Most Helpful Review
Researched Palo Alto Networks VM-Series but chose Cisco ASA Firewall: Good stability, excellent technical support, and powerful intrusion detection
Find out what your peers are saying about Palo Alto Networks VM-Series vs. Sophos UTM and other solutions. Updated: March 2020.
447,654 professionals have used our research since 2012.
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"It is a comprehensive suite and complete package."
"The integration and configuration were pretty straightforward."
"The transparency of the single UI to ensure security. A product has to be simple so that an administrator can use it."
"It provides security for our company and users."
"Among the top features are integrated threat defence and the fact that each virtual appliance is separate so you get great granular control."
"Its VPN and ASN features are very stable."
"The setup was straightforward. I was happy with the configuration and deployment of the solution, as it was quick."
"This solution has good security, and it's a good product. You can trust Cisco, and there's support as well, which is really good."
"It has the ability to create Palo Alto VM-series using software."
"It is nice to have a rock solid security platform that we can count on."
"AWS has improved our agility to apply firewall rules. It has reduced the amount of time that it takes to apply firewall rules because everything is based in the cloud."
"It offers a single pane of glass for all the different types of installations."
"It gives us the ease that we are secure. We have set up the proper things that help make our data safe."
"It allows us to see all our traffic to properly secure it and only allow what is needed through the firewall."
"You already can scale it if you put it in Auto Scaling groups. If you put it in a load balancer, it should already be able to scale."
"It provides complete security posture from end-to-end. This has given us better visibility into what our security aspects are."
"Sophos has a single pane of glass which allows me to manage all my VPCs from a single instance, managing all my firewall from one place."
"It helped to connect our satellite offices to the main Amazon infrastructure in a circular way."
"It has made our organization more secure, because we are using a VPN. We are not accessing services directly. It allows us to segregate some of the traffic for individuals which may be more of a developer role rather than an operational role needing access to developer resources, but not necessarily production operational resources."
"It makes it a lot easier for us to maintain things. Prior to it, things were more difficult. This means less time on us. We can focus on other things. The recovery is more in man-hours for us than anything else."
"It works well without any maintenance. So far, it has worked pretty well regardless of the traffic."
"It meets our compliance needs in an elastic computer environment."
"The implementation with the AWS environment was good."
"It has helped by identifying threats within the company. If there are computers or servers that are compromised, then we are able to identify them right away in the system."
"Cisco ASA should be easier to use. It is a bit tough to navigate and see what is going on."
"Even on a smaller scale, people are finding you need HA pairs, and there's no way that the ASA can do that, at least in the virtual version."
"The artificial intelligence and machine learning (behavioral based threat detection), which I can this will be coming out in another year, these are what we need now."
"The initial setup was complex."
"There are always vulnerabilities that come up and there was one in early 2018 but this was patched with software updates."
"In terms of next-generation capabilities, Cisco is a little behind, and it is way behind the market leaders."
"The phishing emails could be improved."
"There may have been one or two incidences of malicious threats."
"In the next release, I would like to see better integration of multi-factor authentication vendors."
"We have run into some issues with scaling and limitations associated with some of the configurations."
"We don't know how it will scale once we start putting more load on it."
"I would like a way to do everything programmatically, or be able to copy the configs from different prices at different levels."
"AWS doesn't integrate well with third-party firewalls."
"On the cloud side, they need to come up with more HA solutions to support the multi-region."
"The product could provide protection above Layer 3, which gets into the application layer and provides better visibility into those aspects of application security."
"It can definitely improve on the performance."
"I would like them to move from the Classic Load Balancer to the Network Load Balancer. This would make it easier to do certain things with Amazon. They are able to do some enhancements with Network Load Balancer that they are unable to do with Classic Load Balancer."
"We had some problems with the configuration. They had provided a CloudFormation template, and we had to go several rounds to make it work."
"They could definitely improve on the support, especially in other countries."
"The documentation during the AWS integration was a little fuzzy on getting it to work with how the whole public exposure versus private exposure, then routing some of the traffic."
"The product could be simplified and made more self-explanatory."
"It is a little too CPU resource intensive, so we would like to see improvements there."
"They could reduce the price."
"The technical support only communicates via email. I would prefer to communicate directly with someone."
Pricing and Cost Advice
"Purchasing from the AWS Marketplace was easy. It was just point and click."
"It is pay-as-you-go, so it much cheaper than buying in the plants."
"Our individual release cycle has been quicker because the entire development and testing environment has been automated because of these virtual instances. It has aligned our development workflow. This is where we have seen the ROI increase."
"With the Cisco ASA, you do get what you pay for. What would really be awesome is to see Cisco blow out a real cheap version where you can use the sandbox, but leave it step-wise and go to another product relatively easily, like getting you hooked on candy."
"We are partners with Cisco. They are always one call away, which is good. They know how to keep their customers happy."
"Pricing is high, but it is essentially a corporate decision."
"Licensing is expensive compared to other solutions."
"The cost is a big factor for us. This is why we are using it only in our restricted area. They are very much higher than their competitors in the market."
"Some parts of purchasing through AWS Marketplace are good, such as this product was easy to find and launch. Some of the other parts could be clearer in the AWS Marketplace, e.g., how to properly do an annual subscription."
