We just raised a $30M Series A: Read our story

Compare Check Point NGFW vs. Cisco IOS Security

Cancel
You must select at least 2 products to compare!
Featured Review
Find out what your peers are saying about Check Point NGFW vs. Cisco IOS Security and other solutions. Updated: November 2021.
554,382 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"I have integrated it for incidence response. If there is a security event, the Cisco firewall will automatically block the traffic, which is valuable.""I like the firewall features, Snort, and the Intrusion Prevention System (IPS).""There are no issues that we are aware of. It does its job silently in the background.""It's got the capabilities of amassing a lot of throughput with remote access and VPNs.""The Firepower+ISE+AMP for endpoint integration is something that really stands it out with other vendor solutions. They have something called pxGrid and i think it is already endorsed by IETF. This allows all devices on the network to communicate.""The implementation is pretty straightforward.""If you compare the ASA and the FirePOWER, the best feature with FirePOWER is easy to use GUI. It has most of the same functionality in the Next-Generation FirePOWER, such as IPS, IPS policies, security intelligence, and integration and identification of all the devices or hardware you have in your network. Additionally, this solution is user-friendly.""The dashboard is the most important thing. It provides good visibility and makes management easy. Firepower also provides us with good application visibility and control."

More Cisco Firepower NGFW Firewall Pros »

"The simplicity of the access control is the most valuable feature for us. It gives us the ability to easily identify traffic that is either being allowed or denied to our network.""It's quite a stable solution.""The performance has been very good.""The software upgrade procedure is very easy; it just needs few clicks & we are done.""We have between five and ten firewalls on-premises, and if we want to configure or push the same configuration to all of the firewalls, then the centralized management system is very helpful.""The centrally managed firewalls are great.""The pricing is okay.""The features that I have found most valuable are its flexibility and user interface. This is already a well-established product in the market for quite a long time, more than 20 years. They've got a huge customer base."

More Check Point NGFW Pros »

"The hardware is pretty stable. It's also a very good product performance-wise. Initially, it wasn't mature like a firewall and there were other leaders, but now they have included almost all the features of next-generation security. Basically, it's a good product to work with.""The capabilities for scalability with this product are huge""The product is easy to use.""We are able to filter a lot of traffic especially when a lot of the traffic is in layer 7.""Cisco has always been a premium product. There's a lot of other entry-level solutions. This is more robust.""The solution is very user-friendly and easy to deal with.""What I have used the most and received the most benefit from is the IPsec technology.""One of the valuable features of the solution is its flexibility and it performs great."

More Cisco IOS Security Pros »

Cons
"The initial setup could be simplified, as it can be complex for new users.""There is limited data storage on the appliance itself. So, you need to ship it out elsewhere in order for you to store it. The only point of consideration is around that area, basically limited storage on the machine and appliance. Consider logging it elsewhere or pushing it out to a SIEM to get better controls and manipulation over the data to generate additional metrics and visibility.""On the VPN side, Firepower could be better. It needs more monitoring on VPNs. Right now, it's not that good. You can set up a VPN in Firepower, but you can't monitor it.""When you make any changes, irrespective of whether they are big or small, Firepower takes too much time. It is very time-consuming. Even for small changes, you have to wait for 60 seconds or maybe more, which is not good. Similarly, when you have many IPS rules and policies, it slows down, and there is an impact on its performance.""This product is managed using the Firepower Management Center (FMC), but it would be better if it also supported the command-line interface (CLI).""The initial setup can be a bit complex for those unfamiliar with the solution.""The performance should be improved.""I would like it to have faster deployment times. A typical deployment could take two to three minutes. Sometimes, it depends on the situation. It is better than it was in the past, but it could always use improvement."

