We performed a comparison between Check Point NGFW and Cisco Secure Firewall based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Check Point users are happier with its VPN and with its pricing. However, Cisco Secure users are happier with its service and support.
"It is easy to use. We chose this product for the possibility to have virtual domains (VDOMs). We are building another company in the group, and we would like to split the firewalling rules and policies between these two companies. Each company would be able to manage its own policies and security rules, which is an advantage of Fortinet FortiGate. We can define VDOMs, and every company can manage its own VDOM as if it has its own physical firewall, but in fact, we would be using the same physical appliance because we are also using the same internet lines. So, it allows us to reuse the existing resources without the disadvantage of having to compromise on policies and security. Each company can choose its own way of working."
"The threat prevention is the solution's most valuable aspect."
"It is a safe product."
"The next-generation firewall is great."
"The simplicity of the product is great. It's very easy to use, which is a compliment we get all the time in terms of feedback."
"Fortigate represents a really scalable way of delivering perimeter network security, some level of layer 7 security, WAF, and also a way to create a meshed ADVPN solution."
"It blocks the vulnerabilities that can negatively impact us."
"It's quite comfortable to handle the FortiGate firewall."
"It's enabled us to move away from basic LAN to LAN segmentation to a more powerful user separation approach."
"In a single bundle we have the all solutions we need - like application/URL filtering, and threat emulation/extraction."
"The console or the single interface on the blades is most valuable."
"If there is a critical issue observed, the Check Point support team can create a custom package that we can deploy on the gateway to mitigate critical issues/bug fixes."
"The Smart Dashboard allows for rule creation and administration and management and is user-friendly."
"The Smart Dashboard and other user interfaces are very easy to use and can be handled without any significant IT skills."
"The features that I have found most valuable are its flexibility and user interface. This is already a well-established product in the market for quite a long time, more than 20 years. They've got a huge customer base."
"Log storage gives us insights when required."
"The primary benefits of using Cisco Secure solutions are time-saving, a robust API, and convenience for the security team."
"I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection."
"Unfortunately in Cisco, only the hardware was good."
"Malicious URLs are being blocked."
"All the rules are secure and we haven't had a significant malware attack in the five years that we've been using ASA Firewall. It has been a tremendous improvement for our network. However, I can't quantify the benefits in monetary terms."
"On the network side, where you create your rules for allowing traffic — what can come inside and what can go out — that works perfectly, if you know what you want to achieve. It protects you."
"The most valuable feature is stability."
"A stable, reliable solution used to protect the network's perimeter."
"I would prefer to have more detailed logs within the FortiGate products themselves rather than relying on a separate tool."
"At first glance, the interface for the device is very confusing."
"The solution could be more evenly structured."
"The UI could be improved."
"The renewal price and the availability could be improved."
"Maybe they could make some features more accessible, such as a way to translate directions between two networks that share the same subnets."
"I would like to see improvements with the antivirus and IPS as they are not working properly all the time."
"This product needs to have an analysis feature, rather than having the analysis done through the integration of a different product."
"Debugging is very complex when compared to Fortinet, for example. That's the worst thing about Check Point. The deployment of the solution is harder than it is with the competitors. But after you've deployed it, the operation is easy."
"The smart consoles could be improved."
"In the past year, we faced severe downtime that lasted many days due to a misconfiguration."
"The training for Check Point Firewall should increase, including the number of Training Centers. For most new people in our organization, we have to provide them training from our end, as they are not trained in Check Point Firewalls. So, we have to do the training, from our point of view, to make our engineers able to use Check Point Firewalls. However, with other firewalls, they are already trained, so we are not require to provide them training. This could be improved by the Check Point Community."
"Check Point should improve services related to the cloud-based solution."
"The solution could improve by keeping more up-to-date with technology. For example, if Amazon releases something in the security field, Check Point should have integration or adoption of this feature a bit faster than it is today. Sometimes we can hear a lot of the marketing information about an attractive feature, which we would like to have, but the feature will be released in two years. This timeframe should decrease."
"Check Point doesn't warn us when rules are about to expire. It was also inconvenient that we had to change hardware when we upgraded. It would be nice if they made the new version compatible with current hardware or if it only required a minor upgrade."
"Heavy load causes a higher CPU to peek which causes us to need to reboot the device. Malicious activity database corrupts the directory or path and restoring it takes a lot of time."
"FirePOWER does a good job when it comes to providing us with visibility into threats, but I would like to see a more proactive stance to it."
"In a future release, it would be ideal if they could offer an open interface to other security products so that we could easily connect to our own open industry standard."
"The interface for monitoring could be improved to allow better views to make troubleshooting easier."
"The product's user interface is an area with certain shortcomings where improvements are required."
"Cisco missed the mark with all the configuration steps. They are a pain and, when doing them, it looks as if we're using a very old technology — yet the technology itself is not old, it's very good. But the front-end configuration is very tough."
"When comparing the graphical interface of this solution to other vendors it is more difficult to configure. There is a higher learning curve for administrators in this solution."
"Some individuals find the setup and configuration challenging."
"VPNs are weak as this product still does not support route-based VPNs."
Check Point NGFW is ranked 5th in Firewalls with 275 reviews while Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews. Check Point NGFW is rated 8.8, while Cisco Secure Firewall is rated 8.2. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Netgate pfSense, Azure Firewall and OPNsense, whereas Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and OPNsense. See our Check Point NGFW vs. Cisco Secure Firewall report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.