We performed a comparison between Cisco Secure Firewall and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."Fortinet FortiGate is user-friendly and affordable."
"The secure web gateway module and the application control module are valuable. HA operations are very easy."
"Fortinet offers the latest versions to cater to the needs of enterprises."
"The most valuable features of Fortinet FortiGate are the ease of use and the UI. It has always provided me with what I needed. I have no need for additional costs that other solutions have, such as Sophos."
"You can create multiple Virtual Domains (VDOMs), which are treated as separate firewall instances."
"Its stability is the most valuable."
"FortiGate's web and URL filtering are unlike any other firewall I've used. The functionality of URL filtering in those solutions is problematic because everything is encrypted, and firewalls can't break that encryption protocol. Fortinet has an SSL proxy, so the encryption is done before the packet ever leaves the FortiGate. The URL filter is definitely one of the most helpful features."
"It's a firewall that secures our internal network. I have been using it since 2013, and I find that most of the features are advanced, and very user friendly."
"Beats sophisticated cyber attacks with a superior security appliance."
"To be honest, all of the features that are provided, all the other vendor will also have. One feature we did find valuable was the CLI, it is more accurate. Additionally, I was happy with the customization, dashboards, access lists and interface."
"The features I found most valuable in this solution, are the overall security features."
"The protection and security features, like URL filtering, the inspection, and the IPS feature, are also very valuable for us. We don't have IT staff at most of the sites so for us it's important to have a robust firewall at those sites"
"Cisco ASA has an okay CLI with a nice GUI."
"Network segmentation is the most valuable feature."
"The features I have found most valuable are the ASA firewalls. I like to have features like most integrated systems in ACI."
"The most important feature is the intensive way you can troubleshoot Cisco Firepower Firewalls. You can go to the bit level to see why traffic is not handled in the correct way, and the majority of the time it's a networking issue and not a firewall issue. You can solve any problem without Cisco TAC help, because you can go very deeply under the hood to find out how traffic is flowing and whether it is not flowing as expected. That is something I have never seen with other brands."
"It is stable and quite protective. It has a lot of features to scan a lot of malicious things and vulnerabilities."
"The most valuable feature is the network security module."
"The product has helped improve our organization by being easy to use and integrate. This saves time, trouble and money."
"It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye."
"The installation phase was easy."
"The server appliance is good."
"Improved our systems and our customers' by providing better malware protection, defense against zero-day threats, and improved network security."
"Initially, we didn't have much visibility around what is occurring at our applications lower level. For instance, if we are exposed to any malicious attacks or SQL injections. But now we've integrated FireEye with Splunk, so now we get lots of triggers based on policy content associated with FireEye. The solution has allowed for growth and improvement in our information security and security operations teams."
"One of the features that I would like to have is to do with endpoint production, it should be integrated. For example, the firewall gets notified of any kind of forensic event that needs to be done, such as if there is a ransomware attack and how it originated, all those records have to be available from the firewall, which is not."
"The debugging and troubleshooting has room for improvement."
"Technical support for this solution can be improved."
"Fortinet FortiGate could improve if it had a cloud-managed solution."
"The support we receive when we need to upgrade is not satisfactory and has room for improvement."
"Fortinet FortiGate can improve the integration with Active Directory. Additionally, I would like to have a Cloud Controller, such as they do in the Cisco Meraki solution."
"Their software support needs improvement. I would prefer to have better support for bug fixes. Sometimes, we open a ticket, and it is very difficult to get a solution. Specifically, we are not at all happy with their support for load balancing."
"Technical support could be better. You don't always get the level of help you need right away."
"10Gb interfaces should be available on more models."
"It is hard to control the bandwidth of end-users with a Cisco Firewall. That is the main issue I've faced. I used Mikrotik for many years for this very reason. Mikrotik has the option to set a bandwidth restriction for a single IP or complete segments. Cisco should add this option to their firewall."
"Tech support could not answer all of our questions. I had to do research on the web to solve my issues."
"The product needs real-time logs to be able to monitor our services, so we can know if any our services have been blocked via the firewall or on the application side."
"It is surprising that you need to have a virtual appliance for the Firepower Management Center. It is not good if you have to setup a VMware server just for it."
"I see room for improvement when it comes to integrating all the devices into a central management system. Cisco doesn't provide this, but there are some good products in the market that can provide it."
"It would be great to have all the data correlated to have an overview and one point of administration."
"One of my colleagues is using the firewall as an IPS, but he is worried about Firepower's performance... With the 10 Gb devices, when it gets to 5 Gbps, the CPU usage goes up a lot and he cannot manage the IPS."
"Improvements could be achieved through greater integration capabilities with different firewall solutions. Integrating with the dashboard itself for different firewalls so users can also pull tags into their firewall dashboard."
"It doesn't connect with the cloud, advanced machine learning is not there. A known threat can be coming into the network and we would want the cloud to look up the problem. I would also like to see them develop more file replication and machine learning."
"It would be a good idea if we could get an option to block based upon the content of an email, or the content of a file attachment."
"The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box. It comes from the vendor as-is. Some users like to have control of it. Like what type of Windows and what type of applications and they have zero control over this."
"The product's integration capabilities are an area of concern where improvements are required."
"Cybersecurity posture has room for improvement."
"Stability issues manifested in terms of throughput maximization."
"Based on what we deployed, they should emphasize the application filtering and the web center. We need to look deeper into the SSM inspection. If we get the full solution with that module, we don't need to get the SSM database from another supplier."
More Trellix Network Detection and Response Pricing and Cost Advice →
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Trellix Network Detection and Response is ranked 9th in Advanced Threat Protection (ATP) with 35 reviews. Cisco Secure Firewall is rated 8.2, while Trellix Network Detection and Response is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Blocks traffic and DDoS attacks ". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Palo Alto Networks NG Firewalls, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Vectra AI and Zabbix.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.