"The most valuable features of this solution are the integrations and IPS throughput."
"The solution offers very easy configurations."
"It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS."
"The content filtering is good."
"The most important feature is the intensive way you can troubleshoot Cisco Firepower Firewalls. You can go to the bit level to see why traffic is not handled in the correct way, and the majority of the time it's a networking issue and not a firewall issue. You can solve any problem without Cisco TAC help, because you can go very deeply under the hood to find out how traffic is flowing and whether it is not flowing as expected. That is something I have never seen with other brands."
"The most valuable feature is the access control list (ACL)."
"There are no issues that we are aware of. It does its job silently in the background."
"If you compare the ASA and the FirePOWER, the best feature with FirePOWER is easy to use GUI. It has most of the same functionality in the Next-Generation FirePOWER, such as IPS, IPS policies, security intelligence, and integration and identification of all the devices or hardware you have in your network. Additionally, this solution is user-friendly."
"It is useful for protecting and segregating the internal networks from the internet. Most of our customers also use the FortiGate client to connect to their offices by using the VPN client, and of course, they usually activate the antivirus, deep inspection, and intrusion prevention services. They are also using it for web filtering and implementing various policies dealing with forwardings, NAT, etc."
"The initial setup is straightforward."
"The most valuable feature is the interface, which is very user friendly. We are utilizing most of the features, like content filtering. The firewall is powerful."
"The features that I have found most valuable are the SD-WAN and their IP4 policy."
"The solution is very, very easy to use."
"Using this product makes the VPN seamless and almost invisible to me in the sense that I don't have to think about it."
"It's very easy to configure."
"I like how we can achieve total integration."
"The most valuable features of this solution are the GUI pre-filtering and the ATP (advanced threat protection)."
"SonicWall has USCS and anti-virus at the gateway level. Everything is filtered, and if it detects an intruder, it drops the line."
"It is able to fulfill my requirements. It protects our network environment. It has control over IPS, signatures, and it can also manage bandwidth and mapping. It is also stable and has good support."
"The technical support is very good."
"We can do the hosting and security all under one box. The UTM is a good feature."
"The most valuable feature of SonicWall NSa is the control aspect of the solution."
"I like the solution's configuration, interfaces, and user guides."
"The solution has many useful features, such as content management, user management, user filtering, and domain controller connectivity mapping."
"The visibility for VPN is one big part. The policy administration could be improved in terms of customizations and flexibility for changing it to our needs."
"FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively."
"There is limited data storage on the appliance itself. So, you need to ship it out elsewhere in order for you to store it. The only point of consideration is around that area, basically limited storage on the machine and appliance. Consider logging it elsewhere or pushing it out to a SIEM to get better controls and manipulation over the data to generate additional metrics and visibility."
"One of my colleagues is using the firewall as an IPS, but he is worried about Firepower's performance... With the 10 Gb devices, when it gets to 5 Gbps, the CPU usage goes up a lot and he cannot manage the IPS."
"The change-deployment time can always be improved. Even at 50 seconds, it's longer than some of its competitors. I would challenge Cisco to continue to improve in that area."
"The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore."
"The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved."
"On the VPN side, Firepower could be better. It needs more monitoring on VPNs. Right now, it's not that good. You can set up a VPN in Firepower, but you can't monitor it."
"Fortinet FortiGate could improve by having better visibility. Palo Alto has better visibility."
"The cloud features and integration could be improved."
"They are doing good, but they can improve the distributor assignment. The availability of the product and the timeline of delivery are the main things. The distribution should be swift, and the distributor should not reach out to end customers directly. They should work as a distributor. There should also be one more local distributor. Currently, there is only one distributor in Pakistan, and the rest of them are in UAE. It is difficult to work with only one distributor. Sometimes, you don't get along with the same distributor, and that's why they should have one more distributor. Their licensing should also be improved. The activation or renewal of the product should be done from the date of renewal, not from the date on which the license expired."
"With the addition of some features, it is possible that FortiGate can be used in all verticals."
"FortiGate support could do some improvements on their IPv6 configuration. Right now it's still in the very early stage for utilizing in an enterprise level network environment."
"I think that the infrastructure for the VPN could be improved. The way that it is bundled also made it difficult to use and sell as it is too expensive."
"Usually, we sell the bundle with the UTM or threat management piece with IPS, IDS. Other providers, such as Palo Alto, are ahead in terms of safe functionality. So, for me, delivering truly safe service is probably something that still needs to be improved."
"The central management for the FortiGate Fortinet Firewall needs improvement. They have the manager to do the essential management for both SD-WAN and for the security policy. They should also improve the SD-WAN function."
"We still get phishing emails that manage to come through from time to time."
"The content filter needs to be improved."
"The pricing for this product in India is high and the fees should be reduced."
"In terms of improvement, features like App Control do not work properly"
"Sometimes I found the GUI and some of the features a little bit hard to navigate, as opposed to Fortigate, which is much more user-friendly."
"The stability is not there. The features are there, but they are not stable. They need to improve on this product because I feel that they have launched this product without much R&D."
"The filter settings are confusing and overly complicated. The user interface can be improved."
"Initially, it may be difficult for some people to learn and become acquainted with it."
More Cisco Firepower NGFW Firewall Pricing and Cost Advice →
Fortinet FortiGate is ranked 1st in Firewalls with 166 reviews while SonicWall NSa is ranked 15th in Firewalls with 40 reviews. Fortinet FortiGate is rated 8.4, while SonicWall NSa is rated 8.0. The top reviewer of Fortinet FortiGate writes "Stable, easy to set up, and offers good ROI". On the other hand, the top reviewer of SonicWall NSa writes "Easy to scale advanced threat protection solution with knowledgeable technical support, but has occasional bugs". Fortinet FortiGate is most compared with pfSense, Cisco ASA Firewall, Sophos XG, Check Point NGFW and OPNsense, whereas SonicWall NSa is most compared with Meraki MX, SonicWall TZ, Sophos XG, Cisco ASA Firewall and Palo Alto Networks NG Firewalls. See our Fortinet FortiGate vs. SonicWall NSa report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
