IT Central Station is now PeerSpot: Here's why

Huawei NGFW vs Palo Alto Networks VM-Series comparison

Cancel
You must select at least 2 products to compare!
Featured Review
Buyer's Guide
Huawei NGFW vs. Palo Alto Networks VM-Series
May 2022
Find out what your peers are saying about Huawei NGFW vs. Palo Alto Networks VM-Series and other solutions. Updated: May 2022.
607,332 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"With Cisco, there are a lot of features such as the network map. Cisco builds the whole network map of the machines you have behind your firewall and gives you insight into the vulnerabilities and attributes that the host has. Checkpoint and Fortinet don't have that functionality directly on the firewall.""The most valuable feature is the Intrusion Prevention System.""We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government.""The customer service/technical support is very good with this solution.""The most important features are the intrusion prevention engine and the application visibility and control. The Snort feature in Firepower is also valuable.""The most valuable feature would be ASDM. The ability to go in, visualize and see the world base in a clear and consistent manner is very powerful.""Another benefit has been user integration. We try to integrate our policies so that we can create policies based on active users. We can create policies based on who is accessing a resource instead of just IP addresses and ports.""Web filtering is a big improvement for us. The previous version we used, the AC520, did not have that feature included. It was not very easy for us, especially because the environment had to be isolated and we needed to get updates from outside, such as Windows patches. That feature has really helped us when we are going outside to pull those patches."

More Cisco Firepower NGFW Firewall Pros →

"I like that the initial setup is straighforward. It's also a scalable solution.""We make use of the new data center, specifically the containerized data center which is built and reviewed by Huawei, including all the device's infrastructure.""The support for the solution has been excellent. If we ever had an issue they would send an engineer to help us with our problem.""The security is good. It's as effective as anything else on the market.""Huawei was able to assist us in the installation of their product. The installation was very fast.""Huawei support is excellent. I rate it 10 out of 10.""The user interface is very, very good."

More Huawei NGFW Pros →

"The most valuable feature is that you can control your traffic flowing out and coming it, allowing you to apply malware and threat protection, as well as vulnerability checks.""The most valuable feature is that you can launch it in a very short time. You don't have to wait for the hardware to arrive and get it staged and installed. From that perspective, it is easy to launch. It is also scalable.""Palo Alto Networks VM-Series is very easy to use.""The feature that I have found the most useful is that it meets all our requirements technically.""The initial setup was straightforward.""Using Palo Alto Networks Panorama, we were able to deploy a single point of management and visualization of the firewall infrastructure in cloud, on-premise and integrated with Azure to automate scale up. Its security features, i.e. anti-malware, threat prevention, URL Filtering, VPN, and antivirus are the most valuable. The ID-User integrated with AD and 2FA features are also very useful to provide secure access to servers and some users in the company. ""The VM series has an advantage over the physical version because we are able to change the sources that the machine has, such as the amount of available RAM.""The most valuable feature is the Posture Assessment."

More Palo Alto Networks VM-Series Pros →

Cons
"It would be great if some of the load times were faster.""The solution could offer better control that would allow the ability to restrictions certain features from a website.""In a future release, it would be ideal if they could offer an open interface to other security products so that we could easily connect to our own open industry standard.""The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved.""An area of improvement for this solution is the console visualization.""We're getting support but there's a big delay until we get a response from their technical team. They're in the USA and we're in Africa, so that's the difficulty. When they're in the office, they respond.""On the VPN side, Firepower could be better. It needs more monitoring on VPNs. Right now, it's not that good. You can set up a VPN in Firepower, but you can't monitor it.""The initial setup was a bit complex. It wasn't a major challenge, but due to our requirements and network, it was not very straightforward but still easy enough."

More Cisco Firepower NGFW Firewall Cons →

"One issue is integration. Huawei can't detect Indicators of Compromise (IoC). I can get a lot of information about security, but can't automatically input the EP, domain URL, and file hashes I get from Hackersworld into my blocklist.""With the Huawei firewall, none of the features comes at the top. We found out later that customer support is really not good. For this firewall, because of our customers' routine, for example, every six months they'll do a penetration test to find weaknesses. So whenever they came up with VAPT reports, they are looking to Huawei for help. I think that's basically because it's a different culture. Chinese culture and our culture is different. They have always tried to help find some excuses or say some other things that cannot help you solve the problem immediately.""The documentation needs to be improved. When they retire old models, they also retire the documentation. However, if you are still using an older model, you still need access to that documentation. And yet, they go ahead and removed it. It's gone. You are therefore stuck with a device with no documentation and technical support that isn't very helpful as they also remove support assistance as well.""The solution doesn't seem to be very mature. Our networking team says they are experiencing a lot of issues in the firewalls and some routers.""The solution is scalable but it is difficult because you need to purchase new systems, it is not just one click.""The solution could be more secure and have better integration.""The solution requires a more interactive dashboard. That would make it easier than playing with configurations the way we have to now."

