We performed a comparison between Cisco Firepower NGFW Firewall and Palo Alto Networks WildFire based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Firepower is the winner in this comparison. It is relatively easy to deploy and is a fast and stable product with good customer support. In addition, compared to WildFire, it is reasonably priced.
"The implementation is pretty straightforward."
"I have integrated it for incidence response. If there is a security event, the Cisco firewall will automatically block the traffic, which is valuable."
"The most valuable features of this solution are the integrations and IPS throughput."
"With Cisco, there are a lot of features such as the network map. Cisco builds the whole network map of the machines you have behind your firewall and gives you insight into the vulnerabilities and attributes that the host has. Checkpoint and Fortinet don't have that functionality directly on the firewall."
"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government."
"The main thing that I love the most is its policy and objects. Whenever I try to give access to a user, I can create an object via group creation in the object fields. This way, I am not able to enter a user in the policy repeatedly."
"If configured, Firepower provides us with application visibility and control."
"You do not have to do everything through a command line which makes it a lot easier to apply rules."
"The most valuable features of this solution are sandbox capabilities."
"I love the idea of Palo Alto Networks WildFire. It's more geared toward preventing malware. If someone's laptop or phone is malware-infected, the tool prevents it from uploading valuable corporate data outside the corporate network. That's what I love about Palo Alto Networks WildFire. It stops malware in its tracks."
"We have found that Palo Alto Networks WildFire is scalable. We currently have six thousand users for the product."
"It gives a more accurate assessment of a virus in terms of whether it's truly a virus, malware, or a false positive. We have some legacy software that could pop up as being something that is malware. WildFire goes through and inspects it, and then it comes back and lets us know if it's a false positive. Usually, when it finds out that it's not a virus, it lets us know that it's benign, and it can exclude it from that scan, which means I don't even have to worry about that one popping up anymore."
"The scalability is acceptable."
"The backup is the best feature."
"Intuitive threat prevention and analysis solution, with a machine learning feature. Scalable, stable, and protects against zero-day threats."
"The most valuable features are all of the security features in terms of protection and SSL and VPN."
"The performance should be improved."
"It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience."
"I would like to see improvement when you create policies on Snort 3 IPS on Cisco Firepower. On Snort 2, it was more like a UI page where you had some multiple choices where you could tweak your config. On Snort 3, the idea is more to build some rules on the text file or JSON file, then push it. So, I would like to see a lot of improvements here."
"Deploying configurations takes longer than it should."
"The solution could offer better control that would allow the ability to restrictions certain features from a website."
"Most of the features don't work well, and some features are missing as well."
"Cisco makes horrible UIs, so the interface is something that should be improved."
"The application detection feature of this solution could be improved as well as its integration with other solutions."
"The cost of the solution is excessively high."
"Our main concern is that everything has to be synced with the WildFire Cloud and has to be checked through the subscription."
"In the future, Palo Alto could reduce the time it takes to process the file."
"The threat intelligence that we receiving in the reporting was not as expected. We were expecting more. Additionally, we should be able to whitelist a specific file based on a variety of attributes."
"Management and web filtering can be improved. There should also be better reporting, particularly around web filtering."
"The automation and responsiveness need improvement."
"I don't think it needs to improve anything, except maybe the speed to deploy the changes."
"The system performance degrades after the solution has been deployed for some time. The data that it gives us becomes a little bit slow. When you try to get some data for troubleshooting, it seems like it's working hard to extract that data."
Cisco Firepower Next-Generation Firewall (NGFW) is a firewall that provides capabilities beyond those of a standard firewall and delivers comprehensive, unified policy management of firewall functions, application control, threat prevention, and advanced malware protection from the network to the endpoint.
Cisco NGFW Firewalls include advanced threat defense capabilities to meet diverse needs, from small offices to high-performance data centers and service providers, and are deployed in leading private and public clouds. Available in a wide range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Cisco NGFW firewalls are also available with clustering for increased performance, high availability configurations, and more.
Key Features of Cisco NGFW Firewalls
Reviews from Real Users
Cisco NGFW stands out among its competitors for a number of reasons. Two major ones are its extensive discovery abilities that enable you to constantly see what is happening on your network and take action when necessary, and the high level of protection it provides.
Mike B., a director of IT security at a wellness & fitness company, writes, "It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective."
Zhulien K., the lead network security engineer at TechnoCore LTD, notes, " The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy. Again, with that being said, I cannot shy away from giving kudos to all of the other features such as AVC (Application Visibility and Control), SSL Decryption, Identity policy, Correlation policy, REST API, and more. All of the features that are incorporated in the Cisco Firepower NGFW are awesome and easy to configure if you know what you are doing. Things almost always work, unless you hit a bug, which is fixed with a simple software update. "
Cisco Firepower NGFW Firewall is ranked 7th in Firewalls with 52 reviews while Palo Alto Networks WildFire is ranked 1st in ATP (Advanced Threat Protection) with 18 reviews. Cisco Firepower NGFW Firewall is rated 8.2, while Palo Alto Networks WildFire is rated 8.2. The top reviewer of Cisco Firepower NGFW Firewall writes "The ability to implement dynamic policies for dynamic environments is important, given the fluidity in the world of security". On the other hand, the top reviewer of Palo Alto Networks WildFire writes "Intuitive, stable, and scalable zero-day threat prevention solution with a machine learning feature". Cisco Firepower NGFW Firewall is most compared with Fortinet FortiGate, Cisco ASA Firewall, Meraki MX, Check Point NGFW and pfSense, whereas Palo Alto Networks WildFire is most compared with Cisco ASA Firewall, Proofpoint Email Protection, Fortinet FortiGate, Juniper SRX and Zscaler Internet Access.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.