Firewalls VM Reviews

Showing reviews of the top ranking products in Firewalls, containing the term VM
Check Point Virtual Systems: VM
reviewer897588 says in a Check Point Virtual Systems review
Network Security Engineer at a government

There are two deployment model modes in Check Point. One is a gateway level and one is a no gateway all-in-one box solution. With the gateway level, only hardware will be there, all operating systems are stored in a VMware and if there are any issues in the hardware, you just replace the box; all of your policies will be saved into VMware.

The all-in-one box you have the GUI policies and also the gateway so it's secure. If there is an issue in the box - like failure or downtime - all of the networks will be affected.

I would rate the solution eight out of ten. We haven't been using it too long, so we haven't had a chance to look at all aspects of the solution. I would recommend Check Point to customers because it is an affordable option.

View full review »
Senior Network/Security Engineer at Skywind Group

Our company works in the area of developing and delivering online gambling platforms. The Check Point Next-Generation Firewalls are the core security solution that we use for the protection of our DataCenter environment located in Asia (Taiwan).

The environment has about 50 physical servers as virtualization hosts, and we have two HA Clusters that consist of 2x5400 hardware appliances, managed by an OpenServer Security Management Server on a Virtual Machine (KVM), all running on R80.10 with the latest JumboHotfix.

The Check Point Virtual Systems are activated on the NGFWs to logically divide the firewall into two parts. One is for serving internal, intra-VLAN traffic, and the other is for serving the external traffic coming from the Internet.

View full review »
Cisco ASA Firewall: VM
Moraima Matilda says in a Cisco ASA Firewall review
Coordinator Network Support at a manufacturing company with 501-1,000 employees
Munish Gupta says in a Cisco ASA Firewall review
Partner - Consulting & Advisory at Wipro Technologies

We evaluated VMware Virtual Networking and Check Point.

We chose Cisco because of the support and their roadmap for the changing technology landscape is good. Therefore, it is always better to be partnered with them.

View full review »
Fortinet FortiGate: VM
Chingiz Abdukarimov says in a Fortinet FortiGate review
Director at a integrator with 11-50 employees

Good VPN, both IPSEC and SSL (web-mode, tunnel-mode). An engineer/network administrator has tools to debug VPN issues that can occur during tunnel setup with other vendors' equipment.

SD-WAN feature at no cost. This is really great feature for remote locations (branch offices) and HQ, application steering between many ISP links becomes a simple task. Steering can be done dynamically by measuring link quality (latency, jitter, packet loss, available bandwidth).

Wi-Fi and Switch controller at no cost. FortiSwitch and FortiAP can become a kind of port extender of the firewall, all its ports can be referenced in firewall policies. When you have such management plane consolidation it gives you a simpler way to operate.

Security Fabric Framework is helping in analyzing sudden and rapid changes in whole infrastructure, and gives the ability to simplify daily operations (e.g. address objects synchronization between all firewalls in Fabric, estimating overall security rating, single-sign-on for admin access and many more)

Single Sign On support with deep LDAP integration (several variants for environments with different scales), RADIUS authentication.

Can work as transparent and explicit web-proxy, the last option supports Kerberos authentication which requires no agents installed on any windows server.

Human readable firewall policies with editable security policies and
addresses in single page. This is very useful and time saving feature.

Firmware upgrade process is very simple, even for cluster configurations it is fully automated by default.

Straightforward SNAT and DNAT; you may work in two ways: with Central NAT rules configuration and by applying translation directly inside firewall policies.

Bulk CLI commands are uploaded via gui in script file (portions of config file).

VDOMs are very useful when you need to grant admin role to clients separately. VDOMs in FortiGate can be represented in FortiAnalyzer's ADOMs (administrative domain), which can have different log storage policies, event handling and alerting configurations. You can create one VDOM working in NAT/Route mode, and another VDOM working in Transparent mode.

If you don't want to create and use second VDOM you can still transparently inspect traffic at layer 2 level while having only one VDOM in NAT/Route mode. This is achived by configuring Virtual Wire Pair ports that work like a separate bridge.

Ability to capture packets going through any interface of device (and VM too). You can set number of packets, filter out packets by IP and port number for particular troubleshooting purposes, then download a .pcap file from web gui and analyze it in your favorite programm.

Advanced routing (RIP, OSPF, BGP, PBR). It gives you a seamless and simple integration into a large network.

IPS, AV, Web Filter, AppControl profiles are working very well.

SSL Inspection and CASI (Cloud Access Security Inspection) profiles.

Rich logging options allow you troubleshoot most problems.

Straightforward HA with different redundancy schemas.

