We performed a comparison between Check Point UTM-1 [EOL] and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."FortiGate improved our security. It's one of the best hardware firewalls."
"The most valuable feature of Fortinet FortiGate is load balancing. It can provide central management and VPNA. Additionally, it has enhanced our security environment."
"The reporting and monitoring are very good."
"We use the filtering feature the most. It has filtering and inbuilt securities. We can create customized rules to define which users can access a particular type of site. We can create policies inside the firewall."
"One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface. I don't have to log into one interface for the firewall, another one for the access points, and another one for the switches. These firewalls have access point controller functionality built right into the system, so I don't even have to purchase additional devices to manage them."
"FortiGate Secure SD-WAN includes best-of-breed next-generation firewall (NGFW) security, SD-WAN, advanced routing, and WAN optimization capabilities, delivering a security-driven networking WAN edge transformation in a unified offering."
"The flexibility and ease of configuration are the most valuable features."
"The pricing is great and very reasonable."
"It provides visibility and drives organizational security."
"The most outstanding feature is being able to centralize each of the functions in a single device."
"The filtering was very good."
"The databases and its signatures are its most important features."
"It safeguards against cyber attacks."
"The solution is very robust."
"Firewalls help us a lot in controlling traffic on our network and preventing unauthorized access."
"The most valuable feature for us was to implement negligent functionality, to direct functionality to viewer control and application control so we could disconnect, and at the same time, we installed checkpoints. We disconnected our proxy."
"Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening."
"The installation phase was easy."
"Very functional and good for detecting malicious traffic."
"The solution can scale."
"I also like its logging method. Its logging is very powerful and useful for forensic purposes. You can see the traffic or a specific activity or how something entered your network and where it went."
"It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye."
"The most valuable feature is the view into the application."
"Support is very helpful and responsive."
"It would be nice if FortiGate incorporated some built-in endpoint protection features. I would also like a built-in SOC dashboard for managing multiple Fortinet firewalls."
"Fortinet FortiGate could improve by having more storage in the hardware for log data."
"The user interface could be improved to make it less confusing and easier to set up."
"Scalability for Fortinet FortiGate needs to be improved. SD-WAN security for this solution also needs some improvement."
"Bandwidth usage in reporting could be improved for Fortinet FortiGate."
"FortiLink is the interface on the firewall that allows you to extend switch management across all of your switches in the network. The problem with it is that you can't use multiple interfaces unless you set them up in a lag. Only then you can run them. So, it forces you to use a core type of switch to propagate that management out to the rest of the switches, and then it is running the case at 200. It leaves you with 18 ports on the firewall because it is also a layer-three router that could also be used as a switch, but as soon as you do that, you can't really use them. They could do a little bit more clean up in the way the stacking interface works. Some use cases and the documentation on the FortiLink checking interface are a little outdated. I can find stuff on version 5 or more, but it is hard to find information on some of the newer firmware. The biggest thing I would like to see is some improvement in the switch management feature. I would like to be able to relegate some of the ports, which are on the firewall itself, to act as a switch to take advantage of those ports. Some of these firewalls have clarity ports on them. If I can use those, it would mean that I need to buy two less switches, which saves time. I get why they don't, but I would still like to see it because it would save a little bit of space in the server rack."
"Some of the features in the graphical user interface do not work, which requires that we used the command-line-interface."
"I would like to see more advanced developments of a wireless controller in the future."
"The solution should be more user-friendly."
"As we don't have a representative of Check Point in Mozambique, this makes it very difficult when we have some issues to resolve."
"Specifically on the user experience, sometimes the set up of things, such as the VPN SSL, takes a lot of time to load and a lot of time to get up and running on every session."
"While the technical support is good, the Indian level technical support could use an upgrade."
"I am not able to see a demo."
"The solution could be improved if there was a better way to report. The reporting functionality is not really good. Even though it's not the major function. Maybe adding a way to make a custom report."
"Some features that could be improved are advanced threat protection, sandboxing, and vulnerability management."
"The interface needs improvement."
"There is a lot of room for Improvement in the offering, from cost to functionality. It is pretty straightforward to implement which is an advantage. However, it falls short in pricing, detection capabilities, and, most importantly, reporting and policy management."
"Improvements could be achieved through greater integration capabilities with different firewall solutions. Integrating with the dashboard itself for different firewalls so users can also pull tags into their firewall dashboard."
"Based on what we deployed, they should emphasize the application filtering and the web center. We need to look deeper into the SSM inspection. If we get the full solution with that module, we don't need to get the SSM database from another supplier."
"Certain features in Trellix Network Detection and Response, such as using AL-type commands, may initially pose a challenge for those unfamiliar with such commands. However, once users become accustomed to the system, it becomes easier to use."
"Technical packaging could be improved."
"I heard that FireEye recently was hacked, and a lot of things were revealed. We would like FireEye to be more secure as an organization. FireEye has to be more protective because it is one of the most critical devices that we are using in our environment. They have a concept called SSL decryption, but that is only the packet address. We would like FireEye to also do a lot of decryption inside the packet. Currently, FireEye only does encryption and decryption of the header, but we would like them to do encryption and decryption of the entire packet."
"Its documentation can be improved. The main problem that I see with FireEye is the documentation. We are an official distributor and partner of FireEye, and we have access to complete documentation about how to configure or implement this technology, but for customers, very limited documentation is available openly. This is the area in which FireEye should evolve. All documents should be easily available for everyone."
"They can maybe consider supporting some compliance standards. When we are configuring rules and policies, it can guide whether they are compliant with a particular compliance authority. In addition, if I have configured some rules that have not been used, it should give a report saying that these rules have not been used in the last three months or six months so that I disable or delete those rules."
More Trellix Network Detection and Response Pricing and Cost Advice →
Earn 20 points
Check Point UTM-1 [EOL] doesn't meet the minimum requirements to be ranked in Firewalls with 19 reviews while Trellix Network Detection and Response is ranked 9th in Advanced Threat Protection (ATP) with 35 reviews. Check Point UTM-1 [EOL] is rated 8.2, while Trellix Network Detection and Response is rated 8.6. The top reviewer of Check Point UTM-1 [EOL] writes "Great firewalls, VPN, and Intrusion prevention capabilities". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Blocks traffic and DDoS attacks ". Check Point UTM-1 [EOL] is most compared with , whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Vectra AI and Check Point SandBlast Network.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
