We performed a comparison between Cisco Secure Firewall and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."The solution is extremely reliable."
"The features that we have found most valuable are the SSL VPN and the User Portal."
"Fortinet FortiGate protects against internet-based threats, both internal and external. It is scalable, stable, easy to use, and easy to install."
"We have been able to offer several services to customers in a single box."
"FortiGate Secure SD-WAN includes best-of-breed next-generation firewall (NGFW) security, SD-WAN, advanced routing, and WAN optimization capabilities, delivering a security-driven networking WAN edge transformation in a unified offering."
"Virtual Domains (VDOMs) are a feature that we found valuable."
"The GUI is good."
"Secure, user-friendly, stable, and scalable network security solution. Installation is straightforward."
"Cisco has the best documentation. You can easily find multiple documents by searching the web. Even a child can go online and find the required information."
"Because of the deeper inspection it provides we have better security and sections that allow users broader access."
"Web filtering is a big improvement for us. The previous version we used, the AC520, did not have that feature included. It was not very easy for us, especially because the environment had to be isolated and we needed to get updates from outside, such as Windows patches. That feature has really helped us when we are going outside to pull those patches."
"Cisco Firepower NGFW is really easy to use right now to determine when my file requires a shift from primary to secondary status, and it can be done with automation. Earlier we used to do this with patching."
"The integration of network and workload micro-segmentation helps a lot to provide unified segmentation policies across east-west and north-south traffic. One concrete example is with Cisco ACI for the data center. Not only are we doing what is called a service graph on the ACI to make sure that we can filter traffic east-west between two endpoints in the same network, but when we go north-south or east-west, we can then leverage what we have on the network with SGTs on Cisco ISE. Once you build your matrix, it is very easy to filter in and out on east-west or north-south traffic."
"So far, it has been very stable."
"Very good as a stateful inspection firewall."
"An eight because it's a good security solution. It's more mature than its competitors."
"Its ability to find zero-day threats, malware and anything malicious has greatly improved my customer's organization, especially for protecting the users' browser."
"The most valuable feature is the network security module."
"Initially, we didn't have much visibility around what is occurring at our applications lower level. For instance, if we are exposed to any malicious attacks or SQL injections. But now we've integrated FireEye with Splunk, so now we get lots of triggers based on policy content associated with FireEye. The solution has allowed for growth and improvement in our information security and security operations teams."
"It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye."
"Application categorization is the most valuable feature for us. Application filtering is very interesting because other products don't give you full application filtering capabilities."
"The sandbox feature of FireEye Network Security is very good. The operating system itself has many features and it supports our design."
"The product is very easy to configure."
"The most valuable feature is the view into the application."
"There are some problems that support cannot give you a logical reason as to why it happened. For example, I had a case where I was dealing with a WhatsApp application that was giving issues. Technical support gave more than one reason it could be giving issues, but none of them solved the problem. Eventually I solved the problem, but it was far from the solutions that support had given."
"We would like to see better pricing."
"FortiGate support could do some improvements on their IPv6 configuration. Right now it's still in the very early stage for utilizing in an enterprise level network environment."
"The solution lacks multi-language support."
"One area for improvement is the performance on bandwidth demands for smaller devices, as well as better web filtering."
"The renewal price and the availability could be improved."
"Fortinet currently has many products bundled with FortiGate including the basic firewall and load balancer, and I think that that they need to have separate product portfolios for each of these specialized services."
"The support team for Fortinet FortiGate needs to be more customer friendly."
"They should work on making it a little more intuitive for users and not quite as complex. Still, it's a good product."
"The scalability is a bit limiting, to be honest. In terms of when you look to changing landscape in terms of threats, I think to me, my personal it's a bit limiting."
"It integrates with other security products from Cisco, but sometimes, there can be glitches or errors."
"I would like to see the inclusion of a protocol that can be used to protect databases."
"I needed to be well-versed with all the command lines for Cisco ASA in order to fully utilize it. I missed this info and wasted some operational costs."
"One big pain point I have is the ASDM interface because it's Java, and sometimes, it's a bit buggy and has low performance. That's something that probably won't be improved because of backward compatibility."
"Setting it up is not as intuitive as other more modern NGFWs."
"It doesn't have a proper GUI to do troubleshooting, so most people have to rely on the command line."
"The world is currently shifting to AI, but FIreEye is not following suit."
"It is not a very secure product."
"It is very expensive, the price could be better."
"There is a lot of room for Improvement in the offering, from cost to functionality. It is pretty straightforward to implement which is an advantage. However, it falls short in pricing, detection capabilities, and, most importantly, reporting and policy management."
"We'd like the potential for better scaling."
"As far as future inclusions, it would be useful to display more threat intelligence, such as the actual area of the threat and the origin of the web crawling (Tor and Dark Web)."
"Improvements could be achieved through greater integration capabilities with different firewall solutions. Integrating with the dashboard itself for different firewalls so users can also pull tags into their firewall dashboard."
"The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box. It comes from the vendor as-is. Some users like to have control of it. Like what type of Windows and what type of applications and they have zero control over this."
More Trellix Network Detection and Response Pricing and Cost Advice →
Cisco Secure Firewall is ranked 4th in Firewalls with 112 reviews while Trellix Network Detection and Response is ranked 14th in ATP (Advanced Threat Protection) with 5 reviews. Cisco Secure Firewall is rated 8.2, while Trellix Network Detection and Response is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Includes multiple tools that help manage and troubleshoot, but needs SD-WAN for load balancing". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Great sandboxing, good reliability, and helpful support". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Juniper SRX Series Firewall, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, NetWitness Platform and Check Point SandBlast Network.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.