More Huawei NGFW Cons →

"Its web interface is a bit outdated, and it needs to be updated. They can also improve the NAT functionality. We have had issues with the NAT setup.""We feel that the setup was complex. So, we asked the tech team about the setup process. They explained how to deploy it in the right way, which made it very simple.""The disadvantage with Palo Alto is that they don't have a cloud-based solution that includes a secure web gateway.""The user interface could use some improvement.""In the next release, I would like to see better integration between the endpoints and the firewalls.""At the beginning of the implementation, we had some difficulties with the scripts, but Palo Alto Networks support together with a local partner finally fixed it.""It'll help if Palo Alto Networks provided better documentation.""It would be helpful if we had a direct number for the support manager or the supporting engineer. That would be better than having to email every time because there would be less wait."

More Palo Alto Networks VM-Series Cons →

Pricing and Cost Advice
  • "Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed."
  • "This product requires licenses for advanced features including Snort, IPS, and malware detection."
  • "This product is expensive."
  • "For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
  • "The price of Firepower is not bad compared to other products."
  • "The solution was chosen because of its price compared to other similar solutions."
  • "The price is comparable."
  • "It definitely competes with the other vendors in the market."
  • More Cisco Firepower NGFW Firewall Pricing and Cost Advice →

  • "The price of the license of this solution is high."
  • "When you compare the price with other products, it's quite cost-effective. But the problem is always after, let's say, two years or three years later because they are not able to provide updates or patches very quickly."
  • "I believe that we are entitled to a one-year extension on our licensing."
  • More Huawei NGFW Pricing and Cost Advice →

  • "Palo Alto can be as much as two times the price of competing products that have twice the capabilities."
  • "The cost of this product varies from customer to customer and the relationship with IBM, including how many offerings from IBM are already being used."
  • "Because I work for a university and the URL is for the institution, it's a free license for us."
  • "It is not the cheapest on the market. The total cost for two firewall instances is $75,000. This includes licenses, deployment fees, and support for two years."
  • "The VM series is licensed annually."
  • "Palo Alto definitely needs to be more competitive compared to other products. The problem that I have faced is that the price of licensing is very high and not very competitive."
  • "Initially, pricing was high. Later on, we were able to negotiate the pricing and get something that fits our budget."
  • More Palo Alto Networks VM-Series Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    607,332 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and… more »
    Top Answer: The Cisco Firepower NGFW Firewall is a very powerful and very complex piece of anti-viral software. When one considers… more »
    Top Answer:It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
    Top Answer:We make use of the new data center, specifically the containerized data center which is built and reviewed by Huawei… more »
    Top Answer:I believe that we are entitled to a one-year extension on our licensing.
    Top Answer:The solution could be more secure and have better integration. The bandwidth management utilization could stand… more »
    Top Answer:Both products are very stable and easily scalable. The setup of Azure Firewall is easy and very user-friendly and the… more »
    Top Answer:Palo Alto’s Panorama centralized management system simplifies our security posture based on our requirements. Instead of… more »
    Top Answer:Initially, pricing was high. Later on, we were able to negotiate the pricing and get something that fits our budget. The… more »
    Comparisons
    Also Known As
    Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
    Huawei USG Firewalls, USG9500 Series, USG6600 Series, USG6300 Series
    Learn More
    Overview

    Cisco Firepower Next-Generation Firewall (NGFW) is a firewall that provides capabilities beyond those of a standard firewall and delivers comprehensive, unified policy management of firewall functions, application control, threat prevention, and advanced malware protection from the network to the endpoint.

    Cisco NGFW Firewalls include advanced threat defense capabilities to meet diverse needs, from small offices to high-performance data centers and service providers, and are deployed in leading private and public clouds. Available in a wide range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Cisco NGFW firewalls are also available with clustering for increased performance, high availability configurations, and more.

    Key Features of Cisco NGFW Firewalls

    • Breach prevention and advanced security: Prevent attacks before they get inside. Cisco provides its firewalls with the latest intelligence to stop emerging threats and employs filtering to enforce policies on hundreds of millions of URLs. Cisco NGFW offers built-in sandboxing and advanced malware protection that continuously analyzes file behavior to quickly detect and eliminate threats.

    • Comprehensive network visibility: Constantly monitor your network so you can rapidly spot and stop bad behavior. Cisco NGFW provides a holistic view of all activity and provides a clear picture of threat activity across users, hosts, networks, and devices, as well as information on threats and website, application, and VM activities.

    • Flexible management and deployment options: Centrally deploy, customize, and manage all your appliances.

    • Fast detection: Detect threats in seconds and detect the presence of a successful breach within hours or minutes. Cisco NGFW allows you to deploy consistent policy that's easy to maintain, with automatic enforcement across all the different parts of your organization.

    • Automation and product integrations: Seamlessly integrate with Cisco tools and automatically share threat information, event data, policy, and contextual information with email, web, endpoint, and network security tools. Cisco NGFW automates security tasks like impact assessment, policy management and tuning, and user identification.

