"Feature-wise, we mostly use IPS because it is a security requirement to protect against attacks from outside and inside. This is where IPS helps us out a bunch."
"The solution offers very easy configurations."
"IPS and Snort are very important because they also differentiate Cisco from other vendors and competitors."
"The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy."
"The customer service/technical support is very good with this solution."
"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government."
"Web filtering is a big improvement for us. The previous version we used, the AC520, did not have that feature included. It was not very easy for us, especially because the environment had to be isolated and we needed to get updates from outside, such as Windows patches. That feature has really helped us when we are going outside to pull those patches."
"I'm a big fan of SecureX, Cisco's platform for tying together all the different security tools. It has a lot of flexibility and even a lot of third-party or non-Cisco integration. I feel like that's a really valuable tool."
"All its features are good. That's why we recommend it."
"I think that one of the best features is definitely the premium version, along with the IDPs in terms of the intrusion detection and prevention system."
"Network filtering is valuable. The scalability capability from the cloud-native service helps us a lot because it simplifies our day-to-day maintenance activity."
"Azure's cost-effectiveness is its major advantage."
"The most valuable feature is threat intelligence. It is based on filtering and can identify multiple threats."
"Among the most valuable features are the DDoS protection that protects your virtual machines, the threat intelligence, and traffic filtering."
"I like its order management feature. It doesn't have the kind of threat intelligence that Palo Alto has, but the order management makes it much simpler to know the difference."
"I can easily configure it."
"Firewall and overall management are valuable features."
"The most valuable features of Fortinet FortiOS are the ease of use and user-friendly interface."
"The main features I find useful are intrusion prevention and web filtering. Additionally, the solution is easy to manage."
"The most valuable features of Fortinet FortiOS are user-friendliness, ease of use, and threat prevention."
"The classification of the websites is helpful."
"This is a user friendly solution and offers comprehensive integrations."
"I like that the firewall gives me a lot of control in terms of outgoing and inbound traffic, and it scores better in deep packet inspections when compared with the Azure Firewall."
"Performance-wise, I think FortiOS is much better than its Juniper counterpart. Based on our actual experience and performance metrics, FortiOS-based products are much better than Juniper."
"It would be great if some of the load times were faster."
"This product is managed using the Firepower Management Center (FMC), but it would be better if it also supported the command-line interface (CLI)."
"The initial setup can be a bit complex for those unfamiliar with the solution."
"The application detection feature of this solution could be improved as well as its integration with other solutions."
"One of the few things that are brought up is that for the overall management, it would be great to have a cloud instance of that. And not only just a cloud instance, but one of the areas that we've looked at is using an HA type of cloud. To have the ability to have a device file within a cloud. If we had an issue with one, the other one would pick up automatically."
"Implementations require the use of a console. It would help if the console was embedded."
"The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore."
"We're getting support but there's a big delay until we get a response from their technical team. They're in the USA and we're in Africa, so that's the difficulty. When they're in the office, they respond."
"It has fewer features than you can get from other firewalls, like anti-spam and anti-phishing. Those kinds of things are not included. It only includes IDS and IDB."
"It would be much easier if the on-premises, firewall rules, had some kind of export-import possibility in place, which is not the case right now."
"Azure Firewall definitely needs a broader feature base. It should be able to go all the way up to layer 7 when looking at applications and things like that."
"You have to have a defined IP range within your network to associate it with your network. The problem is you have to plan ahead of time if you expect to use the firewall in the future so that you don't have to reconfigure your subnets or that specific IP range. Other than that, I don't any issues. I use it for basic configuration for a single application, so I really don't try to leverage it for multiple applications where I might find some complexity or challenges."
"The solution lacks artificial intelligence and machine learning. It might be in the roadmap. However, currently, it's not available."
"The reporting, logging, and monitoring features, as well as the flexibility of the policies, need to be improved."
"It needs a lot of improvement, especially on intruder detection. They are working hard on that."
"The development area and QA area could be improved. With those improvements, we can improve projects and take even less time to implement them."
"FortiOS doesn't work well with all browsers. I think they need to do a better job of making it compatible with the various browsers that are out there."
"The central management can improve in Fortinet FortiOS. It is sometimes difficult to manage all the devices."
"FortiOS could provide a more detailed analysis of the network and connected devices."
