We performed a comparison between Cisco Secure Firewall, Fortinet FortiGate, and Juniper SRX Series Firewall based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."It's a flexible solution."
"Protecting our landscape in general and being able to see logging when things aren't going as set out in policies are valuable features. Our security department is keen on seeing the logging."
"I am used to the ASA syntax, therefore it is quite easy to make up new rules. I have found that DNS doctoring rules are useful."
"Firepower NGFW has improved my organization in several ways. Before, we were trying to stamp out security threats and issues, it was a one-off type of way to attack it. I spent a lot of manpower trying to track down the individual issues or flare-ups that we would see. With Cisco's Firepower Management, we're able to have that push up to basically one monitor and one UI and be able to track that and stop threats immediately. It also gives us a little more granularity on what those threats might be."
"One of the best features is the ease of use. It's also easy to teach new engineers to use the ASA CLI."
"The most valuable features are the IPsec VPN and web filtering."
"Cisco ASA works very nicely from an administration perspective. The management of the device is very nice. The ASDM (Adaptive Security Device Manager) is the software that we use and it is very easy to configure using the GUI."
"The most valuable feature would be the IP blocking. It gets rid of things that you don't need in your environment."
"Some of the key features of the solution is that it has good reporting, you can receive many details from the connection, for example, clients and website information."
"The most valuable features are the policies, filtering, and configuration."
"The SD-WAN feature is the most valuable. This feature evolved from link load balancing. It has helped us in terms of our uptime and privatizing applications whenever we experience an outage. The SD-WAN feature has been a plus for us. Two-factor authentication has allowed us to add more users in terms of remote working. We have two-factor authentication for remote workers to authenticate them before they get on the network."
"LinkGreat firewall capabilities"
"It increases security posture and is helpful for firewall reporting, intrusion protection, web filtering, and SD-WAN implementation."
"Good anti-malware and web filtering features."
"The VPN is the most valuable feature."
"The usage in general is pretty good."
"The most valuable feature is the virtualization because it can be used for customers who are using the mobile data network to request a private connection to a remote site."
"Juniper is one of the most powerful network security solutions while remaining simple to use, set up, and scale."
"The IPSec configuration is going well."
"The solution's stability is very good."
"I have used technical support quite a bit, and they are really good."
"Juniper SRX Series Firewall is a stable solution."
"The firewall features and the routing capability are the most valuable."
"It's easily scalable."
"The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved."
"The ASAs are being replaced with the new Firepowers and they have a different type of structure in the configuration to be able to migrate from one to the other."
"We don't have any serious problems. The firewall models that we have are quite legacy, and they have slower performance. We are currently investigating the possibility of migrating to next-generation firewalls."
"It is not the newest, cutting-edge technology"
"I'm not very familiar with the largest Firepower models, but competitors like Palo Alto seem to have a more capable engine to do, for instance, TLS/SSL decryption. As I understand, Firepower doesn't let you export the decrypted traffic so that, for instance, the security department can look at the traffic or inspect traffic. It's all in the box. I've heard rumors that this is something Cisco is working on, but it isn't yet available."
"The use of it has really bogged down our response time for certain problems, given we have to go through AT&T for everything."
"There's a little bit of a disconnect between Firepower’s management and the rest of the products, like DNA and Prime. The solution should have fewer admin portals for network, security, and firewalls."
"It needs more tunneling capabilities."
"I would like to see improvements in the product's application rules."
"The pricing could be reduced or include the first year warranty."
"The support costs and licensing are sometimes so expensive."
"I would like to see better pricing in the next release, as well as a simplification of the installation."
"As far as wanting more scalability or things in the network diagram, it's going to cost you."
"Maybe they could make some features more accessible, such as a way to translate directions between two networks that share the same subnets."
"The support we receive when we need to upgrade is not satisfactory and has room for improvement."
"If they had better integration with security products, such as Cisco ISE or Rapid Threat Containment, then it would be an improvement."
"We'd like to improve the stability and the kill rate."
"I think improvement can be done to the security part, particularly the UDM, and the product should have a user-friendly interface similar to FortiGate. It should have the Azure RBAC in the next release."
"Juniper SRX Series Firewall has to improve its web content site, like web filtration."
"It could improve areas which need high performance."
"It would be good if Junos had "unique commands" between all hierarchical levels, discarding the use of the "Run" command."
"This solution needs to update for "Next Generation" needs."
"In some cases, customers encounter issues related to network interfaces, while others prioritize security concerns."
"The reporting is lacking."