We performed a comparison between Cisco Secure Firewall and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."The solution is scalable."
"Consolidated our network environment at all locations, but mainly at our datacenter."
"It is a safe product."
"Overall, the pricing of the solution is very good. The product offers good value."
"The email protection and VPN features are the most valuable."
"I like several features that this product has, such as antivirus and internet navigation inspection. It is also simple to use."
"This solution has helped our organization by having strong functions and a reliable firewall."
"Its stability is the most valuable."
"It provides security for our company and users."
"The most valuable feature is IPS. It's a feature that's very interesting for tackling the most current attacks."
"The features I've found most valuable are the packet captures and packet traces because they help me debug connections. I like the logs because they help me see what's going on."
"The most valuable feature of the Firepower solution is FireSIGHT, which can be easily managed and is user-friendly."
"It's quite a capable box for UTM."
"The feature my customers find the most valuable is the exportability."
"Since the product is stable, we do not have to spend additional money to buy other firewalls. Once deployed, we can use the product for a long time. Thus, it is cost effective."
"The most valuable features of this solution are the integrations and IPS throughput."
"The product has helped improve our organization by being easy to use and integrate. This saves time, trouble and money."
"The sandbox feature of FireEye Network Security is very good. The operating system itself has many features and it supports our design."
"It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye."
"The most valuable feature is the view into the application."
"The MVX Engine seems to be very capable against threats and the way it handles APTs is impressive."
"The features that I find most valuable are the MIR (Mandiant Incident Response) for checks on our inbound security."
"Initially, we didn't have much visibility around what is occurring at our applications lower level. For instance, if we are exposed to any malicious attacks or SQL injections. But now we've integrated FireEye with Splunk, so now we get lots of triggers based on policy content associated with FireEye. The solution has allowed for growth and improvement in our information security and security operations teams."
"Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening."
"They can do more tests before they release new versions because I would like to be more assured. We had some experiences where they release something new and great, but some of the old features are disabled or they don't work well, which impacts the product satisfaction. The manufacturer should be able to prove that everything works or not only that it might work. This is applicable to most of the other services, software, and hardware companies. They all should work on this. We cannot trust every new release, such as a beta release, on the first day. We wait for some comments on the forums and from other companies that we know. We always wait a few weeks before we use the updated version. They should also extend the VPN client application, especially for Linux versions. Currently, it has an application for Linux devices, but it doesn't work the way we want to connect to the VPN. They use only the old connection, not the new one. They have VPN client applications for Windows and Mac, but they can add more useful features to better manage the devices and monitor the current health of each device. Such features would be helpful for our company."
"The integration with third-party tools may be something that they should work on."
"One of the features that I would like to have is to do with endpoint production, it should be integrated. For example, the firewall gets notified of any kind of forensic event that needs to be done, such as if there is a ransomware attack and how it originated, all those records have to be available from the firewall, which is not."
"I don't like that anything more than very basic reporting is not included."
"The UI could be improved."
"You do need some IT knowledge in order to effectively work with the solution."
"The support from Fortinet FortiGate could improve. They are not easily accessible when we need them. They could improve their response time."
"Technical support for this solution can be improved."
"REST API stability needs improvement in order for customizing resource allocation available to the user rather than just being there transparently. This way users can customize REST API and tailor it to their needs."
"I would like to see an IE version of the solution where it is ruggedized."
"I would say that in inexperienced hands, the interface can be kind of overwhelming. There are just a lot of options. Too much, if you don't know what you are looking for or trying to do."
"Cisco ASA should be easier to use. It is a bit tough to navigate and see what is going on."
"A major area of improvement would be to have more functionality in public clouds, especially in terms of simplifying it. The high availability doesn't work right now because of the limitations in the cloud."
"The use of it has really bogged down our response time for certain problems, given we have to go through AT&T for everything."
"I would like to see improvement when you create policies on Snort 3 IPS on Cisco Firepower. On Snort 2, it was more like a UI page where you had some multiple choices where you could tweak your config. On Snort 3, the idea is more to build some rules on the text file or JSON file, then push it. So, I would like to see a lot of improvements here."
"The one thing that the ASAs don't have is a central management point. We have a lot of our environments on FTD right now. So, we are using a Firewall Management Center (FMC) to manage all those. The ASAs don't really have that, but they are easy to use if you physically go into them and manage them."
"The initial setup was complex because of the nature of our environment. When it comes to the type of applications and functions which we were looking at in terms of identifying malicious threats, there would be some level of complexity, if we were doing it right."
"The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box. It comes from the vendor as-is. Some users like to have control of it. Like what type of Windows and what type of applications and they have zero control over this."
"A better depth of view, being able to see deeper into the management process, is what I'd like to see."
"Stability issues manifested in terms of throughput maximization."
"It doesn't connect with the cloud, advanced machine learning is not there. A known threat can be coming into the network and we would want the cloud to look up the problem. I would also like to see them develop more file replication and machine learning."
"We'd like the potential for better scaling."
"I would love to see better reporting. Because you can't export some of the reports in proper formats, it is hard to extract the data from reports."
"There is a lot of room for Improvement in the offering, from cost to functionality. It is pretty straightforward to implement which is an advantage. However, it falls short in pricing, detection capabilities, and, most importantly, reporting and policy management."
More Trellix Network Detection and Response Pricing and Cost Advice →
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Trellix Network Detection and Response is ranked 9th in Advanced Threat Protection (ATP) with 35 reviews. Cisco Secure Firewall is rated 8.2, while Trellix Network Detection and Response is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Blocks traffic and DDoS attacks ". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Palo Alto Networks NG Firewalls, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Vectra AI and Zabbix.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
