We performed a comparison between Cisco Secure Firewall and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."It's very fast and easy to configure."
"It's great for capturing the traffic and troubleshooting it."
"It enables our organization to become more productive. Also, it protects our NEtWare from viruses and malware."
"We use a lot of function on the IPS and it works well for us."
"We are a visual effects company, and there have been a number of high profile security issues in our industry. This has brought us to a higher standard of security, which our clients are very keen on these days."
"It increases security posture and is helpful for firewall reporting, intrusion protection, web filtering, and SD-WAN implementation."
"The signature database and zero-day detection are Fortinet FortiGate's most valuable features."
"The user interface (UI) is very, very good."
"If you have a solution that is creating a script and you need to deploy many implementations, you can create a script in the device and it will be the same for all. After that, you just have to do the fine tuning."
"The most valuable feature for the customers is that they can control what communication is allowed and what is not allowed. That is, they can allow or deny client traffic."
"VPN load balancing has been particularly essential for my connections to integrate via multiple time zones."
"Cisco Firepower NGFW is really easy to use right now to determine when my file requires a shift from primary to secondary status, and it can be done with automation. Earlier we used to do this with patching."
"The most valuable feature is that it has the ability to divide the network into three parts; internal, external, and DMZ."
"The greatest benefit for the organization is the confidence that we are secured."
"One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful."
"Beats sophisticated cyber attacks with a superior security appliance."
"Initially, we didn't have much visibility around what is occurring at our applications lower level. For instance, if we are exposed to any malicious attacks or SQL injections. But now we've integrated FireEye with Splunk, so now we get lots of triggers based on policy content associated with FireEye. The solution has allowed for growth and improvement in our information security and security operations teams."
"The product has helped improve our organization by being easy to use and integrate. This saves time, trouble and money."
"The most valuable feature is MVX, which tests all of the files that have been received in an email."
"The most valuable feature is the view into the application."
"The most valuable feature is the network security module."
"Application categorization is the most valuable feature for us. Application filtering is very interesting because other products don't give you full application filtering capabilities."
"Very functional and good for detecting malicious traffic."
"The sandbox feature of FireEye Network Security is very good. The operating system itself has many features and it supports our design."
"They've become quite expensive."
"The setup is pretty complex and not easy to implement."
"Fortinet FortiGate needs to improve the logging and reporting. Additionally, the next-generation application's policies should be improved. When they were released they had bugs."
"It needs more available central management."
"The monitor and the visibility, in this proxy, is very weak."
"The product does need better support in the cloud environment. It's not exactly cloud-native right now."
"There are some cloud-based features that could be much more flexible than they currently are."
"I would like to see improvements in the support from Fortinet. Here in the Philippines, whenever we have problems with a Fortinet product, we mostly ask for support from distributors and resellers and not directly from Fortinet."
"Cisco should work on ASDM. One of the biggest drawbacks of Cisco ASA is ASDM GUI. Cisco should improve the ASDM GUI. The configuration through ASDM is really difficult as compared to CLI. Sometimes when you are doing the configuration in ASDM, it suddenly crashes. It also crashes while pushing a policy. Cisco should really work on this."
"With regards to stability, we had a critical bug come out during our evaluation... not good."
"It doesn't have Layer 7 security."
"The solution is overcomplicated in some senses. Simplifying it would be an improvement."
"We would like to see MS Word BPM as a feature."
"In the future, I would like to be able to use an IP phone over a VPN connection."
"Its configuration through GUI as well as CLI can be improved and made easier."
"The process of procuring modern-day technology within the DOD needs to improve."
"It is not a very secure product."
"Certain features in Trellix Network Detection and Response, such as using AL-type commands, may initially pose a challenge for those unfamiliar with such commands. However, once users become accustomed to the system, it becomes easier to use."
"Improvements could be achieved through greater integration capabilities with different firewall solutions. Integrating with the dashboard itself for different firewalls so users can also pull tags into their firewall dashboard."
"It would be very helpful if there were better integration with other solutions from other vendors, such as Fortinet and Palo Alto."
"I heard that FireEye recently was hacked, and a lot of things were revealed. We would like FireEye to be more secure as an organization. FireEye has to be more protective because it is one of the most critical devices that we are using in our environment. They have a concept called SSL decryption, but that is only the packet address. We would like FireEye to also do a lot of decryption inside the packet. Currently, FireEye only does encryption and decryption of the header, but we would like them to do encryption and decryption of the entire packet."
"Technical support could be improved."
"We'd like the potential for better scaling."
"The world is currently shifting to AI, but FIreEye is not following suit."
More Trellix Network Detection and Response Pricing and Cost Advice →
Cisco Secure Firewall is ranked 4th in Firewalls with 112 reviews while Trellix Network Detection and Response is ranked 14th in ATP (Advanced Threat Protection) with 5 reviews. Cisco Secure Firewall is rated 8.2, while Trellix Network Detection and Response is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Includes multiple tools that help manage and troubleshoot, but needs SD-WAN for load balancing". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Great sandboxing, good reliability, and helpful support". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Juniper SRX Series Firewall, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, NetWitness Platform and Check Point SandBlast Network.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.