"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government."
"Provides good integrations and reporting."
"It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective."
"There are no issues that we are aware of. It does its job silently in the background."
"The most valuable features of this solution are advanced malware protection, IPS, and IDS."
"Feature-wise, we mostly use IPS because it is a security requirement to protect against attacks from outside and inside. This is where IPS helps us out a bunch."
"The customer service/technical support is very good with this solution."
"IPS and Snort are very important because they also differentiate Cisco from other vendors and competitors."
"The most valuable features of pfSense are the reports, monitoring, filtration, and blocking incoming and outgoing traffic."
"The solution is very easy to use and configure."
"The GUI is easy to understand."
"I especially like the VPN part. It works like a charm."
"pfSense is easy to use, has user-friendly dashboards, and useful blocking features."
"At our peak time, we have reached more than 5,000 concurrent connections."
"It is a stable solution. It is also easy to install and can be deployed and maintained by one team member."
"Sophos Intercept X is scalable. Currently, we have almost 30 people using it in our company."
"I believe that the current feature set of the device is very good and the only thing that Cisco should work on is improving the user experience with the device."
"FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively."
"My team tells me that other solutions such as Fortinet and Palo Alto are easier to implement."
"The change-deployment time can always be improved. Even at 50 seconds, it's longer than some of its competitors. I would challenge Cisco to continue to improve in that area."
"I'm not a big fan of the FDM (Firepower Device Manager) that comes with Firepower. I found out that you need to use the Firepower Management Center, the FMC, to manage the firewalls a lot better. You can get a lot more granular with the configuration in the FMC, versus the FDM that comes out-of-the-box with it. FDM is like Firepower for dummies."
"The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore."
"They could improve by having more skilled, high-level engineers that are available around the clock. I know that's an easy thing to say and a hard thing to do."
"An area of improvement for this solution is the console visualization."
"Lacks instructional videos."
"We are at the moment looking to use it as a proxy service so that we can limit what websites people go and view and that sort of thing. That's an area I've struggled with a little bit at the moment and it could be a bit easier to set up."
"The integration of pfSense with EPS and EDS could be better. Also, it should be easier to get reports on how many users are connecting simultaneously and how sections connect in real-time."
"The technical support needs to be improved."
"We had training from an advisor for the configuring of this solution and it was not difficult. However, if we were not trained it would have been not as easy."
"Could be simplified for new users."
"The usage reports can be better."
"In an upcoming release, the reporting could be more user-friendly. For example, the reporting in graphs and charts for the host can be cumbersome."
Cisco Firepower Next-Generation Firewall (NGFW) is a firewall that provides capabilities beyond those of a standard firewall and delivers comprehensive, unified policy management of firewall functions, application control, threat prevention, and advanced malware protection from the network to the endpoint.
Cisco NGFW Firewalls include advanced threat defense capabilities to meet diverse needs, from small offices to high-performance data centers and service providers, and are deployed in leading private and public clouds. Available in a wide range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Cisco NGFW firewalls are also available with clustering for increased performance, high availability configurations, and more.
Key Features of Cisco NGFW Firewalls
Reviews from Real Users
Cisco NGFW stands out among its competitors for a number of reasons. Two major ones are its extensive discovery abilities that enable you to constantly see what is happening on your network and take action when necessary, and the high level of protection it provides.
Mike B., a director of IT security at a wellness & fitness company, writes, "It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective."
Zhulien K., the lead network security engineer at TechnoCore LTD, notes, " The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy. Again, with that being said, I cannot shy away from giving kudos to all of the other features such as AVC (Application Visibility and Control), SSL Decryption, Identity policy, Correlation policy, REST API, and more. All of the features that are incorporated in the Cisco Firepower NGFW are awesome and easy to configure if you know what you are doing. Things almost always work, unless you hit a bug, which is fixed with a simple software update. "
pfSense is a free and open-source operating system for routers and firewalls, and is typically configured as DHCP server, DNS server, WiFi access point, VPN server, all running on the same hardware device. It is operated through a user-friendly web interface, making administration easy even for users with limited networking knowledge.
In addition, pfSense is feature-rich, has a mature platform, is customizable, is flexible by design, and can be used on a small home router as well as run the entire network of a large corporation. pfSense puts you in control of your networking, is regularly updated, and works to promptly patch security issues. pfSense has recently become the favored alternative to the industry leader, Cisco.
pfSense Key Features
pfSense has many key features and capabilities, including:
Reviews from Real Users
Below is some feedback from PeerSpot Users who are currently using the solution.
Bojan O., CEO at In.sist d.o.o., says, “The classic features, such as content inspection, content protection, and the application-level firewall, are the most important."
Another PeerSpot user, a chef at a media company, explains what he finds most valuable about pfSense: "The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is."
T.O., a VP of Business Development at a tech services company, mentions, "What I found most valuable is the cost of the platform, the flexibility of the platform, and the fact that the ongoing fees are not there as they are with the competitor."
Cisco Firepower NGFW Firewall is ranked 5th in Firewalls with 53 reviews while pfSense is ranked 2nd in Firewalls with 58 reviews. Cisco Firepower NGFW Firewall is rated 8.2, while pfSense is rated 8.6. The top reviewer of Cisco Firepower NGFW Firewall writes "The ability to implement dynamic policies for dynamic environments is important, given the fluidity in the world of security". On the other hand, the top reviewer of pfSense writes "Feature-rich, well documented, and there is good support available online". Cisco Firepower NGFW Firewall is most compared with Fortinet FortiGate, Cisco ASA Firewall, Meraki MX, Palo Alto Networks WildFire and Azure Firewall, whereas pfSense is most compared with OPNsense, Fortinet FortiGate, Sophos XG, Untangle NG Firewall and Zyxel Unified Security Gateway. See our Cisco Firepower NGFW Firewall vs. pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.