When we first tested the serial interface on our model, it did not work.
It should be easier to escalate support tickets.
When we first tested the serial interface on our model, it did not work.
It should be easier to escalate support tickets.
There are a lot of features that customers do not know about and I think that better documentation would help when it comes to learning how to use the product.
Technical support could be improved by adding local engineers.
Juniper support is very good. But more than the technical support, their documentation is awesome. You can just Google a solution right now by stating your problem. You get into the juniper.net and there is wonderful documentation. As a technical person, I have never seen any technical documentation that is as good. I would say it is awesome. Any person who has an interest to learn, who has the interest to scale his capability with the product, just has to go to the Juniper site and they will get all the information on every one of their products. I think that it is written well enough for a non-technical person to become technical.
They have different levels of training available. They make it very easy and available for anybody to explore the solution. There are knowledgeable people available in the technical community. It is a very good solution overall.
Juniper supports their products very well.
The most valuable feature is the support.
Our operational team handles the solution more than I do. I personally haven't seen any features that are missing per se.
The solution isn't very granular or detailed. However, we're just using the basics anyway.
The product could have a quicker response when it comes to technical support getting back when we have questions.
I have reached out to Juniper tech support a couple of times. I recall the experience being good. I got the answers I needed. I've used technical support from Sophos and Cisco in the past, and in comparison, I find Juniper to be quite good. I'd say we are satisfied with the level of support provided.
The reliability needs to be improved. We purchased three devices and all three have been replaced under RMA. We've had other problems where they have needed to be rebooted.
A couple of times I've run into the problems where they have to integrate with other systems. The Juniper support really doesn't have a clue about other systems. They know Juniper and if everything is Juniper then it's great. However, we have Windows RADIUS Servers and I need Juniper-specific settings for them. Unfortunately, they're having a real hard time telling me what those should be, and they keep referring back to it being Microsoft, which they don't support. When they say that I need to speak with Microsoft, I remind them that these are things that are defined in the Juniper configurations that I need to set up. They seem to forget that not everybody is exclusively Juniper.
It was very difficult to deal with and required a lot of support, and the UI is very poor.
I didn't like this product at all.
We faced many issues with the power supply causing many outages with this SRX box.
We experienced outage issues when load-balancing between two availability architectures, which had an effect on the availability.
Once we started to deal with this solution, it was very difficult to troubleshoot. It was not straightforward at all when comparing to Cisco.
We always had support tickets. More than 50 tickets per month exceeded the SLA by more than two weeks.
Better support is needed.
In the next release, this solution needs to be stable, offer better support, better pricing, and less expensive to migrate.
The technical support is a lot better because when we log a case, they respond.
The solution works very well in small offices.
The CLI works perfectly.
Technical support has been very helpful overall.
They offer very good administration capabilities.
They have technical support over the phone as well as the online ticketing system and that has worked out pretty well. They have been able to solve problems for us, although I do not know all of the details because we direct our clients to them. When our clients get in touch with customer support to resolve their issues, they share the information with us later.
Since COVID, the tech support is not much good. You have to wait a long time. For example, if you open up a case, you don't know how much time it will be before they come and if the person opening the ticket is even experienced.
I think technical support is good.
We have premium support from the company and we provide support to our customers.
We had to use the support in a couple of instances. When we have used the support, it was good. They were responsive and able to resolve our issues. There is also some community support online that I have found to be helpful.
Support is good. We speak to them quite often.
It is a complete security bundle. The cloud-based Sky Advanced Threat Prevention feature is very valuable.
I am 100% satisfied with the performance of the Juniper firewall. It has a very good throughput. It works very fine. We use our firewall as a site-to-site VPN or Software-Defined Wide Area Network (SD-WAN). In both cases, it has a very good and optimum performance.
Their service support is very good in India. I get really good support from the Juniper team.
I have never needed to contact Juniper technical support.
The dashboard is very helpful. It's extremely useful in terms of putting the necessary policies in place.
I handle the operation part. I'm just putting policies, et cetera, on Juniper. For tasks such as those, it is very easy and it is a comfortable, straightforward process.
The solution has proven to be quite stable.
Technical support has been quite helpful.
Its stability isn't bad. In two years of supporting this device, I had only one issue. I had an incident when one of the SRXs in a cluster couldn't learn ARP, and the request didn't move between cluster units. I had to fix this manually, which wasn't really cool because I had to get up in the night because of this incident.
Technical support is brilliant, but I guess you have to pay for it.
We have worked with the solution for a while and therefore have become quite versed in it. We're comfortable with its tech and have a good understanding of how best to use it.
The initial setup was easy.
In terms of usability, there are good forums on offer and they've got a lot of technical documentation for everything.
Technical support is good. They quickly respond, and they even have local help here. They can actually give you an answer very quickly.
The solution has been stable over the years.
The solution can scale very well.
It's quite a user-friendly solution and I find it to be easy to navigate.
The initial setup is very easy.
The stability has been quite good.
Technical support has been quite helpful.
The pricing has become very reasonable and we find them to be competitive.
The support could be somewhat improved with Juniper.
The reason that we picked Juniper SRX is for the scalability, the fit for purpose, the tools that are available, the ongoing support, and the ability to monitor, but particularly for the virtual routers in our data centers so that we can quickly upscale them when needed, when we need more throughput.
The solution is mostly stable.
We get technical support via the reseller, and they are very helpful.
You can scale the solution.
The solution works well for larger organizations.
I would like to have a better web UI for administration. Juniper could simplify the web UI and make it more compatible with mobile devices. In particular, I'm thinking about our remote offices, where we don't have dedicated IT personnel. Let's say someone from the office staff was working via smartphone. If the web UI were more compatible with mobile devices, the administration could manage IT support from a team that is not in their location. It would make it simpler for small companies to deploy these devices. I also think the documentation is lacking.
We connected with tech support seven or eight months ago. We got good support and a good response.
We are a financial institution and we use Juniper SRX routers to support our credit team, as well as our branch network. I am part of the IT department.
Juniper SRX lacks scalability. Juniper uses a switch car with different switches. We have some difficulties managing this kind of equipment and implementing some features, like Mac lock and Mac limiting solutions. It's difficult to get good support about this from Juniper. We have about 10,000 users across all routers and switches. I can say the same for FortiGate. We're currently using it extensively for all traffic, and we plan to expand usage.
We had a situation where our network was down and the telecom providers at Cisco support helped us to resolve those issues. The downtime was brought down to a minimum.
We are getting the best support from Cisco and we are not getting the best support from Palo Alto.
All the features are very valuable.
Among them is the integration for remote users, with AnyConnect, to the infrastructure. All the security through that is wonderful and it's very easy. You connect and you are inside your company network via VPN. Everything is encrypted and it's a very good solution. This is a wonderful feature. You need to make sure your machine has the profile requested by the company. That means having the patches updated. Optionally, you should have the antivirus updated, but you can decide whatever you would like in order to enable acceptance of the end-device in the enterprise network. That can be done with AnyConnect for remote/satellite users, or with ISE for local users.
The intrusion prevention system, the intrusion detection, is perfect. But you can also integrate Cisco with an IPS solution from another vendor, and just use the ASA with AnyConnect and as a firewall. You can choose from among many other vendors' products that the ASA will integrate with. Now, with Cisco SecureX, it's much easier than before. Cisco used to be completely blocked from other vendors but with SecureX they are open to other vendors. That was a massive improvement that Cisco probably should have made 10 years ago or seven years ago. They only released SecureX three or four months ago.
Cisco ASA also provides application control. You can block or prevent people from going to certain applications or certain content. But the ASA only acts as a "bodyguard." It doesn't provide full visibility of the network. For that, there are other solutions from Cisco, such as ISE, although that is more for identity. Stealthwatch or TrustSec is what you need for visibility. They are both for monitoring and providing full visibility of the network, and they integrate with ASA.
Also, all of Cisco's security products are supported with Talos. Talos is in the background, handling all the improvements, all the updates. If something happens in Australia, for example, Talos will be aware of it and it will update the worldwide Talos network for all Cisco products. Within two minutes or three minutes, worldwide, Cisco products will be aware of that threat. Talos belongs to Cisco. It's like a Cisco research center.
Technical support is a very strong point in Cisco's favor. I would rate it very highly. The support is excellent.
When it comes to Cisco, the price of everything is higher.
Cisco firewalls are expensive, but we get support from Cisco, and that support is very active. When I hit an issue when I was configuring an FTD, as soon as I raised a ticket the guy called me and supported me. Cisco is very proactive.
I had the same kind of issue when I was configuring a FortiGate, but those guys took two or three days to call me. I fixed the issue before they even called me.
Given that we have been upgrading with Cisco firewalls, I would say that our company has seen a return on investment with Cisco. We would have changed to a different product if we were not happy.
The response time from the tech and the support we get from our partner is quite good. We have never struggled with anything along those lines, even hardware RMAs. Cisco is always there to support its customers.
I haven't worked with Cisco's technical support. We haven't had real issues with these firewalls.
We are satisfied with technical support. They are good.
We have contacted technical support for some issues outside our technical expertise, mostly for updating the license.
We have a team that handles our issues.
We've been in contact with technical support on multiple occasions and each time we've had a good experience. We're satisfied with their level of support. They are fairly good.
Cisco's support is great.
For experienced users, they are pretty much able do anything they want in the interface with few restrictions.
The command-line interface is really useful for us. We script basic installations and modifications through the command-line, which is considered sort of old school, and yet it allows us to fully document the changes that we're making due to the fact that we can save the exact script that was applied and say, "Here are the changes that we made."
We can have less experienced people do initial takes on an install. They can edit a template, and we can have a more experienced person review the template, and then apply it, and we don't have to worry about whether anyone inexperienced went into certain corners of the interface and made changes or whatever.
Everything is all documented in the file or in the command line script that gets uploaded to the device. It gives us great visibility.
The security the solution offers is very good. Security-wise, it's the top in the world.
The product has excellent technical support.
The user interface is easy to navigate.
Everything is user friendly.
The tech support is good. The documentation is verbose almost to the point of being confusing if you don't know what it is you're looking for.
It's only confusing if you have somebody who is not familiar with it. They give you every option in great detail, so you can spend time searching through a manual that you might not otherwise. Here's an example: take Sophos or SonicWall — let's say the manual for SonicWall is 25 to 30 pages; that same Cisco documentation is going to be three times that size or more.
It's not that it needs to be simplified, the people using it need to be knowledgeable. It is not a novice box, we'll put it that way.
Cisco is powerful when it comes to detecting intrusions. It's better than, for example, Fortinet.
Cisco has multiple products - not just firewalls. The integration between other items provides a powerful end-to-end solution. It's nice and easy. There are one management system and visibility into all of the features. Using the same product is more powerful than using multiple systems. Cisco is known by most customers due to the fact that at least they have switches. However, when clients say "we need an end-to-end option" Cisco is there.
The stability is very good.
Technical support services are excellent.
The configuration support is very good. You can find a lot of configuration samples and troubleshooting tips on the internet, which is very good.
The technical support is definitely very good.
Cisco's technical support has always been excellent. They have great support.
When we need assistance from technical support, we typically deal with the team in China. They've been very good. Whenever I have a problem, they can resolve it. They are knowledgeable and responsive. We're satisfied with the level of support we get.
The technical support is with our solution provider. I would say that it's average, rather than very good.
We get our support from the resellers, not from Cisco.
Technical support is fine, we have no issues.
Firewalls are about blocking. ASA is for blocking, but it does not have the intelligence like Fortinet to detect attacks. If I could use ASA to detect attacks, maybe we could buy another service from Cisco although it's very expensive. I would choose Fortinet, but my clients like ASA support. I prefer Fortinet because Fortinet has a UTM and it's a good firewall.
We don't have Cisco support because these models are excellent.
Technical support is perfect.
I manage it myself. If I can't, then I get somebody else. I don't have any support from Cisco.
Cisco technical support is good.
I've never dealt with technical support yet. I can't speak to their level or response or their knowledge of the product.
We have not contacted technical support because we have not had any issues.
Technical support is good and we haven't had any problems with documentation that is provided.
In general, we support more public fiscal entities. Most of them are quite sizeable at 5,000-6,000 employees. We use it mostly for remote access.
I have been auditing their partners in Bulgaria and I am in contact with them on a regular basis. I have not had any real issues with my equipment but overall, I think that the support is perfect.
Technical support could be improved, they take a long time to respond.
I'm satisfied with their technical support.
While I've dealt with Cisco technical support in the past on other solutions, I have not contacted them in regards to this specific product.
That said, my past experience with Cisco technical support has been very positive and I found them to be very helpful in general. I just can't speak to this specific product.
The support has been great and responsive. Most of their engineers are very professional and knowledgeable.
Technical support provides us with good service.
The software itself is very simple.
The solution is easy to operate. It's not overly complex.
The command line is the same as it is on the Cisco iOS router.
The technical support is very helpful and responsive.
We use third-party technical support that's offered and we're quite satisfied with the level of attention we receive.
Support is not a requirement. In the whole industry, there are a lot of Cisco-trained personnel that we can actually seek advice from. There's not much leveraging on the Cisco support so far.
If our clients need support, we provide it. Support is not cheap. Sometimes a device will go out of warranty, but the customers are not willing to renew the support contract. Of course, there are a lot of cheaper alternatives. In Singapore, a lot of companies outsource support. Most of the time we go through third-party companies instead of Cisco directly.
We faced some issues, but I don't deal with these issues. My colleague interacts with them, and it seems it is not that easy. Cisco is a large company, and sometimes, it is not easy to get quick and very efficient support.
Cisco technical support is one of the best around. They have the most advanced and most experienced level of tech support I've been in contact with. Whether it is a hardware or software issue, the tech team can support you and help. They are very helpful and knowledgeable. We are quite satisfied with the level of support on offer.
We have had no issues with technical support.
Netting is one of the best features. We can modify it in different ways. Site-to-site VPN is also an awesome feature of Cisco ASA.
The biggest advantage of Cisco products is technical support. They provide the best technical support.
I have interacted with them many times. I have been on a call with their technical support continuously for 48 hours. They were very prompt. In terms of technical support and documentation for switching, firewall, and routing solutions, no one can match Cisco.
The solution can allow and block traffic over the VLANs.Some of the unauthorized actions and malicious traffic can also be blocked effectively, as we are following PCI DSS compliance. We are a card industry. We are using cards as a payment method, and therefore we need to follow the compliance over the PCI DSS. That's why we chose one of the best products. ASA Firewall is very secure.
It's always easy to integrate Cisco with the same company products. If you are using other CIsco products, there's always easy integration.
Cisco is one of the most popular brands, and therefore the documentation is easily available over the internet.
They are best-in-class.
The remote VPN feature is one of the best features we've found.
We like that there is two-factor authentication on offer. We can integrate a Google authenticator with Cisco ASA so that whenever a person is logging on to any network device, they need to enter the password as well as the security code that is integrated by Google. It's a nice added security feature.
Cisco ASA provides us with very good application visibility and control. The Cisco CLI command line is one of the easiest we found on the market due to the fact that the GUI and the user interface are very familiar. If you're a beginner, you can easily access it. There's no complicated UI.
When compared to other products available, the cost is pretty similar. There's no big gap when you compare Cisco pricing to other products.
There are multiple features in a single appliance, which is quite beneficial to us.
Support that is on offer 24/7. Whenever we face some technical issue, we can reach out to them easily.
We have not had any security breaches.
They provide a helpful feature that allows us to configure email.
We are getting a lot from the appliance in real-time.
The technical support has been excellent. When there have been any issues, they've always been there for us.
The support of this solution is very good.
I don't directly deal with technical support. Typically, that's something that others on the team deal with. We have our own team within the company that, if I run into issues, I would reach out to first. I can't speak to how helpful or responsive they are. I've never had a chance to contact them.
Its licensing cost and payment model can be improved. Cisco doesn't provide training and certification for engineers without payments. Other companies, such as Huawei, provide the training for free. Their subscription and licenses are also free and flexible. Other products are breaking the market by providing such features.
It doesn't support all standard interfaces. It is also not suitable for big companies with high bandwidth traffic. Its capacity should be improved.
Other products are becoming easier to access and configure. They are providing UI interfaces to configure, take backup, synchronize redundant machines, and so on. It is very easy to take backup and upgrade the images in those products. Cisco ASA should have such features. If one redundant machine is getting upgraded, the technology and support should be there to upgrade other redundant machines. In a single window, we should be able to do more in terms of backups, restores, and upgrades.
We definitely got a return on investment with Cisco ASA. We have been using it for eight years, which is a long time for IT. We only had one capital expenditure. Apart from that, there were no other costs or unexpected failures. It supported us for a long time.
We provide IT solutions. We provide solutions to our customers based on their requirements. We support them from the beginning and do the installation and configuration in the head office and front office.
We installed Cisco ASA to support a customer in a WAN environment. They used it for site-to-site VPN and remote VPN. They used it for accessing remote office locations via the remote VPN feature. They had Cisco ASA 5500.
I have not contacted technical support. There is a lot of information on the internet for troubleshooting. All you need to do is use a search engine and you will find the information you are looking for easily.
They can improve by adding a public troubleshooting process.
I have not worked with Cisco support for this firewall.
Partner support is very good.
FortiGuard Service is also good with the push method update.
Good VPN, both IPSEC and SSL (web-mode, tunnel-mode). An engineer/network administrator has tools to debug VPN issues that can occur during tunnel setup with other vendors' equipment.
SD-WAN feature at no cost. This is really great feature for remote locations (branch offices) and HQ, application steering between many ISP links becomes a simple task. Steering can be done dynamically by measuring link quality (latency, jitter, packet loss, available bandwidth).
Wi-Fi and Switch controller at no cost. FortiSwitch and FortiAP can become a kind of port extender of the firewall, all its ports can be referenced in firewall policies. When you have such management plane consolidation it gives you a simpler way to operate.
Security Fabric Framework is helping in analyzing sudden and rapid changes in whole infrastructure, and gives the ability to simplify daily operations (e.g. address objects synchronization between all firewalls in Fabric, estimating overall security rating, single-sign-on for admin access and many more)
Single Sign On support with deep LDAP integration (several variants for environments with different scales), RADIUS authentication.
Can work as transparent and explicit web-proxy, the last option supports Kerberos authentication which requires no agents installed on any windows server.
Human readable firewall policies with editable security policies and
addresses in single page. This is very useful and time saving feature.
Firmware upgrade process is very simple, even for cluster configurations it is fully automated by default.
Straightforward SNAT and DNAT; you may work in two ways: with Central NAT rules configuration and by applying translation directly inside firewall policies.
Bulk CLI commands are uploaded via gui in script file (portions of config file).
VDOMs are very useful when you need to grant admin role to clients separately. VDOMs in FortiGate can be represented in FortiAnalyzer's ADOMs (administrative domain), which can have different log storage policies, event handling and alerting configurations. You can create one VDOM working in NAT/Route mode, and another VDOM working in Transparent mode.
If you don't want to create and use second VDOM you can still transparently inspect traffic at layer 2 level while having only one VDOM in NAT/Route mode. This is achived by configuring Virtual Wire Pair ports that work like a separate bridge.
Ability to capture packets going through any interface of device (and VM too). You can set number of packets, filter out packets by IP and port number for particular troubleshooting purposes, then download a .pcap file from web gui and analyze it in your favorite programm.
Advanced routing (RIP, OSPF, BGP, PBR). It gives you a seamless and simple integration into a large network.
IPS, AV, Web Filter, AppControl profiles are working very well.
SSL Inspection and CASI (Cloud Access Security Inspection) profiles.
Rich logging options allow you troubleshoot most problems.
Straightforward HA with different redundancy schemas.
The support is very good, and we have had no issues.
We are managing FortiGate using a FortiManager and it needs improvement with respect to the ease of administration tasks.
There is a lot of improvement needed with SSL-VPN.
Technical support could be improved.
To the best of my knowledge, Fortinet does not have a CASB solution and Fortinet does not have a Zero trust solution. Fortinet claims to do everything Zscaler is capable of and I'm looking for a comparison between the supported features.
We have been in contact with technical support and I find them to be good. We've had no issues with them.
We were not getting proper support from Fortinet. That's the reason we had to phase out FortiGate.
We are satisfied with technical support. We have not had any issues.
I personally prefer pfSense as it's open-source and you only have to pay a minimal fee for support. But for people who want that platform, I think it's a great solution. If I wasn't using pfSense, I would definitely go with FortiGate.
