We performed a comparison between Cisco Secure Firewall and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."The pipe filter application is an outstanding feature."
"Fortinet has a very good solution for Secure SD-WAN. One very good feature is that they have robust and simple FortiOS through which they provide all solutions. That's their strength. There's not much complexity involved with the Secure SD-WAN solution of Fortinet as compared to Cisco's solution, which has a lot of flexibility but complexity also comes with that flexibility."
"The solution has very good threat and content filtering switches."
"The feature I like most is the SD-WAN. It allows you to manage more than one ISP at the same time. And there is a high-availability mode, so if one of your ISPs is down, you still have a backup."
"I like how we can achieve total integration."
"The features that I have found most valuable are that it is good to use, and most importantly, the pricing. The customer especially likes the discount when they trade up or something like that."
"It does a lot for you for intrusion protection and as an antivirus. The threat management bundle is worth the money. You don't need another company to monitor your web traffic for you. You can do everything yourself on the firewall. You restrict your own black list for people on the firewall. You don't need to pay some other company for another product to do that for you. The firewall can do that for you. So, it's an easy-to-use product for people to be independent. They don't need to rely on other vendors to do what the firewall can do. They can do everything."
"The technical support is great."
"Being able to use it as a policy-based VPN is valuable. It's very easy to understand. It's very easy to troubleshoot."
"The feature I find most valuable is the Cisco VPN Interconnection."
"IPS and Snort are very important because they also differentiate Cisco from other vendors and competitors."
"Its ability to work with the traffic."
"This solution has good security, and it's a good product. You can trust Cisco, and there's support as well, which is really good."
"The ASA 55-x range is a solid and reliable firewall. It secures the traffic for normal purposes."
"An efficient, easy to deploy and dependable firewall solution."
"It protects our network."
"It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye."
"We see ROI in the sense that we don't have to react because it stops anything from hurting the network. We can stop it before we have a bigger mess to clean up."
"The most valuable feature is MVX, which tests all of the files that have been received in an email."
"Support is very helpful and responsive."
"The product is very easy to configure."
"Improved our systems and our customers' by providing better malware protection, defense against zero-day threats, and improved network security."
"It allows us to be more hands off in checking on emails and networking traffic. We can set up a bunch of different alerts and have it alert us."
"Very functional and good for detecting malicious traffic."
"Fortinet FortiGate could improve by adding FortiAnalyzer to its solution, we should not have to use another solution. FortiAnalyzer can provide more detailed information."
"The main aspect of FortiGate that could be improved is load balancing. Our management team does not want to buy another appliance for only load balancing."
"It is quite new for us, and we need to go more in-depth into the monitoring tools. It provides different features that we need to do what we want. So far, it is okay for us. In terms of improvement, in the future, they can provide a faster implementation of features. Some of the features are first available in other solutions. Fortinet sometimes takes a little bit longer than other solutions, such as Check Point, to implement new features."
"Currently, FortiGate is providing SSL VPN. But they're missing some features that are available in Palo Alto's SSL VPN."
"FortiGate should have a better way of detecting and managing the system memory because otherwise if the memory is too low, a system restart is required."
"The room for improvement is about the global delivery time period. Usually I need to wait for almost one month to deliver it overseas. So if you can shorten the deliver time it'd be great."
"A sandbox would be good in order to be able to inspect the emails containing spam and be able to validate the emails that contain malware, prior to delivering to the customer."
"We would like to see an upgrade to the VPN feature, we are using the VPN from outside of our office and there is a limitation to 10 connections, more connections would be suitable."
"We are Cisco partners, and when we recommend Cisco FirePower to customers, they always think that FirePower is bad. For a single installation of FirePower, if I have to write about 18 tickets to Cisco, it's a big problem. There was an issue was related to Azure. We had Active Directory in Azure. The clients had to connect to FirePower through Azure. We had a lot of group policies. After two group policies, we had to make groups in Azure, and they had to sign in and sign back. It was a triple-layer authentication, and there was a big problem, so we didn't use it."
"I'm not a big fan of the FDM (Firepower Device Manager) that comes with Firepower. I found out that you need to use the Firepower Management Center, the FMC, to manage the firewalls a lot better. You can get a lot more granular with the configuration in the FMC, versus the FDM that comes out-of-the-box with it. FDM is like Firepower for dummies."
"Setting it up is not as intuitive as other more modern NGFWs."
"Its implementation was not straightforward. It was mainly because we were running two projects together."
"The central management tool is not comfortable to use. You need to have a specific skill set. This is an important improvement for management because I would like to log into Firepower, see the dashboard, and generate a real-time report, then I question my team."
"I would like to see the inclusion of a protocol that can be used to protect databases."
"It is not easy to configure."
"I would like to see more integration with third-party devices in general. There is great integration with Cisco devices, but there's not much integration with third-party devices."
"It doesn't connect with the cloud, advanced machine learning is not there. A known threat can be coming into the network and we would want the cloud to look up the problem. I would also like to see them develop more file replication and machine learning."
"Technical support could be improved."
"We'd like the potential for better scaling."
"Certain features in Trellix Network Detection and Response, such as using AL-type commands, may initially pose a challenge for those unfamiliar with such commands. However, once users become accustomed to the system, it becomes easier to use."
"The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box. It comes from the vendor as-is. Some users like to have control of it. Like what type of Windows and what type of applications and they have zero control over this."
"They can maybe consider supporting some compliance standards. When we are configuring rules and policies, it can guide whether they are compliant with a particular compliance authority. In addition, if I have configured some rules that have not been used, it should give a report saying that these rules have not been used in the last three months or six months so that I disable or delete those rules."
"Its documentation can be improved. The main problem that I see with FireEye is the documentation. We are an official distributor and partner of FireEye, and we have access to complete documentation about how to configure or implement this technology, but for customers, very limited documentation is available openly. This is the area in which FireEye should evolve. All documents should be easily available for everyone."
"It is very expensive, the price could be better."
More Trellix Network Detection and Response Pricing and Cost Advice →
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Trellix Network Detection and Response is ranked 9th in Advanced Threat Protection (ATP) with 35 reviews. Cisco Secure Firewall is rated 8.2, while Trellix Network Detection and Response is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Blocks traffic and DDoS attacks ". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Palo Alto Networks NG Firewalls, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Vectra AI and Netgate pfSense.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
