Coming October 25: PeerSpot Awards will be announced! Learn more

Check Point NGFW vs Cisco Firepower NGFW Firewall comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary
Updated on September 5, 2022

We performed a comparison between Check Point NGFW vs Cisco Firepower NGFW Firewall

based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: Check Point NGFW users mostly feel its setup and deployment are somewhat complex. Most Cisco Firepower NGFW Firewall users say that setup and deployment is simple and straightforward.
  • Features: Users of both products are mostly happy with their flexibility, stability, and scalability, but some users mentioned scaling difficulties with Cisco Firepower NGFW Firewall.

    Check Point users appreciate its security blades and the ease of managing policies, along with its centralized management system. Some users mention that debugging is very complex when compared to competitors.

    Cisco Firepower users like its IPS along with the Geotagging and the Geosync features, and cloud and analysis monitoring. However, they mention that there is limited data storage on the appliance and that dashboarding could be improved.
  • Pricing: Users of both products report that they are pricey but worthwhile. Some Check Point users mention dissatisfaction with the licensing structure and bundles, while Cisco Firepower NGFW Firewall users mostly report fair pricing.
  • ROI: Users of both products mention being pleased with the high ROI.
  • Service and Support: Check Point users report patchy support. It seems that getting to a person with the right knowledge is hit or miss, whereas Cisco Firepower NGFW Firewall users report that support is consistently helpful and excellent.

Comparison Results: Cisco Firepower NGFW Firewall has an edge in this comparison because it received higher marks in the ease of deployment, pricing, and service and support categories.

To learn more, read our detailed Check Point NGFW vs. Cisco Firepower NGFW Firewall report (Updated: August 2022).
634,775 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"My customers cite performance and ease of configuration as two of the solution's most valuable features.""It provides access to the Internet for corporate resources in a secure manner.""All of the features are very valuable, but the most valuable features are the sandboxing and the advanced IPS/IDS.""We can decipher the activity of each connection and see what is inside it.""The fact that these can be separated and made in different layers provides excellent convenience for the administrators who regulate the rules.""Check Point has a centralized console that makes it possible to manage all the deployed equipment. It also has a built-in VPN service that lets users connect through VPN to our organization, which facilitates teleworking while cutting off unauthorized access to the organization's internal network.""We can also run policies with two or more people simultaneously without problems or the risk of developing the wrong policy.""Check Point has a really cool GUI."

More Check Point NGFW Pros →

"The most important features are the intrusion prevention engine and the application visibility and control. The Snort feature in Firepower is also valuable.""The most valuable feature is the Intrusion Prevention System.""We have not had to deal with stability issues.""The most valuable feature would be ASDM. The ability to go in, visualize and see the world base in a clear and consistent manner is very powerful.""I'm a big fan of SecureX, Cisco's platform for tying together all the different security tools. It has a lot of flexibility and even a lot of third-party or non-Cisco integration. I feel like that's a really valuable tool.""If you compare the ASA and the FirePOWER, the best feature with FirePOWER is easy to use GUI. It has most of the same functionality in the Next-Generation FirePOWER, such as IPS, IPS policies, security intelligence, and integration and identification of all the devices or hardware you have in your network. Additionally, this solution is user-friendly.""Cisco's technical support is the best and that's why everybody implements their products.""The main thing that I love the most is its policy and objects. Whenever I try to give access to a user, I can create an object via group creation in the object fields. This way, I am not able to enter a user in the policy repeatedly."

More Cisco Firepower NGFW Firewall Pros →

Cons
"The quality of the console should be improved in terms of aesthetics.""The price of this product could be improved.""Check Point should add additional management choices.""Identity Awareness has been a massive source of problems for our deployment and the ability to debug it has been lacking.""Third-party integration could be improved.""Pricing for the gateways is too high as compared to the other vendors.""Check Point is a bit difficult to use and manage so it would be nice to see some improvement in those areas.""The one thing I have been continually asking for is a more robust certification process including self-paced study material similar to Cisco's Security certification track."

More Check Point NGFW Cons →

"The initial setup could be simplified, as it can be complex for new users.""There is limited data storage on the appliance itself. So, you need to ship it out elsewhere in order for you to store it. The only point of consideration is around that area, basically limited storage on the machine and appliance. Consider logging it elsewhere or pushing it out to a SIEM to get better controls and manipulation over the data to generate additional metrics and visibility.""The ability to better integrate with other tools would be an improvement.""Cisco Firepower is not completely integrated with Active Directory. We are trying to use Active Directory to restrict users by using some security groups that are not integrated within the Cisco Firepower module. This is the main issue that we are facing.""One of the few things that are brought up is that for the overall management, it would be great to have a cloud instance of that. And not only just a cloud instance, but one of the areas that we've looked at is using an HA type of cloud. To have the ability to have a device file within a cloud. If we had an issue with one, the other one would pick up automatically.""The reporting and other features are nice, but there is an issue with applying the configuration. That part needs some improvement.""They need a VTI. I know it's going to be available in the next software version, which is the 6.7 version. However, the problem with that is that the 6.7 is going to deprecate all the older IKEv1 deployment tunnels. Therefore, the problem is that we have a lot of customers which are using older encryptions. If I do that, update it, it's not going to work for me.""The initial setup can be a bit complex for those unfamiliar with the solution."

