"I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection."
"One of the most valuable features is the AMP. It's very good and very reliable when it comes to malicious activities, websites, and viruses."
"The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy."
"Provides good integrations and reporting."
"Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity."
"It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective."
"The most valuable feature is the access control list (ACL)."
"The most valuable feature is stability."
"The most valuable features have been content filtering, and the interface is easy to navigate and to use."
"We like the central interface and we like the security features. Additionally, we use SonicWall with VPN connectivity and we have had no problems with SonicWall all these years."
"Most of the features are useful. It is easy to configure and easy to troubleshoot. I can see the utilization of different networks, and there are also App control features."
"It protects against intrusion while allowing needed access."
"It's been very easy to implement and deploy."
"SonicWall TZ is a stable product."
"Ease of management and the VPN integration."
"I like the firewall product, the security server, and the content filter."
"The VPN is valuable, as the whole technology is very different from a traditional VPN."
"We don't have to buy equipment to use it. And when our engineers set it up on our side, we just configured a few settings and we were in."
"Zscaler Internet Access has helped us reduce the time that we spend managing security policies by about four hours a week. We can use this time to focus on other things, especially the IT team."
"The data loss prevention feature is the most valuable. It stops our users from inadvertently leaking our customers' data to the Internet or anywhere else it shouldn't go."
"For our needs, the cloud-native proxy architecture is a very good solution. We are moving away from on-prem appliances and moving more toward cloud-based solutions. Zscaler is a good fit for our strategy. This architecture helps with cyber threats because we inspect most of the traffic and we can see that a lot of threats are stopped directly in the secure web gateway."
"The security is excellent."
"Zscaler Internet Access protects using data loss prevention. If you have a CASB exposing your cloud out into the network, then Zscaler Internet Access will go ahead and control that unknown cloud application in the CASB, protecting it. There is also data detection with exact data match. This improves the data coming into your cloud so you are protecting it."
"The performance should be improved."
"One issue with Firepower Management Center is deployment time. It takes seven to 10 minutes and that's a long time for deployment. In that amount of time, management or someone else can ask me to change something or to provide permissions, but during that time, doing so is not possible. It's a drawback with Cisco. Other vendors, like Palo Alto or Fortinet do not have this deployment time issue."
"Deploying configurations takes longer than it should."
"The visibility for VPN is one big part. The policy administration could be improved in terms of customizations and flexibility for changing it to our needs."
"The initial setup was a bit complex. It wasn't a major challenge, but due to our requirements and network, it was not very straightforward but still easy enough."
"I would like to see improvement when you create policies on Snort 3 IPS on Cisco Firepower. On Snort 2, it was more like a UI page where you had some multiple choices where you could tweak your config. On Snort 3, the idea is more to build some rules on the text file or JSON file, then push it. So, I would like to see a lot of improvements here."
"It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience."
"The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved."
"There is a point I don't like about SonicWall in the past and now. Most of the destinations we look at when we're detecting some user using too much bandwidth or something like that, SonicWall just gave us destination IP address, instead of the full qualified domain name. I think that's the most important part that is still missing. I think that's the most important for us."
"It could be made more user friendly."
"The reporting analytics could be improved, it is very unstable."
"The VPN that is available in the new version is a bit bulky and slower in speed."
"It could probably be more user-friendly, and it could be more scalable with releases and subscriptions."
"The log sections could be done more clearly."
"I would like the solution to build in more redundancy. I"
"Its pricing can be better. It is very expensive."
"The reporting functionality could be a bit easier to use. There is a reporting function, but it's quite hard to do any good reporting, from a user-management perspective. For example, if a department manager wants to know how his department is using the web, there is a way to get the data, but it's quite cumbersome to get it and show it well. And that's true for comparing between departments."
"One thing that they could improve is the ability to import rules from other platforms."
"An improvement would be if they could provide an out-of-the-box experience, like 20 to 30 features all ready to go. In comparison, LogRhythm offers out-of-the-box features. With Zscaler Internet Access, there is firewall IPS, multiple security services, filtering, DLP, and CASB browser isolation. These are things that all users are going to be using. However, when an administrator or architect would start building this, I would definitely need to engage professional services to help clients do it."
"I would like to see more training and video documentation."
"There are a few features that are not compatible with the Azure cloud."
"They could provide more time for the onboarding the training of an IT person."
"I don't know whether it's Zscaler or not, however, sometimes I can't access my time management. I need to wait and try again a few hours later. Typically, if I let some time pass, I can access it again."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Zscaler Web Security provides unmatched security, visibility and control, going beyond the basics of web content filtering. Delivered in the cloud, Zscaler includes award-winning web security integrated with our robust network security platform that features advanced threat protection, real-time analytics and forensics. You'll get protection across every user, location and device, including laptops, smartphones, tablets and Internet of Things devices.
For more details:
SonicWall TZ is ranked 11th in Firewalls with 36 reviews while Zscaler Internet Access is ranked 2nd in Secure Web Gateways (SWG) with 7 reviews. SonicWall TZ is rated 8.4, while Zscaler Internet Access is rated 8.8. The top reviewer of SonicWall TZ writes "Easy to implement, fairly stable, and supports SSL-DPI". On the other hand, the top reviewer of Zscaler Internet Access writes " AI decision-making on quarantined documents reduces manual work". SonicWall TZ is most compared with Fortinet FortiGate, Cisco ASA Firewall, Sophos XG and Meraki MX, whereas Zscaler Internet Access is most compared with Cisco Umbrella, Netskope CASB, Prisma SaaS by Palo Alto Networks, Microsoft Defender for Cloud Apps and Palo Alto Networks WildFire. See our SonicWall TZ vs. Zscaler Internet Access report.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.