IPv6 support.

View full review »
pfSense: VM
reviewer963351 says in a pfSense review
IT Manager & Sr. Application Programmer with 11-50 employees

Extremely high. We tested it on VMs running different configurations from extremely lightweight to overkill. It will run on anything and maintain it's high performance. Obviously the more you give it, the more amazing the solution becomes. 

View full review »
Haytham Tarek says in a pfSense review
Founder and MD at Smart Solution

I depend on and use VMware ESXi with vSphere in my deployment, virtualization. pfSense is more stable and reliable if you install it directly on the server, i.e. not being installed as a virtual machine. That makes it very stable.

View full review »
Kenwyn Nero says in a pfSense review
Owner at IKON Business Group, Inc

We have a hosted platform with our client. We've built a VPN site and the solution is deployed as a VM. The client connects to it and it protects anything that's behind it like a regular firewall. Everything we have there is hosted in a data center, all our servers and things that clients connect to. So we're using it as our gateway device. We are customers of pfSense and I'm the owner of our company. 

View full review »
Kerio Control: VM
Andy Dibble says in a Kerio Control review
IT Manager at Flare Technologies

Our main customer base is superyachts, and they have the Kerio for traffic rules and bandwidth management of the various networks on board. They can optimize traffic for crew versus owners and guests, the VIPs that might be on board. They also use it for bandwidth sharing. They usually have a mixture of the VSAT satellite internet and 4G internet access. Sometimes they have WiFi, for example if they connect to a WiFi hotspot in a marina, as well as shoreline or fixed DSL. They use it to manipulate the internet traffic, so they can say the crew uses the slower VSAT and the guest gets the fast 4G or shoreline.

They also use it to see what's going on. If the boss complains that the internet's slow, they can quickly see if someone is downloading a load of updates or streaming Netflix and they can block them. They just want to have control, as the product name suggests, over the internet traffic.

In-house, we use the NG300, but because we are a partner, we use various hardware platforms. At the moment it's nearly all the NG series, the 100, 200, and 500. The most common that we use is the NG500. I'm interested in using the next-generation, which is due out in the next couple of months, but I've also used the virtual Kerio platform on a VMware hypervisor.

There's a virtual appliance, but also software installed on a Windows PC. We build our own virtual "guest" on a host, we've done a couple of those, and then attached it to a switch with VLANs, so we've covered all platforms.

We have these Kerios on anything from a 30-meter Sunseeker, with five or six crew members, four guest cabins, and a couple of master cabins, or a master and a VIP. They might have 20 guests so there would be a total of about 30 users and some 50 devices for those users. There is also all the AV equipment. And we've gone right up to a 120-meter superyacht, with 50 to 100 crew and space for about 200 guests. We've also got a couple of ski chalets, and a private island in Ibiza. A few hundred users is its top end, but as far as network-connected endpoints go, it could be in the few thousands of devices.

View full review »
Cisco Firepower NGFW Firewall: VM
Seniodascie9887 says in a Cisco Firepower NGFW Firewall review
Senior Data Scientist & Analytics at a tech services company with 11-50 employees

The time it takes to implement depends on the policy of the customer. Practically speaking, it takes around three to four hours to deploy, but it can depend because the Firepower solutions have two parts. One part is the hardware, it is an actual firewall and actual device but the monitoring system and the control system is a software called FMC. Most of the customers deploy it over VMware. The time of deployment really depends on your resources, but on average will take three to four hours.

At least two to three people with professional knowledge, around three years of experience, are needed for the deployment and maintenance, not only for Firepower but in every security solution. The device is doing something, but the most important part is analyzing it. The device can give you logs, but the engineer should analyze the log and do something.

Deployment without inspection can require only one person but if you want to analyze the IPS, at least two people will be needed.

View full review »
Palo Alto Networks VM-Series: VM
Dan Rabinowitz says in a Palo Alto Networks VM-Series review
Director of Infrastructure at Arcadia
  • It is the leader in the marketplace.
  • It has the ability to create Palo Alto VM-series using software.
  • The VM-Series has all of the components (out-of-the-box) that you need in a very secure environment.
View full review »
Pradeep Kurra says in a Palo Alto Networks VM-Series review
Cloud Practice Engineer at a tech services company with 51-200 employees

We use Palo Alto for the VPN, firewalls, and the hybrid site-to-site.

We have purchased Palo Alto VM for one of our customers. It has been a year since we have been using this product.

We use Palo Alto's on-premise version for a different purpose. We are using the cloud version for our contractors to VPN to the AWS environment.

