We performed a comparison between Cisco Secure Firewall and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."The flexibility and ease of configuration are the most valuable features."
"It is user friendly, and has all the features you need."
"The most valuable feature is the FortiManager for centralized management."
"The features that I have found most valuable are the SD-WAN and their IP4 policy."
"Good anti-malware and web filtering features."
"The interface is very user-friendly and I like it very much."
"The solution is stable."
"The ability to set up remote systems is the most valuable feature."
"You can also put everything into a nice, neat, little package, as far as configuration goes. I was formerly a command-line guy with the ASA, and I was a little nervous about dealing with a GUI interface versus a command line, but after I did my first deployment, I got a lot more comfortable with doing it GUI based."
"Among the top features are integrated threat defence and the fact that each virtual appliance is separate so you get great granular control."
"The most important feature is the intensive way you can troubleshoot Cisco Firepower Firewalls. You can go to the bit level to see why traffic is not handled in the correct way, and the majority of the time it's a networking issue and not a firewall issue. You can solve any problem without Cisco TAC help, because you can go very deeply under the hood to find out how traffic is flowing and whether it is not flowing as expected. That is something I have never seen with other brands."
"I like its integration with the AnyConnect client. I also like how modular it is. For example, I can easily integrate the Umbrella add-on into it. We are planning on adding Umbrella. We haven't added it yet, but we have researched."
"The initial setup is easy."
"ASA integrates with FirePOWER, IPS functionality, malware filtering, etc. This functionality wasn't there in the past. With its cloud architecture, Cisco can filter traffic at the engine layer. Evasive encryptions can be entered into the application, like BitTorrent or Skype. This wasn't possible to control through a traditional firewall."
"When I was managing these firewalls, I found them easy to understand, easy to deploy, and easy to maintain as compared to some of the other firewalls I have been involved with earlier. The opinion of my coworkers is that it's easy and quick to establish new zones, expand, and maintain."
"The management aspect of the product is very straightforward."
"The sandbox feature of FireEye Network Security is very good. The operating system itself has many features and it supports our design."
"If we are receiving spam emails, or other types of malicious email coming from a particular email ID, then we are able to block them using this solution."
"The product has helped improve our organization by being easy to use and integrate. This saves time, trouble and money."
"The server appliance is good."
"We see ROI in the sense that we don't have to react because it stops anything from hurting the network. We can stop it before we have a bigger mess to clean up."
"The solution can scale."
"Improved our systems and our customers' by providing better malware protection, defense against zero-day threats, and improved network security."
"Over the thirteen years of using the product, we have not experienced a single compromise in our environment. During the COVID period, we faced numerous DDoS attacks, and the tool proved highly effective in mitigating these threats."
"I have to say that the initial setup was complex. The deployment took a few days to get set up. Initially, we were using an IPVanish. We switched to this tool since we thought it would be easier. But it turns out it wasn't easier to set up and run."
"The UTM filtering needs improvement."
"The biggest "gotcha" is that if the client purchases what they call the UTM shared bundle, which has unified threat management on both, it's not as easy to manage if you have more than one firewall."
"It needs more available central management."
"Technical support is good but the response time could be faster."
"Fortinet FortiGate could improve by adding enhancements to FortiMail, FortiSOAR, and FortiDeceptor."
"If they had better integration with security products, such as Cisco ISE or Rapid Threat Containment, then it would be an improvement."
"The scalability could be better."
"The security features in the URL category need more improvement."
"This is an older product and has reached end-of-life."
"I think that the solution can be improved with the integration of application-centric infrastructure. It could be used to have better solutions in one box."
"We have more than one Cisco firewall and it is difficult for me to integrate both on the single UI."
"The most valuable features of the product are the VPN and the NextGen firewall features such as application control, URL filtering, etc."
"The phishing emails could be improved."
"The inclusion of an autofill feature would improve the ease of commands."
"The operation of the ASA is good but the problem is that whenever you require an upgrade, there are multiple pieces of software that you have to upgrade. Extensive planning is required, because if you upgrade one piece of the software it has to be compatible with the others as well. You always need to check the compatibility metrics."
"It is an expensive solution."
"I heard that FireEye recently was hacked, and a lot of things were revealed. We would like FireEye to be more secure as an organization. FireEye has to be more protective because it is one of the most critical devices that we are using in our environment. They have a concept called SSL decryption, but that is only the packet address. We would like FireEye to also do a lot of decryption inside the packet. Currently, FireEye only does encryption and decryption of the header, but we would like them to do encryption and decryption of the entire packet."
"The initial setup was complex because of the nature of our environment. When it comes to the type of applications and functions which we were looking at in terms of identifying malicious threats, there would be some level of complexity, if we were doing it right."
"Stability issues manifested in terms of throughput maximization."
"They can maybe consider supporting some compliance standards. When we are configuring rules and policies, it can guide whether they are compliant with a particular compliance authority. In addition, if I have configured some rules that have not been used, it should give a report saying that these rules have not been used in the last three months or six months so that I disable or delete those rules."
"It is very expensive, the price could be better."
"The product's integration capabilities are an area of concern where improvements are required."
"Its documentation can be improved. The main problem that I see with FireEye is the documentation. We are an official distributor and partner of FireEye, and we have access to complete documentation about how to configure or implement this technology, but for customers, very limited documentation is available openly. This is the area in which FireEye should evolve. All documents should be easily available for everyone."
More Trellix Network Detection and Response Pricing and Cost Advice →
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Trellix Network Detection and Response is ranked 9th in Advanced Threat Protection (ATP) with 35 reviews. Cisco Secure Firewall is rated 8.2, while Trellix Network Detection and Response is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Blocks traffic and DDoS attacks ". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Palo Alto Networks NG Firewalls, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Vectra AI and Zabbix.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.