We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government."
"The most valuable feature is the access control list (ACL)."
"It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS."
"If you compare the ASA and the FirePOWER, the best feature with FirePOWER is easy to use GUI. It has most of the same functionality in the Next-Generation FirePOWER, such as IPS, IPS policies, security intelligence, and integration and identification of all the devices or hardware you have in your network. Additionally, this solution is user-friendly."
"The most valuable feature is stability."
"The Adversity Malware Protection (AMP) feature is the most valuable. It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard."
"The dashboard is the most important thing. It provides good visibility and makes management easy. Firepower also provides us with good application visibility and control."
"I have access to the web version of Cisco Talos to see the reputation of IP addresses. I find this very helpful. It provides important information for my company to obtain the reputation of IP addresses. The information in Talos is quite complete."
"The clusters in data centers are great."
"The remote access, VPN, and ACL features are valuable. We are using role-based access for individuals."
"They provide DDoS protection and multi-factor authentication. That is a good option as it enables work-from-home functionality."
"Cisco ASA provides us with very good application visibility and control."
"The best features are stability and scalability."
"Everything is all documented in the file or in the command line script that gets uploaded to the device. It gives us great visibility."
"The most valuable feature must be AnyConnect. We have quite a few customers who use it. It is easy to use and the stablest thing that we have. We have experienced some issues on all our VPN clients, but AnyConnect has been the stablest one."
"The command line is the same as it is on the Cisco iOS router."
"Good basic firewall functions with advanced firewall scanning."
"The initial setup is pretty easy."
"The intrusion prevention is great, and I like dual virus scanning on the network layer because we scan it through Avira and Sophos. Web filtering is also a fantastic option for clients who want to really lock down internet access."
"It's a stable solution."
"I would recommend UTM over XG because it's easier to manage."
"We've found the technical support to be helpful."
"With Sophos, we have not had any incidents this year. The security provided has been good. It has proven to be okay for our needs."
"The most valuable feature is the price. I've been requesting prices all over these years between different solutions like Fortinet, Palo Alto, and Check Point and Sophos has been the cheapest and the best of all of them that I have tried. I have been working with Fortinet, it's a fact that the price is surprisingly better."
"Cisco Firepower NGFW Firewall can be more secure."
"This product is managed using the Firepower Management Center (FMC), but it would be better if it also supported the command-line interface (CLI)."
"The initial setup could be simplified, as it can be complex for new users."
"Implementations require the use of a console. It would help if the console was embedded."
"Deploying configurations takes longer than it should."
"We're getting support but there's a big delay until we get a response from their technical team. They're in the USA and we're in Africa, so that's the difficulty. When they're in the office, they respond."
"The visibility for VPN is one big part. The policy administration could be improved in terms of customizations and flexibility for changing it to our needs."
"We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve."
"The user interface isn't as good as it could be. They should work to improve it. It would make it easier for customer management if it was easier to use."
"If I want to activate IPS features on it, I have to buy another license. If I want Cisco AnyConnect, I have to buy another license. That's where we have challenges."
"One of the problems that we have had is the solution requires Java to work. This has caused some problems with the application visibility and control. When the Java works, it is good, but Java wasn't a good choice. I don't like the Java implementation. It can be difficult to work with sometimes."
"Technical support takes a long time to respond."
"It is my understanding that they are in the process of discontinuing this device."
"Cisco ASA is not a next-generation firewall product."
"When comparing the graphical interface of this solution to other vendors it is more difficult to configure. There is a higher learning curve for administrators in this solution."
"I would like the ability to drill down into certain reports because currently, that cannot be done."
"When we call support, we get put on hold for a long time."
"It would be nice if it had basic features, such as DLP (Data Loss Prevention)."
"The ease of use could be a bit better."
"The five-factor authentication needs improvement."
"Updates come out agonizingly slowly, a trickle."
"The initial setup may be difficult for those not familiar with the product."
"The solution is not scalable."
"Sophos should be more user-friendly, have more dashboards, and an easier implementation."
