"I like the firewall features, Snort, and the Intrusion Prevention System (IPS)."
"We have not had to deal with stability issues."
"One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful."
"Firepower has been used for quite a few enterprise clients. Most of our clients are Fortune 500 and Firepower is used to improve their end to end firewall functionality."
"Provides good integrations and reporting."
"Another benefit has been user integration. We try to integrate our policies so that we can create policies based on active users. We can create policies based on who is accessing a resource instead of just IP addresses and ports."
"It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective."
"It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS."
"The most valuables features are the ease of use and deployment."
"The support is good. We don't have any issues with the technical support."
"Good for the servers and can stop network attacks, including spam."
"FortiGate-VM's firewall is excellent."
"The most valuable feature is the UTM, which gives them an advantage over other firewalls."
"The user interface is the most valuable aspect of the solution."
"The solution can scale well."
"The VM it's very quick for deployment. If we need to have a POC for a customer, if we don't have any hardware physically at our premises, at our store, in our office, we can download the VM from Fortinet and install all the VM to their environment in order to run it. If we have a customer that says "let's start tomorrow" we are able to do that in a way that's not possible with a hardware version."
"GajShield has improved our mobile device-based connectivity."
"The initial setup can be a bit complex for those unfamiliar with the solution."
"There is limited data storage on the appliance itself. So, you need to ship it out elsewhere in order for you to store it. The only point of consideration is around that area, basically limited storage on the machine and appliance. Consider logging it elsewhere or pushing it out to a SIEM to get better controls and manipulation over the data to generate additional metrics and visibility."
"I believe that the current feature set of the device is very good and the only thing that Cisco should work on is improving the user experience with the device."
"We're getting support but there's a big delay until we get a response from their technical team. They're in the USA and we're in Africa, so that's the difficulty. When they're in the office, they respond."
"The configuration in Firepower Management Center is very slow. Deployment takes two to three minutes. You spend a lot of time on modifications. Whereas, in FortiGate, you press a button, and it takes one second."
"FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively."
"This product is managed using the Firepower Management Center (FMC), but it would be better if it also supported the command-line interface (CLI)."
"FirePOWER does a good job when it comes to providing us with visibility into threats, but I would like to see a more proactive stance to it."
"It needs an Application Inspection."
"We have encountered certain issues with the bandwidth in respect of the security layer."
"Technical support could be improved."
"There should be more options to use lower-end models in a high availability configuration."
"Areas for improvement would be application control and web filtering."
"The interface needs to be updated and simplified."
"Customization needs improvement."
"The licensing needs to be improved. We need longer licensing periods, especially for POCs and trials. It should be for six months. Right now, it's too short of a timeframe."
"The firewall configuration and administration screens could use some improvement."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
FortiGate Virtual Appliances allow you to mitigate blind spots by implementing critical security controls within your virtual infrastructure. They also allow you to rapidly provision security infrastructure whenever and wherever it is needed. FortiGate virtual appliances feature all of the security and networking services common to traditional hardware-based FortiGate appliances. With the addition of virtual appliances from Fortinet, you can deploy a mix of hardware and virtual appliances, operating together and managed from a common centralized management platform.
Traditional firewalls commonly serve as the boundary between the Internet and an organization's network. They offer protection based on controlling specific protocols and ports, and restricting traffic to and from specific IP addresses. These days however, most attacks are web-based, easily passing through http (port 80) and https (port 443). Most firewalls are unable to identify malicious applications or traffic passing through these common ports. Next Generation firewall must evolve to effectively defend against these threats.
Customers get, complete and Proactive security with GajShield Next Generation Appliances. GajShield has inbuild default security policy to deny all out bound traffic from local LAN to the internet. It reacts quickly to attacks with intelligent packet filtering that sets policies and hardens customer network defenses dynamically. GajShield has inbuild default security policy to deny all out bound traffic from local LAN to the internet. In today's organization, application, employees, vendors, clients, and security threats fight for the same network resources. It has become difficult for small to medium enterprises to manage their infrastructure as they are unable to distinguish between good traffic v/s bad traffic. Threats or various productive applications have become smarter as they camouflage data transfer using standard internet ports. Current day security products have failed to distinguish and manage such malicious traffic.
Fortinet FortiGate-VM is ranked 12th in Firewalls with 68 reviews while GajShield Next Generation Firewall is ranked 28th in Firewalls with 1 review. Fortinet FortiGate-VM is rated 8.2, while GajShield Next Generation Firewall is rated 8.0. The top reviewer of Fortinet FortiGate-VM writes "Flexible with good cloud management and a straightforward user interface". On the other hand, the top reviewer of GajShield Next Generation Firewall writes "Identifies and protects against email borne threats". Fortinet FortiGate-VM is most compared with Azure Firewall, Fortinet FortiGate, Palo Alto Networks VM-Series, OPNsense and Sophos UTM, whereas GajShield Next Generation Firewall is most compared with Sophos XG, Fortinet FortiGate, Sophos Cyberoam UTM and SonicWall TZ.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.