We performed a comparison between Cisco Secure Firewall, Fortinet FortiGate, and SonicWall TZ based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."The information coming from Talos does a good job... I like the fact that Cisco is working with them and getting the information from them and updating the firewall."
"Technical support services are excellent."
"The most valuable feature is the anti-malware protection. It protects the endpoints on my network."
"It is very stable compared to other firewall products."
"VPN, firewall, and IDS/IPS allow us to deliver services to meet client needs across various industry verticals."
"Cisco Secure Firewall improved our organization. We have it in every one of our French offices."
"Cisco Secure Firewall has improved our customers' security posture because it offers Next-Gen features, granularity, and reporting on the back of it. You can see the amount of users accessing Office 365, for example, and whether they're having a good or bad experience. You can see the threats that are coming into your network. You can see anyone who is compromised from within your network."
"Cisco Secure Firewall is a good solution. In some ways, it is a reactive solution and we have it sitting in a whitelist mode rather than a blacklist mode. It seems to work fairly well for us."
"We were looking for the VPN feature and controlling the inflow and outflow of all the traffic within the site and across the sites. We are also using it for the VPN and VLANs."
"I really like the captive portal feature for our guest network. It has nice VLAN features in terms of separating our network. The anti-virus is also good."
"User-friendly and affordable security solution that's recommended for SMB customers. This solution has good technical support."
"There are lots of features and most of them are deployed for internet security. Users are protected if they accidentally go to some malicious sites."
"FortiGate firewalls are easy to manage through a user-friendly web interface. They also have advanced features like DDoS and DLP. However, I wouldn't recommend enabling all of these features on one device because it can cause performance issues."
"This is a quality product with ok support, and it is better than the competition we've tried."
"It is easy to use and performs very well."
"FortiGate has a very strong unified threat management system."
"The network security is great."
"The best thing about the product is the very good threat prevention output."
"I have found the stability of this product to be excellent."
"Content filtering and application rules are the most valuable features. It is also easy to configure."
"It protects against intrusion while allowing needed access."
"We like the unified threat management for defense-in-depth. We can terminate our site-to-site and remote access VPNs with it."
"The feature we found most valuable in SonicWall TZ is that it is user-friendly for an administrator."
"SonicWall TZ think it's a good, solid, and stable product."
"It lacks management. For me, it still doesn't have a proper management tool or GUI for configuration, logging, and visualization. Its management is not that easy. It is also not very flexible and easy to configure. They used to have a product called CSM, but it is no longer being developed. FortiGate is better than this solution in terms of GUI, flexibility, and user-friendliness."
"I believe that the current feature set of the device is very good and the only thing that Cisco should work on is improving the user experience with the device."
"Its implementation was not straightforward. It was mainly because we were running two projects together."
"Cisco ASA should be easier to use. It is a bit tough to navigate and see what is going on."
"Deploying configurations takes longer than it should."
"The application detection feature of this solution could be improved as well as its integration with other solutions."
"The usability of Cisco Firepower Threat Defense is an issue. The product is still under development, and the user interface is very difficult to deal with."
"We are Cisco partners, and when we recommend Cisco FirePower to customers, they always think that FirePower is bad. For a single installation of FirePower, if I have to write about 18 tickets to Cisco, it's a big problem. There was an issue was related to Azure. We had Active Directory in Azure. The clients had to connect to FirePower through Azure. We had a lot of group policies. After two group policies, we had to make groups in Azure, and they had to sign in and sign back. It was a triple-layer authentication, and there was a big problem, so we didn't use it."
"There are some cloud-based features that could be much more flexible than they currently are."
"They can do more tests before they release new versions because I would like to be more assured. We had some experiences where they release something new and great, but some of the old features are disabled or they don't work well, which impacts the product satisfaction. The manufacturer should be able to prove that everything works or not only that it might work. This is applicable to most of the other services, software, and hardware companies. They all should work on this. We cannot trust every new release, such as a beta release, on the first day. We wait for some comments on the forums and from other companies that we know. We always wait a few weeks before we use the updated version. They should also extend the VPN client application, especially for Linux versions. Currently, it has an application for Linux devices, but it doesn't work the way we want to connect to the VPN. They use only the old connection, not the new one. They have VPN client applications for Windows and Mac, but they can add more useful features to better manage the devices and monitor the current health of each device. Such features would be helpful for our company."
"Fortinet FortiGate can improve by integrating the web application firewall and the DDoS protection part of the solution. Having a WAF feature, web application firewall, and proxy together would be a good benefit."
"As far as wanting more scalability or things in the network diagram, it's going to cost you."
"The biggest "gotcha" is that if the client purchases what they call the UTM shared bundle, which has unified threat management on both, it's not as easy to manage if you have more than one firewall."
"In the next release, maybe the documentation on how to use this solution could be improved."
"There can be more security in hybrid implementations. When a customer has a hybrid environment where some parts are in the cloud, we need a consistent security solution for such scenarios."
"The pricing could be reduced or include the first year warranty."
"The user support could be improved because you have to go outside to get that kind of support."
"I would like them to make the interface a little bit easier to use so you can find out where in the heck you're going instead of having to go to 15 different places to get something installed."
"The solution's pricing could be made cheaper."
"I'd like to have cloud management at no additional cost. Unfortunately, leveraging SonicWall's cloud management capabilities is cost-prohibitive, so we don't use it. They should have a reasonable subscription or offer it to us at no cost as an MSP."
"The technology in this particular version is very old."
"We have been facing issues with reporting."
"Pricing could be lowered slightly."
"SonicWall TZ can improve the UI application and when you create any net policies or any new policy, it will not sync or work properly."