We performed a comparison between Check Point CloudGuard Network Security and Cisco Secure Firewall based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Check Point CloudGuard Network Security provides useful features including VPN Blade, IPS Blade, URL filtering, and Applications Control Blade. Cisco Secure Firewall offers features such as threat defense, dashboard visibility, and application visibility and control.
For the Check Point CloudGuard Network Security, users suggest enhancing their support system, adding features like cluster creation on AWS and a managed web portal. They also recommend providing more visibility on data protection and improving documentation and support services. As for Cisco Secure Firewall, improvements are needed in network performance, policy administration, customization options, web filtering, user-friendly management interface, performance for IPS, and functionality in public clouds.
Service and Support: While some customers have praised the technical support of Check Point, others have faced response delays. Cisco Secure Firewall's customer service has garnered mixed review. Some customers appreciate the immediate solutions provided by their technical support, while others have mentioned delays and difficulties, particularly with Firepower.
Ease of Deployment: Check Point CloudGuard Network Security is generally considered easy and user-friendly for setup. However, it can be complex for some users and may require technical expertise. The deployment time varies depending on the number of customers or websites. Cisco Secure Firewall's initial setup reviews are mixed. Some find it difficult, while others find it straightforward. Cisco offers resources and documentation for assistance, yet the complexity can vary depending on the user's experience.
Pricing: The cost of setting up Check Point CloudGuard Network Security is perceived as high by most. There are, however, flexible pricing options with various discount models. Opinions on the pricing of Cisco Secure Firewall differ, with some finding it expensive and others considering it moderate.
ROI: Check Point CloudGuard Network Security consistently delivers a strong ROI of 80% to 85%, offering improved advantages and simplified administration. Cisco Secure Firewall exhibits fluctuating ROI, with some positive returns observed.
Comparison Results: Check Point CloudGuard Network Security is the preferred choice when compared to Cisco Secure Firewall. Users find the initial setup of Check Point CloudGuard Network Security to be easy, straightforward, and user-friendly. Check Point CloudGuard Network Security is highly praised for its valuable features such as VPN Blade, IPS Blade, URL filtering, and Applications Control Blade.
"One of the valuable features is a standardized OS."
"The web tutor and automatic rules by schedule are good features."
"I only deal with it from a security analyst's point of view. I don't really get into the features of the actual FortiGate. From the security point of view, it works, and it does its job."
"A strong point of FortiGate is the graphical interface is complete and easy to use."
"Our security improved from being able to put in rules and close off unwanted traffic."
"We are very happy with the general bandwidth agility we have seen from one website to another website."
"You can purchase switches and you don't need to do anything with them. You just put in the firewall and the switches get all the policies and rules that you already have in the firewall. With Fortinet, you just connect the FortiSwitch to the Fortinet and that's it."
"Virtual Domains (VDOMs) are a feature that we found valuable."
"We consolidated from three management consoles and three clusters to only one, which is a big improvement."
"This solution has good scalability and stability."
"It offers remarkable flexibility in how we configure and utilize the resources."
"The most valuable feature is the centralized dashboard, which is used for managing all of the Check Point Security Gateways."
"The scalability is very good; again, very user-friendly. I wouldn't even say "user-friendly" because, as long as you deploy it properly, you can kill an EC2 and it will spin up another one right away, within about a minute and a half. And it will be ready for production right away."
"The tool's most valuable features are the REST APIs that help to automate the deployment and maintenance process. It helps us to reduce time to 15-25 minutes compared to the manual process which used to take around two to three hours."
"The product has allowed us to develop applications from the cloud - even with large environments and well-segmented security lines."
"When browsing, it scans sites to ensure that they are safe and that no harm can be caused."
"I have integrated it for incidence response. If there is a security event, the Cisco firewall will automatically block the traffic, which is valuable."
"Cisco ASA provides us with very good application visibility and control."
"I like the firewall features, Snort, and the Intrusion Prevention System (IPS)."
"The product is easy to manage and simple. It works with the rest of our Cisco products. You can drop in new ones if you need more performance. The training and documentation provided are good."
"The IPS (In-plane switching) is the most valuable feature."
"They provide DDoS protection and multi-factor authentication. That is a good option as it enables work-from-home functionality."