For Palo Alto on-premise, we use it more for security firewalls. On the cloud side, we use it for customer contractors to get into the AWS environment for VPN. we use native routing and native security tools that they developed already in AWS. 

View full review »
Luis Henriquez says in a Palo Alto Networks VM-Series review
Hewlett Packard Enterprise Solution Architect at a tech services company with 11-50 employees

It has to be more scalable for the deployment of VMs on the cloud.

View full review »
Michael Robtoy says in a Palo Alto Networks VM-Series review
Infrastructure Team Lead at a financial services firm with 201-500 employees

We have ran into issues with Palo Alto’s limitations for resolving large IP lists from DNS lookups, as well as the antivirus interfering with App-ID.

I would like to see a more thorough QA process. We have had some difficulties from bugs in releases.

I see more improvements needed from AWS than from Palo Alto on the VM-Series, namely a design centered on NGFW.

View full review »
Shrijendra Shakya says in a Palo Alto Networks VM-Series review
C.T.O at Sastra Network Solution

We have recently begun working with Palo Alto Networks VM-Series.

View full review »
Sarith Sasidharan says in a Palo Alto Networks VM-Series review
System Administrator at a aerospace/defense firm with 201-500 employees

I have been using the Palo Alto VM-Series Firewall for a few months.

View full review »
ICT Infrastructure Specialist (E-Transform Project) at Ministry of Communications and Information

The Palo Alto VM-Series is a firewall that is part of our security solution.

View full review »
VishalGilatar says in a Palo Alto Networks VM-Series review
IT Security Head with 1,001-5,000 employees

Palo Alto VM Series is a firewall that makes up part of our security solution, handing IPS, IDS, and other security measures.

View full review »
Md Rezwan Ashique says in a Palo Alto Networks VM-Series review
Technology Specialist at Accretive Technologies Pvt Ltd

I only have experience with Palo Alto; I don't know much about other VM firewall solutions.

View full review »
Manager, Information Technology at SWPA Corp

The primary use case of this solution is as a firewall for our servers.

We are running a total of 12 servers. Four of them are hardware servers and the rest are VMware servers. We have about 80 clients running Windows 10.

View full review »
reviewer1415211 says in a Palo Alto Networks VM-Series review
Senior Manager Network Engineering at a manufacturing company with 10,001+ employees

I have been working with the Palo Alto VM-Series for four years.

View full review »
reviewer1267734 says in a Palo Alto Networks VM-Series review
Executive Cyber Security Consultant at a tech services company with 11-50 employees

Palo Alto VM-Series is something we recommend as a firewall solution in certain situations for clients with particular requirements who have the budget leeway.  

View full review »
reviewer1415460 says in a Palo Alto Networks VM-Series review
Senior Network Architect at a manufacturing company with 5,001-10,000 employees

The VM-Series firewall is part of our overall security solution.

View full review »
reviewer1286028 says in a Palo Alto Networks VM-Series review
Security Operations Specialist at a logistics company with 201-500 employees

I would definitely recommend this solution. It comes under the top industry leaders and is comparable to other top products in this category. 

I would rate Palo Alto Networks VM-Series a nine out of ten. 

View full review »
Goran Aleksic says in a Palo Alto Networks VM-Series review
Senior Network Engineer at a tech services company with 51-200 employees

It would be good if the common features work consistently in physical and virtual environments. There was an integration issue in the virtual deployment where it didn't report the interface counters, and we had to upgrade to the latest version, whereas the same thing has been working in the physical deployment for ages now. It seems that it was because of Azure. We were using VMware before, and we didn't have any such issues. We do see such small issues where we expect things to work, but they don't because of some incompatibilities. 

There also seems to be a limitation on how to do high availability in a virtualized environment. All features should be consistently available in physical and virtual environments. 

It is not always easy to integrate Palo Alto in the network management system. We would like to be able to compare two network management systems. They can maybe allow monitoring an interface through the GUI to create a reference or do a baseline check about whether your network monitoring system is actually giving you the correct traffic figures. You need traffic figures to be able to recognize the trends and plan the capacity.

View full review »
Goran Aleksic says in a Palo Alto Networks VM-Series review
Senior Network Engineer at a tech services company with 51-200 employees

What I like about the VM-Series is that you can launch them in a very short time. You don't have to wait for the hardware to route for them to be staged and installed. From that perspective, it's easy to launch and it's good because it is more scalable.

The product is quite responsive.

View full review »
Fortinet FortiGate-VM: VM
reviewer1224273 says in a Fortinet FortiGate-VM review
Manager Information Technology at a media company with 51-200 employees

I have been personally using FortiGate-VM for two years.

