"The feature set is fine and is rarely a problem."
"If you compare the ASA and the FirePOWER, the best feature with FirePOWER is easy to use GUI. It has most of the same functionality in the Next-Generation FirePOWER, such as IPS, IPS policies, security intelligence, and integration and identification of all the devices or hardware you have in your network. Additionally, this solution is user-friendly."
"The Firepower+ISE+AMP for endpoint integration is something that really stands it out with other vendor solutions. They have something called pxGrid and i think it is already endorsed by IETF. This allows all devices on the network to communicate."
"Firepower NGFW has improved my organization in several ways. Before, we were trying to stamp out security threats and issues, it was a one-off type of way to attack it. I spent a lot of manpower trying to track down the individual issues or flare-ups that we would see. With Cisco's Firepower Management, we're able to have that push up to basically one monitor and one UI and be able to track that and stop threats immediately. It also gives us a little more granularity on what those threats might be."
"The most important features are the intrusion prevention engine and the application visibility and control. The Snort feature in Firepower is also valuable."
"The dashboard is the most important thing. It provides good visibility and makes management easy. Firepower also provides us with good application visibility and control."
"Being able to determine our active users vs inactive users has led us to increased productivity through visibility. Also, if an issue was happening with our throughput, then we wouldn't know without research. Now, notifications are more proactively happening."
"Firepower has been used for quite a few enterprise clients. Most of our clients are Fortune 500 and Firepower is used to improve their end to end firewall functionality."
"The most valuable features of this solution are the GUI pre-filtering and the ATP (advanced threat protection)."
"The most valuable features are flexibility, ease of setup, and it's a good product cost-wise."
"They offer good antivirus solutions."
"Compared to Cisco, SonicWall NSa is much easier to configure."
"The stability is better than other products."
"It's very flexible and meets our customer's needs."
"The filtering is excellent."
"The most valuable features are that it is reasonably-priced and works well."
"I would recommend UTM over XG because it's easier to manage."
"We've found the technical support to be helpful."
"Technical support is very responsive."
"Sophos is a unified solution. We have anti-virus protection, firewall rules, knotting, and DACC all in one box."
"The stability, overall, is excellent. I haven't had a problem in the last two years."
"It is easy to manage."
"It's a stable solution."
"This is a very stable product."
"The initial setup can be a bit complex for those unfamiliar with the solution."
"There is limited data storage on the appliance itself. So, you need to ship it out elsewhere in order for you to store it. The only point of consideration is around that area, basically limited storage on the machine and appliance. Consider logging it elsewhere or pushing it out to a SIEM to get better controls and manipulation over the data to generate additional metrics and visibility."
"In a future release, it would be ideal if they could offer an open interface to other security products so that we could easily connect to our own open industry standard."
"On the VPN side, Firepower could be better. It needs more monitoring on VPNs. Right now, it's not that good. You can set up a VPN in Firepower, but you can't monitor it."
"The performance should be improved."
"An area of improvement for this solution is the console visualization."
"One of the few things that are brought up is that for the overall management, it would be great to have a cloud instance of that. And not only just a cloud instance, but one of the areas that we've looked at is using an HA type of cloud. To have the ability to have a device file within a cloud. If we had an issue with one, the other one would pick up automatically."
"When you make any changes, irrespective of whether they are big or small, Firepower takes too much time. It is very time-consuming. Even for small changes, you have to wait for 60 seconds or maybe more, which is not good. Similarly, when you have many IPS rules and policies, it slows down, and there is an impact on its performance."
"The content filter needs to be improved."
"SonicWall does not support DynDNS, yet this is an important feature for smaller companies that do not have a static IP address."
"It only has a single power interface, which has limitations in terms of high availability."
"They should consider upgrading the capabilities within the GUI."
"It doesn't require much improvement. The only improvement area is that cloud reporting, assessment reporting, and other reporting features should be available with the subscription. They should provide reporting features with the subscription base, which is currently not there. We bought the reporting tool, but there are some complications. They have made some changes to the application, and now the reporting management is completely on the cloud."
"It is not scalable. If your enterprise is growing hard then you have to buy another, bigger product. Maybe if you use it virtually it is more scalable."
"I would like to have a built-in vulnerability scanner in the firewall. It would be great to have such functionality. Its price could also be better. It would also be good to have a local warehouse. It doesn't get damaged a lot, but if a customer needs a replacement, currently, it has to come from Miami or Mexico, which can take a few days. It would be better if they have a local warehouse from where we can just pick replacements and quickly solve a client's needs in terms of replacing equipment. It would be great to have it locally instead of waiting for it from Mexico or the USA."
"It would be useful to have an application firewall that prevents the outside world from seeing your private IPs. You don't need to publicize your private IPs to the outside world, and you can create a barrier, like a proxy server."
"The solution needs to do better at covering mobile devices, although they may have an integrated solution for that purpose."
"Sophos should improve its ability to check something like bandwidth consumption for users or something more real-time."
"Monitoring and reporting are areas that need improvement."
"Anti-phishing functionality should be improved."
"The logs are not clear, which means that you need an additional piece of software in order to read them clearly."
"The ease of use could be a bit better."
"The classification segregation of applications lacks sufficient definition."
"I think that additional metrics features are needed to be able to monitor other areas or to monitor as much as you can, at a fine-grain resolution."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
SonicWall NSa is ranked 17th in Firewalls with 38 reviews while Sophos UTM is ranked 2nd in Unified Threat Management (UTM) with 24 reviews. SonicWall NSa is rated 7.8, while Sophos UTM is rated 8.6. The top reviewer of SonicWall NSa writes "A rugged solution capable of defeating advanced threats". On the other hand, the top reviewer of Sophos UTM writes "Great web and email filtering with reasonable pricing". SonicWall NSa is most compared with Meraki MX, Fortinet FortiGate, WatchGuard Firebox, SonicWall TZ and pfSense, whereas Sophos UTM is most compared with Fortinet FortiGate, pfSense, Sophos XG, Untangle NG Firewall and Juniper SRX. See our SonicWall NSa vs. Sophos UTM report.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.