We performed a comparison between Check Point NGFW and Cisco Secure Firewall based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Check Point users are happier with its VPN and with its pricing. However, Cisco Secure users are happier with its service and support.
"The scalability is good in Fortinet FortiGate."
"The most valuable feature of Fortinet FortiGate is security. They are known for efficiency and are on the top of Gartner Quadrant reviews. Fortinet FortiGate has an easy-to-use platform with a good graphical interface. The configuration is simple and the solution provides an overall good layer of security."
"The ease of setting the solution up is a valuable aspect for us."
"The IPsec tunnels are very easily created, and quite interoperable with devices from other vendors."
"The Fortinet FortiGate local partners were good. I did not have direct contact with Fortinet support."
"The most useful functionality of Fortinet FortiGate is the user interface, multiple engines, and their cloud with the latest integrations. Additionally, the Security Fabric tool is very good."
"The most valuable feature of this solution is Quota."
"Virtual Domains (VDOMs) are a feature that we found valuable."
"It provides end-to-end resolution."
"The Anti-Spoofing has the ability to monitor the interfaces. Suppose any spoofed IP addresses are coming from an external interface, it won't allow them. It will drop that traffic. You have two options with the Anti-Spoofing: prevent or detect. If any kind of spoof traffic is coming through the external interface, we can prevent that."
"When applying application control, we can ensure user access to the internet in accordance with company policy and easy implementation if some users need exception access."
"The application authentication feature of Check Point is the most valuable as it helps us keep users secure."
"The support offers the best services I have experienced. It's better than any other IT vendor."
"Within the organization, the inspection of packages has given us great help in detecting traffic that may be a threat to the institution."
"It's scalable and provides end-to-end resolution."
"My favorite feature is the UTM piece and that was the main reason we bought it. It helps us to fine tune the network."
"I think that the firewall feature is the most valuable to me as it is one of the oldest features for this solution. We also appreciate how stable the VPN is."
"Among the top features are integrated threat defence and the fact that each virtual appliance is separate so you get great granular control."
"Cisco ASA NGFW significantly improves our bank. It protects any high-value products that we use from hackers, viruses, malware, and script-bots. It gives us metrics on network traffic as well as what kind of attacks we are getting from the outside."
"Since the product is stable, we do not have to spend additional money to buy other firewalls. Once deployed, we can use the product for a long time. Thus, it is cost effective."
"If we look at the Cisco ASA without Firepower, then one of the most valuable features is the URL filtering."
"I have found the most valuable feature to be the access control and IPsec VPN."
"The feature that I found most valuable is the overall stability of the product."
"It integrates with various Cisco security portfolios and products, and there is an easy and seamless integration for building a complete security framework for our customers."
"The platform's interface could improve."
"You do need some IT knowledge in order to effectively work with the solution."
"We have an issue with hotel guest vouchers."
"I use the FortiGate 60D model and realized the 300Mbps bandwidth limitation. Because it is a product that offers many services, I think it could have greater bandwidth capacity."
"When we cluster the two Fortinet FortiGate boxes together we have some issues."
"FortiLink is the interface on the firewall that allows you to extend switch management across all of your switches in the network. The problem with it is that you can't use multiple interfaces unless you set them up in a lag. Only then you can run them. So, it forces you to use a core type of switch to propagate that management out to the rest of the switches, and then it is running the case at 200. It leaves you with 18 ports on the firewall because it is also a layer-three router that could also be used as a switch, but as soon as you do that, you can't really use them. They could do a little bit more clean up in the way the stacking interface works. Some use cases and the documentation on the FortiLink checking interface are a little outdated. I can find stuff on version 5 or more, but it is hard to find information on some of the newer firmware. The biggest thing I would like to see is some improvement in the switch management feature. I would like to be able to relegate some of the ports, which are on the firewall itself, to act as a switch to take advantage of those ports. Some of these firewalls have clarity ports on them. If I can use those, it would mean that I need to buy two less switches, which saves time. I get why they don't, but I would still like to see it because it would save a little bit of space in the server rack."
"In the next release, maybe the documentation on how to use this solution could be improved."
"Fortinet FortiGate should improve the VPN tokens."
"The product's technical support services need improvement."
"The virtual infrastructure of the central management requires a huge amount of resources to work properly and manage all the logs without problems."
"There needs to be advanced troubleshooting."
"While it does enhance network security, it tends to consume substantial resources, including CPU, memory, and storage."
"This product has room for improvement in technical support for Africa."
"The pricing could be better."
"I'd like to see more use of applications and URLs in security policies moving forwards."
"It depends whether the problem is known to Check Point. If they are aware there is a problem, quite often it will then depend on which tech you finally land on if it's easier or harder to get to the root cause. The last issue was in India so that was pretty bad. It's easier if you get directly through to Tel Aviv or Ottawa, but you can't choose. Once they know what the issue is, it's pretty good. It pretty much depends on the engineer that you get. There are pretty good engineers and there are many engineers who are at just the starter level at Check Point who are not really into the stuff. Sometimes it's hard, sometimes it's easy, depending on the problem and the tech engineer you get."
"I would like the ability to pick and choose different features of it to run in a packaged infrastructure or modules, therefore I would like to have more customizability over it."
"Managing various product integrations, such as Umbrella, is challenging."
"Our latest experience with a code upgrade included a number of bugs and issues that we ran into. So more testing with their code, before it hits us, would help."
"As it’s a GenX firewall, expertise for both implementation and troubleshooting the pain points can be a challenge. This could be a concern when companies are thinking about buying this product."
"While this applies to all vendors, pricing can be always lower. In my opinion, Cisco is the most expensive. The pricing can be reduced."
"When we're looking at full-stack visibility, it can be difficult to get the right information out of Firepower."
"It has poor performance."
"FMC could be improved because management with FMC is quite difficult compared to using Firepower web-based management."
Check Point NGFW is ranked 5th in Firewalls with 275 reviews while Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews. Check Point NGFW is rated 8.8, while Cisco Secure Firewall is rated 8.2. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Netgate pfSense, Azure Firewall and OPNsense, whereas Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and OPNsense. See our Check Point NGFW vs. Cisco Secure Firewall report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.