"The solution offers very easy configurations."
"One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful."
"If you compare the ASA and the FirePOWER, the best feature with FirePOWER is easy to use GUI. It has most of the same functionality in the Next-Generation FirePOWER, such as IPS, IPS policies, security intelligence, and integration and identification of all the devices or hardware you have in your network. Additionally, this solution is user-friendly."
"The Firepower+ISE+AMP for endpoint integration is something that really stands it out with other vendor solutions. They have something called pxGrid and i think it is already endorsed by IETF. This allows all devices on the network to communicate."
"The most valuable feature is the access control list (ACL)."
"The feature set is fine and is rarely a problem."
"We have not had to deal with stability issues."
"A good intrusion prevention system and filtering."
"Using this product makes the VPN seamless and almost invisible to me in the sense that I don't have to think about it."
"The usage in general is pretty good."
"We've found the solution to be pretty stable."
"The features that I have found most valuable are that it is good to use, and most importantly, the pricing. The customer especially likes the discount when they trade up or something like that."
"The solution has very good threat and content filtering switches."
"The solution is stable."
"Customers are more inclined towards FortiGate because of application control, web filtering, and anti-spam features. The support from the FortiGate team is good, and price-wise, it is affordable."
"The most valuable feature is the web filter."
"I like pfSense's security features."
"Is good at blocking IP addresses."
"I have found the firewall portion for the blocking most valuable."
"The concurrent users are perfect for us."
"One of the advantages of pfSense is that it is very easy to work with. It is a very good open-source solution, and it works really well. pfSense provides a complete package. For some features, it could be the first solution in the world. It is a very good alternative in the market for a firewall solution. You don't need to go to Cisco or other brands with expensive firewalls. pfSense also allows us to offer some support services."
"The most valuable features are the VPN and the capture photo."
"The solution is very robust."
"The flexibility of adding new kinds of services without spending any money can't be beaten."
"I would like to see improvement when you create policies on Snort 3 IPS on Cisco Firepower. On Snort 2, it was more like a UI page where you had some multiple choices where you could tweak your config. On Snort 3, the idea is more to build some rules on the text file or JSON file, then push it. So, I would like to see a lot of improvements here."
"The central management tool is not comfortable to use. You need to have a specific skill set. This is an important improvement for management because I would like to log into Firepower, see the dashboard, and generate a real-time report, then I question my team."
"Cisco Firepower NGFW Firewall can be more secure."
"The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore."
"I believe that the current feature set of the device is very good and the only thing that Cisco should work on is improving the user experience with the device."
"The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved."
"They need a VTI. I know it's going to be available in the next software version, which is the 6.7 version. However, the problem with that is that the 6.7 is going to deprecate all the older IKEv1 deployment tunnels. Therefore, the problem is that we have a lot of customers which are using older encryptions. If I do that, update it, it's not going to work for me."
"Cisco makes horrible UIs, so the interface is something that should be improved."
"We have an issue with hotel guest vouchers."
"There are some cloud-based features that could be much more flexible than they currently are."
"I would like to see a more intuitive dashboard."
"Quality control on their firmware versions needs improvement. When they introduce new firmware, there tend to be bugs."
"Sometimes you do need to know some CLI commands, so it's a bit harder for technicians or new people that don't know it."
"We were not able to build a full-mesh VPN; however, I am not sure if this was the fault of Fortinet FortiGate."
"They've become quite expensive."
"Some of the software stability could improve."
"The product could offer more integrated plugins."
"The solution requires a lot of administration."
"Lacks instructional videos."
"Layer 7 advanced firewall features are not included in the solution."
"The main problem with pfSense is that it lacks adequate ransomware protection."
"There's a bit of a learning curve during the initial implementation."
"The router monitoring needs improvement when compared with Sonicwall."
"The integration should be improved."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
The FortiGate family of NG firewalls provides proven protection with unmatched performance across the network, from internal segments, to data centers, to cloud environments. FortiGates are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.
Fortinet FortiGate is ranked 1st in Firewalls with 98 reviews while pfSense is ranked 3rd in Firewalls with 60 reviews. Fortinet FortiGate is rated 8.4, while pfSense is rated 8.6. The top reviewer of Fortinet FortiGate writes "Stable, easy to set up, and offers good ROI". On the other hand, the top reviewer of pfSense writes "Feature-rich, well documented, and there is good support available online". Fortinet FortiGate is most compared with Cisco ASA Firewall, Check Point NGFW, Meraki MX, Sophos XG and SonicWall TZ, whereas pfSense is most compared with OPNsense, Sophos UTM, Sophos XG, Untangle NG Firewall and Zyxel Unified Security Gateway. See our Fortinet FortiGate vs. pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.