We just raised a $30M Series A: Read our story

McAfee Firewall Enterprise MFE [EOL] Competitors and Alternatives

# Comparisons
Get our free report covering , and other competitors of McAfee Firewall Enterprise MFE [EOL]. Updated: November 2021.
554,382 professionals have used our research since 2012.

Read reviews of McAfee Firewall Enterprise MFE [EOL] competitors and alternatives

Georges Samaha
Security Consultant at a tech services company with 501-1,000 employees
Top 5
Good application detection, strong antivirus capabilities and built-in machine learning

Pros and Cons

  • "From my experience, comparing it to other products, the granularity you can have in the application is very good. The application detection is excellent. It's certainly one of the best."
  • "The solution would benefit from having a dashboard."

What is our primary use case?

We primarily use the solution as a firewall.

What is most valuable?

From my experience, comparing it to other products, the granularity you can have in the application is very good. The application detection is excellent. It's certainly one of the best. 

The engine detector application is usually one of the best compared to any other firewall on the market, in my opinion.  With it, I can do a lot of rules based on the application. If you have multiple internet links, you can have an application export from one link, and an application wire from another link. You can have security on the application. The security, for example, can have different functionalities. Basically, the granularity of rules is amazing in Palo Alto.

They have a good reputation for their antivirus capabilities.

The solution offers a strong URL based system or detection for malicious URL or malicious files. 

They even have a machine learning algorithm. They do a lot of very advanced detection for files and URLs. 

Once you deploy the product, you can basically forget about it. It has high customer satisfaction because it's always just working.

What needs improvement?

The solution would benefit from having a dashboard.

From a normal IPS after attack, routine attack and threat detection attack, in other words, the standard IPS detection attack, I don't see Palo Alto as very good compared to others. The standard network IPS functionality could be better. It's there in solutions like McAfee or Tipping Point, however, I don't see it here in this solution.

For how long have I used the solution?

We've been working with Palo Alto for about six years now.

What do I think about the stability of the solution?

From my experience, it's the best hardware compared to other NG firewalls from the perspective of performance stability. While the other firewalls lose 50 or 60% of performance when enabling all policies, Palo Alto loses 10 to 20% maximum, even with enabled IPS and fire detection and all. From our experience performance-wise, it's one of the best hardware solutions for firewalls. 

We haven't lost performance really, so I would describe it as very stable. There are not any issues.

What do I think about the scalability of the solution?

Since the solution is hardware, there are some limitations in terms of scalability.

Usually, in hardware, you can't say it's scalable or not due to the fact that you have the limitations built-in related to the size of the box. The box has a maximum number that it can reach. You can add more hardware, however, the hardware itself is finite.

We usually do a POC first so we can get the figures for performance and we can put in a box that can support 20 or 30 people extra for future expansion.

How are customer service and technical support?

In general technical support is very good. That said, usually, when we face an issue, we try to solve it ourselves internally before going to level one support. 

In general, we never have had a big issue with support. I don't have much experience with the support team to tell you if they're really good or not. Usually 80% of the cases we open, we talk with the distributor and finish the operation case directly with Palo Alto. It's more like a backend request and therefore I don't have much input that would be objective.

Which solution did I use previously and why did I switch?

As resellers, we also work with Cisco and some Forcepoint solutions.

I like that in Cisco there's more security parts, like IPS, and a Demandware engine.

I like Cisco, in general, more than Palo Alto if I'm comparing the two. However, from an application perspective, our application's usability and detection and firewall control using an application, it's Palo Alto that's the best on the market. That's, of course, purely from a  firewall point of view. Even in terms of detection of the applications, it has the best system.

How was the initial setup?

The deployment depends on the client's environment as well as how they are using it. For example, an internet NG firewall on the internet, it takes, on average, a week between installation, integration, and tuning. Usually we don't do all the policies because we are system integrator. We do the main policies and we teach the customer and then do a handover to the user for tuning and all the installation extras.

If it's a data center project, it takes more time and effort. It takes a month sometimes due to the fact that we'll be dealing with a lot of traffic. The application and server are usually harder to control than internet applications like Facebook and other standard applications, and easier on the internet. Then there's also internal applications, custom applications, migrating applications, finance education applications, etc., which are not always direct from the customer or directly known.

In short, the implementation isn't always straightforward. There can be quite a bit of complexity, depending on the company.

What other advice do I have?

In general, I prefer hardware, and Palo Alto's is quite good. However, we have a couple of virtual deployments for cases as well.

I would definitely recommend the solution. It's one of the best firewalls on the market. I've worked with four different vendors in the past, and some of the most mature NG firewalls are Palo Alto's. It's their main business, so they are able to really focus on the tech. They spend a lot of time on R&D. They're always leading the way with new technologies. 

