We performed a comparison between Check Point NGFW and Cisco Secure Firewall based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Check Point users are happier with its VPN and with its pricing. However, Cisco Secure users are happier with its service and support.
"The solution is easy to configure and maintain remotely."
"It has very easy management and an amazing ETM configuration."
"Consolidated our network environment at all locations, but mainly at our datacenter."
"The security features that they have are quite good. On top of that, their licensing model is quite nice where they don't charge you anything for the SD-WAN functionality for the firewall."
"It's very easy to set up, it's very easy to make policies and, for an organization, that means you don't need IT expert in firewalls. You just need to have somebody who knows a little bit of IT, and that's it. With other products, you need someone with a "Masters" degree in firewalls."
"Fortinet FortiGate is stable. It's used across all the countries, this is the way most multinationals run their system."
"The inspection and web security features are most valuable."
"The most valuable feature is the FortiManager for centralized management."
"Check Point NGFW generates very helpful reports based on the logs of the activated features."
"HTTP forwarding is something I haven't seen elsewhere."
"The firewall rule writing and object creation are the best and simplest I've seen on a firewall."
"Its greatest asset lies in its user-friendly interface, making it exceptionally suitable and reliable for managing gateways."
"I was impressed by how easy it was to activate blades and implement them on a security gateway, with the process taking less than five minutes."
"The management interface is easy to operate and is a standardized way of managing different firewall modules in the same client application."
"The best feature is the ability to increase the capacity of the solution by exactly what you add, not losing anything for High Availability."
"The most valuable feature for us is the VSX, the virtualization."
"The high-availability features, the VPN and the IPSec, are our top three features."
"ASDM provides GUI for configurations. The ASDM has made configuring ASA easy. No need to memorize CLI commands."
"Cisco ASA works very nicely from an administration perspective. The management of the device is very nice. The ASDM (Adaptive Security Device Manager) is the software that we use and it is very easy to configure using the GUI."
"Firepower has been used for quite a few enterprise clients. Most of our clients are Fortune 500 and Firepower is used to improve their end to end firewall functionality."
"What I like about Cisco is the security zone. By default when you configure it, it gives you a security zone, which other firewalls don't have."
"The initial setup was completely straightforward."
"Sourcefire has been a great addition. The visibility and control have been nice."
"The most valuable feature is the access control list (ACL)."
"FortiGate support could do some improvements on their IPv6 configuration. Right now it's still in the very early stage for utilizing in an enterprise level network environment."
"There is one big configuration file with no separations for the unique VDOMs. Maybe they could separate individual VDOM configuration files with the root VDOM configuration file referencing the individual VDOM config files."
"They need to improve their technical support."
"The pricing could be reduced or include the first year warranty."
"I would suggest that Fortinet add sandboxing to their solution."
"One area for improvement is the performance on bandwidth demands for smaller devices, as well as better web filtering."
"In terms of what could be improved, the SD-WAN is quite difficult, because if you install the new box, 15 is okay, but if you change from an old configuration, if there is already configuration and a policy when you change to SD-WAN, you must change the whole policy that you see in the interface."
"The debugging and troubleshooting has room for improvement."
"The web UI for VSX could be better."
"Support for customers really needs to improve."
"The predefined reports are few and it would be nice to increase them since the logs are excellent."
"Although very efficient, the product could be developed in a way that does not take a lot more system resources."
"For R80.10 and above, if you want to install a hotfix, then you can't install it through the GUI. I don't know why. In the earlier days, I was able to do the installation of hotfixes through the GUI. Now, Check Point said that you have to install hotfixes through the CLI. If that issue could be resolved, then it would be great because the GUI is more handy than the CLI."
"They should integrate all blades to use a single policy rather than multiple."
"Timely updates to security databases, firmware, and software are crucial for addressing new threats."
"I would like the user interface to be more user-friendly. I want the UI to be easier to use than Check Point's competitors."
"In today's world, cyberattacks have become a common occurrence. However, so far, we have not faced any issues with our systems. I hope the situation remains the same in the future. If Cisco introduces even more advanced security measures, it would be beneficial."
"I would say that in inexperienced hands, the interface can be kind of overwhelming. There are just a lot of options. Too much, if you don't know what you are looking for or trying to do."
"It would be nice if you didn't have to configure using a command-line interface. It's a bit technical that way."
"We have to rely on Cisco ASDM to access the firewall interface. This needs improvement. Because we have a web-based interface, and it is a lot more user-friendly."
"We are still running the original ASAs. The software that you are running for the ASDM software and Java application has never been a lot of fun to operate. It would have been nice to see that change update be redesigned with modern systems, which don't play nicely with Java sometimes. Cybersecurity doesn't seem to love how that operates. For us, a fresher application, taking advantage of the hardware, would have been a better approach."
"Changes you make in the GUI sometimes do not reflect in the command line and vice versa."
"The licensing needs simplification."
"They should work on making it a little more intuitive for users and not quite as complex. Still, it's a good product."
Check Point NGFW is ranked 5th in Firewalls with 279 reviews while Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews. Check Point NGFW is rated 8.8, while Cisco Secure Firewall is rated 8.2. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Netgate pfSense, Azure Firewall and OPNsense, whereas Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Juniper SRX Series Firewall. See our Check Point NGFW vs. Cisco Secure Firewall report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.