    Reviews from Real Users

    Cisco NGFW stands out among its competitors for a number of reasons. Two major ones are its extensive discovery abilities that enable you to constantly see what is happening on your network and take action when necessary, and the high level of protection it provides.

    Mike B., a director of IT security at a wellness & fitness company, writes, "It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective."

    Zhulien K., the lead network security engineer at TechnoCore LTD, notes, " The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy. Again, with that being said, I cannot shy away from giving kudos to all of the other features such as AVC (Application Visibility and Control), SSL Decryption, Identity policy, Correlation policy, REST API, and more. All of the features that are incorporated in the Cisco Firepower NGFW are awesome and easy to configure if you know what you are doing. Things almost always work, unless you hit a bug, which is fixed with a simple software update. "

    In addition to all the functions of conventional firewalls, Huawei NGFW also provides more advanced security functions, such as IPS and anti-malware functions, to identify applications and prevent application-layer threats. Huawei NGFW provides a global context awareness architecture for granular controls based on application, content, time, user, attack, and location (ACTUAL). The innovative SmartPolicy technology and management interfaces that can be easily integrated simplify the O&M management. The Intelligence Awareness Engine (IAE) uses an integrated architecture to perfectly balance security and performance. Huawei NGFW provides next-generation security featuring comprehensive protection, granular control, and OM simplicity to meet the requirements of enterprise networks on access control, scope of protection, usability, and performance in the new ICT landscape.

    The VM-Series is a virtualized form factor of our next-generation firewall that can be deployed in a range of private and public cloud computing environments based on technologies from VMware, Amazon Web Services, Microsoft, Citrix and KVM.

    The VM-Series natively analyzes all traffic in a single pass to determine the application identity, the content within, and the user identity. These core elements of your business can then be used as integral components of your security policy, enabling you to improve your security efficacy through a positive control model and reduce your incident response time though complete visibility into applications across all ports.

    In both private and public cloud environments, the VM-Series can be deployed as a perimeter gateway, an IPsec VPN termination point, and a segmentation gateway, protecting your workloads with application enablement and threat prevention policies.

    Offer
    Learn more about Cisco Firepower NGFW Firewall
    Learn more about Huawei NGFW
    Learn more about Palo Alto Networks VM-Series
    Sample Customers
    Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield
    KMITL, Peking University
    Warren Rogers Associates
    Top Industries
    REVIEWERS
    Comms Service Provider19%
    Financial Services Firm17%
    Government13%
    Manufacturing Company6%
    VISITORS READING REVIEWS
    Comms Service Provider28%
    Computer Software Company21%
    Government7%
    Manufacturing Company4%
    REVIEWERS
    Comms Service Provider29%
    Financial Services Firm14%
    Government14%
    Engineering Company14%
    VISITORS READING REVIEWS
    Comms Service Provider39%
    Computer Software Company18%
    Financial Services Firm5%
    Government5%
    REVIEWERS
    Financial Services Firm23%
    Manufacturing Company15%
    Government15%
    Energy/Utilities Company8%
    VISITORS READING REVIEWS
    Computer Software Company28%
    Comms Service Provider16%
    Financial Services Firm6%
    Government5%
    Company Size
    REVIEWERS
    Small Business40%
    Midsize Enterprise26%
    Large Enterprise34%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise20%
    Large Enterprise55%
    REVIEWERS
    Small Business60%
    Midsize Enterprise10%
    Large Enterprise30%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise16%
    Large Enterprise64%
    REVIEWERS
    Small Business36%
    Midsize Enterprise30%
    Large Enterprise33%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise18%
    Large Enterprise61%
    Buyer's Guide
    Huawei NGFW vs. Palo Alto Networks VM-Series
    May 2022
    Find out what your peers are saying about Huawei NGFW vs. Palo Alto Networks VM-Series and other solutions. Updated: May 2022.
    607,332 professionals have used our research since 2012.

    Huawei NGFW is ranked 26th in Firewalls with 7 reviews while Palo Alto Networks VM-Series is ranked 10th in Firewalls with 14 reviews. Huawei NGFW is rated 7.4, while Palo Alto Networks VM-Series is rated 8.4. The top reviewer of Huawei NGFW writes "It's reliable and simple to use ". On the other hand, the top reviewer of Palo Alto Networks VM-Series writes "An excellent solution for the right situations and businesses". Huawei NGFW is most compared with Fortinet FortiGate, Cisco ASA Firewall, Check Point NGFW, Palo Alto Networks NG Firewalls and pfSense, whereas Palo Alto Networks VM-Series is most compared with Azure Firewall, Cisco ASA Firewall, Fortinet FortiGate, Juniper SRX and Sophos UTM. See our Huawei NGFW vs. Palo Alto Networks VM-Series report.

    See our list of best Firewalls vendors.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.