We performed a comparison between Cisco Secure Firewall and KerioControl based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is simple to manage, and there are a lot of functionalities in the same box."
"The most valuable features are simplicity, management, and that it's constantly evolving."
"The multi-tenancy feature is most valuable. It integrates very well with FortiManager and FortiAnalyzer."
"It's user-friendly and easy to operate."
"The pricing is great and very reasonable."
"The security on offer is very good."
"The license management is very valuable. You can get a new license each year, or you can enroll every two to four years. You can get the logs, and you will get the information on the risk in your network and the entire organization. With this information, you can take action on your actives, computers, or devices. You can bring your own device as an SSE."
"The scalability of Fortinet FortiGate is good."
"The most important feature is the VPN connection."
"The best features are stability and scalability."
"I like the Cisco ASDM (Adaptive Security Device Manager), which is the configuration interface for the Cisco firewall."
"VPN load balancing has been particularly essential for my connections to integrate via multiple time zones."
"You do not have to do everything through a command line which makes it a lot easier to apply rules."
"The technical support is excellent. I would rate it as 10 out of 10. When there has been an issue, we have had a good response from them."
"The product is quite robust and durable."
"The most important features are the intrusion prevention engine and the application visibility and control. The Snort feature in Firepower is also valuable."
"The product is affordable."
"The routing of the multiple internet physical routers I have is the most valuable feature of this solution. Instead of me physically unplugging a cable from one router to the server, if one connection goes down, it automatically switches for me. So I can have all three of them plugged in. If one goes down, it just picks up the other one automatically. There's no physical cable swapping."
"One very good thing about the Kerio device is its authentication. I don't have a Windows domain for authentication. Instead, I use the Kerio product because it can separate users by Mac addresses and give them IP addresses based on their usernames, automatically logging them in. This makes for a very simple authentication system."
"The firewall and intrusion detection features are good. It has blocked certain things. We have a lot of blocked sites that the staff or anyone using it, the public, etc., can't go on. It works for that. I get quite a few messages every now and again, saying that a virus has been detected and I can go in and block the user who's causing the problem."
"The most valuable feature is to provide users with the ability to log in to the portal page, keep track of their data usage and perform bandwidth management."
"The solution provides feasibility regarding cyber privacy."
"The comprehensiveness of the security features that Kerio Control provides us with is good. Before GFI had it, they would have more updates. The updates have been slower, but I like the things that they keep adding like the ability to block by country. I use pretty much every feature."
"The most valuable features of Kerio Control are the IPS and traffic rules. The traffic rules are very user-friendly and the IPS is working well. Additionally, the anti-virus is effective with quick options, such as filtering."
"The solution could have licensing fees reduced in the future."
"The monitor and the visibility, in this proxy, is very weak."
"Fortinet could improve the windows opener or the virtual IP solutions for opening windows. The virtual IP settings need improvement as firewalls are trending in new development directions."
"The support costs and licensing are sometimes so expensive."
"The solution could be more evenly structured."
"The biggest "gotcha" is that if the client purchases what they call the UTM shared bundle, which has unified threat management on both, it's not as easy to manage if you have more than one firewall."
"There can be more security in hybrid implementations. When a customer has a hybrid environment where some parts are in the cloud, we need a consistent security solution for such scenarios."
"FortiGate should have a better way of detecting and managing the system memory because otherwise if the memory is too low, a system restart is required."
"It needs to provide the next-generation firewall features that other vendors provide, like data analytics, telemetry, and deep packet inspection."
"Migration with other appliances is not easy. It has to be done manually, and this takes a long time."
"I think that the solution can be improved with the integration of application-centric infrastructure. It could be used to have better solutions in one box."
"I think the ASA layer is thin. It's always Layer 3 or Layer 4 source controller and doesn't control the Layer 7 traffic. It's important, and you'll need an additional firewall."
"There are always vulnerabilities that come up and there was one in early 2018 but this was patched with software updates."
"I don't have to see all the object groups that have been created on that firewall. That's just something that I would really appreciate on the CLA, even though it already exists on the GUI."
"The overall licensing structure could improve to make the solution better."
"For what we use it for, it ends up being the perfect product for us, but it would help if they could expand it into some of the other areas and other use cases working with speeding up and the reliability of the pushes from the policy manager."
"They don't provide content filtering when it comes to search engine results. We had an incident on the network where a blocked site was showing up in search results. We are in a school environment, so we have blocked a site with some of the explicit content so that kids wouldn't see it. When one of them did a search, the results came on the search engine part. When you try to drill down to the website, it blocks, but when you search by image, it brings up all the images. That's one of the reasons why we are looking at Juniper."
"The trial duration of the product should be extended."
"The VPN features are the ones that we really like, but we are using a VPN client to be able to use them. We would like to have an SSL implementation for this same feature so we don't need to install anything on the client side. That's a feature I really miss and that should really be embedded in the product. We really would love to use it via a web browser."
"The GUI should be changed because it remains the same consistency across versions. However, those who have been using KerioControl for a long time may be accustomed to the current interface. Installing a new version in the same location makes it easy to find, but overall, there are no notable changes between versions."
"The product's technical support is not good as it used to be."
"The one thing that did put me off of the solution was that, after they were taken over by GFI, the licensing and a few other items have gotten very complicated."
"The upgrades make the network slower."
"The comprehensiveness of the security features could be improved upon. However, for the most part, it is pretty good. They could add more logs. I would like to see more detailed reporting, custom reporting from the logs, and more of a streamlined interface for certain aspects."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while KerioControl is ranked 28th in Firewalls with 54 reviews. Cisco Secure Firewall is rated 8.2, while KerioControl is rated 8.0. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of KerioControl writes "With VPN, any of our guys can log in to the system and effectively be on board; helps with our customers all over the world". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Palo Alto Networks NG Firewalls, whereas KerioControl is most compared with Netgate pfSense, OPNsense, Sophos UTM, Sophos XG and WatchGuard Firebox. See our Cisco Secure Firewall vs. KerioControl report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.