The two products are completely different. If you're using pfSense, you're basically using the entire open-source world — so you're based on FreeBSD, you're using Snorts, everything is open-source. It's very easy to make modifications and to figure out what's going on. You're not dependent on your single company's documentation, there's a huge user base. It's very easy to modify and extend. You can see what's going on — it's very transparent in that sense. It's probably a little bit more manual. With pfSense, You have to put in a little bit more effort to get things done, but, in the end (aside from the huge cost savings), you get all the features that are available in an enterprise firewall for just the price of support, which is also very minimal.
If you need to make any tweaks, you can do it all yourself. If you need to tweak ciphers for SSL for compliance (for PCI, for security compliance) it's not a difficult thing to do; it's a fairly trivial task.
I would like to see a more intuitive dashboard.
Technical support can improve in knowledge sharing and they can implement better.
The dashboard appearance needs to be more refined. It has to be smoother and more customer-friendly.
As the cloud is more prominent and more are moving towards the cloud, people are used to certain ease of doing things, and less complicated.
I understand that a firewall is a technical product, but we can try to make it a better customer experience which will increase usability with good results.
The technical support is very good.
Most of the time, whenever a ticket is opened and we reach out to support on behalf of our customers, they offer good advice and are very responsive. We're satisfied with the level of service we're provided.
We contact technical support almost daily. They have good support.
We haven't really faced any technical challenges. We just install it and it runs perfectly. Therefore we don't really have any experience with technical support.
We find it's good for managing the network and offers good defense against attacks.
Technical support is great. It's really fast.
Overall the solution is pretty user-friendly. It has a good dashboard and is pretty easy to navigate.
The pricing is excellent. It's much less expensive than Cisco.
If it would integrate everything in one place then it would be an improvement.
I wanted to buy some switches and integrate them into the system, but we couldn't find anyone here in Israel to provide them or to provide support. Also, we could not get a replacement if something needed to be replaced.
We wanted to use one vendor to do everything from one managed central management point. It may be something they offer now, but I am not sure.
It would be helpful if we can have one easy place to manage, or from the cloud to all the devices that are at the client's location. This is the backbone, the switches, the access points, FortiGate, everything.
Sometimes you do need to know some CLI commands, so it's a bit harder for technicians or new people that don't know it.
So, if you could do everything without that, it would be much easier when you do V-LANs.
We have a partner that we work with. We have support at another level and I'm the primary person that looks after the firewall. If I have an issue that is urgent and I don't have the time to do the knowledge base to actually turn it around, we usually engage our partner, which has engineers that have the knowledge necessary to deal with it and who are certified in FortiGate.
We have what is called FortiCare. We have FortiCare support as well for firmware and general updates and all those other things. I normally do updates and so forth myself. It's very little intervention from outside technical support.
There are a lot of known issues in some newer versions of the FortiGate operating system, so there is room for improvement with that. One of the problems I was having was with user mapping, and it is an issue for which I have escalated tickets with Fortinet support.
Having the newer features work in the older, more stable versions of the product would be great. Some of the new features might really help a lot, but there are problems with stability.
The technical support is very good. We're satisfied with their level of support. They are quite responsive and knowledgeable.
The scalability depends on the design and how it was done. You have to think about the next five years. We get lots of new updates on the older versions and if the product is still in support then the new features will be included.
Their technical support is good.
We didn't need to contact technical support very much. We had a local partner and if there were problems we contacted them directly.
There are some problems that support cannot give you a logical reason as to why it happened. For example, I had a case where I was dealing with a WhatsApp application that was giving issues. Technical support gave more than one reason it could be giving issues, but none of them solved the problem. Eventually I solved the problem, but it was far from the solutions that support had given.
Their support is good. They are experts.
Technical support is okay. They could be more knowledgeable and faster.
Technical support is a local vendor. We are satisfied with the support that we have received.
We have not contacted technical support. We have been fortunate in that we did not have any issues that needed it.
The technical support is very good. We're quite satisfied with the level of support we receive. We find them to be knowledgeable and responsive when we have issues.
I don't have any experience with their technical support. My partner contacts them for me.
We have a standard build. We give the client the laptop, and, especially with the pandemic, we send them home with the laptop or FedEx the laptop already configured, and the user is ready to go.
I don't even need to know the client's password. I can just install the software and create a profile. The client fills the profile in with simple instructions, types in their password instructions, and connects it and they're good. It's really simple.
That's why we have standardized recommending Fortinet. That doesn't mean that I don't support other solutions as well, however, the device that I like the best is the one that's easy to use for me and it's easy to use for the clients. The price point is not bad as well.
I have never had to contact customer support. We have a team that handles all of the troubleshooting; however, they do provide excellent documentation.
We used a different party for support — they were pretty good.
I don't like that anything more than very basic reporting is not included. You have to buy their cloud module that's an add-on for getting more customized reporting.
It has just about everything that we are looking for and the customer is needing. It's just the reporting part that is lacking in the base application.
Technical support could be improved.
The technical support is good. We rely a lot on the documentation which is a good standard.
Technical support is good but the response time could be faster.
When it's overloaded, it works slower and overheats.
The data analysis could be improved.
The support could be improved upon somewhat.
The performance could be a bit better. Right now, I find it to be lacking. Having good performance is very important for our work.
The command line operation is a bit out of our depth.
The cloud management should improve. There are other manufacturers that have better management cloud solutions. Aruba, for example, is very good at this aspect. Fortinet could look to them as a model of how to do something interesting with management solutions.
Fortinet across the board needs to improve the LAN aspect of their products.
The solution lacks multi-language support.
They could offer access points to small companies and firewalls at those access points. Aruba, in that sense, is much better for smaller organizations as they provide this possibility.
I never had to deal with technical support directly, but I've never heard the guys complain about it.
Technical support, by and large, is very good. Fortinet has a very fast response time for their support tickets. It doesn't matter if the help is coming from the local distributor, or from web support. I don't face any problems with their level of attentiveness. I'm quite satisfied.
I haven't reached out to technical support and therefore can't speak to their level of responsiveness.
We have premium support from Fortinet and it is quite good.
In terms of what could be improved, the FortiGate support could do some improvements on their IPv6 configuration. Right now it's still in the very early stage for utilizing in an enterprise level network environment
In terms of the FortiGate IPS, we haven't gotten additional tools because they are not free, and we have to purchase them to maximize this IPS feature. As long as they can perform some basic functions to meet our business needs, that is okay. I'm okay with this feature right now, so far.
In the next release of FortiGate the price could be better.
Technical support is acceptable, and they're good in terms of local support and global support. If they cannot resolve the issue they will pass us to another level of support.
I'm not sure if the solution is really lacking anything major. For us, it works okay.
They seem to have made a lot of improvements since the last release.
Technical support could be better. You don't always get the level of help you need right away.
I think some improvements could be made in vulnerability scanning. I'd also like to see additional features in the authentication. They support RADIUS, LDAP but the solution doesn't have API integration with other solutions. They have API in FortiAuthenticator, but not in the firewall and not all customers want to buy another solution.
Their technical support is very good.
Every time we've had to open up a case or get their help, if we surpass that person's ability, it gets escalated right away. So it's very good. It usually gets resolved within a day or two.
I have never used technical support from the vendor.
The support structure needs to be improved because every time we contact them, there is a delay in the response.
The support is the main thing that needs to be improved.
We utilize the services to ensure the stability of our network and clients protection from external treats. With the recent pandemic mobile working have increased in demand and Fortinet have easily bridge that gap to continue to support employee needs.
We had some issues with the local support, particularly with regard to purchasing the subscription. It took a very long time and at one point the license had expired and it took a while to sort out.
I haven't worked with the technical support. I did face some admin problem with the team here in Egypt.
Customers are more inclined towards FortiGate because of application control, web filtering, and anti-spam features. The support from the FortiGate team is good, and price-wise, it is affordable.
The solution is very, very easy to use.
The user interface is very nice.
The product seems to offer pretty good customization.
The configuration of the product has been very straightforward and simple.
The reporting on offer is quite good.
The initial setup is straightforward as well.
We've found the pricing to be pretty good.
Technical support from the partner has been very helpful.
Usually, we have our maintenance plan once a year, like a power-down test and things like that. But I'm not sure whether we have a contract with a partner company to do that or not. I believe our network engineer department may have used Fortinet technical support, though I have not received feedback on it.
The solution has a very good set of rules.
The customization potential is quite impressive. It can be customized based on our licensing contracts.
The initial setup was pretty simple. We didn't find it to be overly difficult to execute on.
Technical support is rather helpful.
We find the stability to be pretty good.
We didn't have any trouble setting up the solution.
We find the pricing to be fairly good.
I haven't used their official tech support, which is actually a good thing. The reason I haven't used their official tech support is that they have a support mechanism in place. I have direct access to a local sales engineer, and when I have problems, I call him up on the cell phone. Based on that, they definitely support their partners 100%. They are definitely channel driven, and it shows.
Fortinet FortiGate offers good technical support services.
I haven't really dealt directly with technical support. Once, when I ran into an issue, I spoke with my local partner. Other than that, you can find the answers you need via the help navigation.
Therefore, I can't speak to the helpfulness of technical support. I can't speak to whether or not they are responsive or knowledgable.
I have been satisfied with the help I've received from my local partner, however. They've been quite good.
The support is they provide is good.
What I like the most is the configuration and that it's simple, and straightforward to maintain.
The UTM configuration on-premises is straightforward and simple to use.
Support is good and the interface is simple and intuitive.
We have been in contact with Fortinet several times and the technical support that we have received is absolutely fine.
Technical support needs to be improved.
The solution isn't really lacking features per se.
The product does need better support in the cloud environment. It's not exactly cloud-native right now.
We're worried that the scalability isn't as good as it could be.
The solution has many valuable features. We tend to use all of them.
The initials setup is pretty easy.
The solution offers very good documentation.
The solution can scale well.
We've been happy with the technical support we receive.
The product is reliable and stable.
The Fortinet support needs improvement and also the quality control of the firmware (there are a lot of bugs)
The technical support was quite good.
I've never contacted technical support. Having never dealt with them, I can't speak to their responsiveness or knowledgeability. I don't know enough about them from any kind of personal experience.
Technical support agents are really responsive. They are a small company, but they are providing high-quality technical support every time we contact them.
Our primary use case of this solution is for the firewall and IPS; the security on behalf of our network, to support north and south traffic. We are customers of Fortinet and I'm a systems engineer.
We have not needed any technical support for the Fortinet FortiGate service.
Whenever there's an issue and we contact support, the response is positive. The support is impressive.
The web filtering facility and application control are the most valuable features from the point of view of our clients. The VPN feature is also quite popular amongst our clients. Two-factor authentication is one of the good features in Fortinet. These features are important for the current scenario of security. Security has become a necessity nowadays. With cyber-attacks becoming more common, protecting an organization's data is one of the major tasks.
It is also very stable and scalable, and it is very straightforward to configure. Their technical support is also good.
I only talk with people here in China that are the Chinese sellers or distributors from Fortinet. They are Chinese and I don't speak or understand one single character Chinese. So for me, it's very difficult to communicate with technical support. Most of the time, I let them talk with one of the people who I know who is fluent in English and Chinese. That's what I do.
Most of the time, I can do all the research on the internet to see what kind of device I need and then I get a translator and we figure it out.
Their technical service is quite good. The application notes and the help on the web are quite good.
I would rate technical support an eight out of ten.
Technical support was very good.
With only two people in the company, we haven't needed to scale. Our roles include software development and providing technical support for various clients.
Over the past two years, we really haven't had any issues that would require us to reach out to technical support. The user experience has been good. If we run into little issues, we may reach out directly to the vendors, however, I can't say that I've spoken with technical support. I wouldn't be able to evaluate their services or speak to their level of knowledge or responsiveness for that reason.
We don't have any experience with technical support. No problems have really presented themselves, and therefore there hasn't been a need to reach out at all. Therefore, we can't really speak to the helpfulness of technical support.
The solution is designed in a way to help you, the support is good.
The technical support could be improved. There is a long waiting time for a resolution.
Fortinet support is good. They resolve tickets relatively fast. So we've had no issues with that. And I don't know about other regions, but in my region, the salespeople working with Fortinet are strong. They're aggressively working on the sales part. So in the Pune region and the rest of Maharashtra, they're winning more contracts, and people are using FortiGate Firewall.
When we tried to find something better, our IT subcontractor recommended FortiGate or Stormshield. I tried to find a subcontractor at my location for both, but I could only find a subcontractor for FortiGate, so I chose FortiGate. I wanted to have a local subcontractor. There are some products for which we don't need local support, but for some of the products, such as a firewall, we prefer to have local support.
Technical support is quite poor, similar to Cisco. Technical staff are usually people that they've hired who are generally inexperienced.
There is always room for improvement on the solution.
Their client VPN is not always working that well, so on computers specifically that could be something to change.
It is pretty expensive, but I think all of the solutions are, so it's something that's expected.
There are some bugs that are in the program. Occasionally when there are updates, there's a bug or two that you might find that cause issues. There was a major issue for a while, and I don't know if it's fixed yet with a third-party VPN provider.
If you have another brand of VPN where you have to put an SSL VPN between two devices, Barracuda doesn't support that at a certain point. You can't actually build the VPN between Barracuda and a different device of a different brand.
Technical support could be more reliable and more professional.
I would like to see better support for switching between internet devices.
What I like best about this product are the support and the features.
I've used the technical support and they do a great job.
I think the technical support is very good, I haven't had any problems with them.
It is superb. They are really good, and the support is above the industry standard.
I have called their tech support a lot. They are great.
As the head of technology, I design networks and infrastructure. While designing the infrastructure, my concern is the security part, including the firewall. The solution has to be automated and I need to have proper support once I install the infrastructure. I need 24-hour support, which cannot be done on my side as my IT team is small.
The way Barracuda has helped is that, once I have configured a system, it is taken care of by the Barracuda support team. If anything goes wrong or I need any kind of support, I just call their support number and get 24/7 support. They call me back from this or that country, they take over the firewall, and they provide the solution. They are basically working as my extended support team. This is one of the advantages of Barracuda.
In addition, during the eight years I have been using Barracuda, I have had hundreds of thousands of attacks on my network and all of the attacks have been addressed by Barracuda with a proper solution for all of them. My network has never been interrupted, there has been no denial of service—nothing like that—for eight years. That's why I am loyal to Barracuda.
Overall, Barracuda has increased the speed and performance of the infrastructure by 15 percent. And it has decreased expenses in the sense that it is protecting my data. In the smallest network that we handle, the value of data per year is €20 million.
I haven't experienced many problems when dealing with the solution, so I don't know if there are areas that need improvement.
If a user doesn't have a large amount of experience in Linux systems, they will have problems using this solution. Users need to be highly skilled in troubleshooting competency. Users who do not have such skills will find the product difficult to use.
Sometimes if your network goes down, you might experience an issue on the captive portal. This may require a restart and it also may require that you load it again. I'm used to the system, so I know what to do, but it can happen from time to time.
It can be really easy to deal with Technical support. Technical support is avaible every time I call . But sometime if Technical support do not privide you the solution, so you should double check and solve the issue by your self.
The most valuable features are ease of installation and support.
Although the solution offers a lot of documentation, has a large knowledge base, and has a support forum, when it comes to actually contacting technical support directly, we didn't have access to that level of attention. Everything, therefore, was really on the team. We had to figure out how to troubleshoot on our own and tried to use documentation to guide us.
We've never used technical support but we're looking into it now and I think it's very comparable to SonicWall.
Given that the solution is a free and open source product, it doesn't have any technical support center. We just have the online documentation which is not one of the best, but it's good.
We've never contacted technical support int he time that we have used the product. I can't speak to any level or service they provide.
I do not have experience with technical support.
It would be ideal if the solution could integrate with Snort and OpenVPN.
The technical support needs to be improved.
The solution offers good value.
The captive portal on the product is excellent.
The solution has a very nice load balancer.
It's a good solution for end-users. It's pretty easy to work with.
The user interface is very nice. It's easy to navigate around the solution.
Technical support is very helpful.
Their technical support is excellent. They do have good support service. I don't use it because I've never had any problems with it, but the people I know who use it in bigger environments love it. You can even search their knowledge base and learn anything you want to know pretty quickly.
It's open-source. You can pay for support if you need.
One of the advantages of pfSense is that it is very easy to work with. It is a very good open-source solution, and it works really well.
pfSense provides a complete package. For some features, it could be the first solution in the world. It is a very good alternative in the market for a firewall solution. You don't need to go to Cisco or other brands with expensive firewalls. pfSense also allows us to offer some support services.
The tech support is excellent if you have a support subscription. If you didn't have that, you could be lining up for a while. It could be a hit or miss, whether you get someone that's actually going to help you.
However, we have a subscription and therefore our support is always excellent. We're quite satisfied with the level of service we're getting.
Their support could be better in terms of the response time.
Technical support is very supportive. When we are in contact with them, there is no problem at all.
The technical support is organized well. We do most of the technical support for our customers in-house but there is a second level of outside support available. It is okay.
Technical support is well organized. Most of it is in-house, but in the case there's also a we have access to a second level if necessary.
The pfSense page, community support, and YouTube tutorials are good.
While the websites and forums are excellent, we don't have any dealings directly with technical support. Therefore, we can't speak to how they are in terms of their responsiveness or knowledgability.
The support is good when comparing to other solutions.
I think the documentation is good enough because I've never had the need to contact technical support. I just use Google to get the information that I need.
With pfSense, we've never had to send an email to a Netgate official support organization. We follow the forum discussion — the community. We'd ask an expert in the community. That's how we deal with any issues.
Scalability-wise, it's great. Often, we need to research and assess the size of an appliance in order to understand what kind of environment the firewall is going to protect. From here, we have the possibility to do an upgrade depending on the type of model.
There is the option to have a firewall that is entry-level or a firewall that supports a huge internet service provider. We have many solutions that we can apply to our customer's environments, but first, we need to do these assessments in order to help us choose the right appliance. One appliance simply can't be upgraded to cover this entire spectrum of needs or the size of demand. This is why we must perform these special assessments.
With what I am running now, I haven't had to reach out to technical support. However, an upgrade failed two years ago and I needed to contact technical support to get me the new image for the device. They were very efficient. I was satisfied with the level of support I received.
We have used technical support in the past. They have always been very helpful and responsive. They are knowledgeable. We have no complaints. We're quite satisfied with their level of service.
I found the technical support of the solution to be not very good at all.
We've never had to use technical support. Therefore, I can't speak to their level of knowledge or how helpful they are. We've always just been able to find the answers we need without their help, and therefore have never really had to use them.
I never had to contact their support because everything has been working fine.
The technical support was good in my experience.
The solution is free. However, you need to pay for support.
Most of the support is online.
We do a lot of reading, and if there is any support or suggestions we quickly do it.
We have not contacted them directly.
They have a lot of resources available on the internet that will guide you in finding your way around.
Highly it provide not only network security solution, it also supports the institution for network management. Additionally, we use for DNS server.
I don't have contact with technical support. If you have an issue, you can go to the online community and wait for someone to respond. There's no SLAs for that. The only way I would have access to their support is if I actually purchased a Netgate appliance.
They do not provide support in India.
The security could be improved.
I have not been in contact with the technical support because everything has been easy with the solution and there is clear documentation available.
I have not needed to contact technical support. I have not had any problems with pfSense.
I would like to see pfSense integrate WireGuard. Currently, pfSense uses OpenVPN, and there's nothing wrong with it, but WireGuard is a lot leaner and meaner. Unfortunately, it's not ready for pfSense, which is built on BSD, and WireGuard is not yet integrated with BSD. The issue is that pfSense is waiting for BSD to add WireGuard support. Once WireGuard is supported on BSD, you can bet pfSense will adopt it.
Technical support is perfect, excellent.
The user interface can be improved to make it easier to add more features. And pfSense could be better integrated with other solutions, like antivirus. For example, pfSense could add templates with firewall policies that a user can customize. I haven't tried to integrate pfSense with Microsoft Active Directory, but in Mozambique, we use many Kaspersky antivirus solutions. If pfSense integrated with these antivirus solutions, everything would be much more stable because most of the companies here have a different kind of security solution. Within a single company, you might find two or three different antivirus suites. So, for example, there could be an open-source solution that you get for free, but you can pay for the support if you want it. So for solutions like that, it would be great.
The solution could improve by having centralized management and API support online.
Technical support was through an online chat. I don't remember us running into any snags.
