"You do not have to do everything through a command line which makes it a lot easier to apply rules."
"The feature set is fine and is rarely a problem."
"I have integrated it for incidence response. If there is a security event, the Cisco firewall will automatically block the traffic, which is valuable."
"If configured, Firepower provides us with application visibility and control."
"Firepower has been used for quite a few enterprise clients. Most of our clients are Fortune 500 and Firepower is used to improve their end to end firewall functionality."
"The integration of network and workload micro-segmentation helps a lot to provide unified segmentation policies across east-west and north-south traffic. One concrete example is with Cisco ACI for the data center. Not only are we doing what is called a service graph on the ACI to make sure that we can filter traffic east-west between two endpoints in the same network, but when we go north-south or east-west, we can then leverage what we have on the network with SGTs on Cisco ISE. Once you build your matrix, it is very easy to filter in and out on east-west or north-south traffic."
"It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective."
"The most valuable feature is stability."
"The main features I find useful are intrusion prevention and web filtering. Additionally, the solution is easy to manage."
"Has a very simple OS and a good price point."
"The interface is good."
"Performance-wise, I think FortiOS is much better than its Juniper counterpart. Based on our actual experience and performance metrics, FortiOS-based products are much better than Juniper."
"It is more robust than SonicWall, particularly on the VPN from site to site."
"There are a lot of features that we like within the solution. The resources or performance of the firewall is very good. However, the real selling point is the fact that the solution offers so many features, it gives our clients a lot of extras that they can work with. There's a lot on offer."
"The information security features are the most valuable."
"I personally think the site-to-site VPN is the most useful feature. A lot of firewalls have that, but to me, that's one of the features that's essential."
"Infoblox offers granularity and advanced DNS protection to mitigate DNS attacks. It's a very secure solution."
"The security of the solution is perfect. It's very good at protecting us from attacks."
"FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively."
"The performance should be improved."
"In a future release, it would be ideal if they could offer an open interface to other security products so that we could easily connect to our own open industry standard."
"The price and SD-WAN capabilities are the areas that need improvement."
"An area of improvement for this solution is the console visualization."
"The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore."
"We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve."
"I believe that the current feature set of the device is very good and the only thing that Cisco should work on is improving the user experience with the device."
"Technical support could be better. Some competitors have much more responsive support teams."
"Lacks flexibility for different scenario configurations."
"There are some features for FortiGate using FortiOS that can only be enabled via a command line. These aren't very advanced features they have been part of FortiOS for quite some time but they still aren't accessible from the graphical user interface. It makes it a little bit harder than it should be for us to manage the solution. That's my main concern with the user interface. Another concern we have is some elements for the user interface, if they're not properly configured, it could lead to hardware and performance degradation."
"The pricing model makes this product far more expensive than similar solutions."
"They're using a lot of application-specific IC, so that may be causing some performance issues. And whenever a Fortinet adds new features, it can affect performance."
"There are some issues with the performance. We also had some issues while updating the firmware."
"The reporting and monitoring could improve, they have a lot of limitations. The monitoring is not easy compared to the other firewall."
"The technical support is good. However, during the holidays they can get a little slow to respond."
"There should be better alerts for when attacks are happening."
"There needs to be more capabilities in order to configure the console itself instead of the user interface dashboard. Configuring the DNS or DHCP through the console instead of the GUI dashboard would be better."
Earn 20 points
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Control all the security and networking capabilities in all your FortiGates across your entire network with one intuitive operating system. Improve your protection and visibility while reducing operating expenses and saving time with a truly consolidated next generation enterprise firewall platform.
Infoblox Advanced DNS Protection (ADP) effectively shields you from the widest range of DNS DDoS attacks, ensuring that you can maintain service uptime for your organization. Minimizing disruptions caused by DDoS and other DNS-based attacks is a key business imperative because DNS provides mission-critical network connectivity. If your DNS is down, your business is down. With ADP you can maintain DNS integrity and stop external and internal DNS DDoS attacks that can take your business offline. ADP eliminates such threats as volumetric attacks, DNS hijacking, cache poisoning and other DNS-specific exploits. A proven solution, it ensures that your customers can always reach your website and other external systems, and it keeps your business up and running 24×7 to maintain customer trust and confidence.
Fortinet FortiOS is ranked 18th in Firewalls with 18 reviews while Infoblox Advanced DNS Protection is ranked 5th in Domain Name System (DNS) Security with 2 reviews. Fortinet FortiOS is rated 8.4, while Infoblox Advanced DNS Protection is rated 8.0. The top reviewer of Fortinet FortiOS writes "Robust, scales well using FortiManager, and you have a choice of two different modes to run in". On the other hand, the top reviewer of Infoblox Advanced DNS Protection writes "An easy initial setup with DNS protection and good granularity". Fortinet FortiOS is most compared with Fortinet FortiWeb, Zyxel Unified Security Gateway, Azure Firewall, Darktrace and Fortinet FortiManager, whereas Infoblox Advanced DNS Protection is most compared with Cisco Umbrella, Zscaler Internet Access, EfficientIP DNS Guardian, Palo Alto Networks DNS Security and F5 BIG-IP DNS.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.