View full review »
reviewer1222689 says in a Fortinet FortiGate-VM review
Managing Director at a tech vendor with 11-50 employees

I have been using FortiGate-VM for just under a year. 

View full review »
reviewer997284 says in a Fortinet FortiGate-VM review
Network Engineer at a maritime company with 201-500 employees

FortiGate-VM is installed in our data centers and is used for site-to-site connections between offices. 

View full review »
SheryarSaqib says in a Fortinet FortiGate-VM review
Network Security Engineer at a government with 1,001-5,000 employees

I have been using FortiGate-VM for approximately one year.

View full review »
Celal Ã?NALP says in a Fortinet FortiGate-VM review
Director of Information Technology at KOTTO A.Ş.

The price of FortiGate-VM is high and should be more competitive.

In the next release, we would like to see full integration with VMware NSX virtualized networks.

View full review »
Abdul Faheem says in a Fortinet FortiGate-VM review
Sr. ERP Project Consultant (IFS-Complex MRO Process) at a aerospace/defense firm with 201-500 employees

The solution has a moderate amount of scalability potential. I wouldn't say it's the best, however, it is possible to scale it if you need to.

We have about 25-30 people on the VM currently.

View full review »
reviewer1385283 says in a Fortinet FortiGate-VM review
Network Enginner at a comms service provider with 10,001+ employees

I use FortiGate-VM for testing.

View full review »
Shaik Sayeed says in a Fortinet FortiGate-VM review
Information Technology Solutions Manager at UBG

Data reporting could be improved and also in terms of performance, some improvement should be made on VM, it should be more optimized. Scalability of the solution could also be improved. 

For an additional feature, Fortinet should add more SD-WAN with caching as a special functionality. It should be integrated with Fortinet. 

View full review »
Dhsrms Fff says in a Fortinet FortiGate-VM review
Team Leader Network & Security at Rogers Capital

The virtual and hardware versions of the solution are mostly the same. 

The VM it's very quick for deployment. If we need to have a POC for a customer, if we don't have any hardware physically at our premises, at our store, in our office, we can download the VM from Fortinet and install all the VM to their environment in order to run it. If we have a customer that says "let's start tomorrow" we are able to do that in a way that's not possible with a hardware version.

Normally Fortinet is very flexible that it supports almost all environments. 

The solution is user friendly.

The cost of the solution is pretty fair.

The documentation is very good.

The SD-WAN is very good, as compared to, for example, Citrix SD-WAN which has an overall lack of security and needs to leverage other devices, like Palo Alto, to cover this.

View full review »
OPNsense: VM
Faris Khan says in an OPNsense review
Support Engineer at Techaccess Pakistan

We have two people running the solution and another 50 to 80 people using the solution, so we have a relatively small setup.

The solution is scalable and can be deployed to multiple VMs.

View full review »
Check Point NGFW: VM
Amit Kuhar says in a Check Point NGFW review
Network Security Consultant at Atos Syntel

It is easy to deploy or upgrade. There is no need to do this manually with commands. This solution can be set up online.

We have two devices. Right now, we are deploying and upgrading a new setup, where you can do management, management plus gateway on the device, or virtually you can install your management device on VMware or Hyper-V. With the Hyper-V and the Management Server, you can access all the gateways. For the Management Server and gateways, we have an activation key.

View full review »
Oleg P. says in a Check Point NGFW review
Senior Network and Security Engineer at a computer software company with 201-500 employees

Our company works in developing and delivering online gambling platforms. The Check Point NGFWs are the core security solution we use to protect our DataCenter environment located in Asia (Taiwan). The environment has about ~50 physical servers as virtualization hosts, and we have two HA Clusters consist of 2x5400 hardware appliances, managed by an OpenServer Security Management Server on a Virtual Machine (KVM), all running on R80.10 with the latest JumboHotfix. The Clusters serve as firewalls for both inter-VLAN and external traffic.

View full review »
Vighnesh Rege says in a Check Point NGFW review
Lead Solution Advisor at a consultancy with 10,001+ employees

There are now more competitors in the market, like Palo Alto and VMware. 

Palo Alto is a bit more smooth and cost-efficient than Check Point. Palo Alto has Unified Threat Management (UTM) coupled with a dake lake database that is huge. Also, its migration is more smooth than Check Point's. 

View full review »
reviewer1420545 says in a Check Point NGFW review
IT-Infrastruktur at Synthesa Chemie Ges.m.b.H

The most valuable feature is the centralized management, which gives us control over all of the Check Point gateways. This means that you do not need to connect to each gateway and make the necessary changes.

Cluster functionality, "ClusterXL", works like a charm. A rollover to the standby gateway does work with no noticeable delay in the network.

