We performed a comparison between Check Point NGFW and Cisco Secure Firewall based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Check Point users are happier with its VPN and with its pricing. However, Cisco Secure users are happier with its service and support.
"The most valuable features are the enterprise modeling and the simple interface."
"FortiGate has a strong security topic which allows all of the Fortinet devices to communicate and share information which makes their security more powerful."
"This is a quality product with ok support, and it is better than the competition we've tried."
"Whenever we raise a complaint with FortiGate, their response and resolution times are minimal."
"The most valuable features of Fortinet FortiGate are the APIs. They are the most widely known."
"Its stability is the most valuable."
"It's very good and very stable for businesses. It works very well."
"Overall, the pricing of the solution is very good. The product offers good value."
"I think the VSX has been the most valuable feature for us."
"The firewall feature and DDoS Protector, when turned on, keep away attacks from the outside. They also prevent users from accessing things on the Internet that they are not supposed to access."
"The simplicity of the access control is the most valuable feature for us. It gives us the ability to easily identify traffic that is either being allowed or denied to our network."
"The uncomplicated configuration ensures that mistakes are avoided and rules are easily audited."
"AV, IPS, AntiSpam, Sandbox. That's gentlemen set for any basic security, and it was implemented very well. In our reports, the most exciting results belong to AV and IPS. It can be explained by using ThreatCloud - a global knowledge base, which accumulates signatures for all existing and new coming malware, and all the Check Point solutions are always up to date with potential threats."
"Some of the most valuable features are URL filtering, web filtering, and content filtering."
"Many problems have been solved with these firewalls and we've largely been very satisfied."
"It has allowed us to grow in a safe way and in accordance with our particular needs."
"At this point, we find that this product has high productivity and high availability and there is no need for improvement."
"Valuable features include DMZ segmentation, and IDS and IPS."
"The best solutions for our company are those we have yet to implement so it will be even better in the future for us than it already is."
"The features that are most valuable within the firewall are the IPS as well as the Unified Communications. We also really like the dynamic grouping."
"I have integrated it for incidence response. If there is a security event, the Cisco firewall will automatically block the traffic, which is valuable."
"The high-availability and remote VPN features are most valuable."
"The user interface is very easy to manage and find rules. You can do object searches, which are very easy. Also, the logging is very simple to use. So, it is a lot easier to troubleshoot and find items inside the firewall."
"For business purposes, it's a very detailed solution, which is it's greatest benefit, as you can get almost any piece of information you need from the solution. It allows for admins to be able to troubleshoot pretty easily."
"The initial setup and configuration are not intuitive and require training."
"In the balance between links feature normally you can just choose one option to balance. It would be better for the solution to have more than one option, preferably three."
"Backup can be improved."
"It should come integrated or have its own type of network monitor tool in a module. There should just be one package, and you are good to go."
"Fortinet should focus on enhancing the capabilities of FortiGate by consolidating its various products, such as FortiGate Cloud, FortiManager, and FortiAnalyzer."
"They should improve the interface to make it more user-friendly."
"The initial setup is complex."
"With the reports, you can see it, and you can get good feelings so upper management can go, "Oh, wow. That looks pretty." However, it's very basic."
"In our particular case, we have different web applications developed by the same organization, however, that requires a specialized protection element such as a WAF. Having this service or feature within the same solution would be very valuable."
"We would like to see constant improvement in anti-malware functionality and anti-threat protection."
"The documentation could be better."
"One thing to improve is the VSX gateway. It is quite complex to work with VSX and they are quite easy to break if you aren't familiar with them."
"The firewall throughput or performance reduces drastically after enabling each module/blade."
"Hopefully, in the future, these will be much more plug-and-play and orchestrated from a single administration console."
"No product is perfect and there is always room for improvement."
"Internet load balancing provides either active/passive or active/active load balancing, however, I would like to see more options that provide SD-WAN capabilities while also allowing for more than two links."
"The solution needs to have better logging features."
"I think they need to review their whole UI because it feels like it was created by a whole bunch of different teams of developers who didn't fully talk to each other. The net policy screen is just a mess. It should look like the firewall policy screen, and they should both act the same, but they don't. I feel like it's two different buildings or programming, who don't talk to each other, and that really annoys me."
"The visibility for VPN is one big part. The policy administration could be improved in terms of customizations and flexibility for changing it to our needs."
"Cisco Firepower is not completely integrated with Active Directory. We are trying to use Active Directory to restrict users by using some security groups that are not integrated within the Cisco Firepower module. This is the main issue that we are facing."
"One of the problems that we have had is the solution requires Java to work. This has caused some problems with the application visibility and control. When the Java works, it is good, but Java wasn't a good choice. I don't like the Java implementation. It can be difficult to work with sometimes."
"These firewalls are not for beginners."
"One of the challenges we've had with the Cisco ASA is the lack of a strong controller or central management console that is dependable and reliable all the time."
"My team tells me that other solutions such as Fortinet and Palo Alto are easier to implement."
Check Point NGFW is ranked 5th in Firewalls with 275 reviews while Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews. Check Point NGFW is rated 8.8, while Cisco Secure Firewall is rated 8.2. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Netgate pfSense, Azure Firewall and OPNsense, whereas Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and OPNsense. See our Check Point NGFW vs. Cisco Secure Firewall report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.