Most Helpful Review
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
For us, the most valuable features are the IPX and the Sourcefire Defense Center module. That gives us visibility into the traffic coming in and going out, and gives us the heads-up if there is a potential outbreak or potential malicious user who is trying to access the site. It also helps us see traffic generated by an end device trying to reach out to the world.
The information coming from Talos does a good job... I like the fact that Cisco is working with them and getting the information from them and updating the firewall.
The firepower sensors have been great; they do a good job of dropping unwanted traffic.
Unfortunately in Cisco, only the hardware was good.
The most important point is the detection engine which is now part of the next-generation firewalls and which is supported by Cisco Talos.
The most valuable features are the flexibility and level of security that this solution provides.
Integration with all the other Cisco tools is valuable.
We moved from a legacy firewall to the ASA with FirePOWER, increasing our Internet Edge defense dramatically.
The Untangle firewall is a software firewall, so it runs on generic hardware. We found that was probably the best feature, and it's why we chose it when we started using it three years ago.
The interface is very good.
Web filtering is very reliable.
The features I have found the most useful are the web filter, the captive portal, the SSL inspector, and the ad-blocker. They're awesome.
None of my clients has had a ransom or breach using Untangle.
Web Filter is effective, Web Cache offers bandwidth savings, and the VPN setup is easy.
It is very easy to deploy and monitor.
It is not attached to an appliance, meaning if you get a good PC/server, then you can already run a firewall.
WatchGuard XTM is fairly basic. We use it as the perimeter firewall. The main point is to protect from attack software and hacking.
After installing the product, we achieved awareness of our data protection needs and email misuse.
I like the hostwatch because I can see what traffic uses the most bandwidth and I can block that site.
We have used technical support for WatchGuard many times and overall, we are satisfied with it. They are always listening and there is a good reaction time to our findings. When there are issues, they really try to resolve them.
Application Control is fantastic with over 2,500 applications and the granularity that we can either allow people to view but not be able to log on to Facebook; or view it and log onto it if they're in the marketing department, but not play Facebook games. There are all sorts of different options like that. So it's highly granular.
Reputation Enabled Defense indicates that some websites are so infested that it's not even worth visiting them, and therefore saving the bandwidth of going through the detection process.
They have a reporting system which can store data over a very long period of time. Not many other firewall vendors provide a reporting system, but if they do, like Fortinet does, then you've got buy that as an additional product and that can be more than twice as expensive as the initial investment in the firewall. And without reporting over a long-term period, you're just about wasting your time.
It is stable and does not require you to reboot all the time.
We were also not too thrilled when Cisco announced that in the upcoming new-gen ASA, iOS was not going to be supported, or if you install them, they will not be able to be managed through the Sourcefire. However, it seems like Cisco is moving away from the ASA iOS to the Sourcefire FireSIGHT firmware for the ASA. We haven't had a chance to test it out.
Our latest experience with a code upgrade included a number of bugs and issues that we ran into. So more testing with their code, before it hits us, would help.
The software was very buggy, to the point it had to be removed.
In NGFW, Cisco should be aligned with the new technology and inspection intelligence because Cisco is far behind in this pipeline.
Most users do not have awareness of this product's functionality and features. Cisco should do something to make them aware of them. That would be quite excellent and useful to organizations that are still using legacy data-center-security products.
There was an error in the configuration, related to our uplink switches, that caused us to contact technical support, and it took a very long time to resolve the issue.
With regards to stability, we had a critical bug come out during our evaluation... not good.
The product would be improved if the GUI could be brought into the 21st Century.
The web content filtering needs improvement.
The pricing is not as good as it was some time ago. They've since skipped offering a lot of individual features.
The hardware can be improved.
For the web filter, I think they can do better especially on the free model.
It would be much easier if there was a mobile app.
The ability to setup a DDNS for each WAN independently would be a very handy feature.
The product needs to have a better support group for its online support, specifically for its help desk.
The management console for partners is a bit tricky (buggy).
One huge issue with WatchGuard XTM is that I'm not getting reports in a readable format. Readable means, I don't want Excel online. We repeat auditing when we trigger the report or setup calendar. That functionality is what we are looking for from WatchGuard XTM here.
