We performed a comparison between Cisco Secure Firewall and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."It is a good source for firewall protection."
"The pricing is excellent. It's much less expensive than Cisco."
"It is quite easy to handle."
"The license management is very valuable. You can get a new license each year, or you can enroll every two to four years. You can get the logs, and you will get the information on the risk in your network and the entire organization. With this information, you can take action on your actives, computers, or devices. You can bring your own device as an SSE."
"Customers are more inclined towards FortiGate because of application control, web filtering, and anti-spam features. The support from the FortiGate team is good, and price-wise, it is affordable."
"We are a visual effects company, and there have been a number of high profile security issues in our industry. This has brought us to a higher standard of security, which our clients are very keen on these days."
"You can create multiple Virtual Domains (VDOMs), which are treated as separate firewall instances."
"Anti-Spam web content filterinG."
"It's protecting the organization against the impact of cyber threats and cybersecurity. We run manufacturing plants that have hazardous material, and we don't want that manufacturing process to be impacted by break-in exposure, cyber threats, or any other similar thing."
"I work with Cisco and other partners, but the Cisco team is the best team in our country. When I call them, they always help us."
"The transparency of the single UI to ensure security. A product has to be simple so that an administrator can use it."
"The IP filter configuration for specific political and Static NAT has been most valuable."
"It's got the capabilities of amassing a lot of throughput with remote access and VPNs."
"For our very specific use case, for remote access for VPN, ASAs are very good."
"It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective."
"The deep packet inspection is useful, but the most useful feature is application awareness. You can filter on the app rather than on a static TCP port."
"It allows us to be more hands off in checking on emails and networking traffic. We can set up a bunch of different alerts and have it alert us."
"The product is very easy to configure."
"The server appliance is good."
"Initially, we didn't have much visibility around what is occurring at our applications lower level. For instance, if we are exposed to any malicious attacks or SQL injections. But now we've integrated FireEye with Splunk, so now we get lots of triggers based on policy content associated with FireEye. The solution has allowed for growth and improvement in our information security and security operations teams."
"Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening."
"The product has helped improve our organization by being easy to use and integrate. This saves time, trouble and money."
"Very functional and good for detecting malicious traffic."
"It is stable and quite protective. It has a lot of features to scan a lot of malicious things and vulnerabilities."
"Fortinet FortiGate could improve by having more storage in the hardware for log data."
"It can be a little bit more user-friendly in terms of policy definition and implementation. It seems a little bit complicated, and it could be simplified."
"The Web-filter in this solution is not very good."
"They've become quite expensive."
"One area for improvement is the performance on the bandwidth demands for smaller devices, as well as better web filtering."
"It should be more stable. There should be full integration within Fortinet products themselves as well as with other third-party products. Especially when you're not dealing with SIEM and the correlation of the security box, we want Fortinet to be able to share that information with as many other products as it can."
"A sandbox would be good in order to be able to inspect the emails containing spam and be able to validate the emails that contain malware, prior to delivering to the customer."
"The security of Fortinet FortiGate could improve."
"It is my understanding that they are in the process of discontinuing this device."
"Make the IPS baked-in."
"I would like it if they made the newer generation a bit simpler. You can do ASA code and FXOS. It is just a bit confusing with the newer generational equipment on what it can do."
"One of my colleagues is using the firewall as an IPS, but he is worried about Firepower's performance... With the 10 Gb devices, when it gets to 5 Gbps, the CPU usage goes up a lot and he cannot manage the IPS."
"It lacks management. For me, it still doesn't have a proper management tool or GUI for configuration, logging, and visualization. Its management is not that easy. It is also not very flexible and easy to configure. They used to have a product called CSM, but it is no longer being developed. FortiGate is better than this solution in terms of GUI, flexibility, and user-friendliness."
"The solution could offer better control that would allow the ability to restrictions certain features from a website."
"FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively."
"<p>If there is old hardware, or appliances, it does not necessarily work with the new Cisco generation firewalls."
"The product's integration capabilities are an area of concern where improvements are required."
"Improvements could be achieved through greater integration capabilities with different firewall solutions. Integrating with the dashboard itself for different firewalls so users can also pull tags into their firewall dashboard."
"The initial setup was complex because of the nature of our environment. When it comes to the type of applications and functions which we were looking at in terms of identifying malicious threats, there would be some level of complexity, if we were doing it right."
"Cybersecurity posture has room for improvement."
"It is not a very secure product."
"As far as future inclusions, it would be useful to display more threat intelligence, such as the actual area of the threat and the origin of the web crawling (Tor and Dark Web)."
"The world is currently shifting to AI, but FIreEye is not following suit."
"It would be great if we could create granular reports based on the protocols, types of attacks, regions of attack, etc. Also we would like to easily be able to add exceptions to rules in cases of false positives."
More Trellix Network Detection and Response Pricing and Cost Advice →
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Trellix Network Detection and Response is ranked 9th in Advanced Threat Protection (ATP) with 35 reviews. Cisco Secure Firewall is rated 8.2, while Trellix Network Detection and Response is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Blocks traffic and DDoS attacks ". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Palo Alto Networks NG Firewalls, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Vectra AI and Netgate pfSense.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.