More Cisco Firepower NGFW Firewall Cons »

"Check Point products have many places that need to be improved, but they are constantly upgrading.""The training for Check Point Firewall should increase, including the number of Training Centers. For most new people in our organization, we have to provide them training from our end, as they are not trained in Check Point Firewalls. So, we have to do the training, from our point of view, to make our engineers able to use Check Point Firewalls. However, with other firewalls, they are already trained, so we are not require to provide them training. This could be improved by the Check Point Community.""Identity Awareness has been a massive source of problems for our deployment and the ability to debug it has been lacking.""The complexity could be fixed. It's a bit complex to set up, for example.""When we hit a bug, the support team recommends some hotfix, and if we upgrade to that, we have to uninstall it before we apply some newer jumbo hotfix.""The frequency of the antivirus updates which we get for Check Point firewalls should increase. They should be of good quality compared to the competitive firewalls on the market. They should give us stable antivirus signatures. That is an area in which they can improve.""Some features, like the VPN, antispam, data loss prevention, etc., are managed in an external console. In the future, I'd like all features in the same console, in one place, where we can see and configure all features.""I hope for product simplification. It would be better to use one security console, instead of many of them (for licensing and monitoring). The solution is hard for newcomers and takes much time to deep in. Also, I want a historical graph for throughput and system resources usage. Maybe it will be great to make easy step-by-step installation and configuration cookbooks as Fortinet did, and integrate the documentation within the solution."

More Check Point NGFW Cons »

"I would love it if it has a link-by-link feature, integration with Unified Threat Management (UTM), and load balancers. They haven't got any link-by-link feature right now, which can be a very attractive option. This link-by-link feature can also be made available for Cisco's UTM firewalls. The link-by-link feature is available in some of the other firewalls. Currently, integration with UTM is missing. Cisco IOS Security also doesn't have the load balancers and a few things that need to be done to get a good UTM firewall. Normally, other firewalls have UTM. As a next-generation firewall, it's good, but as a UTM, it has to do some work.""The configuration should be easier in the solution.""With respect to user-friendliness, it is a command-line interface and those with such experience will get along just fine, whereas others may struggle.""There could be a bit more functions on offer that could make it easier to use.""It would be ideal if the solution had more capacity.""The user interface needs to be improved.""The pricing is the only con for this product.""The company needs to make its solution more affordable to make it more accessible to larger markets. Otherwise, it's seen as an enterprise-level solution that small or medium-sized organizations can't afford and therefore they won't even look at it."

More Cisco IOS Security Cons »

Pricing and Cost Advice
"Its pricing is good and competitive. There is a maintenance cost. It includes SecureX that makes it cost-effective as compared to the other solutions where you have to pay for XDR and SOAR capabilities.""Pricing is the same as other competitors. It is comparable. The licensing has gotten better. It has been easier with Smart Licensing.""For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive.""The solution was chosen because of its price compared to other similar solutions.""I am happy with the product in general, including the pricing.""When we purchased the firewall, we had to take the security license for IPS, malware protection, and VPN. If we are using high availability, we have to take a license for that. We also have to pay for hardware support and technical support. Its licensing is on a yearly basis.""Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain.""The price is comparable."

More Cisco Firepower NGFW Firewall Pricing and Cost Advice »

"Pricing is a little high compared to competitive firewalls, but it is easy to go through the licensing steps.""Palo Alto is somehow not as good as Check Point, budget-wise and performance-wise. Palo Alto is more costly than Check Point.""The pricing and licensing are pretty steep. They know that they are good, so they are pricey.""This product is not cheap and there are additional costs that depend on what model or package that you buy.""The pricing and licensing are expensive. If you compare it with Fortinet, then it is cheaper on a yearly basis. However, Check Point is the most expensive firewall right now in terms of licenses and its appliance. My recommendation is if you want a long-term investment, then you should use an open server. If you use an open server, then the latency is really low. If you pay for a full appliance, it's more expensive.""There are three types of licensing: Threat Prevention, NGTP, and Next Generation Threat Extraction. Before, it used to be you would just enable the license of whatever blade you wanted to buy. Nowadays, Threat Prevention would be sufficient for most clients, so I would think people would go for the NGTP, license which includes all the blades.""The licensing fees are paid on a monthly basis and I am happy with the pricing.""The solution is significantly more expensive than Fortinet, although this holds true to a lesser extent when compared with Palo Alto."

More Check Point NGFW Pricing and Cost Advice »

"Price is certainly something that the IOS technology has fallen behind the competition on.""The price of the solution should be cheaper, and the license is purchase annually.""Palo Alto networks are more expensive than this solution and this is why you will see more products like this one in Mexico.""It is an expensive solution.""The pricing is okay. It is competitive. It costs more when you need get more features.""It is necessary to pay for a license in order to use the solution. It is on a yearly basis and the price is high."

