"The most valuable feature is the access control list (ACL)."
"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government."
"It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS."
"The Firepower+ISE+AMP for endpoint integration is something that really stands it out with other vendor solutions. They have something called pxGrid and i think it is already endorsed by IETF. This allows all devices on the network to communicate."
"The Adversity Malware Protection (AMP) feature is the most valuable. It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard."
"Another benefit has been user integration. We try to integrate our policies so that we can create policies based on active users. We can create policies based on who is accessing a resource instead of just IP addresses and ports."
"We have not had to deal with stability issues."
"Firepower has been used for quite a few enterprise clients. Most of our clients are Fortune 500 and Firepower is used to improve their end to end firewall functionality."
"The most valuable feature is the SSL VPN, as it allows us to connect and it separates this product from other firewalls."
"Good anti-malware and web filtering features."
"Overall, the pricing of the solution is very good. The product offers good value."
"The SD-WAN feature is the most valuable. This feature evolved from link load balancing. It has helped us in terms of our uptime and privatizing applications whenever we experience an outage. The SD-WAN feature has been a plus for us. Two-factor authentication has allowed us to add more users in terms of remote working. We have two-factor authentication for remote workers to authenticate them before they get on the network."
"The solution is highly scalable because they have devices that can handle a large amount of traffic."
"Web filtering and two-factor authentication are great features."
"The initial setup is straightforward."
"The solution is extremely reliable."
"The stability is better than other products."
"This product is user-friendly and easy to configure."
"User friendly and intuitive."
"The functionality is the same whether it is on hardware or a virtual appliance. The interface is the same. It's nice that it's standardized."
"It allows us to block applications, i.e., websites by application type category. It is far more capable than content filtering alone."
"The most valuable features are that it is reasonably-priced and works well."
"Compared to Cisco, SonicWall NSa is much easier to configure."
"The features that I have found most valuable are the firewalling, which is very good and the GUI which is very intuitive. It is easy to use, and provides great security."
"I would like it to have faster deployment times. A typical deployment could take two to three minutes. Sometimes, it depends on the situation. It is better than it was in the past, but it could always use improvement."
"The solution could offer better control that would allow the ability to restrictions certain features from a website."
"The price and SD-WAN capabilities are the areas that need improvement."
"The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore."
"The initial setup could be simplified, as it can be complex for new users."
"FirePOWER does a good job when it comes to providing us with visibility into threats, but I would like to see a more proactive stance to it."
"The configuration in Firepower Management Center is very slow. Deployment takes two to three minutes. You spend a lot of time on modifications. Whereas, in FortiGate, you press a button, and it takes one second."
"The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved."
"Difficult to add or define, and not that easy to configure and manage."
"It should provide better visibility over the network and more information in the form of reports for the end users. Its installation should also be easier."
"We would like to see a better training platform implemented."
"FortiGate support could do some improvements on their IPv6 configuration. Right now it's still in the very early stage for utilizing in an enterprise level network environment."
"There are some cloud-based features that could be much more flexible than they currently are."
"In the next release, I would like to see the interface simplified to be more user-friendly."
"Its reporting capabilities can be improved. It should have some out-of-the-box reporting capabilities and some degree of customization. The basic reporting that it currently has is not sufficient to create more usable reports. It needs some sort of out-of-the-box reporting. They try to make customers purchase FortiAnalyzer for this kind of reporting, which is an additional cost. Other firewall vendors, such as SonicWall and Sophos, provide this sort of reporting without any additional cost."
"The solution lacks multi-language support."
"SonicWall does not support DynDNS, yet this is an important feature for smaller companies that do not have a static IP address."
"We have security as a service, and they make recommendations about adding to the denylist and other things. That part could be more accessible and more user-friendly. I'd like to see SonicWall add a user-friendly interface where our internal team can drag and drop everything."
"Do not even consider NetExtender - probably one of the most horrific, nightmare grade Java-based VPN clients. We have but all given up trying to make it work reliably."
"The pricing for this product in India is high and the fees should be reduced."
"Sometimes I found the GUI and some of the features a little bit hard to navigate, as opposed to Fortigate, which is much more user-friendly."
"In terms of improvement, features like App Control do not work properly"
"The product likely isn't a good fit for a large organization."
"We're not particularly fond of the way it generally performs. We are finding ourselves rebooting often. There are freeze-ups and that kind of thing. The stability needs to improve exponentially."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
The FortiGate family of NG firewalls provides proven protection with unmatched performance across the network, from internal segments, to data centers, to cloud environments. FortiGates are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.
Fortinet FortiGate is ranked 1st in Firewalls with 98 reviews while SonicWall NSa is ranked 17th in Firewalls with 38 reviews. Fortinet FortiGate is rated 8.4, while SonicWall NSa is rated 7.8. The top reviewer of Fortinet FortiGate writes "Stable, easy to set up, and offers good ROI". On the other hand, the top reviewer of SonicWall NSa writes "A rugged solution capable of defeating advanced threats". Fortinet FortiGate is most compared with Cisco ASA Firewall, pfSense, Check Point NGFW and Meraki MX, whereas SonicWall NSa is most compared with Meraki MX, WatchGuard Firebox, SonicWall TZ, Cisco ASA Firewall and Palo Alto Networks NG Firewalls. See our Fortinet FortiGate vs. SonicWall NSa report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.