More Cisco Firepower NGFW Firewall Cons →

Pricing and Cost Advice
  • "The pricing and licensing part is something that could be improved. Check Point license and pricing are a bit higher compared to competing firewalls. I think they can work on that."
  • "The price could be decreased, because the competitors of Check Point Firewall are giving lower prices in comparison."
  • "The pricing is good. It is less than Palo Alto's firewalls. Check Point has the same features as Palo Alto, but the licensing and cost of these firewalls are not too expensive. It is one of the best firewalls in the market in this range."
  • "I think that the pricing is different for every organization."
  • "The cost of the pricing and licensing are okay. They are giving me a good product as far as I know. It is more expensive than Cisco, but cheaper than Palo Alto, which is fine. It has many good features, so it deserves a good price as well."
  • "They sell it in one box. In that one box, they sell Antivirus and Threat Prevention. They have everything, so we are not required to purchase additional IPS hardware for it."
  • "It is more expensive than Cisco ASA but cheaper than Palo Alto."
  • "Each blade requires that you have a license."
  • More Check Point NGFW Pricing and Cost Advice →

  • "Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed."
  • "This product requires licenses for advanced features including Snort, IPS, and malware detection."
  • "This product is expensive."
  • "For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
  • "The price of Firepower is not bad compared to other products."
  • "The solution was chosen because of its price compared to other similar solutions."
  • "The price is comparable."
  • "It definitely competes with the other vendors in the market."
  • More Cisco Firepower NGFW Firewall Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    634,775 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:I have experience on both from Disti and channel experience. Please find below my comments (nothing new as such). -Check Point GUI is a bit complicated,  -Application and Web filtering are better… more »
    Top Answer:Azure Firewall is easy to use and provides excellent support. Valuable features include integration into the overall cloud platform, autoscaling, and the ability for users to create virtual IP… more »
    Top Answer:The central management console has helped with segregation, where planned interventions with management consoles do not have any impact on production or critical business traffic.
    Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and usage at large. In my opinion, Fortinet would be the best option and l use… more »
    Top Answer: The Cisco Firepower NGFW Firewall is a very powerful and very complex piece of anti-viral software. When one considers that fact, it is all the more impressive that the setup is a fairly… more »
    Top Answer:It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco ecosystem, it is very simple to handle. This solution has traffic inspection and… more »
    Ranking
    3rd
    out of 48 in Firewalls
    Views
    25,996
    Comparisons
    18,069
    Reviews
    161
    Average Words per Review
    598
    Rating
    8.9
    7th
    out of 48 in Firewalls
    Views
    46,795
    Comparisons
    30,130
    Reviews
    48
    Average Words per Review
    947
    Rating
    8.2
    Comparisons
    Also Known As
    Check Point NG Firewall, Check Point Next Generation Firewall
    Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
    Learn More
    Overview

    Check Point NGFW is a next generation firewall that enables safe usage of internet applications by blocking malicious applications and unblocking safe applications. Check Point NGFW, which uses deep packet inspection to identify and control applications, has features such as application and user control and integrated intrusion prevention (IPS), as well as more advanced malware prevention capabilities like sandboxing.

    Check Point NGFW includes 23 firewall models optimized for running all threat prevention technologies simultaneously, including full SSL traffic inspection, without compromising on security or performance.

    Benefits of Check Point's Next Generation Firewall

    • Robust security: Check Point NGFW delivers the best possible threat prevention with SandBlast Zero Day protection. The SandBlast protection agent constantly inspects passing network traffic for exploits and vulnerabilities. Suspicious files are then emulated in a virtual sandbox in order to detect and report malicious behavior.

    • Security at hyperscale: On-demand hyperscale threat prevention performance provides cloud level expansion and resiliency on premises.

    • Unified management: Check Point's SmartConsole makes it easy to manage and configure network security environments and policies. With the SmartConsole, users can manage all the firewall gateways and access logs and install databases from one location. Unified management control across the network increases the efficiency of security operations and reduces IT costs.
    • Continuous logging: Check Point NGFW’s Threat Management feature detects vulnerabilities and logs them. Using the logged data, users can easily create and implement efficient security policies.

    • Remote access: The remote access VPN provides a seamless connection for remote users.

    Check Point NGFW is suitable for organizations of all sizes, from small businesses to larger enterprises.

    Reviews from Real Users

    Check Point NGFW stands out among its competitors for a number of reasons. Two major ones are its intrusion prevention feature as well as its centralized management, which makes it very easy to deploy firewall policies to many firewalls with one click.

    Shivani J., a network security administrator, writes, "Check Point has a lot of features. The ones I love are the antivirus, intrusion prevention, and data loss prevention."

    G., a network administrator at Secretaría de Finanzas de Aguascalientes, writes, “Within the organization, the inspection of packages has given us great help in detecting traffic that may be a threat to the institution. The configuration of policies has allowed us to maintain control of access and users for each institution that is incorporated into our headquarters.”