It would be great to add more to security.
I know that pfSense has a lot of features, but I don't know how to configure and enable them. That is why I am looking into my support options. I am looking for better security and performance.
We had one issue with hardware support. The department head who was managing the solution became the director of the company, but he still has administrator access. And usually, whenever a WAN goes down, we always have a backup, but the hardware doesn't support more than one WAN. And then, if he wants to switch, he doesn't know how to reconfigure it. So we have to wait for the ISP to resume their services, which is not professional.
Also, the GUI is helpful, but it's not user-friendly. It's complicated. It should be more intuitive for the average user and have an excellent graphical view. Of course, the user will typically know about network administration, but it still should be easy to understand. A user should be able to find the feature they're looking for easily, but pfSense isn't so good in that sense.
Their support is good.
Easy setup, good support, reasonable pricing.
It was chosen by an IT support company.
The most valuable features are security and technical support.
Sonic has been very progressive, continually updating their product-line and service offerings to stay current with, and ahead of the evolving security landscape. Again, they have consistently developed great solutions for both the SMB and enterprise market which has enable our support team to leverage their expertise with Sonicwall across our entire client base.
We are very much happy with the support.
We do not often need technical support, but it is available from the local distributor or through the SonicWall portal.
Once we moved the units up to the Gen 6 platform, they could support SSL-DPI. We are huge fans of the DPI. That piece is incredibly easy to implement. I'd say probably the most powerful thing about the solution is that coupled with the captured functionality.
We've never dealt with technical support. We've managed to handle any issues ourselves, in-house. I can't speak to the kind of service they provide.
Their technical support is good. For technical support, sometimes we write directly to SonicWall, and they provide the solution. We sometimes also contact our vendor for support.
We don't like the technical support much. There is a long wait time to get a response.
We use SonicWall for the connectivity it provides. We are customers of SonicWall and I work in network support.
The solution works very well.
They seem to be protecting themselves, or, at least, I assume they are, when they ask you to go online to enable the device.
The solution is easy to use. The actual setup is pretty easy.
I've found the technical support to be helpful. With all of the specifics, whether it's VPN stuff or the Analyzer products, et cetera, I'll always call for help.
I'm very comfortable with the product. I know enough to really get to where I need to be and then to get it right. For my customers, I can call and get help if I need to, and it's nice to have that option, however, I'm really quite comfortable overall with its functionality.
The technical support is not very good. There is a facility called Geofencing where you can block IP addresses or certain countries.
When contacting their technical support, the technical support said that such a facility is not available in this firewall.
Another issue we had with technical support was when we wanted all of our VPN users to be migrated from our old firewall to this firewall, but somehow, technically they failed to do it. We had to configure it manually.
The technical competency of technical support is a bit on the lower side.
Technical support is good. There is no need for improvement.
Their technical support is very good. I also like its documentation, which is easy to access.
Their technical support is good. They are very helpful. I would rate them an eight out of ten.
The stability could be a lot better. The SonicOS, which we were using, was not that stable. Sometimes it is not performing as expected as per the policies we have set.
The log, the logging capabilities, are not so good. For example, the logging for traffic logs was not being stored properly. The logging must support some storage space. If there is a storage device or storage mechanism within it we would be able to get the log easier.
For the SMV market, it's very nice support. We have no complaints. We're happy with the service they provide, especially at the price they offer.
The technical support is excellent.
The technical support is good. However, there is a language barrier because their support is based out of India and you cannot always understand the agent that you are speaking with. Sometimes support is outstanding, and other times you do not have the level of technical expertise that you need.
The web security and IPsec VPN are both valuable aspects of the solution.
The NAT policies and port forwarding are great.
We were initially actually using very basic features for my organization's requirements. It is a very simple model. There isn't much complexity to it.
It's been very easy to implement and deploy.
The solution is stable.
Technical support is perfect.
We've found the pricing to be pretty good overall.
Technical support is good. We have no issues with the technical support.
It is scalable. The entry-level companies are taking TZ 300, TZ 400, and TZ 600 from us, and they have 100 to 150 users. The bigger companies ask for the next-generation firewall such as NSA 2650 and NSA 3650.
We have about 50 customers who are using SonicWall. They include government organizations and corporates. We have lots of clients who have already taken SonicWall. They have the license, support, and subscription for two years.
Whenever I needed any kind of support, the local partner gave me the best possible support. Their support was extremely good.
Tech support is knowledgeable when it comes to clarifying a technical issue.
We don't use the technical support very often, but the last call I had with them, everything was resolved within the hour. I spent more time on hold than I did with the person. It was 15 minutes on hold, for 10 minutes to resolve the issue. Otherwise, it's great.
The support for SonicWall TZ is good.
We experienced a very good level of support from the vendor and they have assisted us in real time via remote session when needed.
Technical support is good, there is no issue.
The support is excellent
I never needed their support.
They have a good technical support. I have no problem with them.
Licensing fees are on a anual or monthly basis.
There are no additional costs. It is only about support and license fees.
During the Dell years, support was terrible. It has since improved.
Over time, this solution is becoming more complicated, and when I need support it often is not available. I would like U.S.-based technical support.
VPN functionality needs to be improved. As it is now, I need to combine another SSL VPN with my firewall. I want it to be done very easily.
We've never contacted technical support in the past. We go through our vendor. We don't call SonicWall.
Having to deal with too many lower-level people in technical support means that it takes longer to resolve issues, so escalating support tickets should be faster.
We are a solution provider and SonicWall NSA is one of the firewalls that we implement for our clients. I have implemented it for many companies and currently, I have four or five clients that we are supporting.
I have never called support. I only called when we first purchased it, if I had a question. I have not found any difficulties when contacting them, or just because I contacted only lower support. Then since it is a user-friendly solution, I didn't experience any problems with the device.
The technical support is great. I've never had an issue where I've needed to wait more than a few minutes for them to fix it.
Technical support is good and it is available online as well as offline.
The support that I get from SonicWall is good. They have supported us for more than ten years and we haven't faced any issues with them to this point.
Technical support is excellent.
The technical support is great.
Vendor support needs improvement. The frequency of time and support should be increased.
From a vendor perspective, we were expecting more support.
When we experience a technical issue, it should be rectified immediately. We are facing a delay with response and resolution.
I had to call support when one of my VPNs was failing. The VPN tunnel between two sites wouldn't stay up and they had us use a different security protocol.
They were very helpful. I found them to be quite responsive and knowledgeable. I don't think the problem with the VPN should have been there in the first place, however, that said, they did help us. I'd rate them, overall, at a nine out of ten.
It's very simple to use and the support is great. I am in India and they have a support office here. As a company product, SonicWall firewalls and their support has been excellent.
It's a simple, rugged product. When I say rugged, mechanically, it's a very rugged box. The same thing applies to Sophos also, it's also a very rugged box. It's rugged technology, it can take a beating and still be operational.
One of the greatest strengths of the SonicWall system is that they have multiple portals for multiple tasks, whereas all the other solutions have no single tool for doing multiple tasks. That has been one major advantage of SonicWall. Regarding the SonicWall box, you need to be capable of taking multiple loads compared to the competition. That's a very unique feature of the SonicWall system. They also have an antivirus solution that is tied to their system which is called SentinelOne.
The support is very good. The product is also very reliable. There are always new, frequent updates — nothing more or less. It's very flexible; it's ready to go right out of the box, unlike some other solutions which require a lot of training. The GUI is very user-friendly. Even if you've never touched a firewall in your life, with a bit of time and practice, you'll get the hang of it.
SonicWall has exceptional tech support. I would rate checkpoint support best, SonicWall next, and Fortinet would be third. I would give SonicWall's tech support a rating of 7.5 to eight.
The structure of dealing with them is good. Once you get through to a support person, the support is very good. But getting through, getting to the point where you have someone on the line can be difficult.
Overall, they're good at their job and they speak English.
The level of tech support varies: sometimes you get lucky and they're exceptional, and sometimes it's somebody that isn't that good.
The content filter needs to be improved. I would also like to see better application filtering.
When we are troubleshooting problems, we find that the logs we see are not sufficient. It makes it difficult to find out what the main issue is. It means that we have to search further or perform another test to see what happened.
Technical support is in need of improvement.
It is able to fulfill my requirements. It protects our network environment. It has control over IPS, signatures, and it can also manage bandwidth and mapping. It is also stable and has good support.
I have contacted their technical support, and I have received good support.
Customers usually had FortiGate or WatchGuard. Those are the two major brands that we have replaced with SonicWall.
SonicWall is being represented by us here in Panama. FortiGate is a very strong solution here in Panama, but we're trying to get them out of our way. Price is the biggest thing that we might use to replace them.
Support from the vendor is also a big thing here. WatchGuard has no representatives in Panama. They have no presence, so, it is very easy to replace them, but FortiGate is a difficult one to replace.
We did not require technical support.
I've never used SonicWall tech support.
I've never opened up a technical support case with the product. It's worked quite well, and we haven't run into trouble that would require us to reach out. I can't really speak to how helpful or responsive they are due to the fact that I have no experience with them.
We're not happy with the device itself. We're obviously moving away from it for a reason that they're a Swiss pocket-knife of devices and they do a lot. However, nothing is really done well. They don't specialize in one thing that they excel at. They try instead to do almost everything and end up failing.
We're not particularly fond of the way it generally performs. We are finding ourselves rebooting often. There are freeze-ups and that kind of thing. The stability needs to improve exponentially.
Technical support is pretty slow to respond and escalate matters.
The cost of the solution is quite high.
The solution could use an invisible DPI-SSL or something that doesn't require a certificate rewrite. Most of the other vendors are doing that now.
The SSL VPN performance-wise is terrible.
I had experience with support in the past and I found them to be helpful and responsive. I was very pleased with their level of assistance.
The technical support was very responsive.
We have regular contact with technical support.
When we send a support ticket, they respond to us within the day and resolve the issue.
They have a good response time.
I do have experience with technical support. The last time I interacted with them was fine. They handled and resolved my case.
The support of the solution has been good. We normally go through our partner support but if anything is outside the limits of their knowledge then it gets passed onto the SonicWall support.
SonicWall NSa has excellent support.
I didn't use support over the last nine years, except for handling the device replacement itself. I needed a device replacement due to some damage, and they fulfilled my request and requirements. In terms of tasks such as configuration issues, I've never actually asked for assistance for those queries and therefore could not rate how helpful or responsive they are when they cover those matters.
Level 1 and 2 support issues are handled by our in-house team, but for more complex, level 3 issues we utilise the vendor. The call response is great.
Their technical support is very good.
SonicWall support is good.
Their technical support needs improvement. I've been on hold with them for hours waiting for their support.
The cloud support needs to be improved. As it is, they only have support for Microsoft Azure. They should expand it to include providers like Amazon and Alibaba.
The main area that needs improvement is the documentation.
Sophos needs to be a little better at communicating with partners about changes, issues, patches, and so forth.
The weakest point is the technical support because they are difficult to get into contact with.
The technical support is awesome.
Our primary use case is as a firewall, failover management of the internet lines. We have over 50 people using the product on 200 devices and we use it on a daily basis. I'm an IT support executive and we're a customer of Sophos.
The technical support from Sophos is excellent.
The interface is great and easy to understand. Any firewall engineer who has medium to moderate experience on bylaws, can easily understand the UI. The language presented on various features and the in-built help, is very intuitive. If you have a problem you can figure it out there and then. As a result, there is less probability that we'll call tech support.
I have not been in contact with technical support.
I like the firewall, inbound, and outbound modules the most. The VPN feature also works well. It is very easy to configure rules in Sophos XG.
We have got local service here in Zimbabwe from Sophos, which is something that I like a lot. We have got good local support, and they come on-site when we have any challenges.
Sophos provides a lot of good training all around Zimbabwe. They are quite dominant here, similar to other solutions like Fortinet or WatchGuard.
Their support, we have a mixed review of it. It's good, but where it's bad, is because they're an international company that relies on many different continents to be able to get the support at different levels.
When we get into the people that are from India, that's where the support becomes not as efficient as we would want it to be. They have different rules of operating under and they don't show themselves to be flexible. Whereas where I am, currently I'm in Canada. When I speak to the support people within Canada, they're much more flexible when it comes to trying to follow us up on what we're trying to do and get the thing working. They're more flexible.
I have contacted technical support three to five times per year.
It's good, but I don't have many questions to ask.
We have received good support. For the small number of issues that we have had, we received help from IT. This included assistance with configuring some additional policies. Whenever we reached out to them, they were very prompt in terms of responding to us.
I have not had any experience with technical support.
I appreciate their support. Their support is good.
They have proper support in the technical point of view, and their English language is not clear. You know that they are not native English speakers. That's one of the things that I faced. But they have very good knowledge.
The support that we used was great.
We are satisfied with the technical support but having said that, we didn't need much support because the menus and all the online documentation is self-explanatory. There was no failure so we didn't have to actually log a call with Sophos.
The web application firewall or WAF is very useful. Web application firewalls help keep your servers safe from hackers by scanning activity and identifying probes and attacks.
Using the Web Application Firewall (WAF), also known as reverse proxy, Sophos
UTM lets you protect your webservers from attacks and malicious
behavior like cross-site scripting (XSS), SQL injection, directory
traversal, and other potent attacks against your servers.
You can define external addresses (virtual webservers) which should be
translated into the "real" machines in place of using the DNAT rule(s).
From there, servers can be protected using a variety of patterns and
This function has been completely re-developed in XG, relatively of the UTM-9 version, and it works fine. I protect many internet web servers (IIS) for my customers with this function, due to of a lot of attempted attacks. It's a very useful and relatively simple to implement in Sophos XG.
Obviously, like all security systems, it is not a "fire and forget" configuration. It is necessary to properly analyze the system to be protected, create an appropriate policy and monitor its behavior once activated.
The number of ports, especially on the entry-level appliances, should be increased.
The price of adding ports should be reduced to make it more competitive.
The vendor needs to create materials to show the differences between Sophos products and those from other vendors.
Network management needs to be included in the package.
As it is now, it only supports ten multiple users, which is something that should be increased.
Technical support is quite good. That said, we really haven't had any issues with the product itself.
In the Firewall, the Intrusion Prevention System can be improved. Now because COVID has come to stay, people tend to work from home, and cybersecurity has been on the high side.
It can improve more on the security aspect of this so that it can combat any major threat or common bug. I am not saying that the security has become compromised, as it is usually active, but they can improve on it.
Local and technical support can be improved.
When firmware updates are complete, there were issues with connectivity and VPN users. Recently, I stopped updating the firmware because I didn't want to obstruct the connectivity of the staff working remotely at different locations.
I have stopped doing any updates until the issue can be addressed.
Our experience with technical support has been positive.
We have support from the local distributor. We have rarely had the need to contact technical support but when we have, we have had quick responses from them.
Technical support could be improved, it's not great.
The first area that needs to be improved is customer support.
If I'm implementing a connection on the DMZ or WAN, I should be able to dive deep into the implementation, specifying what needs to be implemented or not. For example, I should be able to configure specific details for the DMZ, and not have to follow the templates that they provide.
We have had problems with the stability that affected business operations.
Our main use case of this solution is to support internal clients with virus scanning on laptops and on critical processors.
I have interacted with them a few times. I am very satisfied with their technical support.
Technical support for Sophos is very good and they have a big presence in South Africa. It uses something called Sophos Central, where support can fix the problem before you, as the user, actually finds it.
I think that the technical support is very good, and similar to FortiGate,
I actually dealt directly with a Sophos engineer and I must admit, they've been very fortunate that the guy can help even on the weekends and so forth. I'm very impressed with that.
I have not had any cases where I had to log technical support, but I believe it would be fast enough in case I needed to reach out to them.
I like their technical support. With Cyberoam, I remember the technical support used to work closely with us. They used to configure some features for us and help us resolve problems, but not just by email. They used to work with us and show us how to do it. I think that was nice, but in Sophos, they give us instructions and help us, but by email.
We rarely contact their technical support. There was a time when our head office contacted their technical support. It was an issue in 2008, and they provided a patch.
The most valuable aspects of the solution are the web-filtering and the application control.
The solution is stable.
We've had good experiences with technical support.
The product is scalable.
I am not quite sure about that. In terms of the number of nodes, we have around 200 nodes. All the internet traffic has to go through Sophos XG. In terms of the number of people who handle the support, we have two people.
Technical support is good and easy to deal with. If I have a problem, I open the ticket, and I call, and the problem's solved automatically by them.
We provide technical support to the customers. We provide our own SOC to support the security solution and we complement the Sophos support plan.
Their technical support is fair, as well as the forums. Today there are only webinars, but we are trying to keep up with the latest technologies and trends.
We are also trying to keep up on how the hackers work because we are working with different associations of security worldwide that way we know the best way to protect our customers and what we need to sell to our customers.
I don't see any drawbacks to this solution at the moment. I know of other products that have more features and are more advanced stages, but ultimately, an organization's choice of software depends on its budget. If you have a small amount of money and you want to secure your network, Sophos XG can provide you with network security. Sophos ZG is a mid-range solution. There are solutions that are above it in terms of features on the market, but they cost more money.
They could work on their technical support to make it more productive for the end customer. Some of my friends and colleagues have had unfavorable experiences with the tech support taking too long to close their ticket. However, I opened two cases this week and both have been resolved.
Technical support could be improved. They aren't as responsive as they could be.
It would be ideal if we could have a more populated and detailed knowledge base. Generally, the new features must be tested before applying them to the production side. I would like to see more case studies, more application notes, and so on.
We would like to see an improvement in mail management. When passing from FG Series to XG Series, some mail features have been lost. We would like to regain them.
We offer contact center services and have a channel to reach the product support team, and they are ready to help when needed.
The integration could be a bit better. They need to allow their solution to integrate with other products and not just other Sophos solutions.
Sophos has a feature that in my opinion is very limited. They don't have enough VPNs on their models. They have the XG 750, which is a sizeable appliance. On those models, they used to have not enough VPNs. They always were short on that area.
Pricing used to be very bad, however, they've adjusted their strategy recently.
The product needs to improve its marketing in Mexico. It's not a well-recognized product in our country.
The solution's technical support is very bad.
There is an overall lack of documentation in relation to features and capabilities. We need these to help explain aspects of the solution to our clients.
I like the tunneling part which we are using for the VOIP. We have various other sites where we connect via tunneling. The tunneling part is very fast and easy to implement.
The deployment is very easy for my network team, and it is very easy to implement policies. The support that Sophos provides for the upgrade of new features and their interaction with the customer is very good.
Customer engagement is what I like about the product. We are very well informed about what is going on and new best practices. If anything new has gone wrong or anything in the world of cybersecurity we should know about, they will let us know.
Any firewall is dependent on how you use it. It's also on the user, how you configure it, what you allow, and what you don't allow, and so on. The ease of defining policies and the customer connect is what I appreciate about Sophos.
I haven't used technical support from Sophos. I have not required it. It's been easy for me to sort out myself.
Recently, I've had a problem with updating firmware. Updates should be more stable . The last update I did was not successful and ended in a unusable device. Also the support case i opened for it could have been more effective.
I don't use all of the features and therefore it would be difficult to evaluate if anything is missing.
The technical support is very good. Two months ago we needed help with implementation and they helped us with the configuration of Azure and this solution. You are able to find everything in the documents for the solution, it comes with easy to follow information with photos.
The Sophos XG technical support is good.
The GUI and support could be better. I think there are other products that we are going to deploy instead of Sophos. We have already upgraded a month ago because the interfaces and support for Sophos are really weak. But other products like Juniper, Cisco, or FortiGate are better than Sophos. It's also complicated, and the end-user or client does not understand it.
The interfaces and the GUI design are not easy, and when you do something, unrelated things are in the same configuration site. There are different sites to visit to configure Sophos. This is even more than other products. Many features can be improved, especially the VPN and web filtering features.
The manuals or guides we are given are too simple. When we are implementing the product, it is difficult for us as we don't have more detailed information.
The technical support on offer is slow. When I have questions, they answer me very slowly. Sometimes within 24 hours, I have a response. However, it can be longer. In Mexico, Sophos doesn't have technical support locally. It's in Argentina or in other countries. It would be nice if support was available in the country.
The technical support they offer is difficult to access. There is no direct number to call and when you do get hold of them and have confirmation, it takes a while to get a response.
We've been satisfied with Sophos' technical support. They are very helpful and responsive. Their staff is quite knowledgeable.
