We performed a comparison between Cisco Secure Firewall and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."We can detect any attack of viruses or malware at the first point of contact."
"The solution is very user-friendly."
"It is a good source for firewall protection."
"The most valuable features of Fortinet FortiGate are it is one of the most mature firewalls in the UTM bundle."
"The most valuable features of Fortinet FortiGate are the APIs. They are the most widely known."
"The initial setup is straightforward."
"The virtual firewall feature is the most valuable. We have around 1,500 firewalls. We did not buy individual hardware, and the virtual firewalls made sense because we don't have to keep on buying the hardware. FortiGate is easier to use as compared to Checkpoint devices. It is user friendly and has a good UI. You don't need much expertise to work on this firewall. You don't need to worry much about DCLA, commands, and things like that."
"Allows for firewall rules to be programmed and named in a way that makes it “readable”"
"It integrates with various Cisco security portfolios and products, and there is an easy and seamless integration for building a complete security framework for our customers."
"Among the top features are integrated threat defence and the fact that each virtual appliance is separate so you get great granular control."
"Cisco Secure Firewall's security solutions, advanced malware protection, and DDoS communication are very good."
"Its ability to work with the traffic."
"With Cisco, there are a lot of features such as the network map. Cisco builds the whole network map of the machines you have behind your firewall and gives you insight into the vulnerabilities and attributes that the host has. Checkpoint and Fortinet don't have that functionality directly on the firewall."
"One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful."
"Right now, Cisco ASA NGFW has given us a lot of improvement. We are planning to move to a new facility and will be a much larger organization."
"The configuration support is very good. You can find a lot of configuration samples and troubleshooting tips on the internet, which is very good."
"It is stable and quite protective. It has a lot of features to scan a lot of malicious things and vulnerabilities."
"If we are receiving spam emails, or other types of malicious email coming from a particular email ID, then we are able to block them using this solution."
"The scalability has not been a problem. We have deployed the product in very high bandwidth networks. We have never had a problem with the FireEye product causing latency issues within our networks."
"Improved our systems and our customers' by providing better malware protection, defense against zero-day threats, and improved network security."
"The product has helped improve our organization by being easy to use and integrate. This saves time, trouble and money."
"We see ROI in the sense that we don't have to react because it stops anything from hurting the network. We can stop it before we have a bigger mess to clean up."
"I also like its logging method. Its logging is very powerful and useful for forensic purposes. You can see the traffic or a specific activity or how something entered your network and where it went."
"Its ability to find zero-day threats, malware and anything malicious has greatly improved my customer's organization, especially for protecting the users' browser."
"It does not have key authentication for admin access."
"In some cases, its initial setup could be hard for customers."
"The debugging and troubleshooting has room for improvement."
"Fortinet needs more memory to save the log files. We need it to save the logs on the hardware and not in the cloud. I know this feature is available in FortiCloud, but if we need this log locally, it is not available."
"Usually, we sell the bundle with the UTM or threat management piece with IPS, IDS. Other providers, such as Palo Alto, are ahead in terms of safe functionality. So, for me, delivering truly safe service is probably something that still needs to be improved."
"Some of the web policy reports could be improved."
"At first glance, the interface for the device is very confusing."
"I would like to see improvements in the support from Fortinet. Here in the Philippines, whenever we have problems with a Fortinet product, we mostly ask for support from distributors and resellers and not directly from Fortinet."
"It has poor performance."
"We would really like to see dual dual power supplies for some Cisco Firewall products."
"It integrates with other security products from Cisco, but sometimes, there can be glitches or errors."
"Cisco Firepower NGFW Firewall can be more secure."
"You shouldn't have to use the ASDM to help manage the client."
"We don't have any serious problems. The firewall models that we have are quite legacy, and they have slower performance. We are currently investigating the possibility of migrating to next-generation firewalls."
"When you make any changes, irrespective of whether they are big or small, Firepower takes too much time. It is very time-consuming. Even for small changes, you have to wait for 60 seconds or maybe more, which is not good. Similarly, when you have many IPS rules and policies, it slows down, and there is an impact on its performance."
"The user interface is a little clunky and difficult to work with. Some things aren't as easy as they should be."
"FireEye Network Security should have better integration with other vendors' firewalls or proxies, such as Palo Alto and Fortinet. Files that are being submitted should happen through the API or automatically."
"They can maybe consider supporting some compliance standards. When we are configuring rules and policies, it can guide whether they are compliant with a particular compliance authority. In addition, if I have configured some rules that have not been used, it should give a report saying that these rules have not been used in the last three months or six months so that I disable or delete those rules."
"It would be a good idea if we could get an option to block based upon the content of an email, or the content of a file attachment."
"A better depth of view, being able to see deeper into the management process, is what I'd like to see."
"Based on what we deployed, they should emphasize the application filtering and the web center. We need to look deeper into the SSM inspection. If we get the full solution with that module, we don't need to get the SSM database from another supplier."
"Management of the appliance could be greatly improved."
"Cybersecurity posture has room for improvement."
"As far as future inclusions, it would be useful to display more threat intelligence, such as the actual area of the threat and the origin of the web crawling (Tor and Dark Web)."
More Trellix Network Detection and Response Pricing and Cost Advice →
Cisco Secure Firewall is ranked 4th in Firewalls with 112 reviews while Trellix Network Detection and Response is ranked 14th in ATP (Advanced Threat Protection) with 5 reviews. Cisco Secure Firewall is rated 8.2, while Trellix Network Detection and Response is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Includes multiple tools that help manage and troubleshoot, but needs SD-WAN for load balancing". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Great sandboxing, good reliability, and helpful support". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Juniper SRX Series Firewall, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, NetWitness Platform and Check Point SandBlast Network.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.