"The solution offers very easy configurations."
"The implementation is pretty straightforward."
"The most valuable features of this solution are the integrations and IPS throughput."
"The Adversity Malware Protection (AMP) feature is the most valuable. It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard."
"I have access to the web version of Cisco Talos to see the reputation of IP addresses. I find this very helpful. It provides important information for my company to obtain the reputation of IP addresses. The information in Talos is quite complete."
"If configured, Firepower provides us with application visibility and control."
"You do not have to do everything through a command line which makes it a lot easier to apply rules."
"The most important features are the intrusion prevention engine and the application visibility and control. The Snort feature in Firepower is also valuable."
"The most valuable feature of the firewall is the packet inspection. That is an amazing feature from Check Point."
"I think that the most valuable feature is the prevention of known and zero-day threats because they are constantly trying to access your company and compromise its data."
"Policy configuration has been consistent over the years, so there is not much of a learning curve as upgrades are released."
"The best feature is the ability to increase the capacity of the solution by exactly what you add, not losing anything for High Availability."
"By deploying Check Point, it has made it easier to manage everything from a single interface. The management dashboard and policies are on its single pane of glass."
"The activation of additional features is very easy and well documented."
"Even though Check Point NGFW provides a set of security features that enforce protection on the network, the most valuable aspect is also the most used feature: the plain and simple firewall component. This is the core of the product and works to a great extent without the need for all other available bells and whistles."
"The management platform and the dashboard, the graphical user interface, is one of the best, if not the best, in the business. It's the most intuitive and it's really user-friendly in day-to-day operations."
"Sophos XG protects our network from advanced threats."
"The solution is a next generation firewall and we have gotten good customer feedback."
"We created and configured a VPN for connecting our remote sites and also to make it more secure and reliable. We also like its two-factor authentication features."
"It's a product that is in continuous improvement and is following what the customer is asking for. They are taking inputs and designing new releases specifically according to the client and their needs."
"We've had good experiences with technical support."
"The most valuable is the synchronized security between Sophos XG and Sophos endpoint because it provides a lot of visibility about unknown applications. The endpoint shares the information of unknown applications, and you can learn about those applications and create policies to allow or block those applications."
"Dashboard is easy to use and the reporting offers a lot of detail."
"There are many valuable features."
"There is limited data storage on the appliance itself. So, you need to ship it out elsewhere in order for you to store it. The only point of consideration is around that area, basically limited storage on the machine and appliance. Consider logging it elsewhere or pushing it out to a SIEM to get better controls and manipulation over the data to generate additional metrics and visibility."
"The performance should be improved."
"FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively."
"My team tells me that other solutions such as Fortinet and Palo Alto are easier to implement."
"They need a VTI. I know it's going to be available in the next software version, which is the 6.7 version. However, the problem with that is that the 6.7 is going to deprecate all the older IKEv1 deployment tunnels. Therefore, the problem is that we have a lot of customers which are using older encryptions. If I do that, update it, it's not going to work for me."
"The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore."
"I believe that the current feature set of the device is very good and the only thing that Cisco should work on is improving the user experience with the device."
"Cisco Firepower NGFW Firewall can be more secure."
"The price of this product could be improved."
"When we hit a bug, the support team recommends some hotfix, and if we upgrade to that, we have to uninstall it before we apply some newer jumbo hotfix."
"One of the main features that need improvement is the rule filter export."
"Identity Awareness has been a massive source of problems for our deployment and the ability to debug it has been lacking."
"The software licensing model is too complicated with all the various tiers of SKUs (i.e. per software blade). They need to simplify this for easier purchasing and renewing."
"The only reasons we are looking at other solutions are price and integration."
"The antivirus feature is a little bit weak and should be improved."
"We find the GUI to be wrong and the CLI doesn't always show all of the connections."
"I would prefer if Sophos XG were cheaper. A lower price would benefit me as a system provider for the end customer. The cost of the license and renewal for all the software and devices is somewhat high."
"The pricing can be high unless you choose a longer contract."
"I think that the main area for improvement is the quality assurance of the updates."
"I am using the Azure Active Directory in my company and it was complicated to integrate this solution with Azure."
"I do prefer when updates come out a bit quicker."
"Recently, I've had a problem with updating things."
"Their tech support is not great."
"There are issues with electricity with this solution."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Offered via the Check Point Infinity architecture, Check Point’s NGFW includes 23 Firewall models optimized for running all threat prevention technologies simultaneously, including full SSL traffic inspection, without compromising on security or performance. Learn More about Next Generation Firewall and What is Firewall?
Sophos XG Firewall is next gen firewall that is optimized for today’s business, delivering all the protection and insights you need in a single, powerful appliance that’s easy to manage.
Check Point NGFW is ranked 2nd in Firewalls with 162 reviews while Sophos XG is ranked 5th in Firewalls with 130 reviews. Check Point NGFW is rated 8.8, while Sophos XG is rated 8.2. The top reviewer of Check Point NGFW writes "Central architecture means we can see an end-to-end picture of attacks". On the other hand, the top reviewer of Sophos XG writes "Light and stable with excellent real-time control ". Check Point NGFW is most compared with Fortinet FortiGate, Azure Firewall, Palo Alto Networks NG Firewalls, Meraki MX and Cisco ASA Firewall, whereas Sophos XG is most compared with Fortinet FortiGate, pfSense, Meraki MX, Palo Alto Networks NG Firewalls and SonicWall NSa. See our Check Point NGFW vs. Sophos XG report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.