"One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful."
"We have not had to deal with stability issues."
"It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective."
"The most important feature is the intensive way you can troubleshoot Cisco Firepower Firewalls. You can go to the bit level to see why traffic is not handled in the correct way, and the majority of the time it's a networking issue and not a firewall issue. You can solve any problem without Cisco TAC help, because you can go very deeply under the hood to find out how traffic is flowing and whether it is not flowing as expected. That is something I have never seen with other brands."
"If you compare the ASA and the FirePOWER, the best feature with FirePOWER is easy to use GUI. It has most of the same functionality in the Next-Generation FirePOWER, such as IPS, IPS policies, security intelligence, and integration and identification of all the devices or hardware you have in your network. Additionally, this solution is user-friendly."
"The Firepower+ISE+AMP for endpoint integration is something that really stands it out with other vendor solutions. They have something called pxGrid and i think it is already endorsed by IETF. This allows all devices on the network to communicate."
"I have access to the web version of Cisco Talos to see the reputation of IP addresses. I find this very helpful. It provides important information for my company to obtain the reputation of IP addresses. The information in Talos is quite complete."
"I like the firewall features, Snort, and the Intrusion Prevention System (IPS)."
"We've had no issues with the scalability or the stability of this solution"
"It is very easy to use and manage. It is also very easy to scale."
"The most valuable feature is that we didn't have any problems with Meraki MX."
"It has the most advanced security features, for example, layer 3 and layer 7 firewall capabilities and the end team and IPS protection. It also has IPS, and it has very good functioning of cloning services. You don't actually have to touch the device. If you have multiple companies in different countries, you don't really require this device to be touched. You can get it delivered directly to any office of a country, and then you can simply put your configuration over the cloud. It's very simplified and easy to manage. It gives a very good granular visibility about your network. Earlier, a lot of things were lacking in the network. We were unable to identify where the problem was, but after implementing Meraki MX, we are able to dig down and identify where is the problem. We can easily and quickly identify the sources and the root causes of the issues."
"Meraki MX offers advanced filtration options, plus it behaves like a router and a firewall at the same time."
"Dual WAN connections are greatly simplified and point-to-point VPNs automatically connect regardless of what WAN connection is active."
"It has very good features; it's easy to use, configure, set up, and deploy."
"In general, Meraki MX is easy to work with."
"The product line does not address the SMB market as it is supposed to do. Cisco already has an on-premises sandbox solution."
"The initial setup was a bit complex. It wasn't a major challenge, but due to our requirements and network, it was not very straightforward but still easy enough."
"One of the few things that are brought up is that for the overall management, it would be great to have a cloud instance of that. And not only just a cloud instance, but one of the areas that we've looked at is using an HA type of cloud. To have the ability to have a device file within a cloud. If we had an issue with one, the other one would pick up automatically."
"The initial setup can be a bit complex for those unfamiliar with the solution."
"FirePOWER does a good job when it comes to providing us with visibility into threats, but I would like to see a more proactive stance to it."
"The visibility for VPN is one big part. The policy administration could be improved in terms of customizations and flexibility for changing it to our needs."
"An area of improvement for this solution is the console visualization."
"Deploying configurations takes longer than it should."
"The security is not as strong as it could be"
"Management can be improved in Meraki MX."
"Meraki tech support staff have a lot more visibility into your network than you do, which is frustrating at times. I understand the approach is to keep the dashboard easier to understand. This will frustrate more advanced users at times."
"We have been having a problem with the VPN. When the energy goes down and is back again, the VPN link doesn't get established. We have to manually turn off the modems and other pieces of equipment and manually establish the VPN. It has been around one month since we have been having this problem, and we don't have enough support from Meraki to solve the problem."
"In general, the SD-WAN feature needs to be improved. The load sharing and load balancing of the traffic should be improved. I have had some problems with these features in the past."
"They need to improve the link between Meraki and Active Directory."
"As far as what needs to be improved — nothing really comes to mind. It does what we need it to do."
"You can only have one tunnel in the whole infrastructure — one tunnel with one device."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Cisco Firepower NGFW Firewall is ranked 4th in Firewalls with 41 reviews while Meraki MX is ranked 1st in Unified Threat Management (UTM) with 17 reviews. Cisco Firepower NGFW Firewall is rated 8.4, while Meraki MX is rated 8.4. The top reviewer of Cisco Firepower NGFW Firewall writes "The ability to implement dynamic policies for dynamic environments is important, given the fluidity in the world of security". On the other hand, the top reviewer of Meraki MX writes "Makes it easy to stay on top of everything for security". Cisco Firepower NGFW Firewall is most compared with Fortinet FortiGate, Cisco ASA Firewall, Palo Alto Networks WildFire, Azure Firewall and Palo Alto Networks NG Firewalls, whereas Meraki MX is most compared with Fortinet FortiGate, Cisco ASA Firewall, Sophos XG, Palo Alto Networks NG Firewalls and SonicWall NSa. See our Cisco Firepower NGFW Firewall vs. Meraki MX report.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.