"The pricing and licensing are reasonable."
"We found purchasing process the product on the AWS Marketplace to be very good."
"The price is not bad. They have a yearly renewal fee, and the pricing is exactly where we expect it to be."
"Purchasing on the AWS Marketplace was simple, effective, and easy."
"AWS is available as a AMI that you can purchase from the AWS Marketplace. Therefore, you need to purchase the licensing, since it is per AMI. Then, you deploy it on a regular EC2. Then, for on-premise, you can use both Palo Alto's software and hardware."
"Because the solution was getting deployed on AWS, it was the best place to go and it was available there."
"One of the factors for selecting Palo Alto was they had flexible pricing. They had a pay-as-you-go model. Comparable to other products, such as Check Point, the price point was definitely a plus."
"We originally purchased the solution through the AWS Marketplace. I started my proof of concept doing pay-as-you-go, then moved to a VAR for a 'Bring Your Own Licence' (BYOL) licensing model. The BYOL license still requires you to accept the terms of the AWS Marketplace to deploy."
"Purchasing it through the AWS Marketplace went smoothly. We did not have any issues and the pricing was decent."
"Purchasing through the AWS Marketplace is pretty straightforward. Because were entirely on AWS and don't have anything anywhere else. It made the most sense for us as a one stop shop."
"The pricing is pretty reasonable. I don't think that it is overly expensive."
"The AWS Marketplace product should be a better fit, but it is a little pricier."
"The pricing and licensing are both good and better than Sophos's competitors. This is why we went with the product."
"Sometimes more is less, meaning if you want more than three features, take the FullGuard licence."
"We purchased the appliance with five years onsite support and licenses."
Questions from the Community
Top Answer: Cisco FW for peace of mind
Top Answer: They provide DDoS protection and multi-factor authentication. That is a good option as it enables work-from-home… more »
Top Answer: In terms of costs, other solutions are more expensive than Cisco. Palo Alto is more expensive than Cisco.
Top Answer: I have been working with Palo Alto for more than 5 years now and I think I have worked with almost every other firewall… more »
Top Answer: The most valuable features are web control and IPS/IDS.
Top Answer: The price of this solution is very high for some parts of Africa, which makes it a challenge. If it were lowered then it… more »
Top Answer: In my opinion and as a result of years of experience: - Both are great firewalls with excellent performance and a… more »
Top Answer: My understanding is that UTM is the software; SG is the hardware. You can buy Sophos UTM running on SG hardware and then… more »
Top Answer: One other big difference is that pfSense is FreeBSD based while Sophos UTM is linux based. It is also worth having a… more »
Compared 34% of the time.
Compared 15% of the time.
Compared 8% of the time.
Compared 5% of the time.
Compared 39% of the time.
Compared 12% of the time.
Compared 7% of the time.
Compared 5% of the time.
Compared 2% of the time.
Compared 28% of the time.
Compared 23% of the time.
Compared 10% of the time.
Compared 7% of the time.
Compared 3% of the time.
Also Known As
|Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAv||Astaro|
|Cisco||Palo Alto Networks||Sophos|
Cisco ASA firewalls deliver enterprise-class firewall functionality with highly scalable and flexible VPN capabilities to meet diverse needs, from small/branch offices to high performance data centers and service providers. Available in a wide range of models, Cisco ASA can be deployed as a physical or virtual appliance. Flexible VPN capabilities include support for remote access, site-to-site, and clientless VPN. Also, select appliances support clustering for increased performance, VPN load balancing to optimize available resources, advanced high availability configurations, and more.
Cisco ASAv is the virtualized version of the Cisco ASA firewall. Widely deployed in leading private and public clouds, Cisco ASAv is ideal for remote worker and multi-tenant environments. The solution scales up/down to meet performance requirements and high availability provides resilience. Also, Cisco ASAv can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables greater simplicity, visibility, and efficiency.
The VM-Series is a virtualized form factor of our next-generation firewall that can be deployed in a range of private and public cloud computing environments based on technologies from VMware, Amazon Web Services, Microsoft, Citrix and KVM.
The VM-Series natively analyzes all traffic in a single pass to determine the application identity, the content within, and the user identity. These core elements of your business can then be used as integral components of your security policy, enabling you to improve your security efficacy through a positive control model and reduce your incident response time though complete visibility into applications across all ports.
In both private and public cloud environments, the VM-Series can be deployed as a perimeter gateway, an IPsec VPN termination point, and a segmentation gateway, protecting your workloads with application enablement and threat prevention policies.
|The global network of highly skilled researchers and analysts, protecting businesses from known and emerging malware - viruses, rootkits and spyware.|
Learn more about Cisco ASA Firewall
Learn more about Palo Alto Networks VM-Series
Learn more about Sophos UTM
|There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.||Warren Rogers Associates||One Housing Group|
Financial Services Firm19%
Comms Service Provider12%
Comms Service Provider31%
Computer Software Company24%
Financial Services Firm18%
Computer Software Company32%
Comms Service Provider16%
K 12 Educational Company Or School5%
Comms Service Provider10%
Financial Services Firm10%
Comms Service Provider35%
Computer Software Company21%
See our list of .