They need to do more quality checks before they release firmware upgrades. Currently, a few Cyberoam firewall customers are facing some issues while upgrading the Cyberoam firmware to Sophos. After the new firmware is installed, they are seeing some performance issues, which require some bug fixes. The performance is fine after getting the required support. Customers who are already using Sophos hardware are quite satisfied with this solution.
Their support should also be improved. We are facing difficulties getting support on time through email or phone.
I have found the technical support could be more knowledgeable and faster in the future.
We get a local-level team for support. There is less support with Cyberoam.
I have not used technical support just yet. If some issue comes through in the future, I will reach out. However, as of now, I can't speak to their level of responsiveness or their knowledgeability.
We are not very happy with the customer support they provide — it's quite slow.
A year ago, we contacted technical support regarding the high security licensing fees but they still haven't gotten back to us; they're still analyzing the log.
Support-wise, I would only give Sophos a rating of three to four out of ten.
Technical support can be slow to respond, which is something that should be improved.
In the future, I would like to see the addition of artificial intelligence for identifying and controlling traffic.
Support for this product is something that is really important, and it needs to improve.
Their technical support is okay. Sometimes, during the webinars, when I have some questions, they respond to them, but sometimes, I don't get any response.
The support service level agreement in regard to the amount of time needed to upgrade things is too low. It should be higher.
Everything is working as expected at this moment, but the anti-spam solution in Sophos XG needs to be improved. It needs more granular features and more stability. The anti-spam solution currently doesn't have many features, and we would like to have more features. At this moment, there is no expression filter for anti-spam. We need something to be able to filter subjects or attachments in emails based on the keyword. Sometimes, there is an issue with anti-spam, and Sophos XG suddenly stops processing incoming or outgoing emails. The only solution for this issue is to restart the appliance.
Their support should be improved. It takes a long time to escalate a support case from level one to level two.
The technical support is good and they provided me assistance through email.
The technical support has been good.
Technical support is very good. They are very prompt.
Their support is fairly good, and they come back to me. I've had an issue once or twice where I couldn't understand what the support person was saying because those calls were probably routed to India. They were a bit difficult to understand, but it is generally not an issue.
We have support from the supplier of our firewall, and if needed, we also get support from the people who develop our software.
The technical support has been great. All of our technical staff have been certified as Sophos administrators. They were able to offer us the training to make sure that all of the support staff are familiar with the functionality of the product. Then, in terms of technical support that we may need, when we call the Sophos team, they are usually very available and they are even able to support us remotely if there is a need to do that. We are extremely satisfied overall.
The solution is very easy to use. It's easy to navigate.
I like that I can create new rules and policies quite easily.
The solution works quite well overall.
The solution is easy to set up and configure.
Technical support has been very good.
The solution is scalable.
The product so far has been quite stable.
Technical support is pretty good, although I did have some issues with its availability during the COVID-19 pandemic, even though this seems to have been a challenge faced by all major support companies. There were delay issues owing to their teleworking, but the support they offer is quite supportive and they have all the necessary documentation. The truth is that I have a need for many cases, although the ones I require have to do with things that are out of my control, such as licensing or the occasion of a new app that failed to show up in the console. I have many sub-sites and I did face a serious issue. Technical support was pretty helpful even though I had to redesign the typology of one of my sites. They actually tried assisting me with the original design and I found them to be quite helpful and to possess a good base of knowledge on the site.
The technical support was very good before. However, now it is very difficult for us to reach them. There are crucial times when we need to speak to support but they take up to three hours to resolve or to address the issue. Sometimes it takes them 45 minutes to answer the call. When you are with a client you cannot wait this long.
The technical support needs to improve their response time in answering the calls and finding a solution.
I think the management console could be improved. I also find the partner portal difficult to work with because it never functions correctly and it's exhausting to deal with. They should also improve the failover management and the reliability of failover, and there are sometimes issues with the WAF functionality, whereby a number of applications can't be used correctly. Finally, I think the support could be improved because when you open a ticket, there's a long wait time for a response.
In terms of hardware, I think Sophos is definitely the easiest to work with. It's very intuitive and easy to learn how to use. The reporting feature is great and they have great customer support.
Their reporting needs to be improved.
The initial setup is not straightforward.
Technical support could be improved as well.
Integration to the cloud is also a challenge. It's not straightforward, especially while I move my mail from on-premises to cloud 365. I had to go to the cloud to research certain routes with it.
The solution has a variety of very good, very useful features. We take advantage of a lot of them.
The initial setup isn't overly difficult.
The stability is good.
We found the initial setup to be straightforward.
Technical support is helpful.
The pricing is reasonable.
Technical support is good but there is a delay in response.
The response time needs improvement.
I have not had need for technical support. Mostly, I find what I am looking for on the internet.
The support we have received from the partner has been good.
I haven't had any problems with their technical support. Every time we've had to call them, they have been fairly reliant. They have been able to solve the issue or the question that we had.
I would like to see the technical support improve. They have the worst technical support I have ever seen in my whole life.
The initial setup, specifically when activating the license, is a nightmare and is quite difficult.
The solution is very easy to understand.
It's simple to set up the firewall and policies. Setting rules is very easy on Sophos as compared to other solutions.
The product offers many great features.
Technical support is very good.
The initial setup is easy.
We have found the solution to be very stable.
A company can easily scale the product if they need to.
Scalability is not an issue for us, as we are getting the requisite support, with fast response time.
We're mostly happy with the technical support. It's better than Microsoft. Any issues we have may simply come down to the SLA.
Sophos does not provide immediate support, such as SonicWall does with its toll free number. This may take an hour or two, although I suppose things would be different were we to raise a critical ticket.
I have been in contact with tech support within the last week or so.
Unfortunately, there are quite a few negatives with them.
Their tech support is not great.
The features on offer are lacking.
Basically what they don't have is proper bandwidth management for multiple WAN ports and multiple WAN ports to multiple VPN WANs. Meaning, if I have it on both sides on both the main side and on the secondary side, two internet connections, I can't bond the two of them together into a single VPN and have bandwidth managed between the two of them.
If I want to go ahead and make a VPN, right now, I have two internet connections on each side. I have to make a failover a group of four VPNs for it to go ahead and failover between them.
You're getting into a lot of rules. It's a lot of extra rules, et cetera, that has to be done. They don't have simple pointing systems where you could go ahead and make rules saying, "Hey, here's the route". They're not fully route-based VPN rules yet. You literally have to take down all the routes all over the place in order to make updates. It's tedious.
Basically, we had the problem where we moved certain ranges from one data center to another data center. It took us about an hour of downtime to do that. We had to go ahead and we had to reset VLANs and we had re-setup all the VPNs in all the different places we reconnected. We don't have two sites, we have 25 sites. It was a lot of work.
Our clients have a good system of support over here. They have full support. They get support from the distributors, from the partners, and then directly from Sophos.
The reporting could be improved.
Many other firewalls give you the option to disconnect a user. For example, if an end-user is using too much bandwidth, you could right-click to disconnect this user, but Sophos XG does not support this feature.
Sophos XG does not have the ability to disconnect a user.
I used Sophos tech support for the previous solution because Sophos sold that as well. Now, we only work with the external partners. So for the moment, I haven't had to send questions directly to Sophos. But my past experience with Sophos support was good. It was very professional and easy. We stay with Sophos software because of the technical support.
The technical support is okay.
In light of all the firmware upgrades, maintenance, feature and general releases of firmware, I really appreciate the support offered by Sophos. It is really good.
However, the response time could stand improvement, as I do not benefit from immediate support. There is a delay involved. This can be problematic when I need urgent support, such as when my device is in a production environment.
I haven't dealt with Sophos support because I'm just doing the basic implementation for the Sophos. But I Sophos support is very experienced and helpful. Sophos has a team for administration and implementation—a good team to improve the application.
I enjoy synchronized security, where you have to synchronize both the firewall and the endpoint. When I deploy a firewall, I integrate it with the endpoint so that they can send the security heartbeat from the endpoint to the firewall. In the Sophos firewall, there's deep inspection, which works quite well. Sophos has the web application firewall inbuilt. This is unlike other firewalls, where you have to integrate with another standalone web application firewall. Being inbuilt in Sophos, you just have to configure an application so that it's more of a policy, and you're good to go. It's pretty simple in terms of the user.
We've deployed quite a number for our users and our customers, and the feedback is quite positive in terms of management and also administration.
The technical support is pretty good.
The initial setup is easy.
There's quite a number of items on offer. When you look at Gartner, it's doing well. The uptake in the market has been wonderful and currently, it's competing with other top firewalls such as Check Point, Fortinet, and Palo Alto.
When purchasing a firewall, as a customer, you must first plan, consult with your partner(s), and decide on the sizing. If you buy an XGS 230, for example, it can support up to 200 users and 50 VPNs. If you buy the wrong product, you won't be able to scale it up.
You should always size upfront. If you have a hundred users, you buy an appliance that can support 150. The license is the license.
It's all about the hardware. If you purchase small hardware and you know that after one year you're going to have more employees then it is wrong.
It's not a server, where you can just add more drives, It only has expansion units for the network. If you need to add fiber, for example, you can. There are expansion units, but you can't expand the architecture of the firewall.
We have more than 50 customers.
The technical support is good. We have no problems with technical support.
The solution is mostly a good firewall.
The initial setup is pretty easy compared to other options on the market.
The product has been stable.
The solution can scale.
Technical support is responsive.
Sophos offers pretty good pricing.
Compared to other firewalls that I had looked at, I thought Sophos was the better solution. It just seems to be easier to manage versus Cisco, Fortinet, or one of the other options I was looking at.
I'm not going to say that it's easy to configure, but I can understand how to configure it. There is a certain amount of support available to do the configurations.
Technical support from Sophos has been brilliant. We deal with them on any L3 issues and they are always helpful.
I have never contacted technical support.
Technical support is always an issue, not just with Sophos but also with other brands. It is extremely difficult to interact with support within the time frame that the customer expects.
In general, it takes more time to solve a problem, and better independent actions are required.
We have not really used technical support. If we have an issue, we resolve it ourselves.
I have contacted support once or twice to receive some clarification. I had a good experience.
The product is super scalable. If I had a giant organization, I'd have no problem putting the Sophos firewall in.
Right now, we have 155 on the solution. That's everyone from support to upper-level management.
We use it every day.
We just recently upgraded. I have no reason or need to upgrade for years to come and therefore don't plan on scaling anytime soon.
I would like to see improvement with service and support. LAN inbound and outbound traffic requires more control and an additional stop.
The reporting needs to be much better. Sometimes I have a lot of trouble understanding what they mean.
Sometimes it misses websites. For example, websites the users shouldn't be able to enter, or sometimes these websites are not shown in this log viewer. It's just occasional misses here and there.
Technical support could be more responsive and quicker in getting to a solution.
Support could be improved.
Sophos technical support is effective.
Support is one area where I have some issues. Sophos support isn't that good.
The technical support is very, very bad.
If I were to rate support from zero to 10, I would say about six or seven. The Portuguese Support is really bad. It's really not good. Every time you have an issue that's a little bit more complex, it's better to speak to the Global Support than the Latin American Support.
The Sophos support team is good now.
Support from Sophos XG has been fine for what we have required.
In addition to the recent ticket I created for technical support, I keep in touch with them. The support is okay.
I have it in customers that have four users. The largest site that we've had (with a single box) is probably 150 users, including guests, and it scaled right up and I'm sure I could have pushed it much farther. Again the nice part about the product is they have a software-only version where you could put it on your own hardware, where you can slap it in a Xeon server if you really needed to, and I'd have no fears that the product could actually filter a whole school campus.
In our company, it's mainly our techs who work with this solution. The roles are usually customer-facing techs and support techs. We call them technology specialists, but it would be equal to a tech support type person. Everybody in the company dealing with customers knows how to manage the product because it's so simple. There's no reason to have a firewall engineer. We have a senior person for a really complex setup, but every tech can work on the product and set it up for the average company. Every tech can make changes that the customer requests right then and there when they call.
The interface control manager where we can allocate LAN connections to certain VLANs is the most valuable feature. The other feature that's important for us is because everything is remote with MyKerio, as long as the boat has an internet connection, we can log onto the Kerio and get statistics, as well as provide support.
It's important because unlike a company where a company has an IT person on-site because these are yachts, they have a boat crew that is not necessarily "IT," so they rely upon us to provide them with their IT services. This is a platform that allows us to control and troubleshoot as necessary.
I would say about 95% to 97% of all of our support is managed remotely because of the nature of superyachts, where they're located, and the importance of the people that own them.
I have not run into any issues or complaints with regard to the firewall and intrusion detection features. I find that in this industry, the fact that those are services that are included is important. But I can't speak to the operability of it.
Because I interface the most with the boats and the crews, I've never run into an issue with the comprehensiveness of the security features.
In terms of the ease of use, if you took 15 different network professionals and told them to configure a Kerio Control, you would get 15 different configurations. Having said that, within our specific business segment, we have learned the configuration that works best for us and works best for our customers. The way that we have set it up is to not put the onus on the boat to make any changes, but if they need to make any changes they allow us to go in there and make changes.
From my experience, I don't necessarily do the configuration on them, but I do manage them. If there's a boat that has a problem, I'm the first phone call. Most of the time I can figure it out, but what we provide as a service is that we refer to it as a virtual ETO which is an electronics and technology officer. That would be an actual IT person, but for the most part, we just encourage our customers to defer their technical queries to us and allow us to manage it for them.
It has saved time for the members of our team who manage security based on how they're using it. It has saved time in the sense that they have an integrated security solution. I think the maritime industry is moving towards a standardized security initiative because the problem is that everything within the maritime industry is based on international, not national standards. So where and how the Kerio Control will fit into that is undetermined because the IMO, International Maritime Organization, has not yet determined what those standards are going to be. It's still a work in process.
It has a VPN back to our data center but I don't think it has increased the number of VPN clients extended to those outside our environment
It is scalable up to a point that then you might have to use a user faster, bigger one, but on the whole, it is scalable. It's because based most installations I have are over 300. Whereas if they start to get really big, you'll need to increase the model to the next model up.
In my company, it's me that manages and installs them all. We install, manage, and offer basic management and support.
The environments we've installed for can go from three to 50 users.
We've never had any problems with it not being able to manage the traffic.
I've never contacted technical support because I just call the people that I contract to fix things and if they're not quite sure how to fix something, they'd probably contact GFI.
The scalability is awesome.
For our big corporate clients, the solution gets used a lot. We have one client with about 200 users and about 10 to 12 servers.
We have five to six support technicians who work with Kerio Control.
I use it as a service for my customers. My primary target is to help my customers in the best way to protect them from the dangerous things from the Internet. As a solution, it's easy to maintain. The product is a good solver that also depends on good support and its availability of engineers.
I am using the latest version of Kerio Control. It is an old type of configuration with VPN connections. I still like the product very much.
It is mostly installed on the Linux software appliance. That's what I mostly use for my customers.
I'm a one-person team, and Kerio Control has saved me time. When I looked at the comparison between how much time I spend supporting a business installation of Kerio versus a FortiGate installation, just with the implementation, I have saved a few weeks of time. On a yearly basis, I have saved around 30 to 40 hours on one customer because they're bigger customers.
It's been a while since we contacted support, but back when we did it was pretty hard to get a hold of someone. We didn't get a lot of feedback. Most of the time, it was, "Look at the documentation." It was hard to get someone to look over our shoulder and help us with the problem. I think that was before GFI took over.
The problems I've had with Kerio, when I wanted to change something, have always been solved by consulting the Knowledge Base.
We are located in Holland and there is supposed to be Dutch tech support, and there is an American tech support, as far as I know. The bad thing about the American tech support is that reaching them by phone is difficult and by mail there's a certain turnaround. So, I'd rather rely on the Knowledge Base so that I'm not really dependent on the person on the other side.
They have an extensive Knowledge Base and, if you can't find something there, you can check the internet and there's enough available.
The GFI technical support can be very time-consuming to get down to the root of the problem, but they are very helpful when you do have an issue. It just takes some time to get to it. It sometimes can be communication that's the issue. Sometimes it can be the complexity of the problem.
It doesn't seem to be a lack of knowledge on the technical support side of things. Some of it comes down to whether the product can currently do what we needed to do or not. We were trying to determine if there was something that we could do to get better performance out of the appliance, and the response from the GFI support team was that it wasn't able to do some of the things that we wanted it to do, but it was something that they were looking at with rewriting some of the functionality. There is the possibility that some of those can be overcome easier.
I haven't contacted technical support in the past, to be honest. I'm the kind of person that I would rather look things up online. The beauty of working in IT is that a lot of problems you come across have already been witnessed. Someone else has come across them and has already posted solutions online for you to find. I'm not one of these people that tends to call help desks. I used to work on help desks quite a lot myself, so I am well versed in troubleshooting.
The support the solution offers needs a lot of improvement. GFI took over the product and since the takeover, the support, the backups, the after-sales support, etc., has basically dropped off quite a bit.
When it comes to dealing with updates, there are often bugs on the solution. They should do a lot more testing before they release new versions.
GFI's technical support is improving but at the very beginning, it was very bad. There was no way to contact them. When you did call, you didn't get returned messages. It is improving, but it's still not at a level where we're happy with it.
I haven't used GFI, but back when Kerio had it, they were very good.
They were very responsive. A lot of times you call the company tech support and they want to treat you like you don't know what you're doing. It's a "Is the power plugged into the wall" kind of a thing. They're very fast to understand that it's not the user that they're talking to on the phone. That the user they're talking to on the phone knows what they're doing to an extent and needs some extra help. It saves time. But I haven't had to call GFI yet, other than when my key wasn't working. It was an email. When I renewed my subscription, the keys didn't update. They had a problem with their update process, so the person had to go and manually update all my subscriptions. It took a few days.
At first, they didn't understand, because they said it's just automatic. Which it's supposed to be. The next day I told them that it didn't update. Then finally looked and they did one subscription, and then I told them that my other subscriptions didn't update.
At first, I was supposed to read a manual on how to do it. But I was doing everything that was shown, it just that their process behind the scene wasn't working. It's the online thing, so it was updated. However, my server wouldn't get the notification that it was updated. They thought I was not doing the website properly because they would tell me to go to the website and hit update. It first started as if I was a user that didn't know how to do anything and then they realized we had a problem. I fixed it. It should have been a lot faster.
The way it improves the way our company functions is through the VPN, because we offer support services. Normally, we would have to rely on TeamViewer to a computer on board, or to get on the phone and tell somebody to take pictures or press buttons, where we can't see what's going on.
In the last year or two, after setting up the VPN, any of our guys can log straight in to the system and they are effectively on board. That is a big help because our customers are all over the world. They could be in Ibiza one day, but then they're heading to the South of France and then they're going off to Greece or crossing the Atlantic. Sometimes it's difficult to send somebody out to them quickly. They might not want to pay for somebody to come out. It could be two or three days of round-trip travel for a half-hour job. The VPN makes it more efficient. We can jump in and see what's going on. We can mimic our engineer's being on board the vessel via the VPN. That's the biggest benefit. And it's instant. Someone rings me up and I've got a single VPN connection and I can get to their networks.
There were certain things I didn't know about it, but I've always been able to just contact our IT company. They've been able to walk me through certain things. It was quite a monumental task to set up a public site. Support really had to help me with setting up the VLANs and walk me through it. It was not possible for me to figure that out on my own, but that's what they're here for. That could have been a little bit easier laid out.
There are some pros and cons to its performance when dealing with malware and antivirus features. Maybe once a month, I have gone to a website and it's being blocked. This is because it's a known malware site. So, I feel confident that those filters are doing their job. On the down side, occasionally when iOS devices go to the App Store to do their application updates, it will pick that up as a possible virus in a file: a false positive. This only happens on the iOS updates and the antivirus signatures.
One area that confused me a bit when I was building my current network. I use VLANs to have separate functionality on the network, and the appliance I got was the WiFi model, but I discovered that you can't assign WiFi channels to the VLAN. So, you can have WiFi, but its own subnet. You can't run that over the VLAN. Effectively, I can't use the WiFi facility in the appliance and had to purchase a separate web that supports VLANs. In the end, I had to go to GFI support. They confirmed this is just a limited functionality of that device, as it is a low-end device. I don't know if any of their high-end models have a better facility or not.
I used support once or twice when I hit the first license ceiling. I did log a support ticket in. They were fine. There were no complaints from that. They offer 24/7 support, via email. I don't think I actually phoned them up. It's pretty good. There are no real issues there.
