"It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS."
"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government."
"The most valuable feature is the access control list (ACL)."
"The most important feature is the intensive way you can troubleshoot Cisco Firepower Firewalls. You can go to the bit level to see why traffic is not handled in the correct way, and the majority of the time it's a networking issue and not a firewall issue. You can solve any problem without Cisco TAC help, because you can go very deeply under the hood to find out how traffic is flowing and whether it is not flowing as expected. That is something I have never seen with other brands."
"The integration of network and workload micro-segmentation helps a lot to provide unified segmentation policies across east-west and north-south traffic. One concrete example is with Cisco ACI for the data center. Not only are we doing what is called a service graph on the ACI to make sure that we can filter traffic east-west between two endpoints in the same network, but when we go north-south or east-west, we can then leverage what we have on the network with SGTs on Cisco ISE. Once you build your matrix, it is very easy to filter in and out on east-west or north-south traffic."
"We have not had to deal with stability issues."
"The implementation is pretty straightforward."
"The Firepower+ISE+AMP for endpoint integration is something that really stands it out with other vendor solutions. They have something called pxGrid and i think it is already endorsed by IETF. This allows all devices on the network to communicate."
"One of the advantages of pfSense is that it is very easy to work with. It is a very good open-source solution, and it works really well. pfSense provides a complete package. For some features, it could be the first solution in the world. It is a very good alternative in the market for a firewall solution. You don't need to go to Cisco or other brands with expensive firewalls. pfSense also allows us to offer some support services."
"We like the fact that the product is open-source. It's free to use. There are no costs associated with it."
"I'm the expert when it comes to Linux systems, however, with the pfSense, due to the web interface, the rest of the staff can actually make changes to it as required without me worrying about whether they've opened up ports incorrectly or not. The ease of use for non-expert staff is very good."
"I like the connectivity to the open VPN. It's very smooth."
"I have found the firewall portion for the blocking most valuable."
"It works. I put pfSense in, and it works. I can't think of any trouble I ever had with it. It runs on heat-sensitive appliances. They don't need a fan, so they don't overheat. It is affordable, fast, and very high-speed. It is built on BSD Unix, and it pretty much runs on any Intel processor."
"The built-in open VPN and the VPN Client Export are the solution's most valuable aspects."
"Sophos Intercept X is scalable. Currently, we have almost 30 people using it in our company."
"This is a capable appliance and the standard features work well for us."
"The solution can scale well."
"The configuration in Firepower Management Center is very slow. Deployment takes two to three minutes. You spend a lot of time on modifications. Whereas, in FortiGate, you press a button, and it takes one second."
"The change-deployment time can always be improved. Even at 50 seconds, it's longer than some of its competitors. I would challenge Cisco to continue to improve in that area."
"Its interface is sometimes is a little bit slow, and it can be improved. When you need to put your appliance in failover mode, it is a little difficult to do it remotely because you need to turn off the appliance in Cisco mode. In terms of new features, it would be good to have AnyConnect VPN with Firepower. I am not sure if it is available at the moment."
"One feature I would like to see, that Firepower doesn't have, is email security. Perhaps in the future, Cisco will integrate Cisco Umbrella with Firepower. I don't see why we should have to pay for two separate products when both could be integrated in one box."
"The performance should be improved."
"It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience."
"FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively."
"The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore."
"Ease of use is a problem for a user who is unfamiliar with this product because, in the interface, everything has to be set manually."
"They could improve their commercial stance and be more agile when it comes to the commercial pricing of enterprise deals."
"The product could offer more integrated plugins."
"Their support could be better in terms of the response time."
"Web interface could be enhanced and more user friendly."
"Lacks instructional videos."
"The security could be improved."
"User interface is a little clumsy."
"Although manageable, the user interface is a little bit slow and could be improved."
"Sometimes it reboots when you least expect it, and that's the main issue."
More Cisco Firepower NGFW Firewall Pricing and Cost Advice →
More Zyxel Unified Security Gateway Pricing and Cost Advice →
pfSense is ranked 3rd in Firewalls with 60 reviews while Zyxel Unified Security Gateway is ranked 9th in Unified Threat Management (UTM) with 2 reviews. pfSense is rated 8.6, while Zyxel Unified Security Gateway is rated 6.0. The top reviewer of pfSense writes "Feature-rich, well documented, and there is good support available online". On the other hand, the top reviewer of Zyxel Unified Security Gateway writes "Low cost but unresponsive technical support and very unstable performance". pfSense is most compared with OPNsense, Fortinet FortiGate, Sophos UTM, Sophos XG and Juniper SRX, whereas Zyxel Unified Security Gateway is most compared with Fortinet FortiGate, Fortinet FortiOS, WatchGuard Firebox, Sophos UTM and SonicWall NSa.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
