We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy."
"I have access to the web version of Cisco Talos to see the reputation of IP addresses. I find this very helpful. It provides important information for my company to obtain the reputation of IP addresses. The information in Talos is quite complete."
"Firepower has been used for quite a few enterprise clients. Most of our clients are Fortune 500 and Firepower is used to improve their end to end firewall functionality."
"The most important feature is the intensive way you can troubleshoot Cisco Firepower Firewalls. You can go to the bit level to see why traffic is not handled in the correct way, and the majority of the time it's a networking issue and not a firewall issue. You can solve any problem without Cisco TAC help, because you can go very deeply under the hood to find out how traffic is flowing and whether it is not flowing as expected. That is something I have never seen with other brands."
"The feature set is fine and is rarely a problem."
"The Adversity Malware Protection (AMP) feature is the most valuable. It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard."
"The most valuable feature is the access control list (ACL)."
"I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection."
"The most valuable feature is the Posture Assessment."
"Palo Alto Networks VM-Series is very easy to use."
"The most valuable feature is that you can control your traffic flowing out and coming it, allowing you to apply malware and threat protection, as well as vulnerability checks."
"The most valuable features are security and support."
"The Palo Alto VM-Series is nice because I can move the firewalls easily."
"Using Palo Alto Networks Panorama, we were able to deploy a single point of management and visualization of the firewall infrastructure in cloud, on-premise and integrated with Azure to automate scale up. Its security features, i.e. anti-malware, threat prevention, URL Filtering, VPN, and antivirus are the most valuable. The ID-User integrated with AD and 2FA features are also very useful to provide secure access to servers and some users in the company. "
"It has excellent scalability."
"The interface with Panorama makes it very easy to use."
"This is a capable appliance and the standard features work well for us."
"The solution can scale well."
"On the VPN side, Firepower could be better. It needs more monitoring on VPNs. Right now, it's not that good. You can set up a VPN in Firepower, but you can't monitor it."
"The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore."
"The initial setup could be simplified, as it can be complex for new users."
"The central management tool is not comfortable to use. You need to have a specific skill set. This is an important improvement for management because I would like to log into Firepower, see the dashboard, and generate a real-time report, then I question my team."
"The price and SD-WAN capabilities are the areas that need improvement."
"They need a VTI. I know it's going to be available in the next software version, which is the 6.7 version. However, the problem with that is that the 6.7 is going to deprecate all the older IKEv1 deployment tunnels. Therefore, the problem is that we have a lot of customers which are using older encryptions. If I do that, update it, it's not going to work for me."
"My team tells me that other solutions such as Fortinet and Palo Alto are easier to implement."
"I believe that the current feature set of the device is very good and the only thing that Cisco should work on is improving the user experience with the device."
"I would like to have automatic daily reporting, such as how many users have connected via SSL VPN."
"In the next release, I would like to see better integration between the endpoints and the firewalls."
"Integrative capabilities with other solutions should be addressed."
"At the beginning of the implementation, we had some difficulties with the scripts, but Palo Alto Networks support together with a local partner finally fixed it."
"In the next release, I would like for them to develop an anti-malware functionality in which it checks for malicious files like Cisco has."
"Its web interface is a bit outdated, and it needs to be updated. They can also improve the NAT functionality. We have had issues with the NAT setup."
"The command-line interface is something that some people struggle with and I think that they should have an option to go straight to the GUI."
"Palo Alto is that it is really bad when it comes to technical support."
"Although manageable, the user interface is a little bit slow and could be improved."
"Sometimes it reboots when you least expect it, and that's the main issue."
"Cisco pricing is premium. However, they gave us a 50 to 60 percent discount."
"Pricing is the same as other competitors. It is comparable. The licensing has gotten better. It has been easier with Smart Licensing."
"This product requires licenses for advanced features including Snort, IPS, and malware detection."
"The price is comparable."
"Its price is in the middle range. Both Firepower and FortiGate are not cheap. Palo Alto and Check Point are the cheapest ones. I don't remember any costs in addition to the standard licensing fees."
"This product is expensive."
"I know that licensing for some of the advanced solutions, like Intrusion Prevention and Secure Malware Analytics, are nominal costs."
"Its pricing is good and competitive. There is a maintenance cost. It includes SecureX that makes it cost-effective as compared to the other solutions where you have to pay for XDR and SOAR capabilities."
"The VM series is licensed annually."
"The price of this solution is very high for some parts of Africa, which makes it a challenge."
"Because I work for a university and the URL is for the institution, it's a free license for us."
"It is not the cheapest on the market. The total cost for two firewall instances is $75,000. This includes licenses, deployment fees, and support for two years."
"The cost of this product varies from customer to customer and the relationship with IBM, including how many offerings from IBM are already being used."
"Palo Alto can be as much as two times the price of competing products that have twice the capabilities."
"This gateway is pretty cheap."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
The VM-Series is a virtualized form factor of our next-generation firewall that can be deployed in a range of private and public cloud computing environments based on technologies from VMware, Amazon Web Services, Microsoft, Citrix and KVM.
The VM-Series natively analyzes all traffic in a single pass to determine the application identity, the content within, and the user identity. These core elements of your business can then be used as integral components of your security policy, enabling you to improve your security efficacy through a positive control model and reduce your incident response time though complete visibility into applications across all ports.
In both private and public cloud environments, the VM-Series can be deployed as a perimeter gateway, an IPsec VPN termination point, and a segmentation gateway, protecting your workloads with application enablement and threat prevention policies.
ZyWALL USG Series delivers high-access quality to help businesses satisfy the demand for always-online communications. For internal deployments, the ZyWALL USG Series provides active-passive High-Availability (HA) service to support device or connection failover.
With Device HA Pro service, the ZyWALL USG Series also supports instant failover, so connections are always maintained when a failover event occurs. For external deployments, the ZyWALL USG Series features multi- WAN load balancing/failover and a comprehensive mobile broadband USB modem support list for WAN backup operations. The ZyWALL USG Series also supports IPSec load balancing and failover, providing additional resilience for mission-critical VPN failover with VTI Interface deployments.
ZyWALL USG110/210/310 thoroughly protects networks with industry-leading firewall, Anti-Malware/ Virus, Anti-Spam, Content Filtering, IDP, and Application Patrol functionality. Regulate unauthorized use of Web applications over your network, such as Facebook, Google apps, and Netflix, among others. Zyxel security measures are enhanced with SSL Inspection, blocking threats hidden in SSL-encrypted connections while facilitating deeper policy enforcement. Furthermore, newly improved Content Filtering 2.0 enhances HTTPS Domain Filter, Browser SafeSearch, and Geo IP Blocking for an array of security enhancements to ensure clean Web connections.
Palo Alto Networks VM-Series is ranked 11th in Firewalls with 16 reviews while Zyxel Unified Security Gateway is ranked 9th in Unified Threat Management (UTM) with 2 reviews. Palo Alto Networks VM-Series is rated 8.6, while Zyxel Unified Security Gateway is rated 6.0. The top reviewer of Palo Alto Networks VM-Series writes "An excellent solution for the right situations and businesses". On the other hand, the top reviewer of Zyxel Unified Security Gateway writes "Low cost but unresponsive technical support and very unstable performance". Palo Alto Networks VM-Series is most compared with Azure Firewall, Fortinet FortiGate, Cisco ASA Firewall, Juniper SRX and Palo Alto Networks NG Firewalls, whereas Zyxel Unified Security Gateway is most compared with pfSense, Fortinet FortiOS, Fortinet FortiGate, WatchGuard Firebox and Sophos UTM.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.