I haven't contacted their technical support. If there are any issues then I get a network engineer guy first and see if he can take care of it.
GFI's technical support is way too slow in terms of response times. Their knowledge is okay. They should know their products. Even though they bought Kerio, they were able to update the software with their developers and build some new routines in it.
But regarding the support, if I send out a solution or a request today, it's taking too long to get a proper answer. You should have an answer the same day, at least, and if possible a quick response via email. That would be preferable in our cases. I know that is not always possible. And that's for software issues.
But if you have a hardware issue it's even worse because we are not able to get hardware maintenance on the firewalls. Ideally, within two hours of going down, a mechanic would come with a new firewall to replace it and to restore your saved configuration from the cloud. They don't have that. If a hardware issue arises with a firewall, then it takes at least a week, maybe a week-and-a-half, to get a new firewall sent by GFI. That's really not acceptable. If we have a hardware issue and we order something from some companies here in The Netherlands, we have it the next day. That would be acceptable.
We deal with that by having a spare NG500 lying around that we can use. We've never used it, so it's already three years old, doing nothing. But it's there.
I've never used their technical support.
I find it a bit costly to pay for the products that I am not using. They need to change their model in such a way that you don't have to pay for the products that you are not using.
The GFI features that come with Kerio are stated below. When paying for the licenses we pay for license for everything yet we only use 5 products.
GFI Endpoint Security
GFI Mail Essentials
Not in use
Not in use
GFI Fax Maker
Not In use
GFI Lan Guard
GFI Web Monitor
Not in use
GFI Events Manager
Not in use
We only use 5 products out of the 10 we’ve paid for. We should have the option for paying for what we use not a blanket cost for everything
Internet aggregation and SDWAN Technology: The firewall should allow growth in terms of allowing connectivity to SDWAN technology available in other firewall appliances.Link aggregation and SD-WAN (Software-defined Wide Area Network) are great features for businesses who need multiple links to the internet. They’re also useful where you are using multiple links and would like to connect to other sites, such as branch offices or cloud services.
Its local support and scalability is also not good. I am looking forward to a more scalable product that will be able to grow with time and technology.
Cloud Support: The Firewall should have cloud support especially hybrid cloud support.
It should allow device identification without just stating that the devices are unrecognized-"unrecognized devices"
Sandboxing is one of those important firewall features that end users don’t even know is there. It takes a file or executable as you’re downloading it and opens it in a completely isolated and separate “test” environment.This is missing.
The support is fine. The response time can improve.
My experience with the solutions technical support is fine but they could be faster in responding.
The technical support is good as a reseller. We have direct connection with the technical support, we can send them an email and they will get back to us. If it requires phone calls, they phone us up or we phone them.
The technical support is good.
I have not contacted technical support. When I have an issue I search the internet and solve the problem. When I search Google, I find solutions for my problem.
The user login can be improved because we use the captive portal where users have to register before they access the internet server. That has been a huge challenge. They can improve the user login part and make it more user-friendly. It looks user-friendly, but it doesn't work as it is expected to work. They can also improve the reporting feature.
They don't provide content filtering when it comes to search engine results. We had an incident on the network where a blocked site was showing up in search results. We are in a school environment, so we have blocked a site with some of the explicit content so that kids wouldn't see it. When one of them did a search, the results came on the search engine part. When you try to drill down to the website, it blocks, but when you search by image, it brings up all the images. That's one of the reasons why we are looking at Juniper.
Its inability to provide content filtering for search results was a high-impact issue. We've been talking to them about this issue. It was a very sensitive issue for us because we had kids in year four who were exposed to images that they were not supposed to see. Because of Kerio Control, we failed to protect kids from such content, and we expected them to respond to it with the urgency it required, but their support was pathetic. The ticket was escalated, but we had to send them a couple of emails to let them know how serious the case was, and then we had a live call with their support team.
We have had issues with its performance and stability. They can do better. We've had situations where we had a terrible performance on the network, and when you restart it, everything goes back to normal.
We use their support a lot. In my view, they need a lot of improvement. A lot of the representatives are far away and they don't have a lot of knowledge. You need to get to level two or three for them to be able to help. My team is very experienced so it takes a lot for us to make a call to technical support. We need to talk to the right person to work out the issue. The support structure is not able to reach the right level right away. This is a problem that Cisco needs to work a lot to improve one.
We also evaluated Check Point, Palo Alto, Sophos, and Cisco ASA. In the beginning, we thought about going for Cisco ASA but were told that Firepower was the newest solution. We met with Cisco and they told us that they were giving more attention going forward to Firepower than the ASA product.
We did a small POC running in parallel with Fortinet. We evaluated reports, capability, and the people involved. Palo Alto was one of the closest competitors because they have threat intelligence report in their dashboard. However, we decided not to go with Palo Alto because of the price and support.
Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed. In some cases, this may save you a lot of money or stress, which is why everyone who uses Cisco solutions loves them.
We generally provide support but if we're not able to resolve an issue, we escalate it to Cisco and they're great. They are one of the best support services I've used and it's one of the reasons Cisco is doing so well in the market.
We have used their technical support. They are amazing. Cisco's technical support is the best.
This product is managed using the Firepower Management Center (FMC), but it would be better if it also supported the command-line interface (CLI). Cisco's FTD devices don't support the command-line interface and can only be configured using FMC.
We have our own in-house team that can assist our clients should they need technical support. They're quite knowledgeable and can handle any issues.
It's just a fact, nothing is better than Cisco technical support.
The technical support is amazing. They do reply quickly, and often within an hour. It's been great. I've worked at Cisco before, however, with the type of contract we are in, I find it super fast right now. We're quite satisfied with the level of support.
The customer service/technical support is very good with this solution.
We just deployed it a couple of months ago, we have not used the tech support with the Firepower yet. We have not had an issue that we have had to raise with them.
Generally, the tech support for Cisco takes too long to go through the different tiers of support agents to get to someone that can resolve the issue. You end up speaking to someone that is not qualified to solve the issue, then you have to be escalated upwards over and over. This system could be better.
I rate the tech support service generally from Cisco a seven out of ten.
Support from Cisco is good enough.
The technical support is excellent.
Technical support is good. They are responsive.
The support of the solution is great, their staff is perfect.
I have experience working with technical support from Cisco. It's very easy to contact them and talk with them. There were times we worked using email, for example, for communication. We also worked with Cisco engineers in Mexico directly. We're very satisfied with the level of service so far.
I have contacted support multiple times and I have no problems with them. I think they do the best with what they have — especially with the pandemic this year. I think they've done everything they can do with what they have. They don't stop. They don't give up until the issue is resolved. They're really good with following-up too, making sure that the issue hasn't come back.
I usually create an issue with Solutel, then they create a case with Cisco Talos or the Cisco technicians. I am happy with Solutel's support.
If we needed to address something with Cisco directly regarding Firepower support, that was also addressed fairly quickly with no issues.
Cisco Talos is one of the largest private security, threat hunting, research organizations, but non-governmental. It is quite powerful when we explain to customers the threat intelligence injected into Cisco products. I have attended some Cisco Talos workshops, webinars, etc., and they do seem to be amongst the best in their field. So, I have a high degree of confidence in Cisco Talos, and it is one of the most powerful capabilities that Cisco has as a security vendor. You could have the best features for a product, but if the security intelligence is not good nor current, and if it can't accurately predict new threat trends in a timely way, then it still may not help you.
The technical support is absolutely brilliant. When I call Cisco TAC and have a case, every single engineer that I get assigned to any case is an expert in their field. I feel like they understand the product that we are talking about inside out. I have never raised a case for Firepower and not been able to get a resolution. I have a high degree of confidence in them.
The support may not be one of the features documented in the data sheet, but I have worked with other vendors where their quality of support is not comparable. When you are looking at the total cost of a solution, you need to look at more than what the face value of the product is. You need to look at:
From my experience with Cisco TAC, the resolution will always be very quick. More often than not, it is within a couple of days, if it is a P3. If it is a P1, then it is the same day. I couldn't ask for better.
So far, the technical support has been excellent.
I was satisfied with the support we received.
Their technical support is good. When my NOC or my engineers have needed support the feedback I've had is that tech support has been good at critical moments. They have given us good service.
I have interacted with Cisco's technical support many times. Nowadays, it sometimes takes a while to get to the person with the correct knowledge, but that is happening in the world in general. First-line people are common around the world and they are trying to figure out if an issue is actually a second-or third-line issue. But when you do reach the correct department, and they know that you are knowledgeable and that you are really facing a high-priority issue or a strange behavior, Cisco's support does everything it can to help you fix things, including involving the development department. I'm very happy with their tech support.
Their support is not perfect. Sometimes, you get the feeling that some of the support engineers don't have a deep knowledge of the product, but there are some engineers who are able to help.
When you open a ticket with Cisco tech support for Cisco FMC, you can be quite confident. Right away, the engineer onboarding is someone skilled and can help you out very quickly and easily. This is something that is true 90% of the time. For sure, you always have 10% of the time where you are fighting to get the right guy. But, most of the time, the guy who does the onboarding can right away help you out.
I haven't worked with Cisco support.
I would rate Cisco's support for this solution as nine out of 10 for this solution. The support has been very good. We got the job done. Sometimes, why it wasn't perfect, the challenge was getting a hold of someone.
My company has been using Cisco for many years. One of the huge pieces for us is, of course, the supportability and ongoing update, maintenance, and care. We've had a great relationship with Cisco. The tech is outstanding. Typically, we will open a tech case and they will know exactly what the issue is within two to three hours if it's a very difficult one. Typically they even know what it is when we actually open the case.
We've actually had a fantastic relationship working with Cisco. They've had a fast turnaround, great tech support, and we have not run into any issues thus far with the Firepower overall.
Their support is good. If we have an issue, we first try to resolve it at our level. If we are not able to resolve an issue, we call customer care or raise a ticket. They investigate and give us the solution. If there is a hardware issue or the device is defective, we will get that part as soon as possible. They replace that immediately. If it is not a hardware issue, they check the logs that we have submitted. Based on the investigation, they give a new patch in case of a bug. They arrange for a technical engineer to come online to guide us and provide instructions remotely. They provide immediate support. I would rate their support a nine out of 10.
We have HA/standby devices. We have almost 70 to 80 access switches, and we have 30 to 40 routers, hubs, and other monitoring tools and devices. We keep one or two devices as a standby. We have a standby for each Cisco tool. We have a standby for the core and distribution switches and firewalls. We have a standby firewall. When there is any hardware issue or other issue, the secondary firewall is used, and the workload moves to the secondary firewall. Meanwhile, we work with Cisco's support to resolve the issue.
For newer hardware models, the stability is good. We've tried to run Firepower on some of the legacy-supported hardware as well, but with the stability issues, they are not as good. If I were to judge based on the hardware that I have, I'd say it's good. I haven't had any issues with the stability on my platform.
We're getting support but there's a big delay until we get a response from their technical team. They're in the USA and we're in Africa, so that's the difficulty. When they're in the office, they respond.
I've been doing this a long time and I don't usually need to call tech support. But when I do need to call TAC, after working with a lot of the other vendors out there, Cisco TAC is still one of the best technical resources in the market. I do like TAC. That's not to say that every TAC engineer is great, but comparatively, they're one of the best support organizations.
We have been satisfied with the technical support for small and medium scale clients but we have not seen the support quality for the needs of enterprise organizations.
We have a lot support from Hillstone. We contact them when we have some unknown variable cases. They're very good. There are a few levels of tech support, so it depends on the nature of the problem, but most of the time, we can resolve issues on our own.
Price wise, Hillstone T-Series is cheaper than Fortinet FortiGate right now.
It has been stable so far.
Also, Hillstone T-Series has a good technical support team.
Hillstone supports IOT setup and detecting intrusions from IOT or CCTV connectivity. Not all other standard firewalls can do that. With this solution, we can also detect unauthorized devices plugged into the CCTV network and sound the alarm to the administrator.
At this stage, I think the SSL decryption option can be streamlined.
I think decryption transparency could be improved because you basically click a button and then you set up one rule-set and that's about it. I've noticed there's a problem on some sites where it doesn't do the proper decryption. I actually had to go through the application control module, and logs to see what was happening, and why some sites could not function, before I could decipher that it was the SSL decryption that was blocking the sites. I would like to see more hands-on configuration in that respect.
Untangle now supports TLS v1.3. So far testing has yielded positive results and I have not really had to bypass most of the sites we browse to, after resetting the policies to default.
We have not had a problem for the past couple of years so we have not been in contact with technical support.
We never had many issues, and whenever we had issues, their support was good enough to give us good feedback. They were able to help us out in solving the problems.
We contacted them for technical support only once, and the issue was resolved in less than two hours. Their support was very good.
The technical support is wonderful. They are all US-based out of Colorado.
When you need help, you are not talking to a level-one technician; you are speaking with an engineer.
They don't have to remote into your computer, they can enable the back end. They have the ability to enable a remote session to where they can remote inject to the firewall and see what is going on and try to help you.
The most valuable features are security and support.
The packet routing speed is very good.
The technical support is great. This is a brand and they have to protect it, so they make sure that the users get what they need.
I would like to have automatic daily reporting, such as how many users have connected via SSL VPN. As it is now, we have to manually look at the logs, which is tedious. There are no ready-made reports on that level and the information is not easily available.
I really need more advanced features that support the correlation of log files.
I've had to reach out to technical support many times. Sometimes, I find that it can take a while to reach support, or for them to get back to us. This is especially true on weekends and holidays. Other than that, it's been pretty good. We're pretty satisfied with the level of support we get.
Technical support is okay. It's the same across the board, you have good techs and you have bad techs.
At times, it's a little slow in getting back to us, but nothing out of the norm.
The most valuable feature is that you can control your traffic flowing out and coming out, allowing you to apply malware and threat protection, as well as vulnerability checks.
It has an advanced engine that does parallel processing for packet and deep packet inspection. It also supports user authentication.
My experience with Palo Alto is that it is really bad when it comes to technical support. When we have a situation where we have to call them, we should be able to call them up, say, "I have a problem," and they should ask a series of questions to determine the severity and the nature of the problem. If you start with the question "Is the network down?" you are at least approaching prioritizing the call. If it is not down, they should be asking questions to determine how important the issue is. They need to know if it is high, medium, or low priority. Then we can get a callback from the appropriate technician.
Do you want to know who does the vetting of priority really, well? Cisco. Cisco wins hands down when it comes to support. I do not understand that, for whatever reason, Palo Alto feels that they do not have a need to answer questions, or they just do not want to.
It is not only that the support does not seem dedicated to resolving issues efficiently. I am a consultant, so I have a lot of clients. When I call up and talk to Palo Alto and ask something like, "What is the client's password?" That is a general question. Or it might be something even less sensitive like "Can you send me instructions on how to configure [XYZ — whatever that XYZ is]?" Their response will be something like, "Well, we need your customer number." They could just look it up because they know who I am. Then if I do not know my client's number, I have got to go back to the client and ask them. It is just terribly inefficient. Then depending on the customer number, I might get redirected to talk to Danny over there because I can not talk to Lisa or Ed over here.
The tedium in the steps to get a simple answer just make it too complicated. When the question is as easy as: "Is the sky sunny in San Diego today?" they should not be worried about your customer representative, your customer number, or a whole bunch of information that they really do not use anyway. They know me, who I am, and the companies I deal with. I have been representing them for seven or eight years. I have a firewall right here, a PA-500. I got it about 11 years ago. They could easily be a lot more efficient.
I have been in contact with technical support and find that they are great.
I would advise getting very well prepared by defining the scope and testing it in advance. Make sure that you understand the performance implications and that the core features are supported on the VM, and they are tested before the implementation or migration.
I would rate Palo Alto Networks VM-Series a nine out of ten.
I have been in contact with technical support and I find them to be quite good.
The support is good.
I have used the Palo Alto Network's technical support before, and it's fine for the moment.
PAN provides good support in general through its partners in Chile
A valuable feature of the solution is that it is not dependent on the hypervisor so we can install it on Hyper-V Microsoft software and deploy it. We have even installed it on Nutanix 81, in which it is supported. It is not dependent on the platform and is stable.
It would be helpful if we had a direct number for the support manager or the supporting engineer. That would be better than having to email every time because there would be less wait. Having a dedicated number where we could send a text message in the case of an emergency would be helpful.
In terms of what features should be improved with Fortinet, I feel it should give better reports. They provide some basic reports in the entry-level and middleware products but I would love this product if they gave more reports, including more MIS from the traffic because they capture everything in the UTM. They don't produce a team value report. They don't produce a usable report where the IT manager, IT head or CTO can analyze where the attack happened or figure out where the bridge is down, etc. The reports are basic. There are engines which make everything on the GUI. All the user can potentially access for the risky function in the Fortinet but it should be on the GUI, it should not be behind the command line. They could definitely provide the FortiAnalyzer with the basic UTM in a bundle pack.
People should not have to ask for another FortiAnalyzer. It's an entry-level product. I understand that FortiAnalyzer is an expert level product but the functionality should be available at the entry-level as well. Fortinet should think about the entry-level and give it managing capabilities. That's why I selected Sophos because, for a small or medium office, all the reports are available there.
Secondly, Sophos is cost-effective. It is comparatively much cheaper. Sophos is available for a much cheaper price than Fortinet. Also, they have some other functions like sandboxing and others. FortiGate should be more customer-friendly and budgeted better. If I am a buyer, I do not want multiple appliances to manage. It should be one box, one appliance. One mobile should do everything. Multiple products require IT to create a workaround. You have to buy two products and then there is actually another one with that, one plus one, and then there is multiple management, so the product is definitely cumbersome. The beauty of the product is implementation and maintenance without it.
I have my own team to maintain this product. We are very happy as a Sophos user, as we get whatever we want from the reporting point of view. There are no glitches. There is no one issue in particular. When I ask, or my team asks, how the network is working and why there is network latency there are reports about where the traffic is going and I do not have the input after moving or switching to Sophos. I can get the support regarding which IP is working where and which IPs are making traffic, and more.
Their support is very good. Fortinet has a good support base here who has been working closely with us. Whenever there is an issue that needs to be addressed to our end clients, we have received very good support.
The product is quite user-friendly so we didn't have a lot of issues that needed to be addressed.
The pricing structure is also flexible.
The technical support has been very helpful. We've been satisfied with the level of the support we get.
We have contacted technical support at times when the appliance was not working well and they were ok. We have no issues with support.
We have very rarely had to contact Fortinet about anything. When we have a problem then we have local support with our vendor. They will send their technical people if we need help on-site. We are very satisfied with our local experts.
We have not been in contact with technical support.
I have not contacted technical support.
I'd rate the solution seven out of ten. I only really use the solution for communication and ordering support.
We don't have a business relationship with Fortigate. We're just a customer.
I personally have never been in touch with technical support for Fortigate. I can't speak to any kind of experience. I have heard good reviews from other people, however.
We have yet to contact technical support, as we've just started to use the product and haven't had any issues to speak of so far.
The customer support for Fortigate is fine. Compared to Cisco, however, I would say Cisco's response might be a bit faster. If a device fails, they'll be onsite to replace it themselves. In my region, in terms of Fortigate's response to a similar event, users would have to go through the distributor and not directly to Fortigate. That's why it takes longer. It could be a bit easier, and if they did it a bit more like Cisco, I think it would be better. However, Fortigate's response isn't bad.
We've never had to contact Fortigate's technical support, so I can't speak to their quality of service. If we have any issues on the solution, we tend to handle the problem internally.
I haven't used technical support.
The Fortinet technical support is generally good. There are times when we don't get an immediate response and it requires escalation but that's all.
We don't use technical support from Fortinet. Rather, we get it from a local company. They are okay. They aren't terrible, however, they could be better. Their service is average at best.
We've never had any technical issues on the solution and have never had to reach out to technical support. However, I've heard that they are quite helpful. I just can't personally speak to the quality or responsiveness of their services.
For those trying to troubleshoot on their own, the solution doesn't really need or have tutorials, however, you can find so much information online, it's not necessary. It would be nice it newly released features had a bit more information. It doesn't happen often, so it's not too big of an issue.
The virtual and hardware versions of the solution are mostly the same.
The VM it's very quick for deployment. If we need to have a POC for a customer, if we don't have any hardware physically at our premises, at our store, in our office, we can download the VM from Fortinet and install all the VM to their environment in order to run it. If we have a customer that says "let's start tomorrow" we are able to do that in a way that's not possible with a hardware version.
