We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The most valuable feature is stability."
"The dashboard is the most important thing. It provides good visibility and makes management easy. Firepower also provides us with good application visibility and control."
"The most important feature is the intensive way you can troubleshoot Cisco Firepower Firewalls. You can go to the bit level to see why traffic is not handled in the correct way, and the majority of the time it's a networking issue and not a firewall issue. You can solve any problem without Cisco TAC help, because you can go very deeply under the hood to find out how traffic is flowing and whether it is not flowing as expected. That is something I have never seen with other brands."
"One of the most valuable features is the AMP. It's very good and very reliable when it comes to malicious activities, websites, and viruses."
"Provides good integrations and reporting."
"If configured, Firepower provides us with application visibility and control."
"The most valuable feature is the access control list (ACL)."
"It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS."
"So far, I'm happy that they have recently added a firewall role, so I feel a little more comfortable with the security. The threat management is good."
"The VPN feature is the most valuable. It has come in handy during this period when people are working from home. The filtering feature is also valuable because you can easily filter the sites that you don't want to visit. You can also set timely surfing quotas."
"There are many valuable features."
"Each user has the ability to manage the solution."
"Sophos began with a basic version and evolved into something more efficient in terms of performance."
"Orchestration of the firewall is the most valuable feature. It is a fast and agile solution. It is good with protection. It is also very easy to deploy and manage, and its user interface is easy to use."
"The solution has very good security features, is easy to use for administrators and users, and has informative reports."
"This solution does everything and anything a firewall can do."
"It provides us with Layer 2 and Layer 3 security."
"Because we bought two firewalls... we need a central place to manage the policies and deploy them to both devices. It's good that it provides a system management console that is able to manipulate and manage policies in one place and deploy them to different locations."
"The main features of the solution are the control of the site-to-site network access and the overall features."
"The ease of use is most valuable. You can quickly train someone who hasn't seen a firewall in life. You can get people up to speed, and in a few months, they are able to manage this product very easily. It is a very user-friendly, scalable, and stable product. Its price is also spot-on."
"The set up of the VPN is pretty straightforward. Being able to build VPNs on the fly for certain users, if need be, is also valuable."
"WatchGuard has a very easy VPN and branch office VPN setup, so we use those pretty extensively."
"After conducting several tests I found the antivirus is working very well. Additionally, they have a very interesting feature, DNS WatchGuard, which is checking DNS requests for phishing, among other things, and it has caught a lot of unwanted attempts and attacks."
"The solution has increased productivity with our outside salespeople being able to connect into their computers and use those remotely."
"I would like to see improvement when you create policies on Snort 3 IPS on Cisco Firepower. On Snort 2, it was more like a UI page where you had some multiple choices where you could tweak your config. On Snort 3, the idea is more to build some rules on the text file or JSON file, then push it. So, I would like to see a lot of improvements here."
"The initial setup could be simplified, as it can be complex for new users."
"I believe that the current feature set of the device is very good and the only thing that Cisco should work on is improving the user experience with the device."
"The initial setup can be a bit complex for those unfamiliar with the solution."
"When you make any changes, irrespective of whether they are big or small, Firepower takes too much time. It is very time-consuming. Even for small changes, you have to wait for 60 seconds or maybe more, which is not good. Similarly, when you have many IPS rules and policies, it slows down, and there is an impact on its performance."
"Cisco makes horrible UIs, so the interface is something that should be improved."
"One issue with Firepower Management Center is deployment time. It takes seven to 10 minutes and that's a long time for deployment. In that amount of time, management or someone else can ask me to change something or to provide permissions, but during that time, doing so is not possible. It's a drawback with Cisco. Other vendors, like Palo Alto or Fortinet do not have this deployment time issue."
"FirePOWER does a good job when it comes to providing us with visibility into threats, but I would like to see a more proactive stance to it."
"They can simplify its interface so that it is mostly drag-and-drop. There was an SQL injection attack on some Sophos devices. They just need to harden their devices a little bit so that they can't be hacked very easily."
"It would be great if the user can have a portal to check on activities related to their account."
"Its user interface is a little bit slow."
"They made some changes to the firmware update sometime last year, which moved some of the policies from where they were before. Some of the policies, such as NAS policies, were separated, which made it a bit hard for people to trace the policies they had configured."
"Having a web portal where you could make requests for the categorization of non-categorized items, would be beneficial."
"The only area that requires improvement is scalability."
"I would like to have more artificial intelligence in the web monitoring service that comes with it. It should alert us when particular events happen. It has already got some of that. I know that it is more of a service, and Sophos is already looking at it. It is called SIEM."
"Technical support can be slow to respond, which is something that should be improved."
"I'm not really impressed with the reporting side of it. It may be something I just haven't figured out very well, but it's hard to filter down on reporting of the actual valuable information that you would want. There is a lot of information out there so you have to have some kind of tool capture it and then filter through. So far, I haven't found the reporting side of the WatchGuard to be that user-friendly."
