We performed a comparison between Cisco Secure Firewall and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."The solution is highly scalable because they have devices that can handle a large amount of traffic."
"The solution is very easy to understand. It's not overly complex."
"The IPS is good. It protect my network from attackers."
"The VPN is the most valuable feature."
"Fortinet FortiGate protects against internet-based threats, both internal and external. It is scalable, stable, easy to use, and easy to install."
"FortiGate is on the cheaper end, and it offers good value."
"Fortinet FortiGate is stable. It's used across all the countries, this is the way most multinationals run their system."
"The Fortinet FortiGate local partners were good. I did not have direct contact with Fortinet support."
"The most valuable feature is that it has the ability to divide the network into three parts; internal, external, and DMZ."
"The product is quite robust and durable."
"Cisco ASA works very nicely from an administration perspective. The management of the device is very nice. The ASDM (Adaptive Security Device Manager) is the software that we use and it is very easy to configure using the GUI."
"I have not contacted technical support. There is a lot of information on the internet for troubleshooting. All you need to do is use a search engine and you will find the information you are looking for easily."
"ASA 5505 and ASA 5506 are very powerful tools to use in a business environment, and provide a lot of security."
"Cisco tech is always good and helpful. I would rate them as 10 out of 10."
"The primary benefits of using Cisco Secure solutions are time-saving, a robust API, and convenience for the security team."
"The Firepower IPS, based on Snort technology, has an amazing detection engine and historical analysis capability of files that eases threat investigations a lot."
"Support is very helpful and responsive."
"Very functional and good for detecting malicious traffic."
"The features that I find most valuable are the MIR (Mandiant Incident Response) for checks on our inbound security."
"The most valuable feature is the network security module."
"The product is very easy to configure."
"Its ability to find zero-day threats, malware and anything malicious has greatly improved my customer's organization, especially for protecting the users' browser."
"The most valuable feature is the view into the application."
"The solution can scale."
"It is stable, but its stability can be improved."
"The logging details need to be improved."
"I think they need to improve more in order to be a competitor with the leaders of the field."
"Security is a continuous process. In every product, there is a requirement for improvement. Its pricing should also be improved according to Indian market requirements. They must also improve on the reporting part. Its reporting can be more precise. If we can get a real-time report in a specific format, it will be helpful for customers to know about the current status of their security."
"Fortinet FortiGate could improve by having better visibility. Palo Alto has better visibility."
"Its customer service could be better."
"Fortinet FortiGate is not very easy to use. The navigation could be improved to make it easier to use."
"I don't like that anything more than very basic reporting is not included."
"Lacks a good graphical user interface."
"The visibility for VPN is one big part. The policy administration could be improved in terms of customizations and flexibility for changing it to our needs."
"Most of the features don't work well, and some features are missing as well."
"In general, they can make it easier to manage the solutions. They can make it easier in terms of administration and provide a single tool for different firewalling solutions. They have different tools to manage different firewalls, such as Firepower or ASA. Sometimes, both are on the same thing. You have ASA with Firepower modules, so you manage some of the things via HTML, and then you manage some of the things via another management tool. It's not seamless."
"When we talk about data centers, we are talking about 100 gig capacity or 400 gig capacity. When it comes to active-active solution clustering and resilience and performance, Cisco should look into these a little bit more."
"I would like to see improvement when you create policies on Snort 3 IPS on Cisco Firepower. On Snort 2, it was more like a UI page where you had some multiple choices where you could tweak your config. On Snort 3, the idea is more to build some rules on the text file or JSON file, then push it. So, I would like to see a lot of improvements here."
"Some individuals find the setup and configuration challenging."
"There may have been one or two incidences of malicious threats."
"Technical support could be improved."
"They can maybe consider supporting some compliance standards. When we are configuring rules and policies, it can guide whether they are compliant with a particular compliance authority. In addition, if I have configured some rules that have not been used, it should give a report saying that these rules have not been used in the last three months or six months so that I disable or delete those rules."
"The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box. It comes from the vendor as-is. Some users like to have control of it. Like what type of Windows and what type of applications and they have zero control over this."
"I would love to see better reporting. Because you can't export some of the reports in proper formats, it is hard to extract the data from reports."
"There is a lot of room for Improvement in the offering, from cost to functionality. It is pretty straightforward to implement which is an advantage. However, it falls short in pricing, detection capabilities, and, most importantly, reporting and policy management."
"It would be great if we could create granular reports based on the protocols, types of attacks, regions of attack, etc. Also we would like to easily be able to add exceptions to rules in cases of false positives."
"It would be a good idea if we could get an option to block based upon the content of an email, or the content of a file attachment."
"Technical packaging could be improved."
More Trellix Network Detection and Response Pricing and Cost Advice →
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Trellix Network Detection and Response is ranked 9th in Advanced Threat Protection (ATP) with 35 reviews. Cisco Secure Firewall is rated 8.2, while Trellix Network Detection and Response is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Blocks traffic and DDoS attacks ". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Palo Alto Networks NG Firewalls, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Vectra AI and Netgate pfSense.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.