    Arun J., a senior network engineer, notes, “The nicest feature is the centralized management of multiple firewalls. With the centralized management, we can easily use and operate multiple firewalls as well as create a diagram of them.”

    Cisco Firepower Next-Generation Firewall (NGFW) is a firewall that provides capabilities beyond those of a standard firewall and delivers comprehensive, unified policy management of firewall functions, application control, threat prevention, and advanced malware protection from the network to the endpoint.

    Cisco NGFW Firewalls include advanced threat defense capabilities to meet diverse needs, from small offices to high-performance data centers and service providers, and are deployed in leading private and public clouds. Available in a wide range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Cisco NGFW firewalls are also available with clustering for increased performance, high availability configurations, and more.

    Key Features of Cisco NGFW Firewalls

    • Breach prevention and advanced security: Prevent attacks before they get inside. Cisco provides its firewalls with the latest intelligence to stop emerging threats and employs filtering to enforce policies on hundreds of millions of URLs. Cisco NGFW offers built-in sandboxing and advanced malware protection that continuously analyzes file behavior to quickly detect and eliminate threats.

    • Comprehensive network visibility: Constantly monitor your network so you can rapidly spot and stop bad behavior. Cisco NGFW provides a holistic view of all activity and provides a clear picture of threat activity across users, hosts, networks, and devices, as well as information on threats and website, application, and VM activities.

    • Flexible management and deployment options: Centrally deploy, customize, and manage all your appliances.

    • Fast detection: Detect threats in seconds and detect the presence of a successful breach within hours or minutes. Cisco NGFW allows you to deploy consistent policy that's easy to maintain, with automatic enforcement across all the different parts of your organization.

    • Automation and product integrations: Seamlessly integrate with Cisco tools and automatically share threat information, event data, policy, and contextual information with email, web, endpoint, and network security tools. Cisco NGFW automates security tasks like impact assessment, policy management and tuning, and user identification.

    Reviews from Real Users

    Cisco NGFW stands out among its competitors for a number of reasons. Two major ones are its extensive discovery abilities that enable you to constantly see what is happening on your network and take action when necessary, and the high level of protection it provides.

    Mike B., a director of IT security at a wellness & fitness company, writes, "It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective."

    Zhulien K., the lead network security engineer at TechnoCore LTD, notes, " The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy. Again, with that being said, I cannot shy away from giving kudos to all of the other features such as AVC (Application Visibility and Control), SSL Decryption, Identity policy, Correlation policy, REST API, and more. All of the features that are incorporated in the Cisco Firepower NGFW are awesome and easy to configure if you know what you are doing. Things almost always work, unless you hit a bug, which is fixed with a simple software update. "

    Offer
    Learn more about Check Point NGFW
    Learn more about Cisco Firepower NGFW Firewall
    Sample Customers
    Control Southern, Optimal Media
    Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield
    Top Industries
    REVIEWERS
    Financial Services Firm25%
    Computer Software Company16%
    Comms Service Provider8%
    Government6%
    VISITORS READING REVIEWS
    Comms Service Provider21%
    Computer Software Company19%
    Financial Services Firm8%
    Government7%
    REVIEWERS
    Comms Service Provider19%
    Financial Services Firm17%
    Government13%
    Manufacturing Company6%
    VISITORS READING REVIEWS
    Comms Service Provider19%
    Computer Software Company19%
    Government8%
    Educational Organization5%
    Company Size
    REVIEWERS
    Small Business28%
    Midsize Enterprise19%
    Large Enterprise53%
    VISITORS READING REVIEWS
    Small Business24%
    Midsize Enterprise20%
    Large Enterprise56%
    REVIEWERS
    Small Business39%
    Midsize Enterprise26%
    Large Enterprise35%
    VISITORS READING REVIEWS
    Small Business28%
    Midsize Enterprise18%
    Large Enterprise55%
    Buyer's Guide
    Check Point NGFW vs. Cisco Firepower NGFW Firewall
    August 2022
    Find out what your peers are saying about Check Point NGFW vs. Cisco Firepower NGFW Firewall and other solutions. Updated: August 2022.
    634,775 professionals have used our research since 2012.

    Check Point NGFW is ranked 3rd in Firewalls with 162 reviews while Cisco Firepower NGFW Firewall is ranked 7th in Firewalls with 53 reviews. Check Point NGFW is rated 9.0, while Cisco Firepower NGFW Firewall is rated 8.2. The top reviewer of Check Point NGFW writes "Offers a lot of flexibility and packet inspections have been a strong point". On the other hand, the top reviewer of Cisco Firepower NGFW Firewall writes "The ability to implement dynamic policies for dynamic environments is important, given the fluidity in the world of security". Check Point NGFW is most compared with Fortinet FortiGate, Palo Alto Networks NG Firewalls, Azure Firewall, pfSense and Cisco ASA Firewall, whereas Cisco Firepower NGFW Firewall is most compared with Fortinet FortiGate, Cisco ASA Firewall, Meraki MX, Palo Alto Networks WildFire and pfSense. See our Check Point NGFW vs. Cisco Firepower NGFW Firewall report.

    See our list of best Firewalls vendors.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.