Firewalls Features

Read what people say are the most valuable features of the solutions they use.
Cesar Nieves says in a Fortinet FortiGate review
Technical Services Manager with 501-1,000 employees
It's a complete solution. You can purchase switches and you don't need to do anything with them. You just put in the firewall and the switches get all the policies and rules that you already have in the firewall. That's a very nice feature because with, for example, Cisco, you need to set the switch, you need to set the firewall, and you need to test it. With Fortinet, you just connect the FortiSwitch to the Fortinet and that's it. It's very easy. In the last version of the FortiOS - the operating system of the firewall - they put a lot of new features to support communications in a firewall. Whatever the communication that you have, you can put that in the firewall, and that's great. View full review »
Andrew S. Baker (ASB) says in a Fortinet FortiGate review
Cybersecurity & IT Professional (VirtualCIO) at a tech services company with 1-10 employees
* The CLI is robust and powerful, enabling rapid, consistent changes via SSH. The device identification is very flexible, facilitating the creation of rules to regulate all sorts of devices that might spring up on a network, especially via WiFi. * The IPsec tunnels are very easily created, and quite interoperable with devices from other vendors. * WAN load-balancing has improved, but needs some refinement. You can set up a different DDNS config for each WAN link. It is great to be able largely use the same OS features across the family of devices. View full review »
CMEDRANO says in a pfSense review
student at a university with 51-200 employees
* The part of the firewall and aliases * The content filter in non-transparent mode and transparent mode with Squid and SquidGuard * The possibility of adding packages to perform network analysis * Creation of certificates * The facility to administer services View full review »
Ersin Bostanc─▒ says in a Sophos Cyberoam UTM review
Director Of Information Technology at a hospitality company with 1,001-5,000 employees
The performance and security are the best features. The security options are great. We never had an attack, which is pretty good. We use it from a standard location, and they are connected to each other. View full review »
reviewer32902 says in a Fortinet FortiGate review
Owner at a tech services company
* The prompt and knowledgeable support behind them. * Their reliability and their policy of pre-shipping replacements when a unit has failed. * The simplicity and clarity of their user interface and documentation. * Their 'cookbooks' that walk you through the most common installation scenarios. View full review »
Vikas-Gupta says in a Sophos XG review
Mr with 51-200 employees
* Internet security, where we have one single point of console; where I can manage my endpoint and my gateway. * Any messages coming in, I am getting the intermission immediately. * If my endpoint is getting infected, I get to know. * If my file is getting infected, I get to know from a single pane point of view. View full review »
KevinTafuro says in a Fortinet FortiOS review
IT Manager at Cloudjet
FortiVPN I think is the only one vpn that can be shared with customers and employees, however another features is FortiVM that allow us to have onne solution from Onpremise datacenter to cloud datacenters. View full review »
MXfirew677 says in a Meraki MX Firewalls review
One of the things I found very important for us is for our sites to have a new device. Another was to be able to have two solutions with the ease of firewalls to control everything. We use Meraki MX firewalls remote for small to bigger sites. One also was to have integration with have physical DC. We work also with domain control (DC) from Microsoft or Amazon. We use a whole virtual appliance with Meraki. One aspect of the problem is that we need to have the ability to do connections that are fully integrated, i.e. between one solution at home and at the data center. The short box epicenter is from Microsoft Azure in the future. View full review »
Luis Mendes says in a Meraki MX Firewalls review
Network Security Engineer at Techbase
The feature I find most valuable is the auto VPN. That is because it is really easy to configure and it's really reliable. The way we do traffic shaping and the way we block trafficking, it's very easy to configure. It is also easy for clients to maintain even without IT employees. View full review »
Rias Majeed says in a SonicWall TZ review
Software CIO at Exceed NetSec LLC
The most valuable features are the UTM, site-to-site VPN, and client-to-site VPN. The site-to-site VPN allows us to connect between the branches. We also use the global VPN client and the local VPN client. I find most of the features are useful. View full review »
Jeff Nduva Nduva says in an Untangle NG Firewall review
Technical Operations Manager at COSEKE
The features I have found the most useful are the web filter, the captive portal, the SSL inspector, and the ad-blocker. They're awesome. View full review »
Dave Winkel says in a Fortinet FortiGate review
President with 1-10 employees
Security Fabric makes VLANs a breeze. It impresses customers, as well as saves them money over the long run when comparing apples to apples. View full review »
Sherif Fouad says in a Sophos XG review
Project Manager at a mining and metals company with 1,001-5,000 employees
The application filters available with Sophos XG are brilliant. The sandboxing and the way the firewall or the UTM integrates with the installed endpoint antivirus clients on the user machines is brilliant. You get the chance to isolate network threats before they become active or become distributed on your network. With the cloud version of Sophos XG, you get the proper visibility of your network and the user machines. With the cloud versions of the antivirus, i.e. the cloud central management of the antivirus, you get high visibility. With the application between the installed Sophos UTM, you get a high level of visibility of what's happening on your network or on your client machines. You get protected against threats. You get proper visibility. That solves a major issue. View full review »
Panos Kre says in a Fortinet FortiGate review
The features that we have found most valuable are the SSL VPN and the user Portal. View full review »
Alfredo Cornell says in a pfSense review
Chief Technology Officer at Xpro Networks
We generally use it because it's cheap. When we need something more robust we use Barracuda and Sony Wireless Routers. For certain clients, we use pfSense because it's compatible with the VoIP platform. View full review »
Akhtarul Islam says in a WatchGuard XTM [EOL] review
CEO at Aveata Limited
