We performed a comparison between Cisco Secure Firewall and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls.
"FortiGate Secure SD-WAN includes best-of-breed next-generation firewall (NGFW) security, SD-WAN, advanced routing, and WAN optimization capabilities, delivering a security-driven networking WAN edge transformation in a unified offering."
"The solution can scale well."
"The most valuable features are that it is very simple to configure and to manage."
"The security features are about the best that I've seen anywhere."
"The most valuable features of Fortinet FortiGate are the rules and quality of service."
"Mainly the FortiGate reporting system is very good. It guides us through all the expectations of security. Fortinet provides us all that we need for security. Also, Fortinet FortiGate is a next-generation firewall. It is much more advanced than others."
"It has improved our security capabilities."
"I think that the UTM features are the most value, as it truly protects my infrastructure."
"Valuable features include AnyConnect, double translations, and an independent IPS module."
"I like the IPS feature, it is the most valuable."
"Cisco Secure Firewall is reliable, which is why we opted for it during the pandemic for our remote users."
"The most important feature is its categorization because on the site and social media you are unified in the way they are there."
"The most valuable feature is the access control list (ACL)."
"ASA integrates with FirePOWER, IPS functionality, malware filtering, etc. This functionality wasn't there in the past. With its cloud architecture, Cisco can filter traffic at the engine layer. Evasive encryptions can be entered into the application, like BitTorrent or Skype. This wasn't possible to control through a traditional firewall."
"The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy."
"The user interface is easy to navigate."
"The product has helped improve our organization by being easy to use and integrate. This saves time, trouble and money."
"The installation phase was easy."
"Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening."
"I also like its logging method. Its logging is very powerful and useful for forensic purposes. You can see the traffic or a specific activity or how something entered your network and where it went."
"It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye."
"Very functional and good for detecting malicious traffic."
"The most valuable feature is the network security module."
"We see ROI in the sense that we don't have to react because it stops anything from hurting the network. We can stop it before we have a bigger mess to clean up."
"There are some complex administration tasks in their administration portal. That needs to be improved."
"Fortinet FortiGate should improve the VPN tokens."
"The user interface could be improved."
"They should make the rule sets more understandable for the end user. When you're trying to explain to somebody how a computer network is secured, sometimes it's difficult for an end user or customer to understand. If there was a way to make the terminology more accessible to the end user, the set up could be easier. They should translate the technical jargon to an easily relatable and understandable conversation for the end user, the customer, that would be brilliant. Particularly in an environment where the IT structure is audited regularly, there's always pressure from the auditor to up the standards and up the security and you get your USCERT's that come out and there's a warning about this and the customer will want to lock out so much and when you apply it they run into issue where they can't search the internet or print to their remote office. Of course they can't print to your remote office, they just locked it up. They should make the language more understandable for the customer. If there's a product out there that made the jargon understandable to John Q. Public, I would buy that."
"They sometimes hide some features and if you want to enable them, you have to go in the CLI, enable the feature and configure it through the CLI. Customers, typically, like everything to be done by the GUI."
"MTBF: Hardware failure is more common when compared to SonicWall or Cisco ASA."
"It's my understanding that more of the current generation features could be brought in. There could be more integration with EDRs, for example."
"Fortinet FortiGate could improve by having better visibility. Palo Alto has better visibility."
"This is an older product and has reached end-of-life."
"We had an event recently where we had inbound traffic for SIP and we experienced an attack against our SIP endpoint, such that they were able to successfully make calls out... Both CTR, which is gathering data from multiple solutions that the vendor provides, as well as the FMC events connection, did not show any of those connections because there was not a NAT inbound which said either allow it or deny it."
"I would like to see more configurable feature parity with Cisco ASA, which is the legacy product that Cisco is moving away from. When configuring remote access VPN, not all of the options are there. You have to download another tool, which means that the configuration takes a little bit longer with Cisco Secure Firewall. Though it's getting there, there are still some features lagging behind."
"The installation and integration of Cisco ASA with FirePOWER can be improved. The management with Fortigate is easier than Cisco ASA on FirePOWER. The management side of Cisco ASA can be improved so it can be more easily configured and used."
"It's not unexpected, but it's a common scenario where customers request dual layers of security. For instance, when dealing with regulatory compliance, especially in financial sectors regulated by entities like the Central Bank, having two distinct units is often mandated. If a client predominantly uses a solution like Palo Alto, they may need to incorporate another vendor such as Cisco or Forti. Importantly, there's a significant disparity in interfaces and management platforms between these vendors, necessitating careful consideration when integrating them into the overall security architecture"
"When comparing the graphical interface of this solution to other vendors it is more difficult to configure. There is a higher learning curve for administrators in this solution."
"They should work on making it a little more intuitive for users and not quite as complex. Still, it's a good product."
"More intuitive support for SIP services are needed. This took a long time to configure properly for the user."
"It would be great if we could create granular reports based on the protocols, types of attacks, regions of attack, etc. Also we would like to easily be able to add exceptions to rules in cases of false positives."
"Technical packaging could be improved."
"Stability issues manifested in terms of throughput maximization."
"Technical support could be improved."
"It is very expensive, the price could be better."
"Its documentation can be improved. The main problem that I see with FireEye is the documentation. We are an official distributor and partner of FireEye, and we have access to complete documentation about how to configure or implement this technology, but for customers, very limited documentation is available openly. This is the area in which FireEye should evolve. All documents should be easily available for everyone."
"I would love to see better reporting. Because you can't export some of the reports in proper formats, it is hard to extract the data from reports."
"They can maybe consider supporting some compliance standards. When we are configuring rules and policies, it can guide whether they are compliant with a particular compliance authority. In addition, if I have configured some rules that have not been used, it should give a report saying that these rules have not been used in the last three months or six months so that I disable or delete those rules."
More Trellix Network Detection and Response Pricing and Cost Advice →
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Trellix Network Detection and Response is ranked 9th in Advanced Threat Protection (ATP) with 35 reviews. Cisco Secure Firewall is rated 8.2, while Trellix Network Detection and Response is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Blocks traffic and DDoS attacks ". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Palo Alto Networks NG Firewalls, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Vectra AI and Zabbix.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
