"The most important features are the intrusion prevention engine and the application visibility and control. The Snort feature in Firepower is also valuable."
"A good intrusion prevention system and filtering."
"One of the most valuable features is the AMP. It's very good and very reliable when it comes to malicious activities, websites, and viruses."
"Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity."
"The Adversity Malware Protection (AMP) feature is the most valuable. It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard."
"The integration of network and workload micro-segmentation helps a lot to provide unified segmentation policies across east-west and north-south traffic. One concrete example is with Cisco ACI for the data center. Not only are we doing what is called a service graph on the ACI to make sure that we can filter traffic east-west between two endpoints in the same network, but when we go north-south or east-west, we can then leverage what we have on the network with SGTs on Cisco ISE. Once you build your matrix, it is very easy to filter in and out on east-west or north-south traffic."
"When it comes to the integration among Cisco tools, we find it easy. It's a very practical integration with other components as well."
"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government."
"Web filtering and the IPS functionality."
"The solution is stable."
"The dashboards are a good feature."
"In terms of administration, it's perfect."
"The functionality provided is very good."
"The initial setup is very user-friendly."
"It's almost perfect. It's very stable. We don't have many hardware issues."
"The most valuable feature is geofencing, where we can block all access from all non-domestic locations."
"We purchased the AGSS Bundle (Advanced Gateway Security Suite) for the security services, such as antivirus, intrusion prevention system, and anti-spyware botnet GUI."
"The security of this system is fantastic, including the IPS and IDS."
"When you make any changes, irrespective of whether they are big or small, Firepower takes too much time. It is very time-consuming. Even for small changes, you have to wait for 60 seconds or maybe more, which is not good. Similarly, when you have many IPS rules and policies, it slows down, and there is an impact on its performance."
"We're getting support but there's a big delay until we get a response from their technical team. They're in the USA and we're in Africa, so that's the difficulty. When they're in the office, they respond."
"The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved."
"The central management tool is not comfortable to use. You need to have a specific skill set. This is an important improvement for management because I would like to log into Firepower, see the dashboard, and generate a real-time report, then I question my team."
"The initial setup can be a bit complex for those unfamiliar with the solution."
"They need a VTI. I know it's going to be available in the next software version, which is the 6.7 version. However, the problem with that is that the 6.7 is going to deprecate all the older IKEv1 deployment tunnels. Therefore, the problem is that we have a lot of customers which are using older encryptions. If I do that, update it, it's not going to work for me."
"Report generation is an area that should be improved."
"One feature I would like to see, that Firepower doesn't have, is email security. Perhaps in the future, Cisco will integrate Cisco Umbrella with Firepower. I don't see why we should have to pay for two separate products when both could be integrated in one box."
"FortiGate should be more customer friendly and budgeted better."
"We are experiencing a failed login issue. There should also be improvements in functionalities we store to enhance our services."
"Integration could be better. Whatever devices I'm using with FortiGate are all compatible. The access points and switches are also FortiGate, so I can easily integrate them. But it would be better if we could embed other devices as well. There are compatibility issues with other brands, and we need that. We can only integrate universal brands with FortiGate. The initial setup could also be easier."
"Some issues with connecting to the VPN from home after firmware updates."
"Price-wise, it could be slightly better, however, if you compared it to other makes and models of equal category, it is generally cheaper."
"Customization needs improvement."
"In terms of improvement, there have been some problems with the bandwidth of the security layer."
"Web filtering is a feature that needs some improvement. There should be some additional features to allow active users to change their own passwords."
"There are limitations to bandwidth management."
"I would like to see the reporting opened up and have several more opportunities for automatic reports."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
FortiGate Virtual Appliances allow you to mitigate blind spots by implementing critical security controls within your virtual infrastructure. They also allow you to rapidly provision security infrastructure whenever and wherever it is needed. FortiGate virtual appliances feature all of the security and networking services common to traditional hardware-based FortiGate appliances. With the addition of virtual appliances from Fortinet, you can deploy a mix of hardware and virtual appliances, operating together and managed from a common centralized management platform.
NSv delivers complete advanced threat protection, including high-performance intrusion and malware prevention, and cloud-based sandboxing with SonicWall's RTDMI technology. NSv ensures lateral movement protection, plus inbound and outbound traffic protection.
Fortinet FortiGate-VM is ranked 12th in Firewalls with 68 reviews while SonicWall NSV is ranked 27th in Firewalls with 2 reviews. Fortinet FortiGate-VM is rated 8.2, while SonicWall NSV is rated 8.0. The top reviewer of Fortinet FortiGate-VM writes "Flexible with good cloud management and a straightforward user interface". On the other hand, the top reviewer of SonicWall NSV writes "Reliable, easy to scale, and reasonably priced ". Fortinet FortiGate-VM is most compared with Azure Firewall, Fortinet FortiGate, Palo Alto Networks VM-Series, OPNsense and Sophos UTM, whereas SonicWall NSV is most compared with Azure Firewall and SonicWall NSa. See our Fortinet FortiGate-VM vs. SonicWall NSV report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.