"Fortinet FortiOS can improve the GUI and remove the command line interface. All the functionality should be available from the GUI. Day-to-day management can be tough for IT administrators. Additionally, the reporting is not very good."
"Fortinet FortiOS need to manage its memory and CPU utilization better. It peaks at times, which sometimes can be challenging."
"FortiOS's bandwidth and interface could be improved."
"The implementation could be simplified."
"The support could be improved, Fortinet's response time is very slow. Setting up the VPN could be made much easier, especially when deployed with Azure."
Cisco Firepower Next-Generation Firewall (NGFW) is a firewall that provides capabilities beyond those of a standard firewall and delivers comprehensive, unified policy management of firewall functions, application control, threat prevention, and advanced malware protection from the network to the endpoint.
Cisco NGFW Firewalls include advanced threat defense capabilities to meet diverse needs, from small offices to high-performance data centers and service providers, and are deployed in leading private and public clouds. Available in a wide range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Cisco NGFW firewalls are also available with clustering for increased performance, high availability configurations, and more.
Key Features of Cisco NGFW Firewalls
Reviews from Real Users
Cisco NGFW stands out among its competitors for a number of reasons. Two major ones are its extensive discovery abilities that enable you to constantly see what is happening on your network and take action when necessary, and the high level of protection it provides.
Mike B., a director of IT security at a wellness & fitness company, writes, "It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective."
Zhulien K., the lead network security engineer at TechnoCore LTD, notes, " The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy. Again, with that being said, I cannot shy away from giving kudos to all of the other features such as AVC (Application Visibility and Control), SSL Decryption, Identity policy, Correlation policy, REST API, and more. All of the features that are incorporated in the Cisco Firepower NGFW are awesome and easy to configure if you know what you are doing. Things almost always work, unless you hit a bug, which is fixed with a simple software update. "
Azure Firewall is a user-friendly, intuitive, cloud-native firewall security solution that provides top-of-the-industry threat protection for all your Azure Virtual Network resources. Azure Firewall is constantly and thoroughly analyzing all traffic and data packets, making it a very valuable and secure fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability. Azure Firewall allows users to create virtual IP addresses and provides for secure DDoS protection for the virtual machines on your network. It also provides fast and efficient east-west and north-south traffic security.
Azure Firewall is a managed, cloud-based network security service built to protect your Azure Virtual Network resources. It is a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability.
Azure Firewall has two significant offerings, Standard and Premium.
Azure Firewall Standard works directly with Microsoft Cyber Security and supplies excellent L3-L7 filtering and threat awareness. The proactive real-time threat awareness will quickly alert you and immediately deny all traffic to and from any known problematic or suspicious domains or IP addresses. Microsoft Cyber Security is updated continually to protect against all new and known potential threats at all times. To learn more about Azure Firewall Standard, click here.
Azure Firewall Premium provides everything the standard version does, and additionally adds extra levels of data encryption, network intrusion detection, extended URL filtering, and Web category filters. To learn more about the added features of Azure Firewall Premium, click here.
Key Benefits and Features of Azure Firewall:
What our real users have to say:
Many IT CEntral Station (soon to be Peerspot) users found Azure Firewall to be very user-friendly and easy to use. They liked that it offers seamless integration to the cloud and were especially pleased with the threat filtering options.
Regarding integration and threat intelligence, our users wrote:
Control all the security and networking capabilities in all your FortiGates across your entire network with one intuitive operating system. Improve your protection and visibility while reducing operating expenses and saving time with a truly consolidated next generation enterprise firewall platform.
Azure Firewall is ranked 19th in Firewalls with 17 reviews while Fortinet FortiOS is ranked 17th in Firewalls with 35 reviews. Azure Firewall is rated 7.0, while Fortinet FortiOS is rated 8.4. The top reviewer of Azure Firewall writes "Good value for your money, good URL filtering, supports intrusion prevention, and is stable". On the other hand, the top reviewer of Fortinet FortiOS writes "Great IPS and DNS filtering with useful tutorials available ". Azure Firewall is most compared with Palo Alto Networks NG Firewalls, Fortinet FortiGate-VM, Palo Alto Networks VM-Series, Check Point NGFW and pfSense, whereas Fortinet FortiOS is most compared with Fortinet FortiWeb, Fortinet FortiGate, Infoblox Advanced DNS Protection, Fortinet FortiManager and OPNsense. See our Azure Firewall vs. Fortinet FortiOS report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.