"The Adversity Malware Protection (AMP) feature is the most valuable. It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard."
"I have integrated it for incidence response. If there is a security event, the Cisco firewall will automatically block the traffic, which is valuable."
"Firepower NGFW has improved my organization in several ways. Before, we were trying to stamp out security threats and issues, it was a one-off type of way to attack it. I spent a lot of manpower trying to track down the individual issues or flare-ups that we would see. With Cisco's Firepower Management, we're able to have that push up to basically one monitor and one UI and be able to track that and stop threats immediately. It also gives us a little more granularity on what those threats might be."
"You do not have to do everything through a command line which makes it a lot easier to apply rules."
"If configured, Firepower provides us with application visibility and control."
"The Firepower+ISE+AMP for endpoint integration is something that really stands it out with other vendor solutions. They have something called pxGrid and i think it is already endorsed by IETF. This allows all devices on the network to communicate."
"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government."
"I have access to the web version of Cisco Talos to see the reputation of IP addresses. I find this very helpful. It provides important information for my company to obtain the reputation of IP addresses. The information in Talos is quite complete."
"I love the Policy Optimizer feature. I am also completely happy with its stability."
"The ease of use and the ease of configuration of our policies are the most valuable features."
"The machine learning in the core of the firewalls, for inline, real-time attack prevention, is very important to us. With the malware and ransomware threats that are out there, to keep abreast of and ahead of those types of attacks, it's important for our devices to be able to use AI to distinguish when there is malicious traffic or abnormal traffic within our environment, and then notify us."
"Ability to log each and every application."
"You can easily integrate it with Active Directory, and you can use the GlobalProtect VPN for internal and external purposes. The URL Filtering is also clear and the application filtering is a plus. The application filtering is much better when you compare it to FortiGate or other firewall vendors."
"Protection from a single packet and ease of making security rules."
"When we put it on the border, it was blocking everything that we were getting ahead of time, and we weren't getting any hits. This includes URL filtering, spam prevention, and anti-virus."
"I like that it has high security."
"Content protection, content inspection, and the application level firewall."
"The built-in open VPN and the VPN Client Export are the solution's most valuable aspects."
"The initial setup is easy."
"Sophos Intercept X is scalable. Currently, we have almost 30 people using it in our company."
"A valuable feature is that the solution is open source."
"We've found the stability to be very good overall."
"What I like about pfSense is that it works well and runs on an inexpensive appliance."
"I mostly like all of it. Whatever we use is valuable."
"We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve."
"On the VPN side, Firepower could be better. It needs more monitoring on VPNs. Right now, it's not that good. You can set up a VPN in Firepower, but you can't monitor it."
"FirePOWER does a good job when it comes to providing us with visibility into threats, but I would like to see a more proactive stance to it."
"One issue with Firepower Management Center is deployment time. It takes seven to 10 minutes and that's a long time for deployment. In that amount of time, management or someone else can ask me to change something or to provide permissions, but during that time, doing so is not possible. It's a drawback with Cisco. Other vendors, like Palo Alto or Fortinet do not have this deployment time issue."
"The central management tool is not comfortable to use. You need to have a specific skill set. This is an important improvement for management because I would like to log into Firepower, see the dashboard, and generate a real-time report, then I question my team."
"The solution could offer better control that would allow the ability to restrictions certain features from a website."
"They need a VTI. I know it's going to be available in the next software version, which is the 6.7 version. However, the problem with that is that the 6.7 is going to deprecate all the older IKEv1 deployment tunnels. Therefore, the problem is that we have a lot of customers which are using older encryptions. If I do that, update it, it's not going to work for me."
"The performance should be improved."
"The solution has normal authentication, but does not have two-factor or multi-factor authentication. There is room for development there."
"This solution cannot be implemented on-premises; it's only a cloud solution. The price is high as well."
"The only area I can see for improvement is that Palo Alto should do more marketing."
"In the future, I would like to see more OTP features."
"The solution would benefit from having a dashboard."
"Palo Alto could do better with integrating the Palo Alto Next-Gen Firewall with SD-WAN. The biggest issue with Palo Alto is that they are expensive. They are very expensive for what they offer. They should improve their pricing."
"Its stability can be better. Their technical response from the support side can also be better."
"Its reporting can definitely be improved. I would like to have better graphical dashboards and more widgets for more clarity in the reporting area. In a third-generation firewall, you can generate some dashboards. It provides the information that we need, but from the C-level or a higher-level perspective, it is kind of rough and incomplete. Its data loss prevention (DLP) feature is not good enough. Currently, this feature is very basic and not suitable for enterprises. It would be nice if they can include a better DLP feature like Fortinet. We would like to have a local depot of Palo Alto in Latin America. Competitors such as Cisco and Check Point have a local depot here. If there is an issue with their hardware, you can go to the depot, and in about four hours, you can get a replacement device, but that's not the case with Palo Alto Networks because we need to import from Miami. It takes about two to three weeks."
"The technical support needs to be improved."
"Many people have problems setting up the web cache for the web system."
"I tried pfSense, and it has a big issue with file system consistency, and this is what drove me to OPNsense. The file system stability is quite a big issue for us. We have a lot of outages related to power issues, and OPNsense is much more stable on this side."
"The interface is not very shiny and attractive."
"The VPN feature of the solution could improve by adding better functionality and providing easier configure ability."
"The main problem with pfSense is that we have to use proxy solutions."
"Lacks instructional videos."
"They could improve their commercial stance and be more agile when it comes to the commercial pricing of enterprise deals."
More Cisco Firepower NGFW Firewall Pricing and Cost Advice →
More Palo Alto Networks NG Firewalls Pricing and Cost Advice →
Palo Alto Networks NG Firewalls is ranked 7th in Firewalls with 72 reviews while pfSense is ranked 3rd in Firewalls with 60 reviews. Palo Alto Networks NG Firewalls is rated 8.6, while pfSense is rated 8.6. The top reviewer of Palo Alto Networks NG Firewalls writes "The product stability and level of security are second to none in the industry". On the other hand, the top reviewer of pfSense writes "Feature-rich, well documented, and there is good support available online". Palo Alto Networks NG Firewalls is most compared with Fortinet FortiGate, Azure Firewall, Sophos XG, Meraki MX and Check Point CloudGuard Network Security, whereas pfSense is most compared with OPNsense, Fortinet FortiGate, Sophos UTM, Sophos XG and Zyxel Unified Security Gateway. See our Palo Alto Networks NG Firewalls vs. pfSense report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
