"Firepower NGFW has improved my organization in several ways. Before, we were trying to stamp out security threats and issues, it was a one-off type of way to attack it. I spent a lot of manpower trying to track down the individual issues or flare-ups that we would see. With Cisco's Firepower Management, we're able to have that push up to basically one monitor and one UI and be able to track that and stop threats immediately. It also gives us a little more granularity on what those threats might be."
"You do not have to do everything through a command line which makes it a lot easier to apply rules."
"The most important feature is the intensive way you can troubleshoot Cisco Firepower Firewalls. You can go to the bit level to see why traffic is not handled in the correct way, and the majority of the time it's a networking issue and not a firewall issue. You can solve any problem without Cisco TAC help, because you can go very deeply under the hood to find out how traffic is flowing and whether it is not flowing as expected. That is something I have never seen with other brands."
"Feature-wise, we mostly use IPS because it is a security requirement to protect against attacks from outside and inside. This is where IPS helps us out a bunch."
"It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS."
"Another benefit has been user integration. We try to integrate our policies so that we can create policies based on active users. We can create policies based on who is accessing a resource instead of just IP addresses and ports."
"Firepower has been used for quite a few enterprise clients. Most of our clients are Fortune 500 and Firepower is used to improve their end to end firewall functionality."
"The customer service/technical support is very good with this solution."
"I like its order management feature. It doesn't have the kind of threat intelligence that Palo Alto has, but the order management makes it much simpler to know the difference."
"The solution has many useful features. For example, the solution allows users to create virtual IP addresses."
"Network filtering is valuable. The scalability capability from the cloud-native service helps us a lot because it simplifies our day-to-day maintenance activity."
"I can easily configure it."
"It's auto-scalable, which is a great feature."
"Among the most valuable features are the DDoS protection that protects your virtual machines, the threat intelligence, and traffic filtering."
"The solution can autoscale."
"Great security and connectivity."
"It's fine, and it's good. It's very stable."
"Technical support has been quite helpful."
"The scalability is fine."
"It is very fast and very easy to maintain. Another nice part of it is that you can easily extract the logs and move them over to a security operations center."
"The CLI works perfectly."
"I like the Junos OS, which has been very good for me. It's very clever."
"The Juniper SRX series is easy to use."
"The solution has been good for fulfilling our basic needs."
"I would like to see improvement when you create policies on Snort 3 IPS on Cisco Firepower. On Snort 2, it was more like a UI page where you had some multiple choices where you could tweak your config. On Snort 3, the idea is more to build some rules on the text file or JSON file, then push it. So, I would like to see a lot of improvements here."
"FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively."
"My team tells me that other solutions such as Fortinet and Palo Alto are easier to implement."
"The price and SD-WAN capabilities are the areas that need improvement."
"One feature I would like to see, that Firepower doesn't have, is email security. Perhaps in the future, Cisco will integrate Cisco Umbrella with Firepower. I don't see why we should have to pay for two separate products when both could be integrated in one box."
"The configuration in Firepower Management Center is very slow. Deployment takes two to three minutes. You spend a lot of time on modifications. Whereas, in FortiGate, you press a button, and it takes one second."
"The solution could offer better control that would allow the ability to restrictions certain features from a website."
"The initial setup could be simplified, as it can be complex for new users."
"The solution lacks artificial intelligence and machine learning. It might be in the roadmap. However, currently, it's not available."
"There are a number of things that need to be simplified, but it's mostly costs. It needs to be simplified because it's pretty expensive."
"The reporting, logging, and monitoring features, as well as the flexibility of the policies, need to be improved."
"They can improve the pricing of Azure Firewall."
"It has fewer features than you can get from other firewalls, like anti-spam and anti-phishing. Those kinds of things are not included. It only includes IDS and IDB."
"The product could be made more customizable."
"It would be much easier if the on-premises, firewall rules, had some kind of export-import possibility in place, which is not the case right now."
"For larger enterprises, they need to adjust the scalability."
"The reporting is lacking."
"It must be 5G ready. The 5G network is rolling out soon in India, and Juniper must upgrade their firewall slot to the 5G network, or they must manufacture a 5G dongle card for the Juniper firewall. I want Juniper to upgrade their dongle from 4G to 5G. Presently, they have an expansion slot in the SRX 322 series and higher firewalls. In that expansion slot, they can put a 4G mobility SIM card so that whenever our primary link is down, it will automatically connect through this GSM network and form a tunnel."
"The capacity can be limiting. We have outgrown its capacity. You can only scale up to a certain extent, depending on the device purchased."
"It should be easier to escalate support tickets."
"It could be more secure."
"It was very difficult to deal with and required a lot of support, and the UI is very poor."
"The setup process should be improved."
"J-Web, Juniper Web, is sometimes not working great when users are increasing their internet use. Additionally, they need to improve the GUI, graphical user interface, and the firewall management needs to improve. Their CLI is good, but sometimes the GUI is very slow."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Azure Firewall is a user-friendly, intuitive, cloud-native firewall security solution that provides top-of-the-industry threat protection for all your Azure Virtual Network resources. Azure Firewall is constantly and thoroughly analyzing all traffic and data packets, making it a very valuable and secure fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability. Azure Firewall allows users to create virtual IP addresses and provides for secure DDoS protection for the virtual machines on your network. It also provides fast and efficient east-west and north-south traffic security.
Azure Firewall is a managed, cloud-based network security service built to protect your Azure Virtual Network resources. It is a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability.
Azure Firewall has two significant offerings, Standard and Premium.
Azure Firewall Standard works directly with Microsoft Cyber Security and supplies excellent L3-L7 filtering and threat awareness. The proactive real-time threat awareness will quickly alert you and immediately deny all traffic to and from any known problematic or suspicious domains or IP addresses. Microsoft Cyber Security is updated continually to protect against all new and known potential threats at all times. To learn more about Azure Firewall Standard, click here.
Azure Firewall Premium provides everything the standard version does, and additionally adds extra levels of data encryption, network intrusion detection, extended URL filtering, and Web category filters. To learn more about the added features of Azure Firewall Premium, click here.
Key Benefits and Features of Azure Firewall:
What our real users have to say:
Many IT CEntral Station (soon to be Peerspot) users found Azure Firewall to be very user-friendly and easy to use. They liked that it offers seamless integration to the cloud and were especially pleased with the threat filtering options.
Regarding integration and threat intelligence, our users wrote:
Azure Firewall is ranked 19th in Firewalls with 20 reviews while Juniper SRX is ranked 14th in Firewalls with 35 reviews. Azure Firewall is rated 7.2, while Juniper SRX is rated 7.8. The top reviewer of Azure Firewall writes "Good value for your money, good URL filtering, supports intrusion prevention, and is stable". On the other hand, the top reviewer of Juniper SRX writes "This best in class Next-Gen firewall is elegant in its ease-of-use and architecture". Azure Firewall is most compared with Palo Alto Networks NG Firewalls, Palo Alto Networks VM-Series, Fortinet FortiGate-VM, Check Point NGFW and Cisco ASA Firewall, whereas Juniper SRX is most compared with Fortinet FortiGate, Cisco ASA Firewall, Palo Alto Networks WildFire, pfSense and OPNsense. See our Azure Firewall vs. Juniper SRX report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.