"The features I've found most valuable are the packet captures and packet traces because they help me debug connections. I like the logs because they help me see what's going on."
"The dashboard is the most important thing. It provides good visibility and makes management easy. Firepower also provides us with good application visibility and control."
"The most valuable features of this solution are the integrations and IPS throughput."
"IPS and Snort are very important because they also differentiate Cisco from other vendors and competitors."
"You do not have to do everything through a command line which makes it a lot easier to apply rules."
"The most valuable features of this solution are advanced malware protection, IPS, and IDS."
"One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful."
"The most important feature is the intensive way you can troubleshoot Cisco Firepower Firewalls. You can go to the bit level to see why traffic is not handled in the correct way, and the majority of the time it's a networking issue and not a firewall issue. You can solve any problem without Cisco TAC help, because you can go very deeply under the hood to find out how traffic is flowing and whether it is not flowing as expected. That is something I have never seen with other brands."
"The solution is stable."
"The user interface, stability, and scalability are the most valuable features."
"The thing that I like the most is that they're very willing to work with us to resolve issues that they haven't taken care of before in their product."
"Its performance is adequate. We are quite satisfied with its performance. The fact that it is a complete ecosystem with all kinds of integrations is valuable. It did take us a couple of months to get a grip on the new software, but all in all, it replaced our on-premise and single-point solution environment."
"The most valuable features are locking applications from in and out of my test network and testing malware on different devices. I use malware detection, antivirus, and basic firewall policies to check for different types of security breaches. The UI is really nice and easy to use."
"It's very easy to set up, even for more junior developers."
"It is a complete package, and it has complete offerings. It fit the needs, and our customer is happy with it."
"I did like the ability to back up the configuration into the cloud, as opposed to having to store the configurations or just downloading them, the backups, to local devices."
"I like how you can configure the rules. There is the task for the rules and a task for the network configuration. It also provides SMD filtering, and it can be integrated with the active directory for the users, their mission, and the VPN configuration. We are here in Sudan, and Stormshield didn't work in Sudan for more than a decade. Stormshield is a very strong firewall and very easy to configure and maintain. I am just working with the firewall solution, and we don't have any other solutions like endpoint solutions or something like that."
"I like that it works fine. Stormshield is a very good solution."
"The most valuable features are the IPS, the firewall function, and the price."
"A very robust product."
"Implementations require the use of a console. It would help if the console was embedded."
"The initial setup was a bit complex. It wasn't a major challenge, but due to our requirements and network, it was not very straightforward but still easy enough."
"Cisco Firepower NGFW Firewall can be more secure."
"The ability to better integrate with other tools would be an improvement."
"Deploying configurations takes longer than it should."
"One of my colleagues is using the firewall as an IPS, but he is worried about Firepower's performance... With the 10 Gb devices, when it gets to 5 Gbps, the CPU usage goes up a lot and he cannot manage the IPS."
"The change-deployment time can always be improved. Even at 50 seconds, it's longer than some of its competitors. I would challenge Cisco to continue to improve in that area."
"Its interface is sometimes is a little bit slow, and it can be improved. When you need to put your appliance in failover mode, it is a little difficult to do it remotely because you need to turn off the appliance in Cisco mode. In terms of new features, it would be good to have AnyConnect VPN with Firepower. I am not sure if it is available at the moment."
"Now they do have the ability to pop up a command line, which is nice, however, the fact that you can't do everything within the GUI is probably a problem."
"There should be a bit more automation."
"One thing that can be better is added automation. And, on top of that, enhanced security when it comes to the automation itself."
"Areas for improvement would be application control and web filtering."
"The operating system isn't stable, so it goes to memory counters every night."
"Integration could be better. Whatever devices I'm using with FortiGate are all compatible. The access points and switches are also FortiGate, so I can easily integrate them. But it would be better if we could embed other devices as well. There are compatibility issues with other brands, and we need that. We can only integrate universal brands with FortiGate. The initial setup could also be easier."
"We have had some stability issues."
"FortiGate's application load balancing has to be improved. They need to improve a lot on the load balancing and RAF side. They are far behind Citrix in that regard."
"With Stormshield, there are difficulties joining things, and it can be complex depending on the architecture."
"Improvement is needed in terms of the technical support of the manufacturer."
"It could be better if it were more user-friendly. It's too complicated for us to use it. The price could be better as well."
"The filtering configuration could be better. We have some difficulties with the filtering configuration and the filter extension. It's not that easy. It's not that straightforward. In the next release, I would like to see a reporting system. Stormshield doesn't have any tutorials on how to do the configuration and things like that. They just have documentation on the website. If you want to configure, for example, Cisco or Fortinet, you can find tutorials on YouTube. They show you how to configure the features, and so on. In Stormshield, there is nothing on social media or the internet on how to configure different things. The lack of documentation or the lack of material makes it difficult for others to adopt this solution."
More Cisco Firepower NGFW Firewall Pricing and Cost Advice →
Fortinet FortiGate-VM is ranked 11th in Firewalls with 60 reviews while Stormshield Network Security is ranked 8th in Unified Threat Management (UTM) with 4 reviews. Fortinet FortiGate-VM is rated 8.4, while Stormshield Network Security is rated 8.4. The top reviewer of Fortinet FortiGate-VM writes "Flexible with good cloud management and a straightforward user interface". On the other hand, the top reviewer of Stormshield Network Security writes "Robust, provides a high level of security at a reasonable cost". Fortinet FortiGate-VM is most compared with Azure Firewall, Fortinet FortiGate, Palo Alto Networks VM-Series, Cisco ASA Firewall and Juniper SRX, whereas Stormshield Network Security is most compared with Fortinet FortiGate, pfSense, Cisco ASA Firewall, Sophos XG and SonicWall TZ. See our Fortinet FortiGate-VM vs. Stormshield Network Security report.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
