"One of the most valuable features is the AMP. It's very good and very reliable when it comes to malicious activities, websites, and viruses."
"A good intrusion prevention system and filtering."
"It's got the capabilities of amassing a lot of throughput with remote access and VPNs."
"I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection."
"I have access to the web version of Cisco Talos to see the reputation of IP addresses. I find this very helpful. It provides important information for my company to obtain the reputation of IP addresses. The information in Talos is quite complete."
"Feature-wise, we mostly use IPS because it is a security requirement to protect against attacks from outside and inside. This is where IPS helps us out a bunch."
"The Adversity Malware Protection (AMP) feature is the most valuable. It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard."
"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government."
"SonicWall NSA is easy to deploy, easy to maintain, and easy to configure."
"Setup is easy. Anyone with basic firewall experience can do it."
"It has excellent stability."
"Easy to setup and implement"
"The prices are similar to other vendors and the support is good."
"The basic firewall rules of the solution are great."
"Deep packet inspection and intelligent application control are the most valuable features. It is a very updated solution. It is very current as compared to other brands and vendors."
"They offer good antivirus solutions."
"One issue with Firepower Management Center is deployment time. It takes seven to 10 minutes and that's a long time for deployment. In that amount of time, management or someone else can ask me to change something or to provide permissions, but during that time, doing so is not possible. It's a drawback with Cisco. Other vendors, like Palo Alto or Fortinet do not have this deployment time issue."
"The performance should be improved."
"I would like to see improvement when you create policies on Snort 3 IPS on Cisco Firepower. On Snort 2, it was more like a UI page where you had some multiple choices where you could tweak your config. On Snort 3, the idea is more to build some rules on the text file or JSON file, then push it. So, I would like to see a lot of improvements here."
"Its interface is sometimes is a little bit slow, and it can be improved. When you need to put your appliance in failover mode, it is a little difficult to do it remotely because you need to turn off the appliance in Cisco mode. In terms of new features, it would be good to have AnyConnect VPN with Firepower. I am not sure if it is available at the moment."
"FirePOWER does a good job when it comes to providing us with visibility into threats, but I would like to see a more proactive stance to it."
"I believe that the current feature set of the device is very good and the only thing that Cisco should work on is improving the user experience with the device."
"One of the few things that are brought up is that for the overall management, it would be great to have a cloud instance of that. And not only just a cloud instance, but one of the areas that we've looked at is using an HA type of cloud. To have the ability to have a device file within a cloud. If we had an issue with one, the other one would pick up automatically."
"An area of improvement for this solution is the console visualization."
"Do not even consider NetExtender - probably one of the most horrific, nightmare grade Java-based VPN clients. We have but all given up trying to make it work reliably."
"Initially, it may be difficult for some people to learn and become acquainted with it."
"Needs a more detailed reporting feature."
"I'd like to see integration with Microsoft 365 for authentication."
"Sometimes I found the GUI and some of the features a little bit hard to navigate, as opposed to Fortigate, which is much more user-friendly."
"We're not particularly fond of the way it generally performs. We are finding ourselves rebooting often. There are freeze-ups and that kind of thing. The stability needs to improve exponentially."
"The anti-spam requires a specific Java version on the server side (do not update it, otherwise it will break)."
"The reporting feature could be better because most of the companies want to have the analytics included, which is something that you have to buy separately."
More Cisco Firepower NGFW Firewall Pricing and Cost Advice →
Cisco Firepower NGFW Firewall is ranked 4th in Firewalls with 41 reviews while SonicWall NSa is ranked 17th in Firewalls with 38 reviews. Cisco Firepower NGFW Firewall is rated 8.4, while SonicWall NSa is rated 7.8. The top reviewer of Cisco Firepower NGFW Firewall writes "The ability to implement dynamic policies for dynamic environments is important, given the fluidity in the world of security". On the other hand, the top reviewer of SonicWall NSa writes "A rugged solution capable of defeating advanced threats". Cisco Firepower NGFW Firewall is most compared with Fortinet FortiGate, Cisco ASA Firewall, Palo Alto Networks WildFire, Meraki MX and Sophos UTM, whereas SonicWall NSa is most compared with Meraki MX, Fortinet FortiGate, WatchGuard Firebox, SonicWall TZ and Palo Alto Networks NG Firewalls. See our Cisco Firepower NGFW Firewall vs. SonicWall NSa report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
