"Web filtering is a big improvement for us. The previous version we used, the AC520, did not have that feature included. It was not very easy for us, especially because the environment had to be isolated and we needed to get updates from outside, such as Windows patches. That feature has really helped us when we are going outside to pull those patches."
"I have integrated it for incidence response. If there is a security event, the Cisco firewall will automatically block the traffic, which is valuable."
"One of the most valuable features is the AMP. It's very good and very reliable when it comes to malicious activities, websites, and viruses."
"The Adversity Malware Protection (AMP) feature is the most valuable. It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard."
"We have not had to deal with stability issues."
"The most valuable features of this solution are advanced malware protection, IPS, and IDS."
"When it comes to the integration among Cisco tools, we find it easy. It's a very practical integration with other components as well."
"Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity."
"It has been stable so far."
"The only firewall able to monitor traffic from a CCTV network. Can detect unauthorized devices plugged into the network, which standard firewalls can't do."
"The way that the solution quickly updates to adjust to threats is the solution's most valuable aspect. When there's a security attack, within five minutes, all Wildfire subscribers have access to updates so that all systems will be safe. Its threat prevention is way better than other vendor products."
"The solution is easy to use and the Panorama feature is good. The software management or the malware blocking and some authentication management system are good."
"The technical support is good."
"Remote access is excellent."
"The backup is the best feature."
"The most valuable features of this solution are sandbox capabilities."
"For example, if a security Intel threat talks about an IOC. We can then go to our MSP and say, "Is there a signature for this particular type of malware that just came out?" And if they'll say yes, then we'll say, "Okay. Does it apply to these firewalls? And have we seen any hits on it?" There's absolutely value in it."
"Using WildFire has reduced the number of viruses and the amount of malware that comes into our system, which means that I don't have to rely on the end-users to identify it."
"The product line does not address the SMB market as it is supposed to do. Cisco already has an on-premises sandbox solution."
"There is limited data storage on the appliance itself. So, you need to ship it out elsewhere in order for you to store it. The only point of consideration is around that area, basically limited storage on the machine and appliance. Consider logging it elsewhere or pushing it out to a SIEM to get better controls and manipulation over the data to generate additional metrics and visibility."
"FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively."
"We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve."
"Cisco makes horrible UIs, so the interface is something that should be improved."
"The configuration in Firepower Management Center is very slow. Deployment takes two to three minutes. You spend a lot of time on modifications. Whereas, in FortiGate, you press a button, and it takes one second."
"Web filtering needs improvement because sometimes the URL is miscategorized."
"The solution could offer better control that would allow the ability to restrictions certain features from a website."
"Licensing is not cheap."
"They have a very good technical support team, but I think there are some communication issues due to language differences."
"When comparing this solution to others it is not as good overall."
"It's not really their problem, it's a problem across the board. There will always be problems with interrupted traffic. We have to set it up where we're playing a middle man game where we're stripping it out, looking at it, and then putting it back together and sending it on its way. That requires CPU cycles. And there's some overhead with that."
"The automation and responsiveness need improvement."
"The threat intelligence that we receiving in the reporting was not as expected. We were expecting more. Additionally, we should be able to whitelist a specific file based on a variety of attributes."
"The deployment model could be better."
"Management and web filtering can be improved. There should also be better reporting, particularly around web filtering."
"The size of Palo Alto's cloud is big but it could be easier to use from a product management perspective."
"It would be nice if there was an easier way to install and deploy it, such as through the inclusion of wizards."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Hillstone’s T-Series intelligent Next-Generation Firewall (iNGFW) uses three key technologies to detect advanced attacks and provide continuous threat defense for today’s networks. First, it uses statistical clustering to detect unknown malware, leveraging the patented Hillstone Advanced Threat Detection engine (ATD). Second, it uses behavioral analytics to detect anomalous network behavior, which is based on the Hillstone Abnormal Behavior Detection engine (ABD). Finally, it leverages the Hillstone threat correlation analysis engine to correlate threat events detected by disparate engines – including ATD, ABD, Sandbox and other traditional signature-based threat detection technologies – along with context information to identify advanced threats.
Hillstone T-Series is ranked 30th in Firewalls with 2 reviews while Palo Alto Networks WildFire is ranked 1st in Advanced Threat Protection (ATP) with 18 reviews. Hillstone T-Series is rated 7.0, while Palo Alto Networks WildFire is rated 8.2. The top reviewer of Hillstone T-Series writes "Customizable reports with advanced threat protection". On the other hand, the top reviewer of Palo Alto Networks WildFire writes "Good technical support and provides automatic analysis that saves us time in filtering email". Hillstone T-Series is most compared with Fortinet FortiGate, Hillstone E-Series, Cisco ASA Firewall and Sangfor NGAF, whereas Palo Alto Networks WildFire is most compared with Fortinet FortiGate, Cisco ASA Firewall, Proofpoint Email Protection, Juniper SRX and Zscaler Internet Access.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.