Normally Fortinet is very flexible that it supports almost all environments.
The solution is user friendly.
The cost of the solution is pretty fair.
The documentation is very good.
The SD-WAN is very good, as compared to, for example, Citrix SD-WAN which has an overall lack of security and needs to leverage other devices, like Palo Alto, to cover this.
Technical support is good. We work through a distributor and it's just a matter of a phone call to explain what needs to be done or a feature that we need to enable, and within an hour or two they come back to explain what has to be done.
They also give advice going forward with what to deploy.
Technical support is horrific, absolutely terrible. I'd give them a negative rating.
The technical support is not very responsive and is an area that needs to be improved.
The product is quite flexible.
There seems to be a lot of very useful feature sets.
Technical support is very helpful.
We found the initial setup to be pretty straightforward for the most part.
There should be a bit more automation.
There could be more integration capabilities.
Technical support could be better.
The solution needs more features surrounding event log management.
The technical support for FortiGate-VM is the same for the physical VM — they're very responsive.
We help our clients in implementing it. We also manage it. We just have one network support person to take care of things. It is not a job that requires more than one person.
The product does not have a good graphical interface. Their patches and their upgrades are not always compatible with configuration. That means that often you find after you upgrade that there was something else you have to do to the rest of the infrastructure, whether it's a printer or a user or whatever. It doesn't appear to me that their upgrades are well tested. They usually do what they're supposed to do, however, they also usually do some other things that FortiGate doesn't seem to be aware of.
It doesn't maintain legacy capabilities very well.
The stability of the solution isn't ideal.
They don't seem capable of supporting their own product.
The solution needs a better user interface and more intelligent services like spam blocking and auto whitelisting, gray listing, blacklisting, et cetera. It just basically needs better user monitoring.
Their tech support is very good. We always get good answers from Fortinet tech support.
The support is good. We don't have any issues with the technical support.
Most of the technical support is provided by our support partner, but there have been some instances when I interacted with their technical support. They have been most satisfactory.
The technical support has been good.
The solution has pretty awesome features. It supports at least 300 of our branches. We have yet to come across any issues concerning the 300 branches we have configured, a high number which equates many connections. This means that the solution can handle that much traffic. This is a feature of the firewall that we appreciate, as well as that of antivirus. In spite of the solution being inexpensive, it has everything one would need.
Technical support is good. However, we're not satisfied with partner support, and we're looking to diversify. We have signed up, and we're training our engineers.
I am satisfied with all of the support for this solution. They have great documentation that is well written of everything that you need to know, such as UI functionality. There are different guides for many things that are really helpful. The technical support is really good.
I've never dealt with technical support. I cannot speak to how helpful or responsive they are.
I have, however, used their tech demonstrations to learn about the product. That's helpful in terms of understanding, however, dealing with support directly has never come up.
Overall, it's an excellent solution.
The solution is largely very stable.
Technical support has been good.
The firewall capabilities are very good.
Their technical support is great.
The technical support could be improved. I'd like to see the security platform upgraded.
Their technical support is good.
For our entire fleet of 120 firewalls, we're paying about $100,000 per year. The licensing fees give you support and the capability to download updated definitions of threat intelligence from Fortinet.
Tech support is okay, but we do a lot of management by ourselves. We have a third party that we use when we do implementations, and I haven't contacted Fortinet even though I have access to it. The local support that we use costs much less.
My experience with technical support was good.
The technical support is very good. It does not need to be improved.
We proved the frontline support for our client organizations or customers. So far we are satisfied with Fortinet support. We have currently have Fortinet-certified engineers in our company, so we don't have to contact support unless it's a complex issue. We have an NSE7-certified engineer, so we are quite confident with our deployment now.
Fortinet's local support in Mexico could be better.
The technical support is very helpful.
The technical support varies with the product in question. The support for FortiGate appliances is relatively good compared with the more complicated support afforded other products.
It's great that we can have separate services for the same client.
It's a complete solution. You only need to deploy it once. You can have many clients and many services for these clients in the same VM. It's a solution that works very well for companies that may need separated sections.
It makes things less expensive for clients. The pricing is good.
The interface is decent.
Technical support has a lot of knowledge.
The initial setup is simple.
The solution is stable.
It can scale well.
I've never directly dealt with technical support and therefore cannot speak to how helpful or responsive they are.
The technical support could improve. They took approximately one month to solve a firewire issue to update. I would not recommend it.
Personally, I like Fortinet support. I know other colleagues and people think it's slow, but I don't.
The support is fine now, however, our last purchase was not as good. They have changed their situation and improved support again.
The technical support in my experience has been good.
Technical support has been fine. We have no complaints. They are pretty helpful and responsive.
Technical support has been great. They really helped us when we had issues with some early problems during setup.
It ties to the device, so it's pretty easy to see whether or not you have support, however, it was not difficult to get in touch with them. You get someone with knowledge right away. You don't have to go through a filter of people asking you "Is it plugged in?"
I don't have experience with Fortinet's technical support. When I face any problem or issue, I call the company that came here to implement the device.
Our experience with technical support has been good. We have a few issues, and if we do we have been satisfied with the support.
I've never reached out to technical support. If I run into problems, I tend to Google queries in order to find solutions.
I am satisfied with the technical support.
We have not explored the scalability. We are only a small lab with two to three workstations.
I have a colleague working with me, together. We meet weekly to share the progress we have.
I use the enterprise version daily. It's scalable, stable, they have proper documentation and support. We get daily updates from the vendor.
OPNsense is a great tool but it lacks information that you need before deploying it.
I did not need any technical support.
I have not been in contact with technical support. So far, everything has been good because I just use Google to find all of the answers and all of my solutions.
We have not yet contacted technical support. All of the technical issues are resolved within our company.
I have found the solution has some great features overall, such as guest access capabilities, dashboards, and ease of use. There is plenty of documentation and support and it has the plugins that I needed.
The support service isn't very accessible, so you have to look at the forums to solve some issues. It would be better if they could offer this product with an associated support service.
The Check Point support needs a lot of improvement. We spend a lot of time troubleshooting issues ourselves, create good ticket descriptions, and try to explain in detail what has already been tested. Even so, it takes at least three ticket-updates before support really understands the issue. If you manage to reach the third-level support, you are still forced to be really critical of what kind of suggestions Check Point support is offering you. Running debugs on a test environment is quite different than running them in a heavily used production environment.
The SmartUpdate interface is a little bit crowded if your company has a lot of software items.
As an administrator, one should know how to troubleshoot by issuing related CLI commands before or after upgrading gateways, or the management server, in case of a problem.
Hardware problems on Check Point devices, such as those related to NIC or disk problems, may occur at times. In cases such as this, the support team is available and does what is needed, including the RMA process if necessary.
Our in-house team does the installation for our clients. We also handle support, depending on what level of support the client has. Sometimes, they go directly to the OEM.
Technical support is located in Prague, Israel, and America. The support is good and they are quick.
The speed of technical support is very slow and is something that should be improved.
The user interface for management could be improved.
In the future, I would like to see support for SD-WAN capabilities.
We are an IBM OEM company who received installation support from that vendor. They provided all the network connectivity.
For our implementation, we:
For our strategy, we looked at:
A smaller office of less than 500 people would get a 4000 Series. Whereas, a larger office would get a 5600 or 7000 Series. We have to be focused on the natural topology.
I've used the technical support. They're very responsive, we usually get a response the same day. The advice they've given has been very good and the knowledge base articles that they send are also very good.
They should improve the support a bit. Though they have expert engineers in tech, sometimes the amount of time to get back a solution for an issue is more than what is acceptable, even though it is a high priority.
During a scheduled activity or an implementation, they find their highest level of support. During an implementation, I never faced an issue with the support. I would rate them a nine out of ten for this.
1. Advanced logging capabilities - our support team on duty constantly monitors the security logs in the SmartConsole, and notifies the security team in case of major alerts.
2. Advanced networking and routing features - we use Proxy ARP to announced virtual IPs to ISP and bing domain names to it; BGP for dynamic routing over IPSec VPN tunnels to other environments, and Policy-Based Routing for connecting to two ISPs.
3. The new Policy Layers feature for building up the Access Control policy - the rules are now more understandable and efficient.
As we vendor, we deployed the Check Point firewall in many organizations and they are renewing its license as they trust the product and support.
Whatever feature they want is possible with Check Point and 80.20 later versions are coming in, that feature set was previously not available. Customers are satisfied.
Check Point is able to satisfy almost any security tool for enterprise clients. This allows us to deploy complex changes from a single management interface, get better visibility, and significantly reduce operational complexity.
I have to emphasize the value of Diamond support here where most senior engineers can provide great support with any challenges. Thinking out of the box, sense of responsibility, professionalism and much more - such an attitude helps to provide resolution to any crisis in the shortest term
They are very cooperative and supportive in nature.
I would say not much exp and not lower, average technical support. We are struggling in most of the cases.
Support is great, we solved cases with solution integrations easily.
The scalability of the firewall depends on the model. In terms of the implementation, it's really easy.
We have about 25 users for the entire solution. We have two engineers who work on deployments and implementation. We have another 18 engineers who do support and operations. They have responsibility to monitor the firewall 24/7.
It protects the core network and ISP: the routing, switching, and APM backbone. This is around 8,000 pieces of equipment.
We don't have plans to increase our usage right now.
They have a very extensive Knowledge Base on their website, which is very helpful. But if you contact their technical support, not all of them have all the skills. If you open a ticket it may take a while to be resolved. It can take more than a month until they finally escalate it several times internally and then, finally, find a solution. But the first tier is not too technical.
It gives us centralized management for multiple firewalls. For example, if I want to push the same configuration to 10 firewalls, I can push it all at once with the help of the centralized management system.
It is easy to use because it supports Linux language in the CLI. This is a good for someone who already knows Linux language.
We use it to provide security in our organization. Check Point Next Generation Firewalls are designed to support large networks, like a telco environment.
One of the main reasons that we went with Check Point is that they provide a good solution for a firewall but at an affordable price. As a state agency, we can't afford Cisco Firepower. It's just out of our budget to be able to pay for something where licensing and hardware are so expensive. Check Point has really met our needs for a budget-friendly solution.
We pay a yearly support fee in addition to the standard licensing fees with Check Point.
Check Point's technical support is a seven out of 10. Sometimes it takes a lot of time to get the right people on TAC issues. And to buy time, they just use generic questions, which is really time-consuming and doesn't relate to the problem at all.
There are no issues with scalability.
In Hitachi Systems in Mumbai, there are around 10 to 12 clients who are using Check Point Firewall. There are around 40 network security engineers who support Check Point Firewall in our organization for the Mumbai location, and there are multiple locations.
I had 3200 appliances deployed in my company where we had two CMSs. We had multiple VSXs on those appliances due to the main firewall that we had on the VLAN. We also had an external firewall on the VLAN, which were used to monitor and allow the traffic within the network. That is how we were using it.
They have a new R81 in place. Currently, they also have R75 deployed in the environment, but they are planning to upgrade to R80.20 because that particular firewall has very high CPU utilization and there is no more support for R75.
Check Point support is a very difficult question because not so long ago I had a major complaint with Check Point about their support. Now, they give us much better support because we have the highest level of partnership. They recognize that the people from our team, in particular, are very skilled, so we don't go to first-level support anymore. The moment we open a ticket, we get tier-three support, and that is good.
But we haven't had this privilege for that long and, in the past, support could be a bit tricky. If we got a tier-one engineer it could be okay for support that wasn't urgent but if we were doing an implementation, especially since we had a lot of experience, they were mostly asking questions about things that we had already checked. Often, we had more knowledge than they did.
For us, it's great that we now immediately get access to tier-three. I just wrote an email to the support manager this morning about an issue we had last night, and I told him the support was great; no complaints anymore. It took a while, but now it's good. I can't complain anymore.
It depends on the partnership you have with Check Point. If you're a lower-level partner, you have to go through the steps and it takes a bit of time. If you're working in a company that has a good partnership and you can negotiate some things, then support is good and you get very good people on the line.
The primary use of the firewall is to allow or block some traffic. Mainly, it is the perimeter firewall for the Internet. It filters the traffic from external to internal, e.g., to secure the traffic.
Some of our customers have been demanding Check Point as their firewall product.
I do the installation, support, firewalls, etc.
We've not used technical support. We asked our questions of the vendor that deployed and he was quite free and open in providing solutions. Anytime we call him we can ask. He was like our own local support.
There is also a Check Point community, although we've not really been active there, but you can go and ask questions there too, apart from support.
I have used technical support a couple of times, when it was required, for hardware replacements. Of course, once or twice I contacted them for active devices when we had some glitches. But that turned out to have nothing to do with Check Point.
Overall, technical support has been good. They understand the situation and what part needs to be replaced or what needs troubleshooting through remote support tools.
They are very stable. We usually deploy them in clusters, in front of the node. We always have the other one functioning and we have never had an occasion in which one failed and the other also failed. We also have support for the hardware. But regarding their functioning, we are very satisfied. We have never had a big outage because the two members of a cluster went down. They are very good in terms of stability.
One of the most valuable features is the data center object integration with Azure. We are using Azure a lot and there is very nice synchronization between the objects in Azure, and it's very easy to implement rules using this feature.
Other valuable features include:
One of the most valuable features is the antivirus. It's very good.
We also now support cascading objects. We didn't support this previously, but on Check Point we do.
The dashboard is quite good, you can explore a lot of features there and it's easy to understand.
It also gives us SSL inspection, which provides more effective mitigation of defects and data leakage.
We recommend to clients who are installing applications that they can work with Check Point Next Generation Firewalls. Our role is to support our customers in terms of their migration, firewall room cleanups, and implementing all the security features that the firewall has.
Our clients have branch offices in Mexico and Bermuda. Check Point is one of the top names in these areas.
Since we are trying to get our customers to do more self-service, we should see more inbound traffic. So, the usage will increase in the next two years.
We get more attacks from the outside these days, so it has become more important to use systems like Check Point. When I started with security 25 years ago, it was still something not everybody was aware they needed. Today, it's common sense that everybody needs to protect their perimeter.
Plan first, implement last. You should first be aware of what assets you want to protect and what are your traffic patterns. You should plan your policy and network topology ahead of time, then start to implement a firewall. If you just place it there without any plan of what it's supposed to do, it doesn't make too much sense. I think planning is 80 percent of the implementation.
I would rate this solution as an eight out of 10. It would be better if the support was quicker in the cases we had. Apart from that, we are happy with the functionality.
I support multiple clients within the UK, the EMEA region, the US, and now in Asia Pacific as well. I specialize in Check Point firewalls. I design and secure their data centers, their on-premises solutions, or their businesses security.
The firewalls are mostly on-premise because most of our clients are financial organizations and they have strict compliance requirements. They feel more secure and have more control when things are on-premise in the data center. However, there are use cases where I have helped them to deploy Check Point solutions in the cloud: AWS, Azure, and in Google as well. But cloud deployments are very much in the early stages for these clients, on a development or testing basis. Most of the production workloads are still on-premise in data centers.
Most of my customers are still using R77.30, and they are on track to upgrade from that to R80, which is the current proposed version by Check Point.
Sometimes, when I have gotten stuck, I have reached out to support and it's okay. They have helped me very quickly.
Support is very customer-oriented and you are always in good hands.(customer wishes are often implemented in the next hotfix)
Most Support engineers are located in Israel. (Very good spoken english)
Very fast response from R&D Team
I have used the technical support very frequently. I would give them around a nine out of 10. They have very good support. In critical scenarios, they provide us very quick solutions, are very well-trained, and have a good knowledge about the product. That is what we expect from them. I am deducting one mark to allow room for improvement.
I would rate the support as a three out of 10. It seems like they are all Tier 2 guys. If there is a problem, you search everything and read all the articles, then you contact their support center who forward you to the same articles. It is very difficult to work with their support guys, unless you work with the guys in Israel.
From my last job, I had a web UI issue on one of my firewalls. It's been a year now, and it's not been resolved. Although it's been to the Israel as well, It's still been delayed. We couldn't live with the issue, so we decided we would buy a new open server, as the previous open server was quite old, then we did a fresh install of R.30 on it.
if you buy the appliances or licenses through partners, they will try to resolve your issue or talk in a way that makes sense.
We have had a good experience with the Check Point support guys. The solutions they provide are very straightforward and are provided quickly.
The Next Generation Firewalls, the 64000 and 44000 series, provide us with support for large data centers and telco environments. They're quite reliable and provide great performance.
Mixed experience, mostly satisfactory. Some support engineers are quite helpful and efficient, others required more patience working through support incidents. ATAM support has been high quality, and as previously mentioned, local support has been key to resolving some cases much more quickly. If we were giving their support a letter grade, it would be in the B range.
It is always a good experience to work with their technical support. They are knowledgeable, always finding a solution. If we send them a bug, they fix it as soon as they can.
The tech support is very good for Check Point. We get straightforward solutions for it every time, and they do not take a lot of time since we have to resolve the cases quickly in a live environment. So, they are very helpful and capable.
We continue using our partner for resolving problems and doing the changes that we need. That is the way that most vendors are working. First of all you need a partner and then the partner will open up a case with Check Point.
But one of the best things about working with Check Point, especially here in Israel, is that there is a direct line to the support, because we have such a good relationship with them, to speed things up.
The support is fast, professional, and thorough. Those are the most important things when you have a problem. If we need to call for support from either our partner or Check Point, we get a quick response and, usually, a fast resolution of the problem.
We have used Check Point TAC to resolve our issues. We have had good support. They have good engineers there.
We are very happy with our experience with technical support. They are very knowledgeable and the process for resolving tickets or problems is fast. We have had incidents dealt with quickly by their team.
I used their assistance many times. The experience with them is sometimes very good. They give the best solution in a short amount of time. Two out of 10 times, I feel that they are only looking to close their tickets. They are keen to do that. My personal experience with the support is an eight out of 10.
Check Point has the best technical support, which I feel if we consider other firewall vendors in the market, is an important distinguishing point.
Stateful inspection is one of the strongest points in this product, which is applicable while creating policies for application and URL filtering.
Check Point provides dedicated blades to monitor network traffic, which helps while troubleshooting network and packet-related issues.
It is easy to filter traffic based on source-destination services, time, etc, which is an enhancement over other firewalls in the market.
This product has provided us the total control of our connections in our very bandwidth and session-intensive environment. It offers high capacity on NAT tables that, with other vendors, needed to use really huge devices to support.
We can control all of our international connections in a central point with a distributed cluster in a very easy way and with good performance.
The layer 7 features (AV, IPS, Web filtering, etc) and integrations with AWS provide us a clear point of management for future deployments on the cloud.
I have been in contact with technical support many times, and they are good. Most of the time, they solve the problem as soon as possible, and they give a perfect solution.
We have support available from the Check Point TAC team. Our experience with them has been pretty good. We haven't had any issues or problems communicating with them or getting a solution from them.
With Check Point, we achieved redundancy but the problem was three public IP addresses that were required to be configured as HA, with two physical IPs & one virtual IP.
Our previous firewall used a single public IP but now, with Check Point using three, it became very difficult for us to make available the same segment of public IP addresses from our ISP. After many support calls, however, we found a solution.
The other option which is helpful is that there are no limits for any objects used in the policy. Our previous firewall does support limited time objects & IP address objects.
We were looking for an easy, centrally-managed firewall infrastructure as we were using a standalone solution that was difficult to operate and maintain because it was composed of several different systems.
We needed a solution that had support for virtual systems, and we needed such flexibility without increasing the cost by too much.
On the other hand, comparing within the sector, Check Point NGFW has a good stack of security mechanisms (modules, aka blades in CKP terminology) that are easy to implement and use.
Support might take a long time to resolve issues in rare scenarios.
We support various clients in the government sector in Mexico. We provide different solutions in terms of network security, data security, and perimeter security. The NGFM Firewall is available locally and different offices and/or institutions of the government sector pass through a more secure and controlled infrastructure.
This type of infrastructure has different zones or areas that are managed and keeping them centralized has helped us to maintain and control them. In addition, we are generating fast and safe solutions for our users on each site.
Check Point has a good support department and they are always ready to help you.
The technical support is excellent. The center is located in major cities in India along with the Check Point presales team.
When it comes to technical support, Check Point is on another level. The support engineers are very well versed with the solution they are managing.
Our branch offices and customer sites require Internet access for the on-site staff and remote access capabilities for after-hours and remote support.
