We performed a comparison between Cisco Secure Firewall and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."The technical support is great."
"The security features are about the best that I've seen anywhere."
"Layer-3 firewall and routing are the most valuable features."
"The notable features that I have found most valuable are that it includes the antivirus, and also IPS, and even SD-WAN."
"The performance is good."
"Its stability is the most valuable."
"I like several features that this product has, such as antivirus and internet navigation inspection. It is also simple to use."
"We purchased Fortinet because of the pricing, its functionality, because it met our requirements, and the total cost of ownership over five years was quite reasonable. In the market, Fortinet is rated quite well."
"The most valuable feature of this solution is AMP (Advanced Malware Protection), as this is really needed to protect against cyber threats."
"This solution made our organization more secure and gave us better control."
"It is much better than most of the other firewalls that I have worked with."
"Cisco ASA NGFW significantly improves our bank. It protects any high-value products that we use from hackers, viruses, malware, and script-bots. It gives us metrics on network traffic as well as what kind of attacks we are getting from the outside."
"Technical support services are excellent."
"You can also put everything into a nice, neat, little package, as far as configuration goes. I was formerly a command-line guy with the ASA, and I was a little nervous about dealing with a GUI interface versus a command line, but after I did my first deployment, I got a lot more comfortable with doing it GUI based."
"The stability of the product is good."
"Its VPN and ASN features are very stable."
"The most valuable feature is the view into the application."
"Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening."
"If we are receiving spam emails, or other types of malicious email coming from a particular email ID, then we are able to block them using this solution."
"The scalability has not been a problem. We have deployed the product in very high bandwidth networks. We have never had a problem with the FireEye product causing latency issues within our networks."
"Application categorization is the most valuable feature for us. Application filtering is very interesting because other products don't give you full application filtering capabilities."
"It is stable and quite protective. It has a lot of features to scan a lot of malicious things and vulnerabilities."
"The most valuable feature is MVX, which tests all of the files that have been received in an email."
"The sandbox feature of FireEye Network Security is very good. The operating system itself has many features and it supports our design."
"They are doing good, but they can improve the distributor assignment. The availability of the product and the timeline of delivery are the main things. The distribution should be swift, and the distributor should not reach out to end customers directly. They should work as a distributor. There should also be one more local distributor. Currently, there is only one distributor in Pakistan, and the rest of them are in UAE. It is difficult to work with only one distributor. Sometimes, you don't get along with the same distributor, and that's why they should have one more distributor. Their licensing should also be improved. The activation or renewal of the product should be done from the date of renewal, not from the date on which the license expired."
"It would be ideal if they had some sort of GUI interface for troubleshooting and diagnostics."
"We sometimes have issues with FortiGate's routing table in the latest firmware update. We had to downgrade the device because our customers complained about bugs."
"They can do more tests before they release new versions because I would like to be more assured. We had some experiences where they release something new and great, but some of the old features are disabled or they don't work well, which impacts the product satisfaction. The manufacturer should be able to prove that everything works or not only that it might work. This is applicable to most of the other services, software, and hardware companies. They all should work on this. We cannot trust every new release, such as a beta release, on the first day. We wait for some comments on the forums and from other companies that we know. We always wait a few weeks before we use the updated version. They should also extend the VPN client application, especially for Linux versions. Currently, it has an application for Linux devices, but it doesn't work the way we want to connect to the VPN. They use only the old connection, not the new one. They have VPN client applications for Windows and Mac, but they can add more useful features to better manage the devices and monitor the current health of each device. Such features would be helpful for our company."
"It is quite new for us, and we need to go more in-depth into the monitoring tools. It provides different features that we need to do what we want. So far, it is okay for us. In terms of improvement, in the future, they can provide a faster implementation of features. Some of the features are first available in other solutions. Fortinet sometimes takes a little bit longer than other solutions, such as Check Point, to implement new features."
"A lack of integration between our data centers."
"At first glance, the interface for the device is very confusing."
"There is one big configuration file with no separations for the unique VDOMs. Maybe they could separate individual VDOM configuration files with the root VDOM configuration file referencing the individual VDOM config files."
"It should have an additional “operating mode”, like a “candidate configuration mode”, where you would have the possibility to test the changes you are going to implement and also the possibility to validate these changes."
"I would like to see more integration with third-party devices in general. There is great integration with Cisco devices, but there's not much integration with third-party devices."
"It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience."
"I don't have any specific improvements to recommend. However, when you compare the throughput of a Cisco firewall to the competitors, especially Fortinet, what you find is that Cisco has lagged a little bit behind in terms of firewall throughput, especially for the price that you pay for that throughput."
"Security generally requires integration with many devices, and the management side of that process could be enhanced somewhat. It would help if there was a clear view of the integrations and what the easiest way to do them is."
"Initial setup was fairly complex."
"We would like to be able to manage a set of firewalls rather than individual firewalls. We haven't really looked into it or yet implemented it, but a single pane of glass would be helpful. We also use another vendor's firewalls, and they have a centralized management infrastructure that we have implemented, which makes it a little bit easier when you're managing lots of firewalls."
"The only drawback of the user interface is when it comes to policies. When you open it and click on the policies, you have to move manually left and right if you want to see the whole field within the cell. Checkpoint has a very detailed user interface."
"It doesn't connect with the cloud, advanced machine learning is not there. A known threat can be coming into the network and we would want the cloud to look up the problem. I would also like to see them develop more file replication and machine learning."
"It is very expensive, the price could be better."
"Technical support could be improved."
"They can maybe consider supporting some compliance standards. When we are configuring rules and policies, it can guide whether they are compliant with a particular compliance authority. In addition, if I have configured some rules that have not been used, it should give a report saying that these rules have not been used in the last three months or six months so that I disable or delete those rules."
"It would be a good idea if we could get an option to block based upon the content of an email, or the content of a file attachment."
"It is an expensive solution."
"The initial setup was complex because of the nature of our environment. When it comes to the type of applications and functions which we were looking at in terms of identifying malicious threats, there would be some level of complexity, if we were doing it right."
"FireEye Network Security should have better integration with other vendors' firewalls or proxies, such as Palo Alto and Fortinet. Files that are being submitted should happen through the API or automatically."
More Trellix Network Detection and Response Pricing and Cost Advice →
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Trellix Network Detection and Response is ranked 9th in Advanced Threat Protection (ATP) with 35 reviews. Cisco Secure Firewall is rated 8.2, while Trellix Network Detection and Response is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Blocks traffic and DDoS attacks ". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Palo Alto Networks NG Firewalls, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Vectra AI and Netgate pfSense.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.