We performed a comparison between Cisco Secure Firewall and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."The Intrusion Prevention System and the web filtering are both working well."
"Using this product makes the VPN seamless and almost invisible to me in the sense that I don't have to think about it."
"The FortiGate controls the user's activities and maximizes my bandwidth use overall."
"The web tutor and automatic rules by schedule are good features."
"Fortinet FortiGate is easy to use. Anyone can easily maintain it."
"The solution has very good threat and content filtering switches."
"It is useful for protecting and segregating the internal networks from the internet. Most of our customers also use the FortiGate client to connect to their offices by using the VPN client, and of course, they usually activate the antivirus, deep inspection, and intrusion prevention services. They are also using it for web filtering and implementing various policies dealing with forwardings, NAT, etc."
"Good performance, stability, and virtual domain ability."
"Cisco's engineer helped us with a lot of scripting to see what existed. Previously, we didn't have a proper policy. In fact, we didn't have any policy because we didn't have any firewall for the data center, so generating a policy was a big challenge. Cisco's engineer helped us to do some scripting and find out what kind of policy we can have and organize those policies. That was nice."
"I have found the most valuable feature to be the access control and IPsec VPN."
"The IPS (In-plane switching) is the most valuable feature."
"It brings us the ability to work from anywhere and has allowed us to work remotely without having to incur a lot of other costs. If we didn't have this type of solution, since we have so many on-prem services that are required, we would have likely lost money and been unable to deliver. We have a video services team who helped build the content for our sporting events. When you are watching a Leaf game and those swipes come by as well as the clips and things, those are all generated in-house. Without the ability to access our on-premise resources, we would have been dead in the water. So, the return on that is pretty impressive."
"The solution is pretty easy to deploy."
"VPN, firewall, and IDS/IPS allow us to deliver services to meet client needs across various industry verticals."
"Protecting our landscape in general and being able to see logging when things aren't going as set out in policies are valuable features. Our security department is keen on seeing the logging."
"The most valuable feature of this solution is its ability to integrate vertically."
"It allows us to be more hands off in checking on emails and networking traffic. We can set up a bunch of different alerts and have it alert us."
"If we are receiving spam emails, or other types of malicious email coming from a particular email ID, then we are able to block them using this solution."
"Improved our systems and our customers' by providing better malware protection, defense against zero-day threats, and improved network security."
"The features that I find most valuable are the MIR (Mandiant Incident Response) for checks on our inbound security."
"The most valuable feature is the network security module."
"Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening."
"The sandbox feature of FireEye Network Security is very good. The operating system itself has many features and it supports our design."
"It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye."
"I don't like that anything more than very basic reporting is not included."
"There are some cloud-based features that could be much more flexible than they currently are."
"If I had any criticism that I would give FortiGate, it would be that they need to stop changing their logging format. Every time we do a firmware upgrade, it is a massive issue on the SIM. Parsers have to be rebuilt. Even the FortiGate guys came in and said that they don't play well in the sandbox."
"MTBF: Hardware failure is more common when compared to SonicWall or Cisco ASA."
"One area for improvement is the performance on the bandwidth demands for smaller devices, as well as better web filtering."
"Difficult to add or define, and not that easy to configure and manage."
"The setup is pretty complex and not easy to implement."
"As far as wanting more scalability or things in the network diagram, it's going to cost you."
"These firewalls are not for beginners."
"The software was very buggy, to the point it had to be removed."
"The operation of the ASA is good but the problem is that whenever you require an upgrade, there are multiple pieces of software that you have to upgrade. Extensive planning is required, because if you upgrade one piece of the software it has to be compatible with the others as well. You always need to check the compatibility metrics."
"The stability could be better because we have a lot of issues with the stability of Cisco Firepower."
"Firepower's user experience should be a little bit better."
"VPNs are weak as this product still does not support route-based VPNs."
"As it’s a GenX firewall, expertise for both implementation and troubleshooting the pain points can be a challenge. This could be a concern when companies are thinking about buying this product."
"I think that the solution can be improved with the integration of application-centric infrastructure. It could be used to have better solutions in one box."
"A better depth of view, being able to see deeper into the management process, is what I'd like to see."
"Certain features in Trellix Network Detection and Response, such as using AL-type commands, may initially pose a challenge for those unfamiliar with such commands. However, once users become accustomed to the system, it becomes easier to use."
"The product's integration capabilities are an area of concern where improvements are required."
"Improvements could be achieved through greater integration capabilities with different firewall solutions. Integrating with the dashboard itself for different firewalls so users can also pull tags into their firewall dashboard."
"There is a lot of room for Improvement in the offering, from cost to functionality. It is pretty straightforward to implement which is an advantage. However, it falls short in pricing, detection capabilities, and, most importantly, reporting and policy management."
"The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box. It comes from the vendor as-is. Some users like to have control of it. Like what type of Windows and what type of applications and they have zero control over this."
"It is an expensive solution."
"The world is currently shifting to AI, but FIreEye is not following suit."
More Trellix Network Detection and Response Pricing and Cost Advice →
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Trellix Network Detection and Response is ranked 9th in Advanced Threat Protection (ATP) with 35 reviews. Cisco Secure Firewall is rated 8.2, while Trellix Network Detection and Response is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Blocks traffic and DDoS attacks ". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Palo Alto Networks NG Firewalls, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Vectra AI and Netgate pfSense.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.