Most Helpful Review
Researched Meraki MX but chose Cisco ASA NGFW: Good signature detection, intrusion detection, IDS, and IPS
User-friendly and offers multilayered, innovative, and flexible protection against a variety of threats
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
Unfortunately in Cisco, only the hardware was good.
For us, the most valuable features are the IPX and the Sourcefire Defense Center module. That gives us visibility into the traffic coming in and going out, and gives us the heads-up if there is a potential outbreak or potential malicious user who is trying to access the site. It also helps us see traffic generated by an end device trying to reach out to the world.
The information coming from Talos does a good job... I like the fact that Cisco is working with them and getting the information from them and updating the firewall.
The firepower sensors have been great; they do a good job of dropping unwanted traffic.
The most important point is the detection engine which is now part of the next-generation firewalls and which is supported by Cisco Talos.
The most valuable feature of this solution is AMP (Advanced Malware Protection), as this is really needed to protect against cyber threats.
I like the Cisco ASDM (Adaptive Security Device Manager), which is the configuration interface for the Cisco firewall.
The technical team is always available when we have problems.
With the new SmartTask offered in R80.40, we will be happy to configure some automatic control-functions.
Check Point is very administrator-friendly and the SmartDashboard is easy to use.
SmartCenter and SmartLog are the best platforms to manage firewall rules. SandBlast Zero-Day is very useful when encountering any security leaks.
The rules are very easy to deploy and can be optimized pretty quickly.
The best feature is the ability to increase the capacity of the solution by exactly what you add, not losing anything for High Availability.
The most valuable feature is that we are protected against zero-day threats.
The solution is easy to use. I like the monitoring the most.
The initial setup was very straightforward. You can customize it and change it as you need.
Point-to-point VPNs can dynamically follow IP changes with no need for static IPs.
Dual WAN connections are greatly simplified and point-to-point VPNs automatically connect regardless of what WAN connection is active.
I like the automatic firmware updates. We use the Active Directory to authenticate VPN users.
I use Meraki in my POCs and with my customers as well.
The internet traffic shaping has been very valuable.
Deployment takes no more than one working day.
The initial setup for me was straightforward.
A strong, reliable solution for small companies with little or no dedicated IT department.
In NGFW, Cisco should be aligned with the new technology and inspection intelligence because Cisco is far behind in this pipeline.
We were also not too thrilled when Cisco announced that in the upcoming new-gen ASA, iOS was not going to be supported, or if you install them, they will not be able to be managed through the Sourcefire. However, it seems like Cisco is moving away from the ASA iOS to the Sourcefire FireSIGHT firmware for the ASA. We haven't had a chance to test it out.
Our latest experience with a code upgrade included a number of bugs and issues that we ran into. So more testing with their code, before it hits us, would help.
The software was very buggy, to the point it had to be removed.
Most users do not have awareness of this product's functionality and features. Cisco should do something to make them aware of them. That would be quite excellent and useful to organizations that are still using legacy data-center-security products.
I have found that Cisco reporting capabilities are not as rich as other products, so the reporting could be improved.
The Sandbox and the Web Censoring in this solution need to be improved.
It will be nice if they had what you traditionally would use a web application scanner for. If the solution could take a deeper look into HTTP and HTTPS traffic, that would be nice.
The Check Point support needs a lot of improvement.
The SmartUpdate interface is a little bit crowded if your company has a lot of software items.
Check Point needs to work on hardware problems also.
One of the main features that need improvement is the rule filter export.
One of the biggest disappointments is the GUI.
Reporting has to be improved.
All the advanced features of automation, especially the first installation of tunnels, need improvement.
Although they have it now, we don't have a license for it, and I think mobile device security should be a standard feature. I cannot control someone bringing their device to my network and what they do.
Meraki tech support staff have a lot more visibility into your network than you do, which is frustrating at times. I understand the approach is to keep the dashboard easier to understand. This will frustrate more advanced users at times.
Expensive licensing and firewall stops immediately working if the license is not renewed at expiration date.
I need more UTM protection security features.
The IPS, the Intrusion Prevention System, can be improved.
