We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The customer service/technical support is very good with this solution."
"One of the most valuable features is the AMP. It's very good and very reliable when it comes to malicious activities, websites, and viruses."
"Firepower has been used for quite a few enterprise clients. Most of our clients are Fortune 500 and Firepower is used to improve their end to end firewall functionality."
"The dashboard is the most important thing. It provides good visibility and makes management easy. Firepower also provides us with good application visibility and control."
"The Adversity Malware Protection (AMP) feature is the most valuable. It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard."
"When it comes to the integration among Cisco tools, we find it easy. It's a very practical integration with other components as well."
"The most valuable feature is stability."
"Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity."
"The structure is much faster and more sophisticated than Cisco."
"IoT security is most valuable in the current version. Content IDs, DDoS protection, zone protection, and DLP are the most prominent features in Palo Alto Networks NG Firewall. It is easier to configure than other solutions."
"Overall, it is a good solution. It is stable. We use URL filtering, which is useful for blocking undesired URLs."
"With App-ID, we can identify exact traffic. Even if someone tries to fool the firewall with a different port number, or with the correct port number, Palo Alto is able to identify what kind of traffic it is."
"They are regularly releasing new versions that include more integration with third-party services."
"Some of the valuable features in this solution are traffic monitoring, GUI functionality, and it very easy to troubleshoot if there is any problem that happens."
"It's one of the best products I've worked with. It's typically a market leader on Gartner. It's a very respected brand."
"I like the architecture because it separates the management plan process and the data plan process."
"The initial setup is pretty easy."
"Sophos UTM is the simplest of these products to setup."
"The most valuable feature is the price. I've been requesting prices all over these years between different solutions like Fortinet, Palo Alto, and Check Point and Sophos has been the cheapest and the best of all of them that I have tried. I have been working with Fortinet, it's a fact that the price is surprisingly better."
"Technical support is very responsive."
"The most valuable features of this solution are the firewall application and application control."
"Monitoring and reporting are areas that need improvement."
"It is a very good product. The threat monitoring process is the most valuable feature."
"Sophos is a unified solution. We have anti-virus protection, firewall rules, knotting, and DACC all in one box."
"The initial setup could be simplified, as it can be complex for new users."
"We're getting support but there's a big delay until we get a response from their technical team. They're in the USA and we're in Africa, so that's the difficulty. When they're in the office, they respond."
"Implementations require the use of a console. It would help if the console was embedded."
"The solution could offer better control that would allow the ability to restrictions certain features from a website."
"The change-deployment time can always be improved. Even at 50 seconds, it's longer than some of its competitors. I would challenge Cisco to continue to improve in that area."
"There is limited data storage on the appliance itself. So, you need to ship it out elsewhere in order for you to store it. The only point of consideration is around that area, basically limited storage on the machine and appliance. Consider logging it elsewhere or pushing it out to a SIEM to get better controls and manipulation over the data to generate additional metrics and visibility."
"On the VPN side, Firepower could be better. It needs more monitoring on VPNs. Right now, it's not that good. You can set up a VPN in Firepower, but you can't monitor it."
"We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve."
"They can improve the handling and management of User-ID. They should also improve its price. Their technical support can also be improved."
"Technical support could be faster."
"Sometimes some of the applications the customer has do not respond as they normally should."
"Its reporting can definitely be improved. I would like to have better graphical dashboards and more widgets for more clarity in the reporting area. In a third-generation firewall, you can generate some dashboards. It provides the information that we need, but from the C-level or a higher-level perspective, it is kind of rough and incomplete. Its data loss prevention (DLP) feature is not good enough. Currently, this feature is very basic and not suitable for enterprises. It would be nice if they can include a better DLP feature like Fortinet. We would like to have a local depot of Palo Alto in Latin America. Competitors such as Cisco and Check Point have a local depot here. If there is an issue with their hardware, you can go to the depot, and in about four hours, you can get a replacement device, but that's not the case with Palo Alto Networks because we need to import from Miami. It takes about two to three weeks."
