"The solution offers very easy configurations."
"I like the firewall features, Snort, and the Intrusion Prevention System (IPS)."
"The most valuable features of this solution are advanced malware protection, IPS, and IDS."
"The most important features are the intrusion prevention engine and the application visibility and control. The Snort feature in Firepower is also valuable."
"The feature set is fine and is rarely a problem."
"If configured, Firepower provides us with application visibility and control."
"If you compare the ASA and the FirePOWER, the best feature with FirePOWER is easy to use GUI. It has most of the same functionality in the Next-Generation FirePOWER, such as IPS, IPS policies, security intelligence, and integration and identification of all the devices or hardware you have in your network. Additionally, this solution is user-friendly."
"It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective."
"Azure Firewall's feature that I have found most valuable is its scalability."
"Great security and connectivity."
"All its features are good. That's why we recommend it."
"In terms of the reporting, it's beautiful. It integrates with Azure monitoring and with Azure policies. That piece is a big help. You can set governing policies and you can use the application firewall, as well as the Azure Firewall, to enforce those policies."
"The solution can autoscale."
"Microsoft's technical support is very good. They're quite knowledgable and responsive."
"The solution has many useful features. For example, the solution allows users to create virtual IP addresses."
"It's auto-scalable, which is a great feature."
"One of the benefits that we have realized from using this product is that the user interface makes it easier to operate, compared to using the CLI."
"Check Point helps a lot with automatization which definitely reduces the effort to maintain the environment."
"One of the solution's best features include a packet-filtering firewall that examines packets in isolation."
"It secures my organization. With the application blade, I can make security as application based and the custom application is also very useful. With identity awareness blades we get insights on our local users who are accessing/passing through the respective rule as users. We also use the DLP, IPS, and VPN features."
"We are delighted with the powerful management console and diagnostic tools."
"The different hardware models focus on a wide spectrum of the market, so any company can choose a model that makes sense for them from the range."
"The scalability is very good."
"My favorite feature is the UTM piece and that was the main reason we bought it. It helps us to fine tune the network."
"One feature I would like to see, that Firepower doesn't have, is email security. Perhaps in the future, Cisco will integrate Cisco Umbrella with Firepower. I don't see why we should have to pay for two separate products when both could be integrated in one box."
"The initial setup could be simplified, as it can be complex for new users."
"The visibility for VPN is one big part. The policy administration could be improved in terms of customizations and flexibility for changing it to our needs."
"My team tells me that other solutions such as Fortinet and Palo Alto are easier to implement."
"We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve."
"The initial setup was a bit complex. It wasn't a major challenge, but due to our requirements and network, it was not very straightforward but still easy enough."
"The change-deployment time can always be improved. Even at 50 seconds, it's longer than some of its competitors. I would challenge Cisco to continue to improve in that area."
"There is limited data storage on the appliance itself. So, you need to ship it out elsewhere in order for you to store it. The only point of consideration is around that area, basically limited storage on the machine and appliance. Consider logging it elsewhere or pushing it out to a SIEM to get better controls and manipulation over the data to generate additional metrics and visibility."
"The product could be made more customizable."
"The threat intelligence part could be better. I don't see why our customers have to get an additional solution with Azure Firewall. It would be great if they made it on par with Palo Alto."
"The interface could be improved, it's not very user friendly."
"It would be much easier if the on-premises, firewall rules, had some kind of export-import possibility in place, which is not the case right now."
"It is a cloud service, but the lending speed for each region is not always the same. For example, in China, the speed is slow. They need to think about how to make sure that the service pace or speed is always the same in all regions. It would be a great improvement if they can provide the same pace worldwide."
"Azure Firewall has limited visibility for IDPS, no TLS inspection, no app ID, no user ID, no content ID, no device ID. There is no antivirus or anti-spyware. Azure Firewall doesn't scan traffic for malware unless it triggers an IDPS signature. There is no sandbox or machine learning functionality, meaning we are not protected from Zero-day threats. There is no DNS security and limited web categories."
"We find it's different implementing it region-to-region. It might help if it was universal across all regions."
"The solution doesn't offer the same capabilities of Fortinet. It should offer intrusion prevention and advance filtering. These are two very useful features offered on Fortinet that Azure lacks."
"I'd like to see more use of applications and URLs in security policies moving forwards."
"They should integrate all blades to use a single policy rather than multiple."
"The Antivirus feature is something that could be improved. We don't get much from the Antivirus update in comparison to their competitor's firewalls. It needs to be more advanced because Check Point is nowadays sent all over the world. Therefore, the Antivirus feature should be of very good quality and cover all virus checks. I would also like the Antivirus updates to be more frequent."
"Although there is a lot of automation and pattern that can be classified automatically, the IPS systems are sometimes a little bit complicated, and doing the fine-tuning in over 20,000 patterns is hard to do."
"There is room for improvement in application-based filtering, as with other firewalls available in the market today."
"Unfortunately, the API is not fully complete and also it is not an API which I would refer to as a RESTful API as there are different endpoints for the same entity."
"Until you have some experience, the installation and configuration are difficult."
"The antivirus is not as effective as it could be because updates are not that frequent."
More Cisco Firepower NGFW Firewall Pricing and Cost Advice →
Azure Firewall is ranked 19th in Firewalls with 22 reviews while Check Point NGFW is ranked 2nd in Firewalls with 160 reviews. Azure Firewall is rated 7.2, while Check Point NGFW is rated 8.8. The top reviewer of Azure Firewall writes "Good value for your money, good URL filtering, supports intrusion prevention, and is stable". On the other hand, the top reviewer of Check Point NGFW writes "Central architecture means we can see an end-to-end picture of attacks". Azure Firewall is most compared with Palo Alto Networks NG Firewalls, Palo Alto Networks VM-Series, Fortinet FortiGate-VM, Cisco ASA Firewall and Sophos XG, whereas Check Point NGFW is most compared with Fortinet FortiGate, Palo Alto Networks NG Firewalls, Meraki MX, Cisco ASA Firewall and Juniper SRX. See our Azure Firewall vs. Check Point NGFW report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