Load balancing options and ability to manage a couple of Internet connections.
Right now, you can postpone the update but eventually, if you don't do the update, it will install the updates automatically for you and that's something that is not working for me.
The client-side VPN is weak. The product could be improved with deployment templates.
The problem is that the two licenses do not currently integrate. We have to create separate companies and do an interconnection.
Pricing and Cost Advice
Always consider what you might need to reduce your wasted time and invest it in other solutions.
Pricing varies on the model and the features we are using. It could be anywhere from $600 to $1000 to up to $7,000 per year, depending on what model and what feature sets are available to us.
We used Check Point and the two are comparable. Cost was really what put us onto the ASAs... the price tag for Check Point was exorbitantly more than what it is for the ASA solution.
We are in the process of renewing our three-year license, which costs approximately $24,000 USD for the thirty-six months.
The pricing for Cisco products is higher than others, but Cisco is a very good, strong, and stable technology.
The program is very expensive.
The cost of this solution is high.
Some of our customers would be more likely to standardize on Cisco equipment if the cost was lower because a lot of people install cheap equipment.
Licensing issues may be confusing at times.
Maybe the pricing is a bit high but you get the durability and the duration.
We pay $5,000-$6,000 a year.
The price is high in comparison to other solutions.
Check Point solutions are very expensive here. They're good, but they're expensive... Check Point is only useful for customers that have a big IT budget.
I don't think the product's pricing is a good value. I feel it's very overpriced. I feel a lot of the features for a next gen firewall are there. But I feel it's overpriced, because of the stability issues. As far as support goes, I really can't speak to direct Check Point support, but the third-party was pretty terrible... As far as the licensing goes, it's pretty complex. If anybody was to purchase the Check Point product, definitely make sure they have an account rep come on site, and explain it line by line, what each thing is. It's not straightforward. It's very convoluted. There's no way you could just figure it out by looking at it.
Other content filtering solutions that I have used had more bells and whistles, but given the cost, complexity, and management overhead, I am very pleased with Meraki’s solution.
Meraki is also expensive, but it's a little bit less expensive and it's easier to configure than Cisco ASA.
Pricing varies as per the type of license.
Compared 38% of the time.
Compared 10% of the time.
Compared 10% of the time.
Compared 44% of the time.
Compared 20% of the time.
Compared 10% of the time.
Compared 35% of the time.
Compared 13% of the time.
Compared 7% of the time.
Also Known As
|Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls||Check Point NG Firewall, Check Point Next Generation Firewall||MX64, MX64W, MX84, MX100, MX400, MX600|
Adaptive Security Appliance (ASA) is Cisco's end-to-end software solution and core operating system that powers the Cisco ASA product series. This software solution provides enterprise-level firewall capabilities for all types of ASA products, including blades, standalone appliances and virtual devices. Adaptive Security Appliance provides protection to organizations of all sizes, and allows end-users to access information securely anywhere, at any time, and through any device.
Adaptive Security Appliance is also fully compatible with other key security technologies, and so provides organizations with an all-encompassing security solution.
Block more threats and quickly mitigate those that do breach your defenses with the industry’s first threat-focused NGFW.
Offered via the Check Point Infinity architecture, Check Point’s NGFW includes 23 Firewall models optimized for running all threat prevention technologies simultaneously, including full SSL traffic inspection, without compromising on security or performance. Learn More about Next Generation Firewall and What is Firewall?
|With the proliferation of modern applications and mixed-use networks, host and port based security is no longer sufficient. Cisco Meraki's layer 7 "next generation" firewall, included in MX security appliances and every wireless AP, gives administrators complete control over the users, content, and applications on their network.|
Learn more about Cisco ASA NGFW
Learn more about Check Point NGFW
Learn more about Meraki MX
|There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.|
Information Not Available
Financial Services Firm19%
Comms Service Provider9%
Software R&D Company28%
Comms Service Provider19%
Financial Services Firm31%
Software R&D Company23%
K 12 Educational Company Or School8%
Comms Service Provider7%
Comms Service Provider25%
Financial Services Firm13%
Software R&D Company22%
Comms Service Provider18%