"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government."
"The feature set is fine and is rarely a problem."
"The implementation is pretty straightforward."
"There are no issues that we are aware of. It does its job silently in the background."
"Provides good integrations and reporting."
"One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful."
"One of the most valuable features of Firepower 7.0 is the "live log" type feature called Unified Event Viewer. That view has been really good in helping me get to data faster, decreasing the amount of time it takes to find information, and allowing me to fix problems faster. I've found that to be incredibly valuable because it's a lot easier to get to some points of data now."
"The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy."
"What's most important is the ease of use."
"It is very flexible to use."
"Good load balancing feature."
"Its stability is the most valuable."
"Anti-Spam web content filterinG."
"The next-generation firewall is great."
"The most valuable feature is the web filter."
"The initial setup is straightforward."
"The most valuable feature of this solution is how it keeps up-to-date with viruses."
"What I like about Palo Alto is that it is a complete product, with everything in it."
"The way that the solution quickly updates to adjust to threats is the solution's most valuable aspect. When there's a security attack, within five minutes, all Wildfire subscribers have access to updates so that all systems will be safe. Its threat prevention is way better than other vendor products."
"The most valuable feature is the improved security that it offers."
"The most valuable feature is the cloud-based protection against zero-day malware attacks."
"The solution is completely integrated with all the other Palo Alto products. I think that it is the best part for endpoint protection. The firewall features include URL and DNS filtering, threat protection, and antivirus."
"WildFire's application encryption is useful."
"The technical support is good."
"The central management tool is not comfortable to use. You need to have a specific skill set. This is an important improvement for management because I would like to log into Firepower, see the dashboard, and generate a real-time report, then I question my team."
"Cisco makes horrible UIs, so the interface is something that should be improved."
"The performance should be improved."
"Implementations require the use of a console. It would help if the console was embedded."
"They need a VTI. I know it's going to be available in the next software version, which is the 6.7 version. However, the problem with that is that the 6.7 is going to deprecate all the older IKEv1 deployment tunnels. Therefore, the problem is that we have a lot of customers which are using older encryptions. If I do that, update it, it's not going to work for me."
"We're getting support but there's a big delay until we get a response from their technical team. They're in the USA and we're in Africa, so that's the difficulty. When they're in the office, they respond."
"On the VPN side, Firepower could be better. It needs more monitoring on VPNs. Right now, it's not that good. You can set up a VPN in Firepower, but you can't monitor it."
"In a future release, it would be ideal if they could offer an open interface to other security products so that we could easily connect to our own open industry standard."
"The performance and speed are aspects of the solution that could always be improved upon."
"FortiGate is really good. We have been using it for quite some time. Initially, when we started off, we had around 70 plus devices of FortiGate, but then Check Point and Palo Alto took over the place. From the product perspective, there are no issues, but from the account perspective, we have had issues. Fortinet's presence in our company is very less. I don't see any Fortinet account managers talking to us, and that presence has diluted in the last two and a half or three years. We have close to 1,500 firewalls. Out of these, 60% of firewalls are from Palo Alto, and a few firewalls are from Check Point. FortiGate firewalls are very less now. It is not because of the product; it is because of the relationship. I don't think they had a good relationship with us, and there was some kind of disconnect for a very long time. The relationship between their accounts team and my leadership team seems to be the reason for phasing out FortiGate."
"The initial setup and configuration are not intuitive and require training."
"We would like to see better pricing."
"The initial setup is complex."
"Vulnerability scanning could be improved."
"Monitoring and reporting could be better."
"The user interface could be improved."
"When comparing this solution to others it is not as good overall."
"The size of Palo Alto's cloud is big but it could be easier to use from a product management perspective."
"The configuration should be made a little bit easier. I understand why it is as it is, but there should be a way to make it easier from the user side."
"When you contact support, there is no guarantee that they will be available to help you tackle the issue that you are facing."
"The system performance degrades after the solution has been deployed for some time. The data that it gives us becomes a little bit slow. When you try to get some data for troubleshooting, it seems like it's working hard to extract that data."
"In the future, I would like to see more automation in the reporting."
"The deployment model could be better."
"Management and web filtering can be improved. There should also be better reporting, particularly around web filtering."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
The FortiGate family of NG firewalls provides proven protection with unmatched performance across the network, from internal segments, to data centers, to cloud environments. FortiGates are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.
Fortinet FortiGate is ranked 1st in Firewalls with 98 reviews while Palo Alto Networks WildFire is ranked 1st in Advanced Threat Protection (ATP) with 18 reviews. Fortinet FortiGate is rated 8.4, while Palo Alto Networks WildFire is rated 8.2. The top reviewer of Fortinet FortiGate writes "Stable, easy to set up, and offers good ROI". On the other hand, the top reviewer of Palo Alto Networks WildFire writes "Good technical support and provides automatic analysis that saves us time in filtering email". Fortinet FortiGate is most compared with Cisco ASA Firewall, pfSense, Check Point NGFW, Meraki MX and WatchGuard Firebox, whereas Palo Alto Networks WildFire is most compared with Cisco ASA Firewall, Proofpoint Email Protection, Juniper SRX, Zscaler Internet Access and Cloudflare.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.