We performed a comparison between Cisco Secure Firewall and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."The solution is scalable."
"The payment function for applications is good."
"The most valuable features are simplicity, management, and that it's constantly evolving."
"Layer-3 firewall and routing are the most valuable features."
"FortiGate firewalls are easy to manage through a user-friendly web interface. They also have advanced features like DDoS and DLP. However, I wouldn't recommend enabling all of these features on one device because it can cause performance issues."
"The security fabric is excellent."
"Fortinet FortiGate has many valuable features, such as IDS, and intrusion detection. It has security features that are in part with the technologies that are available in the market."
"The CLI is robust and powerful, enabling rapid, consistent changes via SSH."
"The features I've found most valuable are the packet captures and packet traces because they help me debug connections. I like the logs because they help me see what's going on."
"I like all of the features."
"It's very scalable. You can go to different models of the ASAs and they scale up to as big as you want to go."
"Logging is great. It will show when it reaches its capacity before it is too late, unless you have bursts of traffic."
"All the features except IPS are valuable. IPS is not a part of my job."
"The solution is pretty easy to deploy."
"The firepower sensors have been great; they do a good job of dropping unwanted traffic."
"You can also put everything into a nice, neat, little package, as far as configuration goes. I was formerly a command-line guy with the ASA, and I was a little nervous about dealing with a GUI interface versus a command line, but after I did my first deployment, I got a lot more comfortable with doing it GUI based."
"I also like its logging method. Its logging is very powerful and useful for forensic purposes. You can see the traffic or a specific activity or how something entered your network and where it went."
"The solution can scale."
"The most valuable feature of the solution stems from how it allows users to do the investigation part. Another important part of the product that is valuable is associated with how it gives information to users in the form of a storyline."
"Support is very helpful and responsive."
"The features that I find most valuable are the MIR (Mandiant Incident Response) for checks on our inbound security."
"The most valuable feature is MVX, which tests all of the files that have been received in an email."
"Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening."
"The scalability has not been a problem. We have deployed the product in very high bandwidth networks. We have never had a problem with the FireEye product causing latency issues within our networks."
"For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial."
"I haven't had a single issue since using Fortinet."
"It would be nice if FortiGate incorporated some built-in endpoint protection features. I would also like a built-in SOC dashboard for managing multiple Fortinet firewalls."
"It would be nice if backups could more easily migrate between different models."
"To the best of my knowledge, Fortinet does not have a CASB solution and Fortinet does not have a Zero trust solution."
"Fortinet FortiGate should improve the VPN tokens."
"We sometimes have issues with FortiGate's routing table in the latest firmware update. We had to downgrade the device because our customers complained about bugs."
"Fortinet needs more memory to save the log files. We need it to save the logs on the hardware and not in the cloud. I know this feature is available in FortiCloud, but if we need this log locally, it is not available."
"Implementations require the use of a console. It would help if the console was embedded."
"<p>If there is old hardware, or appliances, it does not necessarily work with the new Cisco generation firewalls."
"There may have been one or two incidences of malicious threats."
"I don't have any specific improvements to recommend. However, when you compare the throughput of a Cisco firewall to the competitors, especially Fortinet, what you find is that Cisco has lagged a little bit behind in terms of firewall throughput, especially for the price that you pay for that throughput."
"It can probably provide a holistic view of different appliances because many customers do not have only one brand, besides the traditional SNMP protocols, to cover all their devices. There are some specific requirements in terms of configurations or actions that sometimes have to be done in a very manual way because of the different versions or brands in a customer's infrastructure. It could also have some additional analytics capabilities. It has some very interesting ways to monitor the traffic and identify false positives from the architecture and the environment. It would be good if there is a way to patch with some other industry-specific solutions and synchronize some of the information, such as what other customers experience in their operations and probably share some additional information that could be leveraged or shared among the industry. Such information would be something interesting to see. It could have AI capabilities related to how the appliances could benefit from learning the current environment and different exposures."
"Also, they have a Firepower source file that I can work on the ASA device and on Firepower devices. A problem here lies in the way that you manage these devices. Some devices do not support the FMC, and some devices have to be managed through ASDM, and others have to be managed through FMC."
"There is no support here in Georgia. If something goes wrong, support is not always very helpful with the other firewalls or other products."
"It should be easier for the IT management or the admin to configure products. For example, the firewall products are not very straightforward for many users. They should be easier to configure and should be more straightforward."
"A better depth of view, being able to see deeper into the management process, is what I'd like to see."
"It is not a very secure product."
"It would be great if we could create granular reports based on the protocols, types of attacks, regions of attack, etc. Also we would like to easily be able to add exceptions to rules in cases of false positives."
"Management of the appliance could be greatly improved."
"Stability issues manifested in terms of throughput maximization."
"It is very expensive, the price could be better."
"Based on what we deployed, they should emphasize the application filtering and the web center. We need to look deeper into the SSM inspection. If we get the full solution with that module, we don't need to get the SSM database from another supplier."
"I heard that FireEye recently was hacked, and a lot of things were revealed. We would like FireEye to be more secure as an organization. FireEye has to be more protective because it is one of the most critical devices that we are using in our environment. They have a concept called SSL decryption, but that is only the packet address. We would like FireEye to also do a lot of decryption inside the packet. Currently, FireEye only does encryption and decryption of the header, but we would like them to do encryption and decryption of the entire packet."
More Trellix Network Detection and Response Pricing and Cost Advice →
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Trellix Network Detection and Response is ranked 9th in Advanced Threat Protection (ATP) with 37 reviews. Cisco Secure Firewall is rated 8.2, while Trellix Network Detection and Response is rated 8.4. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Offers in-depth investigation capabilities, integrates well and smoothly transitioned from a lower-capacity appliance to a higher one". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Palo Alto Networks NG Firewalls, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Vectra AI and Check Point SandBlast Network.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