More Cisco IOS Security Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
554,382 professionals have used our research since 2012.
Questions from the Community
Top Answer:  When you compare these firewalls you can identify them with different features, advantages, practices and… more »
Top Answer:  The Cisco Firepower NGFW Firewall is a very powerful and very complex piece of anti-viral software. When one considers… more »
Top Answer: It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
Top Answer: I have experience on both from Disti and channel experience. Please find below my comments (nothing new as such)… more »
Top Answer: Azure Firewall is easy to use and provides excellent support. Valuable features include integration into the overall… more »
Top Answer: The central management console has helped with segregation, where planned interventions with management consoles do not… more »
Top Answer: One of the main features is that the hardware is extremely reliable.
Top Answer: Palo Alto networks are more expensive than this solution and this is why you will see more products like this one in… more »
Top Answer: I think they should bring back remote VPN for users. However, I understand the attempt is to have these functions inside… more »
Comparisons
Also Known As
Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
Check Point NG Firewall, Check Point Next Generation Firewall
IOS Security
Learn More
Overview

Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

Offered via the Check Point Infinity architecture, Check Point’s NGFW includes 23 Firewall models optimized for running all threat prevention technologies simultaneously, including full SSL traffic inspection, without compromising on security or performance. Learn More about Next Generation Firewall and What is Firewall?

Cisco IOS Software delivers a sophisticated set of security capabilities for a comprehensive, layered security approach throughout your network infrastructure. Cisco IOS security technologies help to defend critical business processes against attack and disruption, protect privacy, and support policy and regulatory compliance controls.
Offer
Learn more about Cisco Firepower NGFW Firewall
Learn more about Check Point NGFW
Learn more about Cisco IOS Security
Sample Customers
Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield
Control Southern, Optimal Media
Arup Group, Brunel University London, City of Biel, Gobierno de Castilla-La Mancha, K&L Gates , New South Wales Rural Fire Service, Offshore Northern Seas, Transplace
Top Industries
REVIEWERS
Comms Service Provider22%
Financial Services Firm16%
Manufacturing Company8%
Non Profit8%
VISITORS READING REVIEWS
Comms Service Provider32%
Computer Software Company21%
Government7%
Manufacturing Company4%
REVIEWERS
Financial Services Firm26%
Computer Software Company13%
Comms Service Provider8%
Retailer6%
VISITORS READING REVIEWS
Comms Service Provider32%
Computer Software Company22%
Government6%
Financial Services Firm6%
REVIEWERS
Financial Services Firm15%
Security Firm15%
Comms Service Provider15%
Transportation Company8%
VISITORS READING REVIEWS
Comms Service Provider30%
Computer Software Company28%
Government6%
Financial Services Firm4%
Company Size
REVIEWERS
Small Business43%
Midsize Enterprise28%
Large Enterprise29%
VISITORS READING REVIEWS
Small Business21%
Midsize Enterprise13%
Large Enterprise66%
REVIEWERS
Small Business23%
Midsize Enterprise20%
Large Enterprise57%
VISITORS READING REVIEWS
Small Business19%
Midsize Enterprise25%
Large Enterprise56%
REVIEWERS
Small Business32%
Midsize Enterprise40%
Large Enterprise28%
Find out what your peers are saying about Check Point NGFW vs. Cisco IOS Security and other solutions. Updated: November 2021.
554,382 professionals have used our research since 2012.

Check Point NGFW is ranked 2nd in Firewalls with 152 reviews while Cisco IOS Security is ranked 19th in Firewalls with 10 reviews. Check Point NGFW is rated 8.8, while Cisco IOS Security is rated 7.8. The top reviewer of Check Point NGFW writes "Central architecture means we can see an end-to-end picture of attacks". On the other hand, the top reviewer of Cisco IOS Security writes "Prevent unauthorized use of network resources and integrate branch offices with reliability". Check Point NGFW is most compared with Fortinet FortiGate, Azure Firewall, Palo Alto Networks NG Firewalls, Meraki MX and Juniper SRX, whereas Cisco IOS Security is most compared with Zyxel Unified Security Gateway, Cisco ASA Firewall, Fortinet FortiGate, pfSense and Fortinet FortiManager. See our Check Point NGFW vs. Cisco IOS Security report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.