We performed a comparison between Hillstone S-Series Network Intrusion Prevention System, KerioControl, and Palo Alto Networks Advanced Threat Prevention based on real PeerSpot user reviews.
Find out what your peers are saying about Darktrace, Vectra AI, Check Point Software Technologies and others in Intrusion Detection and Prevention Software (IDPS)."Setup is straightforward with the same reliability and scalability as the firewall series."
More Hillstone S-Series Network Intrusion Prevention System Pros →
"The firewall and intrusion detection features are good. It has blocked certain things. We have a lot of blocked sites that the staff or anyone using it, the public, etc., can't go on. It works for that. I get quite a few messages every now and again, saying that a virus has been detected and I can go in and block the user who's causing the problem."
"The solution provides feasibility regarding cyber privacy."
"In terms of the comprehensiveness of the security features, it does a great job of laying out what it does. It's fairly easy to edit and research. Some of the features were turned on by our IT company and I was able to easily find other features on my own by searching for videos on the internet. I've been able to block certain websites, and content filter, as well as manage some of our bandwidth because we live stream on Sunday. I'm able to dedicate bandwidth for the encoder that goes to the internet. It always has enough bandwidth, no matter how many people are on the network. That's really helpful."
"The stability of Kerio Control is good."
"It prevents people from visiting undesirable sites and ensures that they use the internet for their designated jobs."
"I want to have access to my computer from the outside and Kerio Control plays a role because it has a VPN... It is more reliable because it's a smaller group of computers to target for hackers and the like. The VPN works very well. I use it to work remotely very easily and exchange information, both to and from the location where it's deployed, and there have been no problems there."
"The interface control manager where we can allocate LAN connections to certain VLANs is the most valuable feature. The other feature that's important for us is because obviously everything is remote with MyKerio, as long as the boat has an internet connection, we can log onto the Kerio and get statistics, as well as provide support."
"Kerio Control can be scaled easily."
"Edge protection is a valuable feature."
"It's a monster, it's got so many beautiful features. We do deal with other firewalls and we've got a better idea of what other firewalls' capabilities are, any comparison with the Palo Alto I liked the quality of service on the applications that you can control the amount of bandwidth an application is allowed to consume. The best feature is the quality of the application quality of service."
"It is a stable product."
"I find the malware protection very handy."
"The most valuable features are the simplicity, transparency, and overall ease of management."
"For those who want a next-gen firewall that's easy to configure and easy to operate, I think you should go for Palo Alto."
"We are currently using the URL filtering feature, which is the most popular."
"With the IP address flag, I was able to see that I was being hacked. The moment there was an interaction between somebody on my network and that IP, the solution was able to flag it, and we were able to protect ourselves."
"Lack of tools to help educate end users"
More Hillstone S-Series Network Intrusion Prevention System Cons →
"They don't provide content filtering when it comes to search engine results. We had an incident on the network where a blocked site was showing up in search results. We are in a school environment, so we have blocked a site with some of the explicit content so that kids wouldn't see it. When one of them did a search, the results came on the search engine part. When you try to drill down to the website, it blocks, but when you search by image, it brings up all the images. That's one of the reasons why we are looking at Juniper."
"The upgrades make the network slower."
"There's also room for improvement in the Traffic Rules. We define networks to use a specific outgoing interface, say VSAT, shore, or marine WiFi, which is okay. But then all we have is a checkbox that says "Use other internet interfaces if this one is unavailable." What we would prefer would be to have a priority list. So if VSAT is unavailable, try to use 4G, etc. We haven't really found a reliable way of doing that in the current release."
"I would like for there to be a difference between international and national links."
"KerioControl should add more options in VPN features, such as IPsec VPNs, SSL VPNs, and L2TP VPNs, because KerioControl uses a special VPN for their products."
"One of the problems we do have causes problems with the VPN. The software slows the throughput down too much. You could have a one-gigabit connection from the internet, and it slows it down to the area of upload and download is extremely slow. There's too much content filtering at that point."
"The Kerio hardware devices look cheap and could be improved. Some of our clients are switching to Sophos because their hardware has a more sleek design."
"One area that confused me a bit when I was building my current network. I use VLANs to have separate functionality on the network, and the appliance I got was the WiFi model, but I discovered that you can't assign WiFi channels to the VLAN. So, you can have WiFi, but its own subnet. You can't run that over the VLAN. Effectively, I can't use the WiFi facility in the appliance and had to purchase a separate web that supports VLANs. In the end, I had to go to GFI support. They confirmed this is just a limited functionality of that device, as it is a low-end device. I don't know if any of their high-end models have a better facility or not."
"The installation was complicated."
"Mission learning techniques should continue to expand and detect unknown threats on the fly."
"Palo Alto Networks Threat Prevention could improve the commercial offing. Other solutions, such as Fortinet provide better commercial features."
"In Africa, the technical support is probably not as good as in Europe and the USA because it's a specific premium support, partner-enabled premium support and all of that. But it's really good, I don't really have any complaints, it's fairly good. I'll give them 80%."
"The technology firewall anomaly network could stand improvement."
"Sometimes when you want to group a set of ports, and communicate with Palo Alto, you cannot group TCP and UDP ports together. This needs to be adjusted."
"In terms of what needs improvement, the only thing I don't like is the support."
"The solution needs to improve its local technical support services. There is no premium support offered in our market."
More Palo Alto Networks Advanced Threat Prevention Pricing and Cost Advice →
Earn 20 points
