"Provides good integrations and reporting."
"There are no issues that we are aware of. It does its job silently in the background."
"It is one of the fastest solutions, if not the fastest, in the security technology space. This gives us peace of mind knowing that as soon as a new attack comes online that we will be protected in short order. From that perspective, no one really comes close now to Firepower, which is hugely valuable to us from an upcoming new attack prevention perspective."
"The most valuable features of this solution are advanced malware protection, IPS, and IDS."
"The most important feature is the intensive way you can troubleshoot Cisco Firepower Firewalls. You can go to the bit level to see why traffic is not handled in the correct way, and the majority of the time it's a networking issue and not a firewall issue. You can solve any problem without Cisco TAC help, because you can go very deeply under the hood to find out how traffic is flowing and whether it is not flowing as expected. That is something I have never seen with other brands."
"The customer service/technical support is very good with this solution."
"Firepower has been used for quite a few enterprise clients. Most of our clients are Fortune 500 and Firepower is used to improve their end to end firewall functionality."
"One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful."
"What I like the most about Juniper is that they have the same CLI on all routers, switches, and firewalls. If you have worked with any Juniper device, such as a Juniper router, you will be able to work with an SRX, which is really cool. It is a nice experience to work with every device of Juniper, not only firewalls."
"The user interface is good."
"The technical support is quite good."
"I have used technical support quite a bit, and they are really good."
"The reason that we picked Juniper SRX is for the scalability, the fit for purpose, the tools that are available, the ongoing support and the ability to monitor, but particularly for the virtual routers in our data centers so that we can quickly upscale them when needed, when we need more throughput."
"We're primarily using Juniper's EPA feature, but not the other things. We use it to manage different points of firewalling of routing."
"When compared to Palo Alto, Juniper is a better choice when it comes to the enterprise network and connectivity."
"The IPSec configuration is going well."
"SonicWall has USCS and anti-virus at the gateway level. Everything is filtered, and if it detects an intruder, it drops the line."
"The filtering is excellent."
"The most valuable features of this solution are intrusion detection, intrusion prevention, and the advanced capture client, which provides live traffic analysis."
"The most valuable features of this solution are the GUI pre-filtering and the ATP (advanced threat protection)."
"SonicWall NSA is easy to deploy, easy to maintain, and easy to configure."
"It is able to fulfill my requirements. It protects our network environment. It has control over IPS, signatures, and it can also manage bandwidth and mapping. It is also stable and has good support."
"It's very simple to use and the support is great."
"The most valuable features are that it is reasonably-priced and works well."
"The initial setup could be simplified, as it can be complex for new users."
"The product line does not address the SMB market as it is supposed to do. Cisco already has an on-premises sandbox solution."
"In a future release, it would be ideal if they could offer an open interface to other security products so that we could easily connect to our own open industry standard."
"The visibility for VPN is one big part. The policy administration could be improved in terms of customizations and flexibility for changing it to our needs."
"Deploying configurations takes longer than it should."
"An area of improvement for this solution is the console visualization."
"The initial setup was a bit complex. It wasn't a major challenge, but due to our requirements and network, it was not very straightforward but still easy enough."
"The initial setup can be a bit complex for those unfamiliar with the solution."
"Their models for service providers could improve."
"The user interface is something that Juniper needs to improve."
"There are a lot of features that customers do not know about and I think that better documentation would help when it comes to learning how to use the product."
"The user interface and the GUI need improvement."
"J-Web, Juniper Web, is sometimes not working great when users are increasing their internet use. Additionally, they need to improve the GUI, graphical user interface, and the firewall management needs to improve. Their CLI is good, but sometimes the GUI is very slow."
"The configuration is difficult and it should be easier."
"As a networking person, I don't really have any major issues with this device. Based on my experience of using it in a cluster, it could be more stable. I had an incident when one of the SRXs in a cluster couldn't learn ARP. It is a good solution, but firewalls don't seem to be an area of development for Juniper. They are focusing on data centers, routers, and switches, not firewalls."
"The CPU switch could be improved for a better overall performance of traffic flow."
"You can do zero-trust networking with them, but it's not easy."
"It would help us a lot of SonicWall sent us more information about the latest updates and things that are changing."
"Having to deal with too many lower-level people in technical support means that it takes longer to resolve issues, so escalating support tickets should be faster."
"SonicWall does not support DynDNS, yet this is an important feature for smaller companies that do not have a static IP address."
"It is not scalable. If your enterprise is growing hard then you have to buy another, bigger product. Maybe if you use it virtually it is more scalable."
"The product likely isn't a good fit for a large organization."
"Initially, it may be difficult for some people to learn and become acquainted with it."
"Potential improvement around the associated VPN cost"
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Juniper SRX is ranked 14th in Firewalls with 35 reviews while SonicWall NSa is ranked 17th in Firewalls with 38 reviews. Juniper SRX is rated 7.8, while SonicWall NSa is rated 7.8. The top reviewer of Juniper SRX writes "This best in class Next-Gen firewall is elegant in its ease-of-use and architecture". On the other hand, the top reviewer of SonicWall NSa writes "A rugged solution capable of defeating advanced threats". Juniper SRX is most compared with Fortinet FortiGate, Cisco ASA Firewall, Palo Alto Networks WildFire, pfSense and WatchGuard Firebox, whereas SonicWall NSa is most compared with Meraki MX, Fortinet FortiGate, WatchGuard Firebox, SonicWall TZ and OPNsense. See our Juniper SRX vs. SonicWall NSa report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.