewer of Sangfor NGAF writes "Great pricing, reliable stability, and easy to deploy". Palo Alto Networks NG Firewalls is most compared with Fortinet FortiGate, Azure Firewall, Sophos XG, Meraki MX and Check Point CloudGuard Network Security, whereas Sangfor NGAF is most compared with Fortinet FortiGate, Sophos XG, Fortinet FortiOS, Sophos UTM and Check Point NGFW. See our Palo Alto Networks NG Firewalls vs. Sangfor NGAF report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.