We performed a comparison between Cisco Secure Firewall, Fortinet FortiGate, and Sophos Cyberoam UTM based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."The setup was straightforward. I was happy with the configuration and deployment of the solution, as it was quick."
"We chose Cisco because it had the full package that we were looking for."
"I would say the Firepower module is most valuable. I'm trying more to transition to this kind firewall. I had to study a little on Palo Alto Networks equipment. There is a lot I have to learn about the difference."
"The features that are most valuable within the firewall are the IPS as well as the Unified Communications. We also really like the dynamic grouping."
"With Cisco, there are a lot of features such as the network map. Cisco builds the whole network map of the machines you have behind your firewall and gives you insight into the vulnerabilities and attributes that the host has. Checkpoint and Fortinet don't have that functionality directly on the firewall."
"The product offers good scalability."
"Manageability of Cisco ASA. It has a GUI interface, unlike the most of Cisco IOS. For beginners they can "sneak in" and apply the command and see the actual commands that the GUI launches. In addition, Cisco has the reputation regarding security."
"The user interface, the UI, is excellent on the solution."
"The solution has very good threat and content filtering switches."
"Its user interface is good, and it is always working fine."
"Fortigate represents a really scalable way of delivering perimeter network security, some level of layer 7 security, WAF, and also a way to create a meshed ADVPN solution."
"I like that you are able to manage FortiGate from the FortiManager to create a more centralized environment."
"The most important features with FortiGate are the web filter and application controls. We can control our internet usage and use the web filter for application purposes."
"The interface is very good."
"Fortigate is very scalable to serve our customers' needs. We have scaled already from fifty to more than a hundred instances of Fortinet FortiGate. Around 20 staff are required for deployment and maintenance, mostly engineers."
"The web filtering feature and the intrusion protection system are the most valuable. It is a resilient appliance. I never had an issue with it in terms of any security breaches."
"All in one UTM appliance."
"Web application filtering eases internet access control."
"Good user interface."
"Our customers find it economical and offers good security. These two features are key. Ease of installation and implementation are also key factors."
"The user interface is well laid out and understandable."
"The most valuable feature of this product is the threat protection."
"The VPN is excellent on the solution."
"The initial setup was straightforward."
"A major area of improvement would be to have more functionality in public clouds, especially in terms of simplifying it. The high availability doesn't work right now because of the limitations in the cloud."
"Cisco ASA is not a next-generation firewall product."
"Cisco still has a lot of work to do. You can convert an ASA over to a Firepower, but the competitors, like Palo Alto and Juniper, are coming in. And believe it or not, they are a little bit more intuitive. Cisco has a little bit more work to do. They're playing catch up."
"It is confusing to have two management interfaces, e.g., ASDM and Firepower Management Center."
"The management of the firewalls could be improved because there are a lot of bugs."
"Cisco provides us with application visibility and control, although it's not a complete solution compared to other vendors. Cisco needs to work on the application behavior side of things, in particular when it comes to the behavior of SSL traffic."
"The Cisco Firewall UI could be improved."
"ASDM can be improved."
"Cisco Meraki products are rising very quickly in the cloud and the connected era. Meraki products offer much better ROI, upgradability, and manageability."
"If they had better integration with security products, such as Cisco ISE or Rapid Threat Containment, then it would be an improvement."
"FortiGate should have a better way of detecting and managing the system memory because otherwise if the memory is too low, a system restart is required."
"It can be a little bit more user-friendly in terms of policy definition and implementation. It seems a little bit complicated, and it could be simplified."
"In the next release, maybe the documentation on how to use this solution could be improved."
"One of the problems I was having was with user mapping, and it is an issue for which I have escalated tickets with Fortinet support."
"They have to just improve its performance when we enable all UTM features. When you enable all the features, the performance of FortiGate, as well as of Sophos and SonicWall, goes down."
"In some cases, its initial setup could be hard for customers."
"I would like to see a better content management pack and also the website searching should be better."
"There is a lot or room for improvement, because it is still not a fourth or fifth generation firewall. It lacks security features."
"The solution's pricing could be a problem for some small businesses."
"Cyberoam UTM needs to have more certifications with third-parties, such as NSS Labs."
"Its scalability is not that great."
"It should have better VPN protection. Some of the VPN applications are not blocked by this firewall. Some VPNs are able to get through this firewall, which is why I am planning to replace this firewall with a good one in the near future."
"We use different workarounds and find different solutions for it, depending on the client's needs. We shouldn't have to, we should just be able to use the product as it comes with Cyberoam, rather than having to revert to other products."
"The price is obviously a more sensitive area to focus on."
