We performed a comparison between Cisco Secure Firewall and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."It is easy to use. We chose this product for the possibility to have virtual domains (VDOMs). We are building another company in the group, and we would like to split the firewalling rules and policies between these two companies. Each company would be able to manage its own policies and security rules, which is an advantage of Fortinet FortiGate. We can define VDOMs, and every company can manage its own VDOM as if it has its own physical firewall, but in fact, we would be using the same physical appliance because we are also using the same internet lines. So, it allows us to reuse the existing resources without the disadvantage of having to compromise on policies and security. Each company can choose its own way of working."
"The technical support in our region is excellent."
"It can expand easily."
"This product is definitely scalable."
"The most valuable features are the enterprise modeling and the simple interface."
"The product is very stable, easy to troubleshoot, and configure, so it has reduced the time it takes for support."
"We are a visual effects company, and there have been a number of high profile security issues in our industry. This has brought us to a higher standard of security, which our clients are very keen on these days."
"A strong point of FortiGate is the graphical interface is complete and easy to use."
"The most stable firewall I’ve ever worked with. Once you get the ASA set up properly, it can run for a whole year without any major issues, apart from the normal daily administration."
"A stable and solid solution for protection from external threats and for VPN connections."
"We have been using a 5520 for seven years in our datacenter and we are satisfied by this version."
"Even in very big environments, Cisco comes in handy with configuration and offers reliability when it comes to managing multiple items on one platform."
"This product is pretty stable."
"I am used to the ASA syntax, therefore it is quite easy to make up new rules. I have found that DNS doctoring rules are useful."
"Being able to use it as a policy-based VPN is valuable. It's very easy to understand. It's very easy to troubleshoot."
"The most valuable features are the provision of internet access, AnyConnect, and VPN capabilities."
"The installation phase was easy."
"We see ROI in the sense that we don't have to react because it stops anything from hurting the network. We can stop it before we have a bigger mess to clean up."
"The MVX Engine seems to be very capable against threats and the way it handles APTs is impressive."
"The most valuable feature is MVX, which tests all of the files that have been received in an email."
"The most valuable feature is the view into the application."
"The features that I find most valuable are the MIR (Mandiant Incident Response) for checks on our inbound security."
"It is stable and quite protective. It has a lot of features to scan a lot of malicious things and vulnerabilities."
"The server appliance is good."
"The sniffing packets or packet captures, can be simplified and improved because it's a little confusing."
"There is one big configuration file with no separations for the unique VDOMs. Maybe they could separate individual VDOM configuration files with the root VDOM configuration file referencing the individual VDOM config files."
"Its customer service could be better."
"The feedback that I have received is that the performance could be better, and the user experience is not as good compared to a previous solution we used. It could be more user-friendly. Of course, it still works fine for our operations."
"We would like to see a better training platform implemented."
"In the next release, maybe the documentation on how to use this solution could be improved."
"I'm not sure if it's something that they already have or are developing something, however, we need some dedicated features for container security."
"There are some complex administration tasks in their administration portal. That needs to be improved."
"They need a user-friendly interface that we could easily configure."
"We had an event recently where we had inbound traffic for SIP and we experienced an attack against our SIP endpoint, such that they were able to successfully make calls out... Both CTR, which is gathering data from multiple solutions that the vendor provides, as well as the FMC events connection, did not show any of those connections because there was not a NAT inbound which said either allow it or deny it."
"I'm working on a slightly older version, but what it needs is a better alert management. It's pretty standard, but there's no real advanced features involved around it."
"The operation of the ASA is good but the problem is that whenever you require an upgrade, there are multiple pieces of software that you have to upgrade. Extensive planning is required, because if you upgrade one piece of the software it has to be compatible with the others as well. You always need to check the compatibility metrics."
"The overall licensing structure could improve to make the solution better."
"I would like the ability to pick and choose different features of it to run in a packaged infrastructure or modules, therefore I would like to have more customizability over it."
"Its configuration through GUI as well as CLI can be improved and made easier."
"There used to be information displayed about the packets in a module called Packet Flow, but it is no longer there."
"The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box. It comes from the vendor as-is. Some users like to have control of it. Like what type of Windows and what type of applications and they have zero control over this."
"They can maybe consider supporting some compliance standards. When we are configuring rules and policies, it can guide whether they are compliant with a particular compliance authority. In addition, if I have configured some rules that have not been used, it should give a report saying that these rules have not been used in the last three months or six months so that I disable or delete those rules."
"Its documentation can be improved. The main problem that I see with FireEye is the documentation. We are an official distributor and partner of FireEye, and we have access to complete documentation about how to configure or implement this technology, but for customers, very limited documentation is available openly. This is the area in which FireEye should evolve. All documents should be easily available for everyone."
"It is not a very secure product."
"The product's integration capabilities are an area of concern where improvements are required."
"It would be very helpful if there were better integration with other solutions from other vendors, such as Fortinet and Palo Alto."
"It is very expensive, the price could be better."
"Technical packaging could be improved."
More Trellix Network Detection and Response Pricing and Cost Advice →
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Trellix Network Detection and Response is ranked 9th in Advanced Threat Protection (ATP) with 35 reviews. Cisco Secure Firewall is rated 8.2, while Trellix Network Detection and Response is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Blocks traffic and DDoS attacks ". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Palo Alto Networks NG Firewalls, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Vectra AI and Zabbix.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.