Most Helpful Review
Researched Palo Alto Networks NG Firewalls but chose Cisco ASA Firewall: Good stability, excellent technical support, and powerful intrusion detection
Find out what your peers are saying about Palo Alto Networks NG Firewalls vs. Sophos UTM and other solutions. Updated: March 2020.
447,654 professionals have used our research since 2012.
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"It is a comprehensive suite and complete package."
"The integration and configuration were pretty straightforward."
"The transparency of the single UI to ensure security. A product has to be simple so that an administrator can use it."
"It provides security for our company and users."
"Among the top features are integrated threat defence and the fact that each virtual appliance is separate so you get great granular control."
"Its VPN and ASN features are very stable."
"The setup was straightforward. I was happy with the configuration and deployment of the solution, as it was quick."
"This solution has good security, and it's a good product. You can trust Cisco, and there's support as well, which is really good."
"We standardized on the product and got rid of several other types of firewalls from different vendors."
"It is very scalable."
"The most valuable feature is the ability to deeply analyze the connection or connection type."
"One of the things I really like about it is that we have the same features and functions available on the entry-level device (PA-220), as do large corporations with much more costly appliances."
"One of the best firewalls on the market."
"Good functionality and features."
"The basic configuration will only take 15 minutes to set up"
"The solution is very stable."
"Sophos has a single pane of glass which allows me to manage all my VPCs from a single instance, managing all my firewall from one place."
"It helped to connect our satellite offices to the main Amazon infrastructure in a circular way."
"It has made our organization more secure, because we are using a VPN. We are not accessing services directly. It allows us to segregate some of the traffic for individuals which may be more of a developer role rather than an operational role needing access to developer resources, but not necessarily production operational resources."
"It makes it a lot easier for us to maintain things. Prior to it, things were more difficult. This means less time on us. We can focus on other things. The recovery is more in man-hours for us than anything else."
"It works well without any maintenance. So far, it has worked pretty well regardless of the traffic."
"It meets our compliance needs in an elastic computer environment."
"The implementation with the AWS environment was good."
"It has helped by identifying threats within the company. If there are computers or servers that are compromised, then we are able to identify them right away in the system."
"Cisco ASA should be easier to use. It is a bit tough to navigate and see what is going on."
"Even on a smaller scale, people are finding you need HA pairs, and there's no way that the ASA can do that, at least in the virtual version."
"The artificial intelligence and machine learning (behavioral based threat detection), which I can this will be coming out in another year, these are what we need now."
"The initial setup was complex."
"There are always vulnerabilities that come up and there was one in early 2018 but this was patched with software updates."
"In terms of next-generation capabilities, Cisco is a little behind, and it is way behind the market leaders."
"The phishing emails could be improved."
"There may have been one or two incidences of malicious threats."
"I would like integration with Evident.io and RedLock."
"The data loss prevention (DLP) capabilities need to be beefed up."
"Overall it is good. It is reliable and easy to understand. However, the monitoring feature could be improved."
"The initial configuration is complicated to set up."
"The user interface is a bit clumsy and not very user-friendly."
"Could also use better customer support."
"Customers don't want to buy extra things for extra capabilities"
"Generating reports is not so easy."
"I would like them to move from the Classic Load Balancer to the Network Load Balancer. This would make it easier to do certain things with Amazon. They are able to do some enhancements with Network Load Balancer that they are unable to do with Classic Load Balancer."
"We had some problems with the configuration. They had provided a CloudFormation template, and we had to go several rounds to make it work."
"They could definitely improve on the support, especially in other countries."
"The documentation during the AWS integration was a little fuzzy on getting it to work with how the whole public exposure versus private exposure, then routing some of the traffic."
"The product could be simplified and made more self-explanatory."
"It is a little too CPU resource intensive, so we would like to see improvements there."
"They could reduce the price."
"The technical support only communicates via email. I would prefer to communicate directly with someone."
Pricing and Cost Advice
"Purchasing from the AWS Marketplace was easy. It was just point and click."
"It is pay-as-you-go, so it much cheaper than buying in the plants."
"Our individual release cycle has been quicker because the entire development and testing environment has been automated because of these virtual instances. It has aligned our development workflow. This is where we have seen the ROI increase."
"With the Cisco ASA, you do get what you pay for. What would really be awesome is to see Cisco blow out a real cheap version where you can use the sandbox, but leave it step-wise and go to another product relatively easily, like getting you hooked on candy."
"We are partners with Cisco. They are always one call away, which is good. They know how to keep their customers happy."
"Pricing is high, but it is essentially a corporate decision."
"Licensing is expensive compared to other solutions."
"The cost is a big factor for us. This is why we are using it only in our restricted area. They are very much higher than their competitors in the market."
"Annually, the licensing costs are too much."