"There should be better integration and a way to configure multiple vendors into the same data center in order to offer more flexibility."
"I don't think I can get a full-blown DNS client from it. I've been trying to have DNS services. It has forwarding, but I don't get the services of a full DNS client. My main difficulty with it is that I can't run a complete service. I need NTP. I need DNS. I need DHCP for my domain, but I only get forwarding. As far as I can tell, I don't get caching and the kinds of reporting and registration needed to host a DNS for a domain. I have to have a separate solution for that."
"Its documentation could be improved. Sometimes, you need to search a bit longer to find what you are looking for."
"I would like to have a little more control over access points and the ability to see the bandwidth that is passing through a specific access point. We are not able to see that. We can see what traffic is passing through the Firebox itself, but we can't identify if it is coming from a particular access point or not."
"Once you start getting into proxy actions and setting up: "Okay, cool. Once this rule gets triggered, what actions have to happen?" I do know a few people who use WatchGuard and they still have to get assistance when they look at that. So I would file that as a con for WatchGuard. Proxy actions can be a little bit complicated."
"The solution is lacking a professional website, they should be updated more often."
"The only downside is that it is missing an API, that you can use to easily collect information from it."
"This product requires licenses for advanced features including Snort, IPS, and malware detection."
"The price is comparable."
"The price of Firepower is not bad compared to other products."
"I am happy with the product in general, including the pricing."
"It definitely competes with the other vendors in the market."
"Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
"For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
"The solution was chosen because of its price compared to other similar solutions."
"The price can be a bit steep but for the number of features, it is worth it."
"At first, I thought the price was very high. But when I read about the machine's features, we decided to go with it."
"Because we're in education, Sophos gives us a very competitive price for it."
"There is no license required to use this solution."
"We paid for our licensing for three years, upfront, and there are no costs in addition to the standard fees."
"Its price should be better. Initially, the clients have to pay for the appliance. Then, they have to pay for the software that is installed on the appliance. Depending on whether they have a one-year, two-year, or three-year license, they just have to renew the license of the software after it expires. They don't have to renew the appliance license. So, they have to pay for the appliance only once, and after that, they just renew the software license. That's all."
"The price is good for the moment."
"The price is in the mid-range and it is very good for small to medium-sized businesses."
"I think the larger firewall packages are much better because a normal firewall is not enough for these times. You need IPS, APT, and all the security features of a firewall that you can buy."
"It's fair pricing, but it could always be reduced."
"The pricing of WatchGuard is probably a little higher than the SonicWall, but it makes up for it in dependability. It's worth it to me, especially since it's not much higher. For just a little bit higher price you get the dependability of the firewall with the WatchGuard brand."
"They have an annual subscription license. Initially, we had opted for three years. After that, we went for another three years, and after that, we have been doing it yearly. They also have a license for five years."
"I spent $600 or $800 on this product and I'm paying a couple of hundred dollars a year in a subscription service to keep the lights on, on it... It works out to $100 or $200 a year if you buy several years at once. It's fair."
"The pricing was in line with everyone else; maybe slightly higher."
"It has a very good price. It is not the most expensive one, and it is also not the cheapest one. It is just spot-on in terms of price."
"The primary reason that we went with Firebox was its cost. It is very economical and it provided us with all the security functions that we were looking for at the time. And the throughput was more than what we required, so it was a very cost-effective device to deploy on our network."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Sophos XG Firewall is next gen firewall that is optimized for today’s business, delivering all the protection and insights you need in a single, powerful appliance that’s easy to manage.
WatchGuard's approach to network security focuses on bringing best-in-class, enterprise-grade security to any organization, regardless of size or technical expertise. Ideal for SMBs and distributed enterprise organizations, our award-winning Unified Threat Management (UTM) appliances are designed from the ground up to focus on ease of deployment, use, and ongoing management, in addition to providing the strongest security possible.
Sophos XG is ranked 5th in Firewalls with 121 reviews while WatchGuard Firebox is ranked 3rd in Unified Threat Management (UTM) with 23 reviews. Sophos XG is rated 8.2, while WatchGuard Firebox is rated 8.8. The top reviewer of Sophos XG writes "Light and stable with excellent real-time control ". On the other hand, the top reviewer of WatchGuard Firebox writes "Competent, basic front-end; the ports that I have assigned appear to be unattainable to outsiders". Sophos XG is most compared with Fortinet FortiGate, pfSense, Meraki MX, Palo Alto Networks NG Firewalls and Sophos Cyberoam UTM, whereas WatchGuard Firebox is most compared with Fortinet FortiGate, pfSense, SonicWall NSa, Cisco ASA Firewall and Azure Firewall. See our Sophos XG vs. WatchGuard Firebox report.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.