We performed a comparison between Cisco Secure Firewall and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."The FortiGate controls the user's activities and maximizes my bandwidth use overall."
"Fortigate is very scalable to serve our customers' needs. We have scaled already from fifty to more than a hundred instances of Fortinet FortiGate. Around 20 staff are required for deployment and maintenance, mostly engineers."
"The most valuable feature is the policy routing and application control."
"Its administrative panel is very intuitive and simple. It is simpler than the other solutions that we had. As an administrator, we are always looking for the easiest solution to manage network policies. We are able to filter everything on our network and also use the VPN feature, which is important these days when people are working remotely during COVID."
"FortiGate firewalls are easy to manage through a user-friendly web interface. They also have advanced features like DDoS and DLP. However, I wouldn't recommend enabling all of these features on one device because it can cause performance issues."
"I like that they have given me a solution at a fair price."
"We were looking for the VPN feature and controlling the inflow and outflow of all the traffic within the site and across the sites. We are also using it for the VPN and VLANs."
"Security, SD-WAN, and Streetscape are valuable features."
"I haven't had any major problems so I haven't had to open a ticket with technical support."
"Netting is one of the best features. We can modify it in different ways. Site-to-site VPN is also an awesome feature of Cisco ASA. The biggest advantage of Cisco products is technical support. They provide the best technical support."
"The initial setup was completely straightforward."
"The most valuable features of this solution are advanced malware protection, IPS, and IDS."
"With the pandemic, people began working from home. That was a pretty big move, having all our users working from a home. More capacity needed to be added to our remote VPN. ASA did this very well."
"Filtering is the best feature."
"The configuration capabilities and the integration with other tools are the most valuable features. I really like this product. Cisco is one of my favorite brands, and I always think Cisco solutions are very reliable, easy to configure, and very secure."
"The TAC is always very helpful. We pay for Tier 1 support, so we get whatever we need from them. They always give us a solution. If they can't give us an answer that day, they get back to us within at least 24 hours with a solution or fix. I have never had a problem with the TAC. I would rate them as 10 out of 10."
"Initially, we didn't have much visibility around what is occurring at our applications lower level. For instance, if we are exposed to any malicious attacks or SQL injections. But now we've integrated FireEye with Splunk, so now we get lots of triggers based on policy content associated with FireEye. The solution has allowed for growth and improvement in our information security and security operations teams."
"Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening."
"Support is very helpful and responsive."
"The features that I find most valuable are the MIR (Mandiant Incident Response) for checks on our inbound security."
"It is stable and quite protective. It has a lot of features to scan a lot of malicious things and vulnerabilities."
"The most valuable feature is the view into the application."
"The most valuable feature is MVX, which tests all of the files that have been received in an email."
"The product is very easy to configure."
"Sometimes you do need to know some CLI commands, so it's a bit harder for technicians or new people that don't know it."
"I would like to have logs, monitoring, and reporting for a month without extra fees."
"There were quite a few problems with the stability of the system."
"There are some problems that support cannot give you a logical reason as to why it happened. For example, I had a case where I was dealing with a WhatsApp application that was giving issues. Technical support gave more than one reason it could be giving issues, but none of them solved the problem. Eventually I solved the problem, but it was far from the solutions that support had given."
"I have to say that the initial setup was complex. The deployment took a few days to get set up. Initially, we were using an IPVanish. We switched to this tool since we thought it would be easier. But it turns out it wasn't easier to set up and run."
"Fortinet FortiGate could improve by having a frequent ask questions(FAQ) area for people to receive quick answers to popular questions. Additionally, it would be beneficial to have an SMS notification feature. For example, if you cannot access your email you could receive an SMS message."
"The cloud features and integration could be improved."
"Scalability for Fortinet FortiGate needs to be improved. SD-WAN security for this solution also needs some improvement."
"When we talk about data centers, we are talking about 100 gig capacity or 400 gig capacity. When it comes to active-active solution clustering and resilience and performance, Cisco should look into these a little bit more."
"These firewalls are not for beginners."
"For what we use it for, it ends up being the perfect product for us, but it would help if they could expand it into some of the other areas and other use cases working with speeding up and the reliability of the pushes from the policy manager."
"You need to have a little bit of knowledge to be able to configure it. Otherwise, it would be very difficult to configure because there is no GUI. The latest software available in the market has a GUI and probably zero-touch provisioning and auto-configuration. All these things are not available in our version. You need to manually go and configure everything in the switch. In terms of new features, we would definitely want to have URL-based filtering, traffic steering, and probably a little bit steering in the bandwidth based on the per-user level and per-user group. We will definitely need some of these features in the near future."
"We have encountered problems when implementing new signatures and new versions on our firewall. Sometimes, there is a short outage of our services, and we have not been able to understand what's going on. This is an area for improvement, and it would be good to have a way to monitor and understand why there is an outage."
"Even on a smaller scale, people are finding you need HA pairs, and there's no way that the ASA can do that, at least in the virtual version."
"The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore."
"The inclusion of an autofill feature would improve the ease of commands."
"Technical packaging could be improved."
"I heard that FireEye recently was hacked, and a lot of things were revealed. We would like FireEye to be more secure as an organization. FireEye has to be more protective because it is one of the most critical devices that we are using in our environment. They have a concept called SSL decryption, but that is only the packet address. We would like FireEye to also do a lot of decryption inside the packet. Currently, FireEye only does encryption and decryption of the header, but we would like them to do encryption and decryption of the entire packet."
"It is not a very secure product."
"Its documentation can be improved. The main problem that I see with FireEye is the documentation. We are an official distributor and partner of FireEye, and we have access to complete documentation about how to configure or implement this technology, but for customers, very limited documentation is available openly. This is the area in which FireEye should evolve. All documents should be easily available for everyone."
"Certain features in Trellix Network Detection and Response, such as using AL-type commands, may initially pose a challenge for those unfamiliar with such commands. However, once users become accustomed to the system, it becomes easier to use."
"Improvements could be achieved through greater integration capabilities with different firewall solutions. Integrating with the dashboard itself for different firewalls so users can also pull tags into their firewall dashboard."
"It is very expensive, the price could be better."
"There is a lot of room for Improvement in the offering, from cost to functionality. It is pretty straightforward to implement which is an advantage. However, it falls short in pricing, detection capabilities, and, most importantly, reporting and policy management."
More Trellix Network Detection and Response Pricing and Cost Advice →
Cisco Secure Firewall is ranked 4th in Firewalls with 112 reviews while Trellix Network Detection and Response is ranked 14th in ATP (Advanced Threat Protection) with 5 reviews. Cisco Secure Firewall is rated 8.2, while Trellix Network Detection and Response is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Includes multiple tools that help manage and troubleshoot, but needs SD-WAN for load balancing". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Great sandboxing, good reliability, and helpful support". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Juniper SRX Series Firewall, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, NetWitness Platform and Check Point SandBlast Network.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.