We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Firepower has been used for quite a few enterprise clients. Most of our clients are Fortune 500 and Firepower is used to improve their end to end firewall functionality."
"The integration of network and workload micro-segmentation helps a lot to provide unified segmentation policies across east-west and north-south traffic. One concrete example is with Cisco ACI for the data center. Not only are we doing what is called a service graph on the ACI to make sure that we can filter traffic east-west between two endpoints in the same network, but when we go north-south or east-west, we can then leverage what we have on the network with SGTs on Cisco ISE. Once you build your matrix, it is very easy to filter in and out on east-west or north-south traffic."
"The most important features are the intrusion prevention engine and the application visibility and control. The Snort feature in Firepower is also valuable."
"The solution offers very easy configurations."
"The Firepower+ISE+AMP for endpoint integration is something that really stands it out with other vendor solutions. They have something called pxGrid and i think it is already endorsed by IETF. This allows all devices on the network to communicate."
"Provides good integrations and reporting."
"I have integrated it for incidence response. If there is a security event, the Cisco firewall will automatically block the traffic, which is valuable."
"It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS."
"Palo Alto Networks VM-Series is very easy to use."
"The most valuable features are the User ID, URL filtering, and application filtering."
"The VM series has an advantage over the physical version because we are able to change the sources that the machine has, such as the amount of available RAM."
"The most valuable feature is the Posture Assessment."
"The most valuable aspects of this solution are that it's simple and stable. It has better security aspects compared to other similar solutions."
"Using Palo Alto Networks Panorama, we were able to deploy a single point of management and visualization of the firewall infrastructure in cloud, on-premise and integrated with Azure to automate scale up. Its security features, i.e. anti-malware, threat prevention, URL Filtering, VPN, and antivirus are the most valuable. The ID-User integrated with AD and 2FA features are also very useful to provide secure access to servers and some users in the company. "
"The Palo Alto VM-Series is nice because I can move the firewalls easily."
"The most valuable feature is that you can control your traffic flowing out and coming it, allowing you to apply malware and threat protection, as well as vulnerability checks."
"It has been delivering results efficiently. Its configurations and updates have been easy. It is also user-friendly."
"SonicWall NSSP is stable and scalable too."
"The VPN functionality is really good. Overall, the whole device is very easy to manage. The software that comes with it is also good."
"The solution could offer better control that would allow the ability to restrictions certain features from a website."
"One of the few things that are brought up is that for the overall management, it would be great to have a cloud instance of that. And not only just a cloud instance, but one of the areas that we've looked at is using an HA type of cloud. To have the ability to have a device file within a cloud. If we had an issue with one, the other one would pick up automatically."
"It would be great if some of the load times were faster."
"I believe that the current feature set of the device is very good and the only thing that Cisco should work on is improving the user experience with the device."
"The price and SD-WAN capabilities are the areas that need improvement."
"FirePOWER does a good job when it comes to providing us with visibility into threats, but I would like to see a more proactive stance to it."
"Cisco makes horrible UIs, so the interface is something that should be improved."
"We're getting support but there's a big delay until we get a response from their technical team. They're in the USA and we're in Africa, so that's the difficulty. When they're in the office, they respond."
"It'll help if Palo Alto Networks provided better documentation."
"It would be good if the common features work consistently in physical and virtual environments. There was an integration issue in the virtual deployment where it didn't report the interface counters, and we had to upgrade to the latest version, whereas the same thing has been working in the physical deployment for ages now. It seems that it was because of Azure. We were using VMware before, and we didn't have any such issues. We do see such small issues where we expect things to work, but they don't because of some incompatibilities. There also seems to be a limitation on how to do high availability in a virtualized environment. All features should be consistently available in physical and virtual environments. It is not always easy to integrate Palo Alto in the network management system. We would like to be able to compare two network management systems. They can maybe allow monitoring an interface through the GUI to create a reference or do a baseline check about whether your network monitoring system is actually giving you the correct traffic figures. You need traffic figures to be able to recognize the trends and plan the capacity."
