We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The most valuable features of this solution are the integrations and IPS throughput."
"It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS."
"Feature-wise, we mostly use IPS because it is a security requirement to protect against attacks from outside and inside. This is where IPS helps us out a bunch."
"I like the firewall features, Snort, and the Intrusion Prevention System (IPS)."
"I have integrated it for incidence response. If there is a security event, the Cisco firewall will automatically block the traffic, which is valuable."
"If you compare the ASA and the FirePOWER, the best feature with FirePOWER is easy to use GUI. It has most of the same functionality in the Next-Generation FirePOWER, such as IPS, IPS policies, security intelligence, and integration and identification of all the devices or hardware you have in your network. Additionally, this solution is user-friendly."
"The most valuable feature is the access control list (ACL)."
"A good intrusion prevention system and filtering."
"The antivirus and items of that nature were quite helpful to have."
"This product is user-friendly and easy to configure."
"It has excellent stability."
"The solution has many useful features, such as content management, user management, user filtering, and domain controller connectivity mapping."
"It's very simple to use and the support is great."
"The filtering is excellent."
"The stability is better than other products."
"The basic firewall rules of the solution are great."
"We purchased the AGSS Bundle (Advanced Gateway Security Suite) for the security services, such as antivirus, intrusion prevention system, and anti-spyware botnet GUI."
"The security of this system is fantastic, including the IPS and IDS."
"I would like to see improvement when you create policies on Snort 3 IPS on Cisco Firepower. On Snort 2, it was more like a UI page where you had some multiple choices where you could tweak your config. On Snort 3, the idea is more to build some rules on the text file or JSON file, then push it. So, I would like to see a lot of improvements here."
"FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively."
"Deploying configurations takes longer than it should."
"We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve."
"In a future release, it would be ideal if they could offer an open interface to other security products so that we could easily connect to our own open industry standard."
"Report generation is an area that should be improved."
"I believe that the current feature set of the device is very good and the only thing that Cisco should work on is improving the user experience with the device."
"My team tells me that other solutions such as Fortinet and Palo Alto are easier to implement."
"Needs a more detailed reporting feature."
"It would be useful to have an application firewall that prevents the outside world from seeing your private IPs. You don't need to publicize your private IPs to the outside world, and you can create a barrier, like a proxy server."
"The content filter needs to be improved."
"I would like to see better integration."
"Potential improvement around the associated VPN cost"
"The product has a lot of bugs, actually. We are facing some issues with this product. The DPI SSL feature which is there, it is not working properly."
"Having to deal with too many lower-level people in technical support means that it takes longer to resolve issues, so escalating support tickets should be faster."
"In terms of improvement, features like App Control do not work properly"
"There are limitations to bandwidth management."
"I would like to see the reporting opened up and have several more opportunities for automatic reports."
"Pricing is the same as other competitors. It is comparable. The licensing has gotten better. It has been easier with Smart Licensing."
"I like the Smart Licensing, because it is more dynamic and easier to keep track of where you are at. If we have a high availability firewall pair and they are deployed in active/standby rather than active/active, I would expect that we would only pay for one set of licenses because you are using only one firewall at any one time. The other is there just for resiliency. The licensing, from a Firepower perspective, still requires you to have two licenses, even if the firewalls are in active/standby, which means that you pay for the two licenses, even though you might only be using one firewall any one time. This is probably not the best way to do it and doesn't represent the best value for money. This could be looked at to see if it could be done in a fairer way."
"This product requires licenses for advanced features including Snort, IPS, and malware detection."
"Its price is in the middle range. Both Firepower and FortiGate are not cheap. Palo Alto and Check Point are the cheapest ones. I don't remember any costs in addition to the standard licensing fees."
"This solution is expensive and other solutions, such as FortiGate, are cheaper."
"When we are fighting against other competitors for customers, whether it is a small or big business, we feel very comfortable with the price that Firepower has today."
"Its pricing is good and competitive. There is a maintenance cost. It includes SecureX that makes it cost-effective as compared to the other solutions where you have to pay for XDR and SOAR capabilities."
"The price of Firepower is not bad compared to other products."
"Licensing fees are paid on a yearly basis, and we are happy with the pricing."
"You need their analyzer to properly generate reports. This is an expensive, licensed feature, with a complex application or appliance back-end."
"SonicWall is a one-time purchase and there is no renewal license."
"SonicWall still is only a dollar or Euro per gigabit. This means, of the IPsec, it's the cheapest solution."
"SonicWall is not an expensive solution."
"Licensed features provide application control, content filtering, antivirus, and anti-malware all in a single appliance."
"The pricing is good and we are satisfied with the cost of this solution."
"If you want to connect more than five concurrent users by VPN then you have to pay an additional fee."
"We are currently using the trial version."
"Our initial purchase, which included a three-year term of support, was about $25,000 USD."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
NSv delivers complete advanced threat protection, including high-performance intrusion and malware prevention, and cloud-based sandboxing with SonicWall's RTDMI technology. NSv ensures lateral movement protection, plus inbound and outbound traffic protection.
SonicWall NSa is ranked 16th in Firewalls with 35 reviews while SonicWall NSV is ranked 27th in Firewalls with 2 reviews. SonicWall NSa is rated 7.6, while SonicWall NSV is rated 8.0. The top reviewer of SonicWall NSa writes "A rugged solution capable of defeating advanced threats". On the other hand, the top reviewer of SonicWall NSV writes "Reliable, easy to scale, and reasonably priced ". SonicWall NSa is most compared with Meraki MX, Fortinet FortiGate, WatchGuard Firebox, SonicWall TZ and Palo Alto Networks NG Firewalls, whereas SonicWall NSV is most compared with Azure Firewall. See our SonicWall NSV vs. SonicWall NSa report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.