The Check Point firewalls allow us to provide site-to-site VPN, client VPN, web/app filtering, and IPS functionalities.
Client VPN is leveraged by site staff due to the majority of our sites requiring 24-hour support and also allows centralized teams to remotely assist with multiple sites globally.
We also use these at locations to provide security when our stand-alone network requires connectivity to the customer's network.
I'm a consultant at a Check Point partner. I have deployed a lot of Check Point firewalls and support Check Point firewalls for our customers. Our customer environments are different. I have deployed standalone, cluster, and two-layered firewalls.
It should scale well as they now support more than 40 CPUs on a single system.
Technical Support needs improvement, especially the L1 engineers.
Check Point NGFW is the first perimeter security solution used in our environment and it is able to deliver the expected results. Specifically, it supports high-performance throughput for voluminous traffic.
The vendor has proven capability of identifying known threats, which can be seen while managing the firewall. The OEM has identified a roadmap in line with the emerging threat landscape and evolves the product to counter these threats.
The central management console has helped with segregation, where planned interventions with management consoles do not have any impact on production or critical business traffic.
The web filtering and CLI commands need to be improved.
The CLI command is very difficult to deploy.
If you are an engineer and considering configuring through the command line, you can't. The command line is very difficult to use, which is one of the biggest drawbacks of this solution.
The initial setup could be simplified.
Technical support is another big drawback and needs to be improved.
In the next release, there should be improvements made to the sandboxing functionality.
Technical support from Check Point is good.
They have a good support team that is fast to respond. However, there are open cases that should be resolved in a more timely fashion.
We use Check Point NGFW for perimeter protection of our network from the internet. We also use it for threat protection at the network level and the endpoint level.
We provide implementation, installation, and support services. We know about all types of firewalls, and we work with all types of installations. We usually use appliances, but in test environments, we use virtual appliances.
As I am not an end-user, I haven't really had any contact with support. Still, none of my customers have had any complaints regarding support.
The technical support is very responsive. We have a vendor that acts as a buffer between us and Check Point. In our country, these companies all have a local vendor that pushes their product.
When we contacted our vendor, our vendor called Check Point and as they were talking, Check Point shipped the hard disk, to fix the issue I mentioned earlier. They just placed the order immediately, while we were still talking. We think that they knew that delivery was going to take about five days — it was actually very fast.
Check Point solutions have always been more complex to deploy than their competitors. There may be multiple scenarios where we may need to engage support, however, the customer support is very good. There are certain features that are only possible from the command line (e.g. packet captures) and it would be good to integrate everything into the GUI to reduce the learning curve for newer engineers. Finally, it can be a costlier solution - especially for the smaller firewalls as compared to the competition. It would be beneficial to have more training options or documentation as well.
I would like to see more integration with other infrastructures. We are considering Cisco because it is more integrated, and the network limits of the solution are better.
Recently, we experience a problem with the hardware because it was too old, it was blocked. The hardware failed, but the software did not. With older hardware, it is a problem because our network is growing every year. The solution is not at maximum performance.
It does not have the performance that we require. The network is not the same as it was 12 years ago. There are several logs.
We are looking for a cheaper product that is more integrated than our Cisco Network appliance.
It may also need to support other types of architecture.
The only reasons we are looking at other solutions are price and integration.
The next-generation firewalls are used on the perimeter within a couple of data centers. There are lots of firewalls and we are trying to consolidate everything in the final solution. The MDS and VSX are real solutions that are easing the consolidation across different domains to make management easier. It also improves the overall solution from the operations perspective where BAU teams can leverage different Check Point product lines, like Smart Log, to support customers on a daily basis.
The sales, pre-sales, professional services, and tech support are all very nice.
The product could always be even more stable and secure, as it would improve protection.
As we aren't using the very latest iteration, it's hard to say which features are lacking, as some might have been added in the latest releases we haven't yet migrated over to.
The pricing could always be more competitive.
Technical support needs to be more helpful.
The VSX has been great. The ability to split single hardware into multiple virtuals along with support for dynamic routing using BGP is very useful for our environment.
We like the management console. The Check Point smart dashboard has made things easier for administration and we've been able to manage all the Check Point devices from one place which is very useful.
The operations support is great. There is a smart log system that is very good for troubleshooting and reporting. We also use the CLI for troubleshooting purposes (for the likes of FWMonitor and tcpdump) while the FW rules are managed via the smart console which does wonders for operations support.
The most valuable features for us are the solution's identity awareness and intrusion prevention.
The solution is very stable.
We have found the solution to be scalable.
Technical support is very good.
Check Point is very strong as compared to the other vendors in the market.
The solution offers a very good centralized management console.
It works well even for small deployments.
The perimeter security is excellent.
It works well even for cloud environments and has been very useful during COVID when people weren't necessarily in the office.
The creation of policies is simple. It's easy to configure them when we need to.
We have found the troubleshooting process to be very easy and helpful.
The GUI is simple and straightforward.
The sandbox environment on offer has been great.
The support has been super-helpful. They've always been great, even at a pre-sales level.
The initial setup is very straightforward.
Our company is outsourcing the support.
Technical support has been excellent
We've rarely used support but they've been helpful when we needed them.
Technical support could be improved. It's hit or miss in terms of the level of service and getting the answers you need.
We have premium support which is different from regular support. We have had good experiences with the support.
Of the areas of improvement that I want to see in this product, without a doubt, one is the technical support. In this time of globalization, with so many cyberattacks and risks, the Check Point support staff take a long time to attend to incidents due to the high demand.
Another change that I would like to see is the ability to be able to test the policies before launching a change. It is somewhat annoying to apply a change and then notice that, after a while, the message appears that the installation of policies has failed, either due to some duplicate rule, some duplicate port, duplicate service or IP, et cetera.
Their support is good. Their L1 and L2 support across the globe is great. L3 support is with the Israel team, and they have the right competency to troubleshoot it. Sometimes, when something needs to be done in the software in detail, we need to wait for people to come online from Israel. I would rate their L3 support a six out of 10 because we need to wait for the team from Israel to come online.
While the solution is good, we wish to have something that is a bit better, as the threats have evolved over time. We have been using Check Point for more than than eight years and are interested in a better solution. We entered a review site which ranks top security firewalls and saw that Palo Alto is ranked number one, followed by Fortinet, with Check Point in the lead. We noticed that Palo Alto was much more expensive than Fortinet, but wished to know which key features differentiated the two.
Though we did not take issue with the price of Check Point NGFW, we felt that it was providing us with inadequate support here in Uganda. This is why we decided to switch solutions. I should note that I do not have a technical background and am responsible for procurement.
The value we were getting for our money was an issue. I work for a bank for which security is very important, but we were not being assured of the appropriate support. The licensing fees we were paying did not equate with adequate local support. We had already had a bad experience with Check Point, so we did not bother with a quote from it and, instead, got one from several local companies that can support either Palo Alto or Fortinet.
Tech support should be improved. There are times when the technical team fails to understand things at the ground-level.
The dashboard can stand improvement.
The solution is overly expensive.
The initial setup is a bit complex.
It could be more stable and scalable. Check Point price and support could be better.
The policy installation length is still too long. It was promised that the time would be severely reduced in newer versions, but it is still too long. R81 promises at least parallel policy installations, which help in larger environments.
Check Point's advantage (to be able to configure everything) is also a disadvantage. The environment is quite complex. Troubleshooting is not always easy as there are a lot of possible debugs that can be taken, and the support will not always send the right or necessary debugs. Some debugs also can cause a heavy load, so you have to keep an eye on what you troubleshoot.
The technical support response time needs to improve.
I find the support to be very prompt. They go the extra mile to assist and are thorough in their troubleshooting.
The product can be improved with fewer hotfixes, and if more generally available jumbo hotfixes were used.
We don't often hit bugs. It's perfectly normal for an NGFW device as other vendors are always fixing bugs too. However, when we hit a bug, the support team recommends some hotfix, and if we upgrade to that, we have to uninstall it before we apply some newer jumbo hotfix. If those fixes were included in a fast manner in the jumbo hotfix (as jumbo hotfixes are tested thoroughly for general availability), it would be ideal.
The predefined reports are limited and should provide more information. Check Point should provide a greater number of defined reports and produce reports for each division of the organization. Also, historical statistics cannot be obtained from the central console, the data or logs must be exported to another machine and processed from there to obtain this historical information. The number of available physical ports could be increased and Check Point could add support for higher speeds.
The Remote Access VPN has been crucial to us, especially during this pandemic. We had to be on lockdown for a couple of months and being able to deploy a remote workforce with Check Point VPN was a crucial part of our business continuity strategy.
The logs and reporting are very easy to use and manage. Also, the IPS and IDS are critical components to keeping our network secure. They are very easy to configure and there are multiple templates that can be used out of the box that provides maximum protection to our network.
The support offers the best services I have experienced. It's better than any other IT vendor.
Although the GUI is simple to use and fairly comprehensive, more support via CLI would be beneficial for bulk operations. Repetitive tasks can surely be explored via API, however, oftentimes, tasks that are not worth automating can take longer than expected via GUI, while it could be easily tackled via CLI.
There should be better and more comprehensive reporting. This would also bring a lot of value to the platform by enhancing its capability of bringing transparency to the network.
Technical support is super.
Check Point support is good.
Check Point NGFW has improved our organization with more security and easier deployments. There is a smaller amount of workload in the supporting area. We find a lot of documentation for the products and benefit from a big community. The Check Point support is much better than what we have seen from other vendors. The firewall policy is easy to deploy and we can do a more granular separation of specific user groups. We feel much more secure with this product - especially the API support - and possible automation has saved us a lot of time in our team and organization.
We needed to replace our external firewall solution as we were having issues with the HTTPS inspection on our previous solution and the level of support being provided was terrible, leaving us with an issue that could not be fixed for over six months.
We had already deployed a new internal firewall solution but needed something that would protect that from external factors. We also needed a new solution to replace our client VPN solution. The Check Point solution gave us that as one whole solution instead of having to manage multiple services.
This system has been rock solid in our environment. I have even run beta software to try out new features. I trust the company and their top-notch support staff to keep us running smoothly.
Check Point is currently our perimeter firewall at various locations. We use their failover clustering with high availability option, which performs flawlessly. Upgrades are easy to perform and have always worked reliably for us. Technical support is always available to assist with these operations, which makes the process less stressful to the admins.
We are also using their ISP Redundancy feature, which works as advertised - perfectly! It's easy to implement, especially with the awesome documentation from our engineer. We also use their Remote Access VPN offering and have really seen its value this past year, due to COVID-19. The VPN has been 100% rock solid, especially during the most critical times in our history.
The appliances are quite intuitive and easy to be used. The hotfixes are useful and often released with notifications sent to the client.
There have been a few requests/issues about the Identity Awareness feature. The connection to AD, which was a request from the user, required the TAC team's support.
Technical support is very good and easily accessible.
We use five NGFWs for four of our sites, with our primary site having an active/backup HA pair. All sites are running anti-virus/malware/bots as well as HTTPS Inspection, IPS/IDS, threat emulation, application filtering, and identity awareness. These are our first line of defense at the perimeter of our network and we have seen a decrease in the number of detections on our endpoints. We've also implemented these firewalls to handle our external VPN connections from remote clients. We've had a few small hiccups, however, there was nothing Check Point support wasn't able to resolve.
With the added ability to have multiple VPN methods to connect, the solution has worked well for remote workers who are either utilizing the Check Point VPN client or the SSL VPN web client.
The throughput with full threat detection is adequate for the Internet circuit installed at most of the client locations and is in fact better than the previous firewall solution.
The support has been great whenever Check Point has been contacted. They help resolve an issue or explain how to perform some necessary action.
For the most part, the NGFW is easy to understand and set up and there are, of course, advanced options if a non-standard problem arises.
The environment in which it was deployed is a financial institution that requires high availability, confidentiality, and integrity of information within the supporting infrastructure. The NGFW is used specifically for the VPN, firewalling and it also serves as virtual patching in the event of zero-day vulnerabilities that are very common within some well know client desktop computers and servers.
Technical support is excellent. I do not have any complaints.
Overall the technical support is very good. If we have an operational issue, they can sometimes be a bit slow in responding. Other than this, I have nothing to complain about.
I like the facility of the product configuration. The ease with which the solution can be put into production makes it easy for my employers and for me to provide client support.
We try to not depend of the SMS application and leave it as a web application. Sometimes it takes a long time to authenticate and open correctly. It's a windows application, so you need a machine to install the application on.
If you have the standard support level, sometimes they take a long time to understand or even give you a solution or good workaround to a problematic situation. We had a problem in the past with a VPN blade that lead some devices to flap the VPN up and down. That case lasted 6 months as we were jumping between Check Point's internal departments in order to find a solution on our problem.
Technical support can be good or bad. It depends. Sometimes they are really great, and sometimes very annoying. Most of the time we have a good experience.
Most of the support calls are answered very quickly. However, if you have a problem and you have to get development involved, the response gets slower.
Most of the time, you will find all necessary information in the Support Center or on the collaboration sites.
It has always been slow and difficult to use technical support. It depends on a case-by-case basis, however, you have to chase and manage the case yourself or it will go nowhere. This likely comes down to a lack of experienced agents.
Check Point has not improved our organization. We have observed a sharp decline in the quality of both products and support.
Over the last several years, there has not been a single week where we have not had an outstanding issue open with Check Point support's advanced tier teams.
Initially, we had incredibly impactful issues regarding their scalable platform hardware (which is being discontinued in favor of Maestro) to the point we were forced to rip them out due to them being completely unreliable.
Check Point support has also seen a significant drop in quality, despite my organization even being a Diamond Support customer with Check Point. We fully believe it would be a wiser investment of time to call Geek Squad rather than Check Point.
I do like that this solution is a very robust firewall.
It's very stable.
The product is well supported. The solution is very scalable.
Technical support has been quite good.
We do not need customer support.
The support Check Point gives is key. As the Firewall vendor, I recommend them. It's always great to work with them. For this reason, I am very satisfied with Check Point. Every doubt I had they were pleased to help with and we ab;e to provide a resolution. The technical services always replied in a very fast and effective way. The live chat is great as well. There is always someone willing to help. This makes working with Check Point a good experience.
Check Point expert mode is basically Linux, so working with that allows us to implement a variety of scripts.
Product-wise, I have no real complaints.
Potential improvements could be made around simplifying VPN functionality and configuration.
The main area that the organization can improve is around the lack of local, in-state technical support. Competitor vendors have a strong presence in the Adelaide Market, however, Check Point has always been limited with its commitment to staffing local technical resources. If this focus is made, I could see Check Point returning to the strength that it once had in the Adelaide market.
Support for customers really needs to improve.
Check Point also needs to create a study license that will enable the customer to install a firewall (maybe with reduced connectivity) for a bit longer so that one can simulate scenarios without having to re-install it every 15 days.
We had a lot of problems with the VPN blade on the solution. We sometimes have trouble with the performance of the solution. Maybe some performance tuning options could be added in a future release.
Check Point needs to create a certification program that involves practical applications.
I've only had two instances using their support as we have a third party on contract for third-line issues that I cannot resolve. They were prompt yet not shy about pointing out potential issues with third parties and it not being their appliance.
A few times I reached out to support help and in no time I was able to get experts who helped me through any issue I was having.
The technical support is really poor. We have to wait for approximately 48 hours sometimes for a simple solution.
Customer service and support have been a bit hit or miss and it takes a while for escalation to happen, however, once it does happen, you get proper support right away.
Technical support could sometimes be better.
New users should know that the first year of support is included in the equipment. After that, you have to buy it.
We have not had any issues with the firewall.
Support is good and it's centralized architecture.
The IPS feature is the most valuable feature. We can block zero-day attacks within stipulated time intervals. The up-gradation activities are much simpler when we are dealing with Check Point firewalls.
If there is a critical issue observed, the Check Point support team can create a custom package that we can deploy on the gateway to mitigate critical issues/bug fixes.
The support reachability is very promising, as we can directly connect with them via call or chat from the support portal.
The setup was simple because we had the checkpoint expert support. The time it took was standard and once the installation was complete, there was no problem at all.
I would rate the technical support of Check Point NGFW a seven out of ten.
It's nearly impossible to add an exception for threat prevention services - like antivirus and anti-bot. You will be stuck with Indicators of Compromise marked as detect only, caching issues, and random effects.
There is no clear way to report incorrect classification to support and a business is neither happy nor forgiving when they cannot receive mail from a crucial business partner.
The KBs article should also be improved as all the global KB articles do not provide all the activity steps related to every issue.
As a solutions architect group, we are what you would call "vendor-agnostic." We evaluate any solution that seems like it may be viable to provide clients with some advantages. I will never go to a customer and say that these are the only products that we are going to support. However, if there is something that a client wants to use which I feel would be detrimental to their business or that doesn't fit their needs, I will encourage them to look at other solutions and explain why the choice they were leaning towards may not be the best. When a solution they want to use means that no matter what we do they are going to get broken into, I'll let them know. It isn't good for their business or ours.
That said, some of the most requested or considered firewall solutions by clients beside Palo Alto are Fortinet, Firepower, and Meraki. Looking at each provides a background into how we look at solutions and how we evaluate options for clients. You have to look at the benefits and disadvantages.
Cisco Firepower NGFW (Next-Generation Firewall)
I think that Firepower can be simplified and can be made into a more viable product in the Cisco line. I think that Cisco has the ability to get into the Firepower management platform and trim it, doing so by breaking down all of the different areas of concern and configuration and categorizing them into overviews, implementation across the board, and steady-state management. If they were to do that, then users could start at the top layer and drill down more as they see fit to customize to their needs. I believe that Cisco can do that with Firepower and make it a much better security tool.
Firepower is not just a firewall, it is an SD-WAN. It is an application that Cisco sells that gets loaded onto an ASA 5500 series appliance (the appliance has to be the X platform). It is not a bad solution. I can use it to get into your network and protect a lot of your customers who will be running traffic through it. But a problem that you are going to get into as a result of using Firepower is that it is extremely difficult to configure. Security engineers that I have handed the setup after a sale came back from the service and asked me never to sell it again because it was very difficult for them to set up. However, it is also very secure. The difficulty is in using the GUI, which is the console that you would log into to set up your rules and applications. It can take about 10 times as long as Meraki to set up, and that is no exaggeration. Palo Alto is easier to set up than Firepower, but not as easy to set up as Meraki. But, the security in Palo Alto is phenomenal compared to Meraki. Firepower is pretty secure. If it was a little easier to operate, I'd be recommending it up one side and down the next, but ease-of-use also comes into play when it comes to recommending products.
I'll support what Firepower has to offer considering the quality of the security. But I can't take anyone seriously who is proud of themselves just because they think their firewall is next generation. It might have that capability but it might not be 'next generation' if it is set up wrong. Some vendors who sell firewall solutions that I've spoken to admit to dancing their customers around the 'next generation' promise and they make amazing claims about what it can do. Things like "This firewall will protect the heck out of your network," or "This firewall has built-in SD-WAN and can save you lots of money." These things are true, perhaps, depending on the clients' needs and the likelihood that they will be able to properly manage the product.
Firepower is a capable solution but it is difficult to set up and manage.
Cisco Meraki NGFW (Next-Generation Firewall)
Meraki was a horrible acquisition by Cisco and it is harming their name. All of us who are familiar enough with the firewall know how bad that firewall is and we know that Cisco needs to make changes. The acquisition is almost funny. The logic seemed to be something like "Let's buy an inferior security solution and put our name on it." That is a textbook case on how not to run a company.
If Cisco wanted to improve Meraki, the first thing they need to do is simply activate the ability to block an unknown application. Start with that and then also improve utility by blocking every threat by default like other products so that users can open up traffic only to what they need to. That saves innumerable threats right there.
There are situations where Meraki works very well as is. One example is at a coffee shop. What the coffee shop needed for their firewall solution was to have a firewall at every location for guests. The guests go there to eat their donuts, drink their coffee, and surf the internet. The company's need was simply to blockade a VLAN for guest access to the internet while maintaining a VLAN for corporate access. They need corporate access because they need to process their transactions and communications. All corporate devices can only communicate through a VPN to headquarters or through a VPN to the bank. For example, they need to process transactions when somebody uses their debit card at a POS station. It works great at the coffee shop.