"I would like to have automatic daily reporting, such as how many users have connected via SSL VPN."
"The disadvantage with Palo Alto is that they don't have a cloud-based solution that includes a secure web gateway."
"The product needs improvement in their Secure Access Service Edge."
"The command-line interface is something that some people struggle with and I think that they should have an option to go straight to the GUI."
"The implementation should be simplified."
"There should be an option for direct integration with the Azure platform."
"No security product is foolproof against hackers, intruders, and other such things. As a security product, they have to keep pace in terms of protection from new hackers and intruders."
"Its reporting functions can be improved. It has decent reporting, but you got to pay a lot more money for it. That's where it begins to fall apart. It comes with minimal zero reporting unless you buy some extra modules. With those extra modules, you can get all the data, but it takes a while to put together what you need for your customer. It is for technical people, but there is no executive summary of the reporting."
"The user interface, the GUI, could be improved."
"Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
"It definitely competes with the other vendors in the market."
"Cisco pricing is premium. However, they gave us a 50 to 60 percent discount."
"Its pricing is good and competitive. There is a maintenance cost. It includes SecureX that makes it cost-effective as compared to the other solutions where you have to pay for XDR and SOAR capabilities."
"Its price is in the middle range. Both Firepower and FortiGate are not cheap. Palo Alto and Check Point are the cheapest ones. I don't remember any costs in addition to the standard licensing fees."
"For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
"This solution is expensive and other solutions, such as FortiGate, are cheaper."
"The price is comparable."
"It is not the cheapest on the market. The total cost for two firewall instances is $75,000. This includes licenses, deployment fees, and support for two years."
"Because I work for a university and the URL is for the institution, it's a free license for us."
"The price of this solution is very high for some parts of Africa, which makes it a challenge."
"The cost of this product varies from customer to customer and the relationship with IBM, including how many offerings from IBM are already being used."
"Palo Alto can be as much as two times the price of competing products that have twice the capabilities."
"The VM series is licensed annually."
"You got to buy some VPN licenses, and there might be a $40 to $50 one-time license fee per current user. There are different layers. They have several different levels of event security software and depending on the model, it seems to come out to be $1 to $2 a day. So, if you bought a three-year license, it is going to be anywhere from $900 to $1800 depending on the bundle and model that you buy."
"For SonicWall NSSP high availability, active/passive, you need to buy one license, and so you get much more value for money."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
The VM-Series is a virtualized form factor of our next-generation firewall that can be deployed in a range of private and public cloud computing environments based on technologies from VMware, Amazon Web Services, Microsoft, Citrix and KVM.
The VM-Series natively analyzes all traffic in a single pass to determine the application identity, the content within, and the user identity. These core elements of your business can then be used as integral components of your security policy, enabling you to improve your security efficacy through a positive control model and reduce your incident response time though complete visibility into applications across all ports.
In both private and public cloud environments, the VM-Series can be deployed as a perimeter gateway, an IPsec VPN termination point, and a segmentation gateway, protecting your workloads with application enablement and threat prevention policies.
The SonicWall Network Security services platform (NSsp) 12000 series takes a modern approach to threat detection and prevention by combining cloud intelligence with appliance-based protection in a scalable, high-speed platform.
Palo Alto Networks VM-Series is ranked 11th in Firewalls with 16 reviews while SonicWall NSSP is ranked 26th in Firewalls with 3 reviews. Palo Alto Networks VM-Series is rated 8.6, while SonicWall NSSP is rated 9.6. The top reviewer of Palo Alto Networks VM-Series writes "An excellent solution for the right situations and businesses". On the other hand, the top reviewer of SonicWall NSSP writes "Good VPN functionality, very good support, easy to manage, and meets all of our needs". Palo Alto Networks VM-Series is most compared with Azure Firewall, Fortinet FortiGate, Cisco ASA Firewall, Juniper SRX and Palo Alto Networks NG Firewalls, whereas SonicWall NSSP is most compared with . See our Palo Alto Networks VM-Series vs. SonicWall NSSP report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.