While Cisco has more main products, Palo Alto really does focus in on NG firewalls. That's why I always see them as a leader in the space.

I'd rate the solution nine out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Manoj Nair
Tech Specialist at Select Softwares
Real User
Top 5Leaderboard
A rugged solution capable of defeating advanced threats

Pros and Cons

  • "It's very simple to use and the support is great."
  • "They should consider upgrading the capabilities within the GUI."

What is our primary use case?

I am a consultant. I work with a software dealer in the IT security business.

I deployed SonicWall for a customer just last month.

What is most valuable?

It's very simple to use and the support is great. I am in India and they have a support office here. As a company product, SonicWall firewalls and their support has been excellent.

It's a simple, rugged product. When I say rugged, mechanically, it's a very rugged box. The same thing applies to Sophos also, it's also a very rugged box. It's rugged technology, it can take a beating and still be operational. 

One of the greatest strengths of the SonicWall system is that they have multiple portals for multiple tasks, whereas all the other solutions have no single tool for doing multiple tasks. That has been one major advantage of SonicWall. Regarding the SonicWall box, you need to be capable of taking multiple loads compared to the competition. That's a very unique feature of the SonicWall system. They also have an antivirus solution that is tied to their system which is called SentinelOne.

The support is very good. The product is also very reliable. There are always new, frequent updates — nothing more or less. It's very flexible; it's ready to go right out of the box, unlike some other solutions which require a lot of training. The GUI is very user-friendly. Even if you've never touched a firewall in your life, with a bit of time and practice, you'll get the hang of it.

What needs improvement?

In terms of improvement, they should consider changing the logic of how the rules are created. Everything is spread out into multiple pockets, so to speak; it should be more condensed. The technology is sound; I am not saying that it's brilliant, but it is very sound for most mid-range uses — it does a fantastic job.

They should consider upgrading the capabilities within the GUI. The way the GUI is configured for creating rules, I would say they should consider making that a bit more flexible. That would really help a lot.

For how long have I used the solution?

I have used SonicWall NSA for three years.

What do I think about the stability of the solution?

SonicWall NSA is very stable. I ran my last box for 10 years before I switched it off. 10 years is a long time for anything. If it can run for 10 years, it's stable. It's money made twice over. It might not be technologically up to speed and it may not be upgradeable, but that's a different matter.

What do I think about the scalability of the solution?

These boxes are well-known for the amount of mechanics and users they can handle.

How was the initial setup?

The initial setup is very easy.

The basic setup takes roughly half an hour. After that, when it comes to configuring the rules and dependencies, with ideal conditions, I would say that it takes roughly a week. Overall, within two to three weeks, we were in production.

Roughly 90% (50% in the worst-case scenario) of the customer's settings are ready within a couple of days from the time the box is powered up. When you power up the box, you have to set the rules. So, I implement it, engage the rules, and then ask somebody to test some of the connections and give me some feedback. That takes a bit of time, but otherwise, it only takes a couple of days until the box is ready. If you want to push it, within a week it's possible to reach roughly 90% to 95% production — the rules and the performance have to be fine-tuned which takes a little bit of time.

What other advice do I have?

 I would definitely recommend SonicWall for their simplicity of use, but if you can configure SonicWall, have a look at Sophos also. Sophos has put a lot of hard work into their connections and the GUI. SonicWall's GUI is slightly lacking compared to Sophos' GUI; however, capabilities-wise, Sophos doesn't have a lead over SonicWall.

If I had to make a recommendation to a customer, I would tell them to look at both products. I would push the Sophos box because it has certain advantages, technologically, compared to SonicWall. For example, they have their own antivirus solution — the Sophos antivirus solution. It's a firewall as well and the tool will communicate with the central cloud. From the cloud instance, you can control the system.

The Sophos gateway has got allied products, like SD run connectors. You can manage the same rules between multiple firewalls because they're all connected to the same account. Overall, Sophos is superior to SonicWall.

The first requirement of a paying customer, independent of their choice of product, is to check if the technical support of the product is locally available. That's the first requirement I would give to any customer. The product may be great but if the support in your geographical region is not there, then it's not worth it.

Take Trend Micro for example. If you're a customer of Trend Micro but you're not in the immediate support region, then what happens? You will have to raise a ticket and wait, but you don't have anybody on the ground to come to your office and do an emergency scan and raise your ticket, so it's a bit of a dangerous issue. I would recommend a product that has both local technical and physical support.

On a scale from one to ten, I would give SonicWall a rating of eight.

Which deployment model are you using for this solution?

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Get our free report covering , and other competitors of McAfee Firewall Enterprise MFE [EOL]. Updated: November 2021.
554,382 professionals have used our research since 2012.