I would like them to improve the product's overall protections. This would be good for all product users.
The setting policies need improvement. It needs an easier way to do static NAT and check on what policy is being used for that specific traffic.
Sometimes we have had issues with stability of the product.
WatchGuard doesn't have a product that allows them to get into the data center. And that's just because there is no hardware to do the job. The software could do it, but there's no hardware that allows that to happen at the moment. So it doesn't scale as well as some other products, that's for sure.
The initial setup is neither simple nor complex. If you know the base in networking and how the firewall works, you will be able to figure it out.
Pricing and Cost Advice
Pricing varies on the model and the features we are using. It could be anywhere from $600 to $1000 to up to $7,000 per year, depending on what model and what feature sets are available to us.
We used Check Point and the two are comparable. Cost was really what put us onto the ASAs... the price tag for Check Point was exorbitantly more than what it is for the ASA solution.
Always consider what you might need to reduce your wasted time and invest it in other solutions.
Watch out for hidden licensing and incredibly high annual maintenance costs.
We paid about $7,000 for the Cisco firewall, plus another small Cisco router and the lead switch. It was under the combined license. It's a final agreement.
The cost is a big factor for us. This is why we are using it only in our restricted area. They are very much higher than their competitors in the market.
Licensing is expensive compared to other solutions.
Pricing is high, but it is essentially a corporate decision.
We pay $350 USD per year for the solution. There are no additional costs. As long as you're not using a physical appliance, that's all you need.
It is the most cost-effective to use.
The licensing and renewal is very expensive.
Like all other manufacturers, there are a lot of features and different pricing. The best is to talk to a representative.
Compared 39% of the time.
Compared 11% of the time.
Compared 9% of the time.
Compared 52% of the time.
Compared 12% of the time.
Compared 12% of the time.
Compared 28% of the time.
Compared 15% of the time.
Compared 14% of the time.
Also Known As
|Cisco ASA, Adaptive Security Appliance, ASA|
Adaptive Security Appliance (ASA) is Cisco's end-to-end software solution and core operating system that powers the Cisco ASA product series. This software solution provides enterprise-level firewall capabilities for all types of ASA products, including blades, standalone appliances and virtual devices. Adaptive Security Appliance provides protection to organizations of all sizes, and allows end-users to access information securely anywhere, at any time, and through any device.
Adaptive Security Appliance is also fully compatible with other key security technologies, and so provides organizations with an all-encompassing security solution.
Block more threats and quickly mitigate those that do breach your defenses with the industry’s first threat-focused NGFW.
Untangle NG Firewall takes the complexity out of network security—saving you time, money and frustration. Get everything you need in a single, modular platform that fits the evolving needs of your organization without the headaches of multiple point solutions.
Enjoy the flexibility to deploy Untangle’s award-winning NG Firewall software on third party hardware, as a virtual machine, or as a turnkey appliance.
Rest assured that the browser-based, responsive and intuitive interface will enable you to create policies quickly and easily. Then, drill down into database-driven reports—the most comprehensive and detailed in the industry—to get visibility into exactly what’s happening on your network.
Small businesses need big security, too, and the WatchGuard XTM Series firewall/VPN appliances deliver that strong protection, but without the hefty price tag. Enterprise-grade security includes full HTTPS content inspection, VoIP support, and optional security subscriptions like Application Control and Intrusion Prevention Service.
Learn more about Cisco ASA NGFW
Learn more about Untangle NG Firewall
Learn more about WatchGuard XTM [EOL]
|There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.||North American Stamping Group, Cerebral Palsy of North Jersey (CPNJ), Brown County Schools, IN, City of Bridgeton, MO, Lancaster County, SC, Vision Charter School, Clay County Sheriff’s Department, NC, Breakwater School, Boys & Girls Club of Manchester, NH, Admiral Farragut Academy, Flow Companies, No Ordinary Hotel, KECdesign,||AVG, Cyren, Kaspersky Lab, Lastline, NCP engineering, Trend Micro, Websense|
Financial Services Firm17%
Comms Service Provider11%
Software R&D Company29%
Comms Service Provider16%
Comms Service Provider18%
Software R&D Company13%
Financial Services Firm36%