We performed a comparison between Check Point NGFW and Cisco Secure Firewall based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Check Point users are happier with its VPN and with its pricing. However, Cisco Secure users are happier with its service and support.
"The interface is very good."
"It blocks the vulnerabilities that can negatively impact us."
"From the firewall perspective, the rules and policies are very sufficient and easy to use."
"Its performance in fulfilling our requirements has been satisfactory."
"Fortigate is very scalable to serve our customers' needs. We have scaled already from fifty to more than a hundred instances of Fortinet FortiGate. Around 20 staff are required for deployment and maintenance, mostly engineers."
"What's most important is the ease of use."
"The pricing is excellent. It's much less expensive than Cisco."
"The most valuable features are simplicity, management, and that it's constantly evolving."
"Only allows authorized connections and prevents vulnerabilities in a network."
"One of the valuable characteristics of Check Point NGFW is that it presents very centralized management."
"The Check Point firewall features for Next Generation Firewalls are excellent."
"mart Console simplifies the management of current policies and objects, making it effortless to track an object's usage or identify unused objects, thus ensuring a tidy configuration."
"The QoS blade is very good for controlling traffic such as Windows patches, mail traffic and other stuff."
"Making configuring numerous layers of security policies easy to use was always one of the things I liked most about their firewall solution."
"The most valuable feature is the Stateful Inspection, which was developed by Check Point."
"The pricing is okay."
"The stability of the product is good."
"We moved from a legacy firewall to the ASA with FirePOWER, increasing our Internet Edge defense dramatically."
"It has definitely improved our organization. It gives us remote connectivity, helps workers connect remotely, and also gives us good connectivity to our other branches."
"The most important feature is the intensive way you can troubleshoot Cisco Firepower Firewalls. You can go to the bit level to see why traffic is not handled in the correct way, and the majority of the time it's a networking issue and not a firewall issue. You can solve any problem without Cisco TAC help, because you can go very deeply under the hood to find out how traffic is flowing and whether it is not flowing as expected. That is something I have never seen with other brands."
"It's very scalable. You can go to different models of the ASAs and they scale up to as big as you want to go."
"The web interface was easy for me. The configuration is logical, so it's easy to use and easy to understand how to protect, how to open a port, how to manage and how to route a device. That's why I prefer Cisco. It's robust and I never have issues with the hardware. That's why I choose Cisco and not another vendor."
"With the pandemic, people began working from home. That was a pretty big move, having all our users working from a home. More capacity needed to be added to our remote VPN. ASA did this very well."
"I am used to the ASA syntax, therefore it is quite easy to make up new rules. I have found that DNS doctoring rules are useful."
"The biggest "gotcha" is that if the client purchases what they call the UTM shared bundle, which has unified threat management on both, it's not as easy to manage if you have more than one firewall."
"MTBF: Hardware failure is more common when compared to SonicWall or Cisco ASA."
"They can do more tests before they release new versions because I would like to be more assured. We had some experiences where they release something new and great, but some of the old features are disabled or they don't work well, which impacts the product satisfaction. The manufacturer should be able to prove that everything works or not only that it might work. This is applicable to most of the other services, software, and hardware companies. They all should work on this. We cannot trust every new release, such as a beta release, on the first day. We wait for some comments on the forums and from other companies that we know. We always wait a few weeks before we use the updated version. They should also extend the VPN client application, especially for Linux versions. Currently, it has an application for Linux devices, but it doesn't work the way we want to connect to the VPN. They use only the old connection, not the new one. They have VPN client applications for Windows and Mac, but they can add more useful features to better manage the devices and monitor the current health of each device. Such features would be helpful for our company."
"Fortigate's hardware capacities could be improved."
"I need user-behavior analytics, to find threat scenarios from inside the organization, insider attacks. That would be very helpful for us. In addition, I would like next-generation features for small and medium businesses. These businesses require UTM, all in one product. Fortinet must include it."
"The visibility of the network can be better. The GUI can be improved for better visibility of the network flow. Other solutions have better GUI in terms of network visibility."
"I think there could be more QoS features"
"Tunnel flapping was one of the major things I had seen wherein your internet link remains but your VPN tunnel is down. However, since I got a fix from the TAC team, I have not noticed it, but the customer complained a few times that they couldn't access the internet because of this problem."
"I would like there to be a way to run packet captures more easily in the GUI environment. Right now, if we want to read packet captures, we have to do so from the command line."
"They have few predefined reports and it would be nice to increase them since the logs are excellent."
"Of the areas of improvement that I want to see in this product, without a doubt, one is the technical support. In this time of globalization, with so many cyberattacks and risks, the Check Point support staff take a long time to attend to incidents due to the high demand."
"The policy installation length is still too long. It was promised that the time would be severely reduced in newer versions, but it is still too long."
"It would be nice if there is a mobile-friendly console for our techs."
"Sometimes we need to find a resolution by ourselves as the solution's knowledge base is not enough."
"Check Point products have many places that need to be improved, but they are constantly upgrading."
"The virtual environment is not stable at all. We have some customers who are using the virtual environment feature, and sometimes it crashes. We have many tickets open and the response is not as good as expected. We have to wait months for a resolution."
"We see a lot of vendors in the market with a lot of niche products. I understand that it's difficult to cover everything, but making it more open for integration with other vendors would be a value add for Cisco."
"The product would be improved if the GUI could be brought into the 21st Century."
"The dashboard can be improved."
"Tech support could not answer all of our questions. I had to do research on the web to solve my issues."
"Licensing is complex, and I'd like it to be simplified. This is an area for improvement."
"Some of the features, like the stability, need to be improved."
"For the new line of FTDs, the performance could be improved. We sometimes have issues with the 41 series, depending what we activate. If we activate too many intrusion policies, it affects the CPU."
"10Gb interfaces should be available on more models."
Check Point NGFW is ranked 5th in Firewalls with 275 reviews while Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews. Check Point NGFW is rated 8.8, while Cisco Secure Firewall is rated 8.2. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Netgate pfSense, Azure Firewall and OPNsense, whereas Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and OPNsense. See our Check Point NGFW vs. Cisco Secure Firewall report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.