We performed a comparison between Check Point NGFW and Cisco Secure Firewall based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Check Point users are happier with its VPN and with its pricing. However, Cisco Secure users are happier with its service and support.
"FortiGate has a strong security topic which allows all of the Fortinet devices to communicate and share information which makes their security more powerful."
"Reliability is the best feature. We faced some issues when we were setting it up, but the service, portal, and administration are good."
"It's quite comfortable to handle the FortiGate firewall."
"The integration with Active Directory is one of the good features. Most of the customers are now looking for the Single Sign-on feature. So, being able to integrate Active Directory with the firewall is useful. It is also easy."
"The initial setup is straightforward."
"It is easy to use and performs very well."
"It is a good source for firewall protection."
"You can create multiple Virtual Domains (VDOMs), which are treated as separate firewall instances."
"Check Point has a centralized console that makes it possible to manage all the deployed equipment. It also has a built-in VPN service that lets users connect through VPN to our organization, which facilitates teleworking while cutting off unauthorized access to the organization's internal network."
"The product is very scalable."
"It is user-friendly and straightforward to manage, which simplifies our overall network security management."
"We can also run policies with two or more people simultaneously without problems or the risk of developing the wrong policy."
"Check Point is more expensive but easier to manage, and their presales and after-sale support are way better than Fortinet's."
"The most valuable feature of the solution is the Quantum Intrusion Prevention System (IPS). I also like the solution's functionality, like autonomous threat prevention."
"What gives me the most value is undoubtedly the security that the anti-bot and anti-virus blades provide."
"The Anti-Spoofing has the ability to monitor the interfaces. Suppose any spoofed IP addresses are coming from an external interface, it won't allow them. It will drop that traffic. You have two options with the Anti-Spoofing: prevent or detect. If any kind of spoof traffic is coming through the external interface, we can prevent that."
"To be honest, all of the features that are provided, all the other vendor will also have. One feature we did find valuable was the CLI, it is more accurate. Additionally, I was happy with the customization, dashboards, access lists and interface."
"My confidence continues to build upon using Cisco firewalls."
"The high-availability and remote VPN features are most valuable."
"We can easily track unauthorized users and see where traffic is going."
"It is a very stable product. I've not had any issues with it. It is a super product, and I won't need to change it anytime soon."
"The most valuable feature is that it has the ability to divide the network into three parts; internal, external, and DMZ."
"Easy to deploy in a working environment between servers and users."
"The most valuable feature is that it's secure."
"It needs to improve its ISP load balancing."
"Application management can be improved."
"Fortinet FortiGate could improve by having a frequent ask questions(FAQ) area for people to receive quick answers to popular questions. Additionally, it would be beneficial to have an SMS notification feature. For example, if you cannot access your email you could receive an SMS message."
"The monitor and the visibility, in this proxy, is very weak."
"The solution could be more user friendly."
"They've become quite expensive."
"It's my understanding that more of the current generation features could be brought in. There could be more integration with EDRs, for example."
"The initial setup is complex."
"Integration with a third-party authentication mechanism is tricky and needs to be planned well."
"Check Point should add additional management choices."
"I would like less CPU-intensive features to be introduced to replace the existing heavy-duty processes."
"It depends whether the problem is known to Check Point. If they are aware there is a problem, quite often it will then depend on which tech you finally land on if it's easier or harder to get to the root cause. The last issue was in India so that was pretty bad. It's easier if you get directly through to Tel Aviv or Ottawa, but you can't choose. Once they know what the issue is, it's pretty good. It pretty much depends on the engineer that you get. There are pretty good engineers and there are many engineers who are at just the starter level at Check Point who are not really into the stuff. Sometimes it's hard, sometimes it's easy, depending on the problem and the tech engineer you get."
"The tool is somewhat more expensive than its competitors."
"Debugging could be improved when compared to the competition."
"Check Point can scale but at times we have experienced some issues."
"The management of memory in the hardware needs to improve. They have had a lot of issues with memory leakage."
"Its user interface is good, but it could be better. Currently, you have to know what to do before you can manage a device. If you don't know what to do, you can mess things up. There are some devices that are easier, such as FortiGate. The user interface of FortiGate is more intuitive. It is very easy to log in and configure things."
"It is hard to collaborate with our filtered environment."
"We have encountered problems when implementing new signatures and new versions on our firewall. Sometimes, there is a short outage of our services, and we have not been able to understand what's going on. This is an area for improvement, and it would be good to have a way to monitor and understand why there is an outage."
"I needed to be well-versed with all the command lines for Cisco ASA in order to fully utilize it. I missed this info and wasted some operational costs."
"It is not the newest, cutting-edge technology"
"The integration between the on-prem proxy world and the cloud proxy would benefit us. One single policy setting would make sense."
"We found it difficult to publish an antennae sidewalk with the ASDM. I think Cisco should improve this by creating a simpler interface for the firewall."
"On firewall features, Fortinet is better. Cisco needs to become more competitive and add more features or meet Fortinet's offering."
Check Point NGFW is ranked 5th in Firewalls with 275 reviews while Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews. Check Point NGFW is rated 8.8, while Cisco Secure Firewall is rated 8.2. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Netgate pfSense, Azure Firewall and OPNsense, whereas Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and OPNsense. See our Check Point NGFW vs. Cisco Secure Firewall report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.