We performed a comparison between Cisco Secure Firewall and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."The main reason why I purchased the particular unit was that it had good reviews and what other people were saying as far as its completeness and its leading capabilities in terms of endpoint security was very good."
"The scalability is good in Fortinet FortiGate."
"FortiGate firewalls are easy to manage through a user-friendly web interface. They also have advanced features like DDoS and DLP. However, I wouldn't recommend enabling all of these features on one device because it can cause performance issues."
"The management console is pretty simple, so anyone who understands networking can initially deploy the solution."
"Fortinet FortiGate is user-friendly and affordable."
"The tool is a nice product and easy to handle. The software's user interface is also good. You can easily implement remote access in the solution."
"It's very easy to configure."
"The solution is very user friendly. The user interface in particular is quite nice."
"It's the VPN side of things that has been most useful for us. It allows us to secure our users even when they're working from home. They are able to access all of our resources, no matter where they are in the world."
"It joins all branches and permits employees to work outside their offices, but everything is based on high securities standards (PCI compliance)."
"With Cisco, there are a lot of features such as the network map. Cisco builds the whole network map of the machines you have behind your firewall and gives you insight into the vulnerabilities and attributes that the host has. Checkpoint and Fortinet don't have that functionality directly on the firewall."
"It integrates with various Cisco security portfolios and products, and there is an easy and seamless integration for building a complete security framework for our customers."
"Right now, Cisco ASA NGFW has given us a lot of improvement. We are planning to move to a new facility and will be a much larger organization."
"The most valuable feature is the Intrusion Prevention System."
"FMC is very good in terms of giving a lot of visibility into what the firewall is seeing, what it's stopping, and what it's letting through. It lets the administrator have a little bit of knowledge of what's coming in or out of the device. It's excellent."
"The features that are most valuable within the firewall are the IPS as well as the Unified Communications. We also really like the dynamic grouping."
"The most valuable feature is MVX, which tests all of the files that have been received in an email."
"The product is very easy to configure."
"Very functional and good for detecting malicious traffic."
"The scalability has not been a problem. We have deployed the product in very high bandwidth networks. We have never had a problem with the FireEye product causing latency issues within our networks."
"Application categorization is the most valuable feature for us. Application filtering is very interesting because other products don't give you full application filtering capabilities."
"It allows us to be more hands off in checking on emails and networking traffic. We can set up a bunch of different alerts and have it alert us."
"The installation phase was easy."
"Support is very helpful and responsive."
"The cloud management and automation capability could be improved."
"You do need some IT knowledge in order to effectively work with the solution."
"The feature which gives us a lot of pain is ASIC architecture."
"The solution can have more features in a single box that can be multi-applied to integrate everything."
"Vulnerability scanning could be improved."
"In the next release, maybe the documentation on how to use this solution could be improved."
"We would like to see better pricing."
"In terms of what could be improved, the SD-WAN is quite difficult, because if you install the new box, 15 is okay, but if you change from an old configuration, if there is already configuration and a policy when you change to SD-WAN, you must change the whole policy that you see in the interface."
"At times the product is sluggish and slow"
"I needed to be well-versed with all the command lines for Cisco ASA in order to fully utilize it. I missed this info and wasted some operational costs."
"Security must be increased when a new user connects over the LAN and an alarm must be generated."
"Initial setup was fairly complex."
"The virtual firewalls don't work very well with Cisco AnyConnect."
"The solution could offer better control that would allow the ability to restrictions certain features from a website."
"The product needs real-time logs to be able to monitor our services, so we can know if any our services have been blocked via the firewall or on the application side."
"The one thing that the ASAs don't have is a central management point. We have a lot of our environments on FTD right now. So, we are using a Firewall Management Center (FMC) to manage all those. The ASAs don't really have that, but they are easy to use if you physically go into them and manage them."
"We'd like the potential for better scaling."
"It is an expensive solution."
"Management of the appliance could be greatly improved."
"As far as future inclusions, it would be useful to display more threat intelligence, such as the actual area of the threat and the origin of the web crawling (Tor and Dark Web)."
"It would be a good idea if we could get an option to block based upon the content of an email, or the content of a file attachment."
"They can maybe consider supporting some compliance standards. When we are configuring rules and policies, it can guide whether they are compliant with a particular compliance authority. In addition, if I have configured some rules that have not been used, it should give a report saying that these rules have not been used in the last three months or six months so that I disable or delete those rules."
"Based on what we deployed, they should emphasize the application filtering and the web center. We need to look deeper into the SSM inspection. If we get the full solution with that module, we don't need to get the SSM database from another supplier."
"It would be very helpful if there were better integration with other solutions from other vendors, such as Fortinet and Palo Alto."
More Trellix Network Detection and Response Pricing and Cost Advice →
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Trellix Network Detection and Response is ranked 9th in Advanced Threat Protection (ATP) with 35 reviews. Cisco Secure Firewall is rated 8.2, while Trellix Network Detection and Response is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Blocks traffic and DDoS attacks ". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Palo Alto Networks NG Firewalls, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Vectra AI and Netgate pfSense.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.