"There is a web-based GUI to do management, but you need to know how the machine or firewall operates. There are hundreds of different menus and options. I have used other firewalls before. Just implementing or designing a policy with Palo Alto, if you want a certain port to be open to different IP addresses, then that could take 20 to 25 clicks. That is just testing it out. It is quite complex to do. Whereas, with other places, you tell it, "Okay, I want this specific port open and this IP address to have access to it." That was it. However, not with Palo Alto, which is definitely more complex."
"Its software updates can be improved. It sometimes becomes very slow with the software updates for different features. It should have an External Dynamic List of data. The malicious IP is not frequently getting updated in Palo Alto, and this should be done."
"Having a better pricing model would make this product more competitive, and more affordable for our customers."
"I wish that the Palos had better system logging for the hardware itself."
"The five-factor authentication needs improvement."
"The integration capabilities could be better."
"We need to speed up the support."
"The classification segregation of applications lacks sufficient definition."
"The logs are not clear, which means that you need an additional piece of software in order to read them clearly."
"There were a lot of features and functionality in Sophos SG UTM but nothing was state of the art in terms of technology. You did not get the latest functions. It was very monolithic as it was based on an old Linux PuTTY system."
"The solution is not scalable."
"Updates come out agonizingly slowly, a trickle."
"I am happy with the product in general, including the pricing."
"Pricing is the same as other competitors. It is comparable. The licensing has gotten better. It has been easier with Smart Licensing."
"The price for Firepower is more expensive than FortiGate. The licensing is very complex. We usually ask for help from Solutel because of its complexity. I have a Cisco account where I can download the VPN client, then connect. Instead, I create an issue with Solutel, then Solutel solves the case."
"There are additional implementation and validation costs."
"The price is comparable."
"Cisco pricing is premium. However, they gave us a 50 to 60 percent discount."
"For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
"Its pricing is good and competitive. There is a maintenance cost. It includes SecureX that makes it cost-effective as compared to the other solutions where you have to pay for XDR and SOAR capabilities."
"It is a little bit expensive."
"On the lower end, it's likely to cost $15,000 for renovation and support."
"This is an expensive product and there is a subscription cost."
"The price of the solution is on the higher side compared to competitors."
"Its price should be improved."
"I am not involved in the commercial side, but I believe that Palo Alto is quite expensive compared to others."
"It is expensive as compared to other brands."
"The price of this product should be reduced."
"It is the cheapest product available. It's good if you have a low budget."
"It is necessary to pay for a licence to use the solution, but it is not very expensive."
"It's reasonably priced."
"The prices can be better, they could make it a lot cheaper."
"The solution is very low cost compared to competitors. You have a good firewall, a lot of functions for less than the price of some omni firewall competitors."
"We pay for the service on a yearly basis. The last time we paid was in June, for a year. At the time, it was about $20,000."
"This product is free for home users. The more expensive products have better performance."
"Our licensing fees are paid on a monthly basis."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Palo Alto Networks' next-generation firewalls secure your business with a prevention-focused architecture and integrated innovations that are easy to deploy and use. Now, you can accelerate growth and eliminate risks at the same time.
Palo Alto Networks NG Firewalls is ranked 7th in Firewalls with 67 reviews while Sophos UTM is ranked 2nd in Unified Threat Management (UTM) with 21 reviews. Palo Alto Networks NG Firewalls is rated 8.4, while Sophos UTM is rated 8.4. The top reviewer of Palo Alto Networks NG Firewalls writes "The product stability and level of security are second to none in the industry". On the other hand, the top reviewer of Sophos UTM writes "Great web and email filtering with reasonable pricing". Palo Alto Networks NG Firewalls is most compared with Fortinet FortiGate, Azure Firewall, Sophos XG, Meraki MX and SonicWall NSa, whereas Sophos UTM is most compared with Fortinet FortiGate, pfSense, Sophos XG, Untangle NG Firewall and Juniper SRX. See our Palo Alto Networks NG Firewalls vs. Sophos UTM report.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.