"I like that Cisco Firepower NGFW Firewall is reliable. Support is also good."
"Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity."
"IPS and Snort are very important because they also differentiate Cisco from other vendors and competitors."
"With Cisco, there are a lot of features such as the network map. Cisco builds the whole network map of the machines you have behind your firewall and gives you insight into the vulnerabilities and attributes that the host has. Checkpoint and Fortinet don't have that functionality directly on the firewall."
"Feature-wise, we mostly use IPS because it is a security requirement to protect against attacks from outside and inside. This is where IPS helps us out a bunch."
"The integration of network and workload micro-segmentation helps a lot to provide unified segmentation policies across east-west and north-south traffic. One concrete example is with Cisco ACI for the data center. Not only are we doing what is called a service graph on the ACI to make sure that we can filter traffic east-west between two endpoints in the same network, but when we go north-south or east-west, we can then leverage what we have on the network with SGTs on Cisco ISE. Once you build your matrix, it is very easy to filter in and out on east-west or north-south traffic."
"It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective."
"The most valuable feature is the Intrusion Prevention System."
"The feature that I have found the most valuable is the control over the network permissions and the network."
"The solution should be capable of self-scaling, which is one of the features we like about it."
"I think that one of the best features is definitely the premium version, along with the IDPs in terms of the intrusion detection and prevention system."
"Microsoft's technical support is very good. They're quite knowledgable and responsive."
"Azure's cost-effectiveness is its major advantage."
"All its features are good. That's why we recommend it."
"The most valuable feature is threat intelligence. It is based on filtering and can identify multiple threats."
"The solution can autoscale."
"Ability to manage multiple firewalls."
"Its central management, especially when it comes to distributed environments, is great. I can generate and save a setting and then apply that setting across the network with just one click."
"Good identity fire walling, malware protection and application control features."
"Its ability to block incoming attacks is valuable. Its logging, traffic monitoring, and VPN capabilities are also valuable."
"Its stability and SD-WAN features are the most valuable."
"It's great for handling complex items."
"Most of the features don't work well, and some features are missing as well."
"When you make any changes, irrespective of whether they are big or small, Firepower takes too much time. It is very time-consuming. Even for small changes, you have to wait for 60 seconds or maybe more, which is not good. Similarly, when you have many IPS rules and policies, it slows down, and there is an impact on its performance."
"One of the few things that are brought up is that for the overall management, it would be great to have a cloud instance of that. And not only just a cloud instance, but one of the areas that we've looked at is using an HA type of cloud. To have the ability to have a device file within a cloud. If we had an issue with one, the other one would pick up automatically."
"The maturity needs to be better."
"This product is managed using the Firepower Management Center (FMC), but it would be better if it also supported the command-line interface (CLI)."
"Implementations require the use of a console. It would help if the console was embedded."
"The initial setup can be a bit complex for those unfamiliar with the solution."
"It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience."
"It would be nice to be able to create groupings for servers and offer groups of IP addresses."
"It is a cloud service, but the lending speed for each region is not always the same. For example, in China, the speed is slow. They need to think about how to make sure that the service pace or speed is always the same in all regions. It would be a great improvement if they can provide the same pace worldwide."
"It would be much easier if the on-premises, firewall rules, had some kind of export-import possibility in place, which is not the case right now."
"An Azure firewall is not a real firewall."
"Azure Firewall has limited visibility for IDPS, no TLS inspection, no app ID, no user ID, no content ID, no device ID. There is no antivirus or anti-spyware. Azure Firewall doesn't scan traffic for malware unless it triggers an IDPS signature. There is no sandbox or machine learning functionality, meaning we are not protected from Zero-day threats. There is no DNS security and limited web categories."
"You have to have a defined IP range within your network to associate it with your network. The problem is you have to plan ahead of time if you expect to use the firewall in the future so that you don't have to reconfigure your subnets or that specific IP range. Other than that, I don't any issues. I use it for basic configuration for a single application, so I really don't try to leverage it for multiple applications where I might find some complexity or challenges."
"Right now, with Azure Firewall, we cannot have a normal inbound traffic flow. For inbound, Microsoft suggests using application gateways, so the options are very limited. I cannot use this firewall as an intermediate firewall because of the limitations, and I cannot point routing to another firewall. So if I want to use back-to-back firewall architecture in my environment, I cannot use Azure Firewall for that type of configuration either."
"It has fewer features than you can get from other firewalls, like anti-spam and anti-phishing. Those kinds of things are not included. It only includes IDS and IDB."
"The administration UI could be better. It should also have better application detection policies."
"The price is a bit higher than other vendors."
"Command line could be more user friendly."
"The analytics are weak."
"There is room for improvement in performance and the support language. The support they're providing right now is from a different country, and in our country, there are people—network admins and IT heads—who don't speak English properly. So Barracuda needs to provide support agents who speak additional languages, such as Bangla."
"The biggest issue that I have with this solution is that it is not super intuitive. Once you know what to do, things make sense, but you can't just open the program and start doing things. It would be great if there was a little bit more guided usage inside the program."
More Cisco Firepower NGFW Firewall Pricing and Cost Advice →
Azure Firewall is ranked 19th in Firewalls with 16 reviews while Barracuda CloudGen Firewall is ranked 28th in Firewalls with 6 reviews. Azure Firewall is rated 6.8, while Barracuda CloudGen Firewall is rated 8.2. The top reviewer of Azure Firewall writes "Good value for your money, good URL filtering, supports intrusion prevention, and is stable". On the other hand, the top reviewer of Barracuda CloudGen Firewall writes "My network has never been interrupted or experienced a denial of service". Azure Firewall is most compared with Palo Alto Networks NG Firewalls, Palo Alto Networks VM-Series, Fortinet FortiGate-VM and Check Point NGFW, whereas Barracuda CloudGen Firewall is most compared with Fortinet FortiGate, Sophos XG, pfSense, Cisco ASA Firewall and WatchGuard Firebox. See our Azure Firewall vs. Barracuda CloudGen Firewall report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
