We performed a comparison between Cisco Secure Firewall and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."Fortinet FortiGate is easy to use."
"Fortinet FortiGate is a security device. It can optimize security on the networks of a company. It actually protects the company from attacks from outside. With FortiGate, you can categorize the users. You can create a group of users that can access all of the websites for their work. You can limit other users' access."
"The features that I have found most valuable are the SD-WAN and their IP4 policy."
"The features that we have found most valuable are the SSL VPN and the User Portal."
"The FortiGate controls the user's activities and maximizes my bandwidth use overall."
"I appreciate FortiGate's flexibility, which allows for centralized management through FortiManager."
"The next-gen features, the unified threat management capabilities are something that just about everybody is interested in at this point."
"This solution made it very easy to manage our bandwidth."
"Signature-based detection; user-defined signatures with regular expressions; integrated URL and content filtering; custom URL categories filtering."
"The whole firewall functionality, including firewall policies and IPS policies, is valuable. It has all kinds of functionalities. It has IPS, VPN, and other features. They are doing quite a lot of stuff with their devices."
"Everything is all documented in the file or in the command line script that gets uploaded to the device. It gives us great visibility."
"To be honest, all of the features that are provided, all the other vendor will also have. One feature we did find valuable was the CLI, it is more accurate. Additionally, I was happy with the customization, dashboards, access lists and interface."
"Firewall help with cybersecurity resilience. I really like this Cisco product. It's user-friendly. I don't like some other vendors. I've tried those in the past. Cisco is pretty easy. A caveman could do it."
"Its VPN and ASN features are very stable."
"Filtering is the best feature."
"The most valuable feature of this solution is AMP (Advanced Malware Protection), as this is really needed to protect against cyber threats."
"The features that I find most valuable are the MIR (Mandiant Incident Response) for checks on our inbound security."
"It allows us to be more hands off in checking on emails and networking traffic. We can set up a bunch of different alerts and have it alert us."
"It is stable and quite protective. It has a lot of features to scan a lot of malicious things and vulnerabilities."
"Very functional and good for detecting malicious traffic."
"The server appliance is good."
"It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye."
"We see ROI in the sense that we don't have to react because it stops anything from hurting the network. We can stop it before we have a bigger mess to clean up."
"If we are receiving spam emails, or other types of malicious email coming from a particular email ID, then we are able to block them using this solution."
"While FortiGate is cheaper than most other solutions, we're seeing increased license renewal costs. Most of our clients are asking for more significant discounts because the price is going up."
"The solution could be more user friendly."
"The security of Fortinet FortiGate could improve."
"Fortinet already improved FortiGate, but in the current market, many brands of security devices have improved together. Fortinet still needs to catch up with market standards. Fortinet is lacking in features in comparison to competitors."
"The way everything is set up could be easier. Currently, people need a lot of experience and knowledge to administer it and to link it to devices."
"The Web-filter in this solution is not very good."
"Fortinet FortiGate needs to improve the protection, it did not prevent us from being attacked. Additionally, Fortinet FortiGate could provide more features for WAF devices. I should not have to purchase two solutions, it would be a benefit to combine these features into one solution."
"The support team for Fortinet FortiGate needs to be more customer friendly."
"I don't have any specific improvements to recommend. However, when you compare the throughput of a Cisco firewall to the competitors, especially Fortinet, what you find is that Cisco has lagged a little bit behind in terms of firewall throughput, especially for the price that you pay for that throughput."
"There is room for improvement in the stability or software quality of the product. There were a few things in the past where we had a little bit of a problem with the product, so there is room for improvement."
"For what we use it for, it ends up being the perfect product for us, but it would help if they could expand it into some of the other areas and other use cases working with speeding up and the reliability of the pushes from the policy manager."
"Its user interface is good, but it could be better. Currently, you have to know what to do before you can manage a device. If you don't know what to do, you can mess things up. There are some devices that are easier, such as FortiGate. The user interface of FortiGate is more intuitive. It is very easy to log in and configure things."
"At times the product is sluggish and slow"
"The solution has not had any layer upgrades. It does not have layer five and upwards, it only has up to layer four. This has caused some problems for us."
"The user interface isn't as good as it could be. They should work to improve it. It would make it easier for customer management if it was easier to use."
"FMC could be improved because management with FMC is quite difficult compared to using Firepower web-based management."
"The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box. It comes from the vendor as-is. Some users like to have control of it. Like what type of Windows and what type of applications and they have zero control over this."
"Its documentation can be improved. The main problem that I see with FireEye is the documentation. We are an official distributor and partner of FireEye, and we have access to complete documentation about how to configure or implement this technology, but for customers, very limited documentation is available openly. This is the area in which FireEye should evolve. All documents should be easily available for everyone."
"They can maybe consider supporting some compliance standards. When we are configuring rules and policies, it can guide whether they are compliant with a particular compliance authority. In addition, if I have configured some rules that have not been used, it should give a report saying that these rules have not been used in the last three months or six months so that I disable or delete those rules."
"It is not a very secure product."
"I heard that FireEye recently was hacked, and a lot of things were revealed. We would like FireEye to be more secure as an organization. FireEye has to be more protective because it is one of the most critical devices that we are using in our environment. They have a concept called SSL decryption, but that is only the packet address. We would like FireEye to also do a lot of decryption inside the packet. Currently, FireEye only does encryption and decryption of the header, but we would like them to do encryption and decryption of the entire packet."
"We'd like the potential for better scaling."
"Improvements could be achieved through greater integration capabilities with different firewall solutions. Integrating with the dashboard itself for different firewalls so users can also pull tags into their firewall dashboard."
"It doesn't connect with the cloud, advanced machine learning is not there. A known threat can be coming into the network and we would want the cloud to look up the problem. I would also like to see them develop more file replication and machine learning."
More Trellix Network Detection and Response Pricing and Cost Advice →
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Trellix Network Detection and Response is ranked 9th in Advanced Threat Protection (ATP) with 35 reviews. Cisco Secure Firewall is rated 8.2, while Trellix Network Detection and Response is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Blocks traffic and DDoS attacks ". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Palo Alto Networks NG Firewalls, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Vectra AI and Netgate pfSense.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.