"The price for Firepower is more expensive than FortiGate. The licensing is very complex. We usually ask for help from Solutel because of its complexity. I have a Cisco account where I can download the VPN client, then connect. Instead, I create an issue with Solutel, then Solutel solves the case."
"There are additional implementation and validation costs."
"For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
"This product is expensive."
"When we are fighting against other competitors for customers, whether it is a small or big business, we feel very comfortable with the price that Firepower has today."
"I like the Smart Licensing, because it is more dynamic and easier to keep track of where you are at. If we have a high availability firewall pair and they are deployed in active/standby rather than active/active, I would expect that we would only pay for one set of licenses because you are using only one firewall at any one time. The other is there just for resiliency. The licensing, from a Firepower perspective, still requires you to have two licenses, even if the firewalls are in active/standby, which means that you pay for the two licenses, even though you might only be using one firewall any one time. This is probably not the best way to do it and doesn't represent the best value for money. This could be looked at to see if it could be done in a fairer way."
"The solution was chosen because of its price compared to other similar solutions."
"Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed."
"In terms of costs, other solutions are more expensive than Cisco. Palo Alto is more expensive than Cisco."
"I just bought it off the shelf, and I'm using it with my previous one, so I have not spent that much."
"We are happy with its price. Licensing is on a yearly basis for technical support. There is one license for technical support. There is another license for IP Version 2 VPN and IPS."
"It is affordable. The hardware is not that expensive anymore. It is a matter of licensing these days."
"The price is fair. It's not the cheapest, but it's not bad."
"There is room for improvement in the pricing when compared to the market. Although, when you compare the benefits of support from Cisco, you can adjust the value and it becomes comparable, because you usually need very good support. So you gain value there with this device."
"We sell Cisco ASA Firewall as a bundle — the price is very cheap. If a customer were to go for renewal direct from Cisco, then the price would be quite high."
"The product is very expensive."
"It is necessary to pay for a licence to use the solution, but it is not very expensive."
"The prices can be better, they could make it a lot cheaper."
"Our licensing fees are paid on a monthly basis."
"It is the cheapest product available. It's good if you have a low budget."
"It's reasonably priced."
"I think the pricing of Sophos is very fair."
"We pay for the service on a yearly basis. The last time we paid was in June, for a year. At the time, it was about $20,000."
"The appliance should be purchased and there is a fee for the license."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Cisco ASA firewalls deliver enterprise-class firewall functionality with highly scalable and flexible VPN capabilities to meet diverse needs, from small/branch offices to high performance data centers and service providers. Available in a wide range of models, Cisco ASA can be deployed as a physical or virtual appliance. Flexible VPN capabilities include support for remote access, site-to-site, and clientless VPN. Also, select appliances support clustering for increased performance, VPN load balancing to optimize available resources, advanced high availability configurations, and more.
Cisco ASAv is the virtualized version of the Cisco ASA firewall. Widely deployed in leading private and public clouds, Cisco ASAv is ideal for remote worker and multi-tenant environments. The solution scales up/down to meet performance requirements and high availability provides resilience. Also, Cisco ASAv can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables greater simplicity, visibility, and efficiency.
Cisco ASA Firewall is ranked 6th in Firewalls with 62 reviews while Sophos UTM is ranked 2nd in Unified Threat Management (UTM) with 21 reviews. Cisco ASA Firewall is rated 8.0, while Sophos UTM is rated 8.4. The top reviewer of Cisco ASA Firewall writes "Robust solution that integrates well with both Cisco products and products from other vendors". On the other hand, the top reviewer of Sophos UTM writes "Great web and email filtering with reasonable pricing". Cisco ASA Firewall is most compared with Fortinet FortiGate, Palo Alto Networks WildFire, Meraki MX, Juniper SRX and WatchGuard Firebox, whereas Sophos UTM is most compared with Fortinet FortiGate, pfSense, Sophos XG, Untangle NG Firewall and Palo Alto Networks NG Firewalls. See our Cisco ASA Firewall vs. Sophos UTM report.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.