We performed a comparison between Azure Firewall and Check Point NGFW based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison of Results: Based on the parameters we compared, Azure Firewall seems to be a superior solution. All other things being more or less equal, our reviewers found Check Point NGFW to be rather expensive to purchase. Users of Check Point NGFW feel that the stability of the product could be improved. Additionally, some users are not so impressed by the technical support and training that it offers.
"One of the most valuable features of Firepower 7.0 is the "live log" type feature called Unified Event Viewer. That view has been really good in helping me get to data faster, decreasing the amount of time it takes to find information, and allowing me to fix problems faster. I've found that to be incredibly valuable because it's a lot easier to get to some points of data now."
"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government."
"It brings us the ability to work from anywhere and has allowed us to work remotely without having to incur a lot of other costs. If we didn't have this type of solution, since we have so many on-prem services that are required, we would have likely lost money and been unable to deliver. We have a video services team who helped build the content for our sporting events. When you are watching a Leaf game and those swipes come by as well as the clips and things, those are all generated in-house. Without the ability to access our on-premise resources, we would have been dead in the water. So, the return on that is pretty impressive."
"I have not contacted technical support. There is a lot of information on the internet for troubleshooting. All you need to do is use a search engine and you will find the information you are looking for easily."
"It helped us a lot with our VPNs for the home office during COVID. There has been more security and flexibility for VPNs and other applications."
"The CLI is the most valuable feature. This solution is very flexible and offers different functionality including firewalls and VPN connectivity."
"I like the IPS feature, it is the most valuable."
"The most important feature is the intensive way you can troubleshoot Cisco Firepower Firewalls. You can go to the bit level to see why traffic is not handled in the correct way, and the majority of the time it's a networking issue and not a firewall issue. You can solve any problem without Cisco TAC help, because you can go very deeply under the hood to find out how traffic is flowing and whether it is not flowing as expected. That is something I have never seen with other brands."
"The solution should be capable of self-scaling, which is one of the features we like about it."
"It is easy for me to protect certain ports or even the IP addresses, as well as do whitelisting, blacklisting, and the FQDN when we want virtual machines connected and to protect certain websites."
"In terms of the reporting, it's beautiful. It integrates with Azure monitoring and with Azure policies. That piece is a big help. You can set governing policies and you can use the application firewall, as well as the Azure Firewall, to enforce those policies."
"It provided ease of maintenance. If a new firewall was needed, we only had to run the pipelines for this. So, the maintenance was very easy."
"I can easily configure it."
"All its features are good. That's why we recommend it."
"I like its order management feature. It doesn't have the kind of threat intelligence that Palo Alto has, but the order management makes it much simpler to know the difference."
"The most valuable feature is threat intelligence. It is based on filtering and can identify multiple threats."
"The failover from one device to the other has been seamless and we find that we do not lose ongoing SIP calls or Teams chats."
"We can also run policies with two or more people simultaneously without problems or the risk of developing the wrong policy."
"The packet inspections have been a strong point."
"We do not have any problems with stability."
"One of the solution's best features include a packet-filtering firewall that examines packets in isolation."
"Check Point has strong security features as well as some decent monitoring and management capabilities."
"I like the SmartEvent feature. When we see a threat, SmartEvent can create a rule for that. SmartEvent works with the SmartCenter to block a threat attack with a block monitor. The SmartCenter has the management for all the firewalls and data centers in a single dashboard."
"The AntiSpam/Mail blade was also one of the main reasons we went with this product since we hosted our email server locally. This was an extra layer of protection on top of the existing solution."
"We only have an issue with time sync with Cisco ASA and NTP. If the time is out of sync, it will be a disaster for the failover."
"This solution could be more granular and user-friendly."
"It lacks management. For me, it still doesn't have a proper management tool or GUI for configuration, logging, and visualization. Its management is not that easy. It is also not very flexible and easy to configure. They used to have a product called CSM, but it is no longer being developed. FortiGate is better than this solution in terms of GUI, flexibility, and user-friendliness."
"If they want to add better features to the current Cisco ASA, they can start by increasing the encryption. That is the only thing they need to improve."
"The ease of use needs improvement. It is complex to operate the solution. The user interface is not friendly."
"Cisco ASA Firewall could improve by adding more advanced features such as web filtering, which is available in the next-generation firewalls. However, the Cisco ASA Firewall I am using could be old and these features have been updated."
"There are some limitations with SSL. Regarding the security assessment for the ISO 27000 standard, there are certain features that Cisco needs to scale up. Not all products support it, so you need to be slightly careful, especially on the site track."
"Third-party integrations could be improved."
"Azure Firewall should have a free trial version for new users so that they can evaluate it before deploying it."
"It is a cloud service, but the lending speed for each region is not always the same. For example, in China, the speed is slow. They need to think about how to make sure that the service pace or speed is always the same in all regions. It would be a great improvement if they can provide the same pace worldwide."
"The threat intelligence part could be better. I don't see why our customers have to get an additional solution with Azure Firewall. It would be great if they made it on par with Palo Alto."
"It would be nice to be able to create groupings for servers and offer groups of IP addresses."
"An Azure firewall is not a real firewall."
"The development area and QA area could be improved. With those improvements, we can improve projects and take even less time to implement them."
"You have to have a defined IP range within your network to associate it with your network. The problem is you have to plan ahead of time if you expect to use the firewall in the future so that you don't have to reconfigure your subnets or that specific IP range. Other than that, I don't any issues. I use it for basic configuration for a single application, so I really don't try to leverage it for multiple applications where I might find some complexity or challenges."
"It has fewer features than you can get from other firewalls, like anti-spam and anti-phishing. Those kinds of things are not included. It only includes IDS and IDB."
"There should be better integration with our current NAC solution to increase the granularity of policies that we implement."
"Potential improvements could be made around simplifying VPN functionality and configuration."
"In terms of what could be improved, I would say the application control and the visibility. I'd like granularity where you can have all the levels of policies that are defined, including the intel threat. It depends on what kind of intel threat the company has."
"There needs to be advanced troubleshooting."
"The upgrade is something we would like to be improved in the future as the frequency of hotfixes is too much, and by the time we finish the one round, we already have the new version released and are required to upgrade."
"There are issues with stability while upgrading devices with hotfixes."
"One of the main features that need improvement is the rule filter export."
"Pricing needs to be lowered from start, this would be more effective than lowering it during negotiations."
Azure Firewall is ranked 14th in Firewalls with 17 reviews while Check Point NGFW is ranked 4th in Firewalls with 162 reviews. Azure Firewall is rated 7.0, while Check Point NGFW is rated 9.0. The top reviewer of Azure Firewall writes "Good value for your money, good URL filtering, supports intrusion prevention, and is stable". On the other hand, the top reviewer of Check Point NGFW writes "Centrally managed, good antivirus and attack prevention capabilities, knowledgeable support". Azure Firewall is most compared with Palo Alto Networks NG Firewalls, Fortinet FortiGate-VM, Palo Alto Networks VM-Series, pfSense and Fortinet FortiGate, whereas Check Point NGFW is most compared with Fortinet FortiGate, Palo Alto Networks NG Firewalls, pfSense, OPNsense and Juniper SRX. See our Azure Firewall vs. Check Point NGFW report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Check Point firewall does a deep inspection of packets till Layer 7 and is more compatible with the organizational environment.
The Azure firewall is also a cloud-based security solution that also provides Advance Threat Protection.