"Pricing is yearly, but it depends. You could pay on a yearly basis, or every three years. If you want to add a device or two, there would be an additional cost. Also, if you want to do an assessment, or other similar add-on, you have to pay accordingly for the additional service."
"It will be worth your time to hire a contractor to set it up and configure it for you, especially if you are not very knowledgeable with PA firewalls."
"Don't buy a device with more power than you really need, because licensing depends on the cost of the box you have."
"The licensing is annual, and there aren't any additional fees on top of that."
"The price of this product should be reduced."
"The pricing is competitive in the market."
"This is an expensive product, which is why some of our customers don't adopt it."
"We originally purchased the solution through the AWS Marketplace. I started my proof of concept doing pay-as-you-go, then moved to a VAR for a 'Bring Your Own Licence' (BYOL) licensing model. The BYOL license still requires you to accept the terms of the AWS Marketplace to deploy."
"Purchasing it through the AWS Marketplace went smoothly. We did not have any issues and the pricing was decent."
"Purchasing through the AWS Marketplace is pretty straightforward. Because were entirely on AWS and don't have anything anywhere else. It made the most sense for us as a one stop shop."
"The pricing is pretty reasonable. I don't think that it is overly expensive."
"The AWS Marketplace product should be a better fit, but it is a little pricier."
"The pricing and licensing are both good and better than Sophos's competitors. This is why we went with the product."
"Sometimes more is less, meaning if you want more than three features, take the FullGuard licence."
"We purchased the appliance with five years onsite support and licenses."
Questions from the Community
Top Answer: Cisco FW for peace of mind
Top Answer: They provide DDoS protection and multi-factor authentication. That is a good option as it enables work-from-home… more »
Top Answer: In terms of costs, other solutions are more expensive than Cisco. Palo Alto is more expensive than Cisco.
Top Answer: I have been working with Palo Alto for more than 5 years now and I think I have worked with almost every other firewall… more »
Top Answer: This is arguably the best security protection that you can buy.
Top Answer: Palo Alto is a little expensive compared to every other solution, but you get what you pay for. The question I have been… more »
Top Answer: In my opinion and as a result of years of experience: - Both are great firewalls with excellent performance and a… more »
Top Answer: My understanding is that UTM is the software; SG is the hardware. You can buy Sophos UTM running on SG hardware and then… more »
Top Answer: One other big difference is that pfSense is FreeBSD based while Sophos UTM is linux based. It is also worth having a… more »
Compared 34% of the time.
Compared 15% of the time.
Compared 8% of the time.
Compared 5% of the time.
Compared 3% of the time.
Compared 24% of the time.
Compared 15% of the time.
Compared 14% of the time.
Compared 11% of the time.
Compared 2% of the time.
Compared 28% of the time.
Compared 23% of the time.
Compared 10% of the time.
Compared 7% of the time.
Compared 1% of the time.
Also Known As
|Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAv||Palo Alto NGFW, Palo Alto Networks Next-Generation Firewall, Palo Alto Networks PA-Series||Astaro|
|Cisco||Palo Alto Networks||Sophos|
Cisco ASA firewalls deliver enterprise-class firewall functionality with highly scalable and flexible VPN capabilities to meet diverse needs, from small/branch offices to high performance data centers and service providers. Available in a wide range of models, Cisco ASA can be deployed as a physical or virtual appliance. Flexible VPN capabilities include support for remote access, site-to-site, and clientless VPN. Also, select appliances support clustering for increased performance, VPN load balancing to optimize available resources, advanced high availability configurations, and more.
Cisco ASAv is the virtualized version of the Cisco ASA firewall. Widely deployed in leading private and public clouds, Cisco ASAv is ideal for remote worker and multi-tenant environments. The solution scales up/down to meet performance requirements and high availability provides resilience. Also, Cisco ASAv can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables greater simplicity, visibility, and efficiency.
Palo Alto Networks' next-generation firewalls secure your business with a prevention-focused architecture and integrated innovations that are easy to deploy and use. Now, you can accelerate growth and eliminate risks at the same time.
|The global network of highly skilled researchers and analysts, protecting businesses from known and emerging malware - viruses, rootkits and spyware.|
Learn more about Cisco ASA Firewall
Learn more about Palo Alto Networks NG Firewalls
Learn more about Sophos UTM
|There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.||SkiStar AB, Ada County, Global IT Services PSF, Southern Cross Hospitals, Verge Health, University of Portsmouth, Austrian Airlines, The Heinz Endowments||One Housing Group|
Financial Services Firm19%
Comms Service Provider12%
Comms Service Provider31%
Computer Software Company24%
Financial Services Firm18%
Computer Software Company18%
Comms Service Provider27%
Computer Software Company25%
Comms Service Provider10%
Financial Services Firm10%
Comms Service Provider35%
Computer Software Company21%
See our list of .