You can buy a Check Point appliance or install the Check Point NGFW as a VM on your own hardware.

The extremely wide function horizon covers almost every possible scenario.

View full review »
reviewer1425090 says in a Check Point NGFW review
Network and Security Specialist at a tech services company with 51-200 employees

The initial setup was straightforward. I told one of my colleagues in my last job, "Just follow the prompts and you should be able to install it. It is a very simple, basic thing. Just do it as a gateway, then that's it. You are done". 

Before, on R77.30, there were cluster IDs and people needed to know what they were doing. In the R80 cluster, the cluster ID is gone, so it is very straightforward and you don't have to be an expert to install it.

A new installation on the VMs (about a week ago) took me around 20 minutes or less. This was a lot faster than I imagined, and I've created quite a lot of resources to their management and Gateway as well.

View full review »
AshishRawat says in a Check Point NGFW review
Firewall Administrator at a tech services company with 1,001-5,000 employees

In our company we do setup of Check Point firewalls very frequently because we are a growing company and we are required to do them on a fresh basis for our new branches.

The initial setup for these firewalls is straightforward. There's nothing complex about Check Point firewalls. They are easy to install and configure. We have cloud-based VM firewalls. We configure them in our environment. It is easy to access them and it is also easy to implement the changes on them.

Deployment time depends on the condition and the space of the organization. In our case, it requires three to six months for the setup phase. We have the same implementation strategy for all our branches, which is very simple. It is a three-level hierarchy which is recommended by Check Point. We use the SmartConsole, we use the Security Gateway, and we use the Security Management Server.

In my organization there are six people who have the access to the Check Point firewalls. Two of them are network administrators and four are managers.

View full review »
Arun Jethy says in a Check Point NGFW review
Sr. Network Engineer at a tech services company with 51-200 employees

We are using this solution for the security enhancement of our internal company network. This is to protect our customers as well as internal users from the untrusted network or outside world.

I am using the physical appliances of Check Point Firewall as well as virtual machines (VMs). We are using the same versions of R80 on our VMs that we are using for our physical appliances.

View full review »
Palo Alto Networks NG Firewalls: VM
reviewer1132443 says in a Palo Alto Networks NG Firewalls review
User

I use the PA-220 to protect the LAN at my small-ish (about twenty people) office. We have several remote users who use the GlobalProtect VPN. As we move into a data center for hosting, I'll buy a second PA-220 to set up a site-to-site VPN. We also have a VM-50 for internal testing and lab use. 

View full review »
reviewer1232628 says in a Palo Alto Networks NG Firewalls review
Solutions Architect at a comms service provider with 501-1,000 employees

We use both the NG and VM series of Palo Alto firewalls. We sell and install them for clients to provide the best security that money can buy. Additionally, adding SD WAN on the same edge device has made an all-in-one, security-edge-intelligent routing solution possible without sacrificing performance or a secure environment.

View full review »
Fortinet FortiOS: VM
KevinTafuro says in a Fortinet FortiOS review
IT Manager at Cloudjet

FortiVPN I think is the only one vpn that can be shared with customers and employees, however another features is FortiVM that allow us to have onne solution from Onpremise datacenter to cloud datacenters.

View full review »
ShieldX: VM
CIO0ee7 says in a ShieldX review
CIO at a comms service provider with 1,001-5,000 employees

Legacy vendors were not concerned with the interoperability of their products with our software platforms, like VMware and cloud vendors. They did not design their products from the start to be compatible. Whereas, with ShieldX, this was the beginning of how they began their architecture. From the very first release, they were very concerned with ensuring a lot of these pieces moved together were not add-ons. This is the main core of how the ShieldX product works.

View full review »
Branden Emia says in a ShieldX review
Senior Systems Engineer at Larry H. Miller Management Corporation
  • It is good for its cost.
  • It is very easy to use. 
  • It is very easy to scale.
  • It is easy to implement and doesn't take long.
  • They have a good support team with training and videos on different things.

I create CIDR groups or workload names for either IPs or servers. In the CIDR groups, I have either multiple IP addresses or I am just doing it by the IP range. If I create a CIDR group type, then I tie an ACL control to what devices I want. This is where I am spending most of my time, creating these groups and tying them down to where they only talks to certain servers. I am also finding out that there are more things talking to each other than I originally thought, which is good. I thought one server was only speaking to these set of IPs, but they are actually talking to quite a bit of IPs.

What I like about it now is that it has a single pane of glass to view our networks and groups. Also, in Vmware, it creates its own distributed switches instead of using my current VLAN distributed switches.

View full review »