"For our very specific use case, for remote access for VPN, ASAs are very good."
"The most valuable features of Cisco firewalls are the IPS and IDS items. We find them very helpful. Those are the biggest things because we have some odd, custom-made products in our environment. What we've found through their IPS and IDS is that their vulnerability engines have caught things that are near-Zero-day items, inside of our network."
"I feel that the reporting needs to be improved."
"With the reports, you can see it, and you can get good feelings so upper management can go, "Oh, wow. That looks pretty." However, it's very basic."
"Fortigate's hardware capacities could be improved."
"It can be a little bit more user-friendly in terms of policy definition and implementation. It seems a little bit complicated, and it could be simplified."
"Fortinet FortiGate could improve by adding enhancements to FortiMail, FortiSOAR, and FortiDeceptor."
"I would like to see improvements made to the dashboard and UI, as well as to the reporting."
"Security is a continuous process. In every product, there is a requirement for improvement. Its pricing should also be improved according to Indian market requirements. They must also improve on the reporting part. Its reporting can be more precise. If we can get a real-time report in a specific format, it will be helpful for customers to know about the current status of their security."
"The reporting in Fortinet FortiGate could improve. Customers are having to purchase additional reporting components. When I have used the Sophos solution it is a complete solution, in Fortinet FortiGate you have to use additional tools to have the features needed."
"It's meeting our needs at this time. If I could make it better, it would be by making it more standalone. That would be beneficial to us. I say that because our current platform for virtualization is VMware. The issue isn't any fault of Check Point, it's more how the virtualization platform partners allow for that partnership and integration. There has to be close ties and partnerships between the vendors to ensure interoperability and sup-portability. There is only so far that Check Point, or any security vendor technology can go without the partnership and enablement of the virtualization platform vendor as it relies on "Service Insertion" to maintain optimal performance."
"The product needs to improve technical support."
"Check Point support, beyond CloudGuard, does need some improvement."
"The documentation has been rough. Being able to do it yourself can be hit or miss given the constraints of the documentation."
"In case the device is inaccessible due to some issue such as CPU or memory, there is no separate port or hardware partition provided for troubleshooting purposes."
"There is a limitation with the version upgrade. We are using version 81.10 and from what I understand, it is problematic to upgrade this version. I do not know if that is true."
"We have the product deployed on Azure China. One crucial concern is the version limitation; unfortunately, in Azure China, we are restricted to running version R80. Our architecture has a Load Balancer, VMSS CloudGuard, etc. The duplication in this setup prevents the application from seeing the original client IP. This poses a problem for certain applications that require the original IP for login purposes. Although we managed a workaround with a different architecture involving a WAF, it is not as straightforward as the standard Azure setup."
"CloudGuard Network Security's pricing is expensive. We have encountered issues with its licensing."
"We only have an issue with time sync with Cisco ASA and NTP. If the time is out of sync, it will be a disaster for the failover."
"In NGFW, Cisco should be aligned with the new technology and inspection intelligence because Cisco is far behind in this pipeline."
"If they want to add better features to the current Cisco ASA, they can start by increasing the encryption. That is the only thing they need to improve."
"Even on a smaller scale, people are finding you need HA pairs, and there's no way that the ASA can do that, at least in the virtual version."
"The cost is very high. Most organizations cannot afford it."
"The initial setup can be a bit complex for those unfamiliar with the solution."
"The phishing emails could be improved."
"When we're looking at full-stack visibility, it can be difficult to get the right information out of Firepower."
More Check Point CloudGuard Network Security Pricing and Cost Advice →
Check Point CloudGuard Network Security is ranked 8th in Firewalls with 119 reviews while Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews. Check Point CloudGuard Network Security is rated 8.6, while Cisco Secure Firewall is rated 8.2. The top reviewer of Check Point CloudGuard Network Security writes "The solution has good threat emulation, threat extraction, and reporting features". On the other hand, the top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". Check Point CloudGuard Network Security is most compared with Azure Firewall, VMware NSX, Akamai Guardicore Segmentation, Palo Alto Networks VM-Series and Illumio, whereas Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Palo Alto Networks NG Firewalls. See our Check Point CloudGuard Network Security vs. Cisco Secure Firewall report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.