We performed a comparison between Cisco Secure Firewall and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."SSL-VPN is very useful for us and has been very reliable."
"This product is definitely scalable."
"The feature I like most is the SD-WAN. It allows you to manage more than one ISP at the same time. And there is a high-availability mode, so if one of your ISPs is down, you still have a backup."
"I'm pretty happy with its reliability. It is also very scalable."
"The notable features that I have found most valuable are that it includes the antivirus, and also IPS, and even SD-WAN."
"It's a user-friendly firewall. Most of the tasks are very simple. It's simple to configure and troubleshoot this firewall."
"We can detect any attack of viruses or malware at the first point of contact."
"The most important feature, normally for small business customers, is link load balancing."
"The most important feature is the VPN connection."
"The most valuable feature is IPS. It's a feature that's very interesting for tackling the most current attacks."
"One of the best features is the ease of use. It's also easy to teach new engineers to use the ASA CLI."
"Cisco's engineer helped us with a lot of scripting to see what existed. Previously, we didn't have a proper policy. In fact, we didn't have any policy because we didn't have any firewall for the data center, so generating a policy was a big challenge. Cisco's engineer helped us to do some scripting and find out what kind of policy we can have and organize those policies. That was nice."
"It's got the capabilities of amassing a lot of throughput with remote access and VPNs."
"Cisco ASA Firewall is a well known product. They're always updating it, and you know what they're doing and that it works."
"The most valuable feature is the access control list (ACL)."
"If configured, Firepower provides us with application visibility and control."
"The product is very easy to configure."
"Its ability to find zero-day threats, malware and anything malicious has greatly improved my customer's organization, especially for protecting the users' browser."
"Over the thirteen years of using the product, we have not experienced a single compromise in our environment. During the COVID period, we faced numerous DDoS attacks, and the tool proved highly effective in mitigating these threats."
"The most valuable feature is the view into the application."
"The solution can scale."
"Improved our systems and our customers' by providing better malware protection, defense against zero-day threats, and improved network security."
"The installation phase was easy."
"The scalability has not been a problem. We have deployed the product in very high bandwidth networks. We have never had a problem with the FireEye product causing latency issues within our networks."
"There are problems with the custom reporting of the unique traffic. The data is there, but it is too difficult for us to extract."
"I would like to see improvements in the product's application rules."
"Web security solutions can be improved."
"You do need some IT knowledge in order to effectively work with the solution."
"The pricing could be reduced or include the first year warranty."
"They should make the rule sets more understandable for the end user. When you're trying to explain to somebody how a computer network is secured, sometimes it's difficult for an end user or customer to understand. If there was a way to make the terminology more accessible to the end user, the set up could be easier. They should translate the technical jargon to an easily relatable and understandable conversation for the end user, the customer, that would be brilliant. Particularly in an environment where the IT structure is audited regularly, there's always pressure from the auditor to up the standards and up the security and you get your USCERT's that come out and there's a warning about this and the customer will want to lock out so much and when you apply it they run into issue where they can't search the internet or print to their remote office. Of course they can't print to your remote office, they just locked it up. They should make the language more understandable for the customer. If there's a product out there that made the jargon understandable to John Q. Public, I would buy that."
"There are some license issues. Not every feature must have a separate license. There must be some of kind synergy between the license so we don't have to pay for every individual license that we would like to have."
"Its filtering is sometimes too precise or strict. We sometimes have to bypass and authorize some of the sites, but they get blocked. We know that they are trusted sites, but they are blocked, and we don't know why."
"The pricing is a bit high."
"It is not easy to configure."
"We had an event recently where we had inbound traffic for SIP and we experienced an attack against our SIP endpoint, such that they were able to successfully make calls out... Both CTR, which is gathering data from multiple solutions that the vendor provides, as well as the FMC events connection, did not show any of those connections because there was not a NAT inbound which said either allow it or deny it."
"The worst part of the entire solution, and this is kind of trivial at times, is that management of the solution is difficult. You manage FireSIGHT through an internet browser. I've had Cisco tell me to manage it through Firefox because that's how they develop it. The problem is, depending on the page you're on, they don't function in the same way. The pages can be very buggy, or you can't resize columns in this one, or you can't do certain things in that one. It causes a headache in managing it."
"I would say that in inexperienced hands, the interface can be kind of overwhelming. There are just a lot of options. Too much, if you don't know what you are looking for or trying to do."
"I have found that Cisco reporting capabilities are not as rich as other products, so the reporting could be improved."
"I would like to see more integration with third-party devices in general. There is great integration with Cisco devices, but there's not much integration with third-party devices."
"Cisco suffers from some integration issues with other products... There is a problem with the Cisco Catalyst Switches in terms of assembling bursts and having them interact properly with the Cisco Firepower."
"The initial setup was complex because of the nature of our environment. When it comes to the type of applications and functions which we were looking at in terms of identifying malicious threats, there would be some level of complexity, if we were doing it right."
"The product's integration capabilities are an area of concern where improvements are required."
"There is a lot of room for Improvement in the offering, from cost to functionality. It is pretty straightforward to implement which is an advantage. However, it falls short in pricing, detection capabilities, and, most importantly, reporting and policy management."
"It is an expensive solution."
"Based on what we deployed, they should emphasize the application filtering and the web center. We need to look deeper into the SSM inspection. If we get the full solution with that module, we don't need to get the SSM database from another supplier."
"It would be a good idea if we could get an option to block based upon the content of an email, or the content of a file attachment."
"It doesn't connect with the cloud, advanced machine learning is not there. A known threat can be coming into the network and we would want the cloud to look up the problem. I would also like to see them develop more file replication and machine learning."
"A better depth of view, being able to see deeper into the management process, is what I'd like to see."
More Trellix Network Detection and Response Pricing and Cost Advice →
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Trellix Network Detection and Response is ranked 9th in Advanced Threat Protection (ATP) with 35 reviews. Cisco Secure Firewall is rated 8.2, while Trellix Network Detection and Response is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Blocks traffic and DDoS attacks ". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Palo Alto Networks NG Firewalls, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Vectra AI and Netgate pfSense.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.