It works great at department stores as well. All employees have a little device on their hip that enables them to find what aisle a product is in when a customer asks them. If the store doesn't have the product on hand, the employee can do a search for another store that does have it in stock right on the device. They can do that right on the spot and use that service for that device. For that reason, they are not going across the internet to find the information they are searching for. They are forced into a secure tunnel for a specific purpose. That is something you can do with Meraki. If you don't let employees surf the web on the device, then Meraki will work.
I can actually give you the methodologies in which hackers are able to completely hack into a Cisco customer's network and steal extremely valuable information. Meraki is the most simple of all firewalls to infiltrate in the industry. It is an extremely dangerous piece of hardware. What comes into play is that Meraki, by default, does the opposite of what all of the other firewalls do. Every firewall not called Meraki will block every means of attack until you start saying to permit things. The Meraki solution is the opposite. Meraki, by default, blocks nothing, and then you have to go in and custom key everything that you want to block. This is dangerous because most people don't know everything in the world that they need to block. With Meraki, you have to get hacked in order to be able to find out. Now, tell me who really wants that.
An example of this is that Meraki cannot block an application it doesn't know about, which means that all unknown applications are forever allowed in by Meraki. If I am a hacker and I know that you are using a Meraki firewall, I can write an application to use for an attack. When I do, it is unknown because I just wrote it today. If I load it up on a website, anybody that goes to that website using a Meraki firewall has this application loaded onto their computer. Meraki can't block it. That application I wrote is designed to copy everything from that person's computer and everything across the network that he or she has access to, up to a server offshore in a non-extradition country. I will have your data. Now I can sell it or I can hold you for ransom on it.
Customers love it because it is simple to configure. I don't even need to be a security architect to sit down at a Meraki console and configure every device across my network. It is an extremely simple device and it's extremely cheap. But you get what you pay for. You are generally going to suffer because of the simplicity. You are going to suffer because of the low cost and "savings."
All I can say about Meraki is that it is cheap and easy to use and fits well in niche situations. If you need broader security capabilities, spend a few bucks on your network and get a better security solution.
Fortinet FortiGate NGFW (Next-Generation Firewall)
I'm supportive of Fortinet because it is a decent next-generation firewall solution. While not as secure as Palo Alto, it is a cost-effective and reasonably reliable product. I have customers choose it over Palo Alto. But if they decide to use this solution, I want to charge them to manage it for them. The reason for that is, if anything goes wrong in the network and they get hacked, my client will likely get fired and replaced. If anything goes wrong in the network and I am paid to manage their firewall, I am the one in trouble if they get hacked — not the client. I apply my services to the network, make sure everything is working as it should and give them my business card. I tell them that they can give the business card to their boss if anything goes wrong because the guy on the card is the one to blame. That way I remain sure that nothing will go wrong because of poor administration, and my client contact sleeps better at night.
Fortinet is sort of middle-of-the-road as a solution. It has a relative simplicity in setup and management, it has a lower price and provides capable security. Fortinet FortiGate still gets some of my respect as a viable alternative to Palo Alto.
Comparing the Complexity of Setup
Firepower is the most complex to set up. The second most complex is Palo Alto. The third is Fortinet. The fourth is Meraki as the simplest.
Rating the Products
On a scale from one to ten with ten being the best, I would rate each of these products like this:
An Aside About Cisco Products
It is interesting to note that the two offerings by Cisco are on completely opposite ends of the spectrum when it comes to the learning curve. Firepower is on one end of the spectrum as the most difficult to configure and having the worst learning curve, and Meraki is on the other as the easiest to configure and learn. Both are owned by Cisco but Cisco did not actually develop either of product. They got them both by acquisition.
The technical support from Palo Alto is good.
Yes, we evaluated other options. Cisco was there, as was FortiGate. We were using Juniper at that time, and then Palo Alto came into picture. We carried out a comparison of pricing, support, features, etc. and then we made our choice. It was really the next generation features and application level security that were key to our decision.
Their support is very good. I've never had any issues with their support. I would say that we've been satisfied with their level of service.
Occasionally there may be a bit of a language issue based on where their support is located.
I'd say that technical support is excellent. They are very helpful. We've quite satisfied with the level of support we got from the company.
We have been in contact with technical support and we are satisfied with the service.
I contact Palo Alto by email or by phone. Their support is good.
The technical support is good. The team is responsive and they gave us the right information at the right time to solve the difficulties and complexities that we were experiencing.
I have contacted their support once. It's very good support. They help me to fix our problem quickly.
I have not been in contact with technical support.
Since the solution is hardware, there are some limitations in terms of scalability.
Usually, in hardware, you can't say it's scalable or not due to the fact that you have the limitations built-in related to the size of the box. The box has a maximum number that it can reach. You can add more hardware, however, the hardware itself is finite.
We usually do a POC first so we can get the figures for performance and we can put in a box that can support 20 or 30 people extra for future expansion.
We deploy and provide support for this solution to our customers. The use case depends on customer requirements because Palo Alto Next Generation Firewall can be used as a data center firewall, perimeter firewall or on the cloud for a perimeter firewall or used with communications. Some customers use it for global protect connectivity. I am a senior network engineer and we are partners with Palo Alto Networks.
The support level is good, but it depends on the region you're working from. In some countries, the support flexibility is very good. For others, you have different strategies. I'm in Pakistan and Palo Alto has a different strategy here in that they don't directly provide support. You have to add another vendor in between and open a case with them and if they can't resolve your query they activate to Palo Alto. In some countries, Palo Alto directly provides support and in others they can't be contacted directly. In a couple of scenarios, we got involved with an R&D team and told them there was a bug for our end users. Palo Alto escalated that case to an R&D team and they got it fixed in the following patches.
The most valuable features are the content ID, IPs, and the URL filtering service to enable protection.
The structure is much faster and more sophisticated than Cisco.
Their cloud support is smart.
It is scalable. They offer multiple platforms, such as hardware appliances as well as virtual appliances. You can deploy as many virtual appliances as you want. Palo Alto supports the latest technologies, such as micro-segmentation, and NSX integration with Nutanix Acropolis Hypervisor. They offer multiple options to cover almost every deployment scenario and architecture for most of the customers.
The technical support from Palo Alto is good.
We work very closely with the vendors here and at this point they use external support.
Maybe they could add some tools and more competing services, like servers, but that would increase the cost of the solution.
The VPN connectors should be better. We had some challenges in terms of the VPN with Palo Alto Networks NG Firewall, and that's one of the main reasons why we moved to Sophos.
Its load handling can also be improved. There were challenges when traffic was high. During peak business hours, it did not function very well. There was a lot of slowness, and the users used to complain, especially when they were connecting from outside. We even reported this to the support team.
Their support should also be improved. Technical support was a bit of a concern while using this solution. We didn't get very good support from the Palo Alto team.
There are some options available in other firewall products that are not supported, so there is room for improvement in that regard.
Technical support could be faster.
The cost of this firewall could be cheaper.
It's a next-generation firewall and it's pretty stable. You don't have to worry about if you restart it for some maintenance. It will just come back. Basically, it would come back in a straightforward manner. There are no stability issues.
The one thing that I like about Palo Alto is it's throughput is pretty straightforward. It supports bandwidth and offers throughput for the firewall. The throughput basically decreases.
Palo Alto actually provides two throughput values. One is for firewall throughput and other is with all features. Whether you use one or all features, its throughput will be the same.
It's performance is better than other firewalls. That is due to the fact that it is based on SPD architecture, not FX. It basically provides you with the SB3 technology, a single path parallel processing. What other brands do is they have multiple engines, like an application engine and IPS engine and other even outside management engines. This isn't like that.
With other solutions, the traffic basically passes from those firewalls one after the other engine. In Palo Alto networks, the traffic basically passes simultaneously on all the engines. It basically improves the throughput and performance of the firewall. There's no reconfiguration required.
I have sometimes used the local support here in Norway. That has been okay. There are no problems.
In terms of technical support, I've noticed that as long as you have an enterprise license the support is good.
With regards to support, they have a lot of things to improve.
The ability to check cases could be improved upon. We find that most of the packets we have to directly open with the PA. Until then, it's possible that there cannot be any support.
Take, for example, the XDR. The XDR is the real power to all our solutions from PA, however, when we are using their XDR, we have directly to contact PA. It's like this for the licensing or for any technical issues.
The solution could offer better pricing. We'd like it if it could be a bit more affordable for us.
The solution should offer SD-WAN.
Technical support is still not good for me.
The support is good.
Technical support is pretty good. We get a timely response. There will be plus/minus where we do not getting a response, but not regularly, just one or two cases among, let's say, 20 or 30. As far as my experiences with the tech support go, it's pretty good, very straightforward support. It's not like they're playing on the call and taking their time. It is really straightforward.
I haven't contacted technical support recently. The last time I spoke to the tech support team was five years ago or maybe as an Operation Engineer three or five years ago. Generally, I found that they were really good at understanding the product. In my experience, they were really helpful. I'd say I was satisfied with their support.
I didn't have a very complex call with their technical support.
I think Palo Alto has good support. Technical support helped me solve most of my issues very quickly.
We have had a good experience with technical support.
I can't recall a feature that was missing. It's a pretty complete solution.
The cost of the device is very high.
To buy license support is very slow. For renewing devices and products, it's slow in terms of contacting and activating upgraded devices.
They could improve their support and pricing and maybe integration. It's a little more expensive than Check Point but the quality is better. Integration with firewall endpoints could be better. Palo Alto does have very good malware or antivirus protection. I think they could improve on that front.
We only contacted technical support when we were trying to make a sales configuration for the environment here. We had some integration questions for technical support. Of course, we got the answers we needed. The Palo Alto tech support got back to us quickly.
Their technical support is very good. It is more often the AMC support that we have to take.
Operationally, it is easier, and the manageability and their security features are good. Vendor support is also good.
We have third-party support.
The scalability of the firewalls could be improved. You can't scale the physical firewalls because Palo Alto doesn't support clustering.
Their technical support is excellent.
We never had the need to open a support case. It never happened that something that was supposed to work was not working. If required, we can find the answers in the product documentation.
Their support is very good.
Its stability can be better. Their technical response from the support side can also be better.
The support is quite good. A couple of months ago, I sent an email with an issue and we got an answer in 15-20 minutes. In my experience, Palo Alto support is one of the best, maybe the best support available.
Their tech support is not as available in Mexico as I would like it to be.
The Global Protect Feature has allowed our organization to support our remote workforce.
Technical support is okay. We have local vendor support. Whenever we have an issue, we contact them and they help us open a ticket with Palo Alto.
The application control portion of the solution is its most valuable aspect.
The malware protection on offer is excellent.
The initial setup is very easy.
We found the scalability to be quite good.
The stability is excellent.
Technical support is great.
The interface is very user-friendly.
Palo Alto provides pretty good support.
The technical support is good, but not excellent. Their responses can be quite vague and unhelpful at times.
The support could definitely be improved. Whenever I call the tech engineers, there's a long wait time. For an additional feature, I'd like to see the segmentation in policy. Check Point has a good feature for segmenting policies that I'd like to see implemented in Palo Alto. It would make things easier for the operation team to create & identify particular policies, or to place a policy in that segment. Finally, there are limitions to the hardware in the number of objects & policy we can create is limited which is not the case with Check Point or FortiGate.
They can improve the handling and management of User-ID. They should also improve its price. Their technical support can also be improved.
We use Trustwave, a company that provides the devices. We have an agreement with them, and we're satisfied with the support.
The technical support is satisfactory.
The technical support is responsive.
The technical support I have been using has been through email communication. When I open a support case, shortly there is a response with a solution. They are responsive and have always found solutions for the issues I have been having.
Their support is generally very knowledgeable. Sometimes it depends though on who you get, but they've always addressed our issues in a timely manner.
I would rate it as eight to nine out of 10. Most of the technical engineers, who provide support for our customers, are efficient. There are one or two Tier 1 tech support engineers who often don't have answers.
The support has been wonderful. I have not had any bad support that I can think of over the years. They've always been there.
The technical support is very good. We had some nasty questions, but they were sorted out quite quickly. The problem that we had, because it was live, was it took us a little bit of time to deploy stuff. We also have a good relationship with their pre-sales engineers who offered advice and guidance, specifically as part of the deployment.
We have never had to call Palo Alto. Secure Works does all our support maintenance on it.
I have worked with Palo Alto's support many times and it is quite good. Whenever we create a support ticket, they are on time and they update us in a timely manner. In terms of technical expertise, they have good people who are experts in it. They are very supportive of customers.
First-level support is provided by our distributor Bakotech. They are technical guys and they really know the product. Unlike some support providers who just send you manuals to ready, they're really helpful. You can call them at any time and they get back to you shortly and help.
Palo Alto Networks NG Firewalls technical support is very poor. Three or four months ago, I had a bug where the database of the firewall was locked. You cannot do anything with it. We looked for documentation, giving us a procedure to follow, but the procedure didn't work. We logged a complaint with Palo Alto Networks, and they gave us an engineer. The engineer relied on documentation that doesn't work, and we had already tested. In the end, the engineer gave us an excuse, "No, we need this account to be able to unlock it." This happened twice. The way out of it was just to restart the firewall. You can restart the firewall and everything goes back to normal. Therefore, I think the support that we got was very poor.
We haven't worked with their technical support.
This is not Palo Alto-specific. It seems to be across all the different vendors that there is a little bit of a hit-and-miss on whether you get a tech person who knows what they are doing and are interested in your problem. When you call frontline support, you can get somebody who doesn't know what they are doing and puts you off. Or the next time you call, you can get a tech who is on the ball and super helpful. This is sort of a smaller problem. It is a bit of a crapshoot on how good the support will be. I would rate the frontline technical support as five or six out of 10.
If it tends to be more of a critical problem, and you involve the sales team, then you are forwarded onto somebody who really knows what they are doing. However, the frontline support can be hit-and-miss. Their second-tier support is really good.
The top-tier support is 10 out of 10. We did have some more serious problems, then they put one of their engineers on it who has been amazing.
Overall, I would rate the technical support as eight out of 10.
The configuration part could be improved. It's very difficult to configure. It doesn't have a user-friendly interface. You have to know Palo Alto deeply to use it.
Also, it doesn't support open-source protocols like EIGRP. We had to find another solution for that.
The main reason for going with Cisco is their support. They have very skilled people and a very good support structure as compared to many other companies. They invest heavily in support maintenance.
We are pretty comfortable with Cisco technical support, but with the new acquisitions, they also need to ramp up their support. For the older Cisco IOS and other stuff, they have very mature teams, but with the new acquisitions, sometimes it takes time to do the transition up to that level. For example, when Cisco acquired Sourcefire for the firewall, it took some time for Sourcefire to act like Cisco's other products. So, support is good, but still, there is a learning curve involved with new acquisitions and their support.
The customer support is great. We're quite satisfied with the level of service Cisco provides. They're knowledgeable and responsive.
Overall, we find that they have the best technical support in the business. Their support is quite competent in terms of their technical skills, more so than other competitors. If you face any issues, you can call them at any time and get the answers you need to resolve whatever is going on.
A few things have room for improvement in your opinion. That would start with cost. Cisco products are more expensive than the competition, but the additional cost usually gets absorbed by the name recognition. Most people have Cisco or have familiarity with it, so they go with it. If they want the top quality product, they immediately feel comfortable with the Cisco name brand. That is where we come in as consultants. We bend over backward to make product comparisons and framing for solving the needs posed by an organization. I see something is a better fit for them that they could use. It would reduce their CapEx, their expenses, and it would fit them better all at the same time. The client may still want Cisco despite the recommendation that we make. But usually, that is what it is. Cisco fits, and if they want to spend the money, we make sure that it is within their budget. They feel more comfortable with Cisco, and they have had Cisco in the past, so we go with Cisco then.
Cisco is great. A lot of the tech companies are doing really well. But Cisco is still in the forefront. They are on top of this category of products. I can not think of anything else they could do because they cover pretty much everything that you would need a firewall for. Then you get Cisco's support behind the products.
I would think it would be a lot better for us and we could make more money if we try to recommend that clients put drop-in boxes at every location. But we do not choose to do that unless there is a purpose for it. In most cases, we would prefer clients to go the OpEx route. It takes a lot to offset the cost of Cisco so if they are going to do a cloud solution, their costs are metered per month by whatever solution they have. That is a lot better for projecting costs, and then there is the benefit of everything being upgraded in the cloud for them. They do not have to worry about anything. It just works.
I have used the Cisco technical support and they were okay. Rating them out of ten, I would give them an eight or nine-out-of-ten. They have a pretty good system with decent response time and accuracy. They are good overall and in comparison to other services. They offer 24/7 service, which is a benefit.
The technical support is pretty good and I would rate them an eight out of ten. If anything, they should work on their response times for critical cases.
Technical support is very, very good under Cisco. It's one of the other advantages of using their product. They are very helpful, responsive, and knowledgeable. We've very satisfied with the level of service they provide to us.
There is technical support for the solution but it is not localized. It would be beneficial if there would be localized technical support in India.
The technical support has been impressive. I know there are no other brands that have the same good service.
Overall, the devices are very good and reliable.
The product is easy to use.
It's quite a stable solution.
The installation process is easy.
Technical support has always been very good.
As a Cisco partner/reseller, security has been a concern for many years. Cisco has a security concept that begins right when you try to connect to the network. Security is a complete system and is not just put on security devices at the perimeter or between tiers inside a data center.
iOS on routers is a mature solution, allowing easy setup of a traditional ISAKMP V1 or V2 VPN, and a very mature proprietary VPN flavor called DMVPN. DMVPN allows on-demand VPN establishment with minimal setup configuration and creates a pseudo full mesh avoiding bottlenecks.
Cisco Technical Assistance Center works on a follow-the-sun concept and gives real 24x7 customer support, which is a great advantage when you have a service contract with them.
A firewall is a security appliance. FortiGate also does email filtering and does data loss prevention.
All networks are security-driven, we get throughputs and security. We feel that the people at Fortinet are easy to deal with from a support standpoint. If they need to jump in and help us, they're very willing to do that. Their email filtering, their data loss prevention, their intrusion prevention, type of products in the newest OSs has been outstanding.
Support is very fast and reliable, but it absolutely depends on the ticket, or what it is comprised of or how hard the errors or problems are. Easy questions are dealt with quite quickly, but harder issues might take at least an hour or so before a user would get a reply.
The solution's switches are lacking. They need more features added to them to build them out a bit. The switches are very simple if you compare them with other companies like Cisco or Aruba. Those organizations offer their clients much more.
Technical support could be better. Some competitors have much more responsive support teams.
I know the last version had NAC, network access control, added inside the firewall. It's a process, however. There's still work to do. The next version will be better. Right now, you can't authenticate other devices. You only can authenticate Forti devices and not devices from other companies. This could be the next addition to the solution that will make its performance even better.
We have a local supplier that helps us a lot every time we need to open a ticket. So far we haven't had that many issues. The few ones that we have had, we didn't have any problems with opening up tickets and getting support.
So far we are satisfied with the technical support. We have not had a lot of need to use them.
We are satisfied with the support. They provide fantastic support. They provide online support, and on priority, they also provide a remote session.
Technical support is not always good.
I think Fortinet needs to improve their support. They are not one of the gold star rating support companies. There are a few big vendors like Cisco, EMC, VMware with gold star support rating. The support is sometimes not up to the mark.
We have been satisfied with the technical support.
The technical support has been very helpful and they have local language support for Taiwan.
I find Fortinet to be on the higher end of the scale in terms of technical support. I don't know if I'll give them an A-plus, but I'd probably give them an A. Relative to other companies out there, like Microsoft, Intuit, and some of the other support agencies or ISPs that we deal with, their support is better than most.
Fortinet provides sufficient support, and their response time is reasonable.
The technical support is good. However, during the holidays they can get a little slow to respond.
There are some issues with the performance. We also had some issues while updating the firmware.
The download options can be better. While downloading VPN clients, it is a little bit difficult to get different versions. You need to log on and search.
Their support can be better.
The solution is very easy to use. It's a solution that has a powerful CLI and a very powerful graphical user interface.
The solution scales well.
In terms of stability, the solution is reliable.
It's not too hard to implement the solution.
Technical support is helpful and responsive.
Most of our customers that we implemented Fortinet FortiOS for we support and manage the FortiGate. Most of them use all the UTM features, such as web features, application control, intrusion prevention, and SSL inspection. We do have some customers who do not use these features. They mostly use IPsec, VPN concentrator, but no security features, we only have two specific cases. Most of our clients prefer to use FortiGate because of all the security features.
These days there are lots of breaches and vulnerabilities which you can see