* Data loss protection * Spam protection * User email protection View full review »
Branden Emia says in a ShieldX review
Senior Systems Engineer at Larry H. Miller Management Corporation
* It is good for its cost. * It is very easy to use. * It is very easy to scale. * It is easy to implement and doesn't take long. * They have a good support team with training and videos on different things. I create CIDR groups or workload names for either IPs or servers. In the CIDR groups, I have either multiple IP addresses or I am just doing it by the IP range. If I create a CIDR group type, then I tie an ACL control to what devices I want. This is where I am spending most of my time, creating these groups and tying them down to where they only talks to certain servers. I am also finding out that there are more things talking to each other than I originally thought, which is good. I thought one server was only speaking to these set of IPs, but they are actually talking to quite a bit of IPs. What I like about it now is that it has a single pane of glass to view our networks and groups. Also, in Vmware, it creates its own distributed switches instead of using my current VLAN distributed switches. View full review »
Brian Talbert says in a ShieldX review
Director of Network and Connectivity Solutions at a transportation company with 10,001+ employees
The primary features are being able to isolate and segment workloads, both within our data center and in the cloud, and to get visibility into what the applications are doing. The application visibility is the most important feature for us at the moment. The reason that it is so important is that we are migrating a lot of workloads from a legacy data center to a new data center, and that ability to have visibility into the application flows allows us to build the rules and policies for the newer data center. The Adaptive Intention Engine is fantastic. It allows us to develop security policies using the language of our internal customers. It's machine-learning applied to security workflows. That allows us to much more easily construct the policies that will protect those workflows. ShieldX also enables us to migrate to cloud environments faster. That is an important part of it for sure because it takes the exact same policies that we would apply to our on-premise environment and enables us to simply apply them to the cloud. It becomes one policy for both on-prem and for the cloud. It gives us a lower dollar-per-protected-megabyte than a traditional firewall, but it's also consuming fewer resources in our network environment because we're not having to send our traffic out of the virtual environment just to send it back in. It also helps with lower maintenance costs. View full review »
reviewer963351 says in a pfSense review
IT Manager & Sr. Application Programmer with 11-50 employees
There are so many packages you can install which extends pfSense's capabilities including consuming from lists such as FireHOL, Pi-Hole, etc. Here are a few packages we use: * IPSec: pfSense allows for both v1 and v2 IPSec configurations to secure your connections. * IPS: You can use Snort or Suricata along with Snort packages, even subscribe to commercial packages if you wish. This alone starts making pfSense on par with Cisco. * Proxy/content filtering: You can install Squid and SquidGuard to act as a proxy and content filter. Yes, it does filter HTTPS, and there's a number of ways you can do it out of the box. pfSense also reformatted their logs so that they're compliant and standardized. We have our logs shipped to our SIEM and Logstash servers. View full review »
Reviewer3147 says in a Fortinet FortiGate review
Network Engineer at a tech services company with 201-500 employees
The most valuable feature is the policy routing and application control. In addition, the firewall will act as a call-switch. So, the performance within the LAN is good. View full review »
reviewer690582 says in a WatchGuard Firebox review
COO/CTO at a pharma/biotech company with 11-50 employees
Default set-ups found on the WatchGuard site and via YouTube are very helpful - the screen for set-up and adding additional features are lists with checkboxes. Understand what you click before you do so. View full review »
Diana Nongera says in a Fortinet FortiGate review
Senior I.T. Administrator at a agriculture with 201-500 employees
* DHCP functionality: The object tab where we manage our IP addresses and static. The DHCP monitors them. * FortiClient: You can easily connect when you are home, check out what you want to do, and connect to your network when you are not at work. You can switch on servers and you can check what is wrong. View full review »
Reinhardt Jansen says in a pfSense review
Senior Systems Administrator at a non-tech company with 51-200 employees
I have not had one issue with pfSense at all, which is amazing. View full review »
Koen Van Cauwenberghe says in a pfSense review
Network and Office Manager with 11-50 employees
* I can manage it easily by myself. * The interaction between the same firewalls is good. We can connect VPNs over the same firewall easily. * It is an open source solution. Therefore, the price is good. * OPNsense. * The performance and functionality are good. View full review »
Neil McFadyen says in a Cisco ASA NGFW review
Supervisor of Computer Operations at a university
* Most of same old ASA 5520 config could be used for the new 5516-X model. The ASDM interface is improved and can also be configured to the Firepower settings. * I am used to the ASA syntax, therefore it is quite easy to make up new rules. I have found that DNS doctoring rules are useful, and I am not sure how other firewalls handle the issue of internal versus external DNS, so this was a reason to keep the same type of firewall. * Customizing logging event of syslog to feed into Splunk is very useful for management and monitoring just for the importance events instead of a huge stream of thousands of unneeded events. * I found it quite easy to block computers from the internet, e.g, in a computer lab with students doing an exam using software for the course when needed. * I use access to a list to block IPs which have attacked our web servers on the outside interface, since I do not have IPS. * I found that setting up rules for HTTPS and SSH access to the management interface are straightforward, including setting the cypher type. * It is very useful to use the command line interface for modifying or adding to the config because sometimes the ASDM interface is hard to find when the setting is more complicated. * The text config file is great to have, to know what is in the config, instead of having to check every setting in the GUI. * While the CLI is used the most, sometimes the ASDM is faster and easier to use to set some settings. View full review »
Sign Up with Email