We changed our name from IT Central Station: Here's why

Azure Firewall vs Check Point NGFW comparison

Cancel
You must select at least 2 products to compare!
Comparison Summary
Question: Which would you recommend - Azure Firewall or Check Point NGFW?
Answer: Azure Firewall is easy to use and provides excellent support. Valuable features include integration into the overall cloud platform, autoscaling, and the ability for users to create virtual IP addresses. The cost of the solution is also competitive. Check Point NGFW solution offers zero-day protection and provides absolute in-depth visibility with a multi-layer, multi-blade approach. This solution has a Smart Controller that allows you to manage all firewalls from one single location. It also has good antivirus protection and knowledgeable, responsive support. Check Point NGFW is cost-effective and provides valuable support to get through required compliance audits. For Azure Firewall you have to specify each IP address used. We also found Azure to be challenging to implement from region to region, as it does not currently offer a universal approach across regions. Support can be very slow to respond and has caused us some downtime, affecting productivity and overall satisfaction. Check Point NGFW VPN can be very complex to set up. The deployment can be more challenging than many other solutions on the market. Although once fully deployed, things do get easier. Debugging can also be very difficult and makes it seem less stable than other solutions out there. Training and support could be better overall. Conclusion Azure is great, especially since almost everyone is part of the Azure ecosystem. However, it may not be the best solution for larger enterprises, as stability is limited, and the scale-up scale-out approach needs improvement. Check Point can be very challenging to set up and deploy, but the unique multi-layer, multi-blade approach gives greater flexibility and transparency, which makes it a great option for larger enterprises with more complex, intricate needs.
Featured Review
Find out what your peers are saying about Azure Firewall vs. Check Point NGFW and other solutions. Updated: January 2022.
564,599 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"We have not had to deal with stability issues.""One of the most valuable features of Firepower 7.0 is the "live log" type feature called Unified Event Viewer. That view has been really good in helping me get to data faster, decreasing the amount of time it takes to find information, and allowing me to fix problems faster. I've found that to be incredibly valuable because it's a lot easier to get to some points of data now.""I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection.""The feature set is fine and is rarely a problem.""The most valuable feature is the access control list (ACL).""Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity.""I like the firewall features, Snort, and the Intrusion Prevention System (IPS).""The Firepower+ISE+AMP for endpoint integration is something that really stands it out with other vendor solutions. They have something called pxGrid and i think it is already endorsed by IETF. This allows all devices on the network to communicate."

More Cisco Firepower NGFW Firewall Pros →

"Microsoft's technical support is very good. They're quite knowledgable and responsive.""Azure Firewall's feature that I have found most valuable is its scalability.""Azure's cost-effectiveness is its major advantage.""Performance and stability are the key features of this product.""We secure the entry point to the virtual data center with the firewall.""In terms of the reporting, it's beautiful. It integrates with Azure monitoring and with Azure policies. That piece is a big help. You can set governing policies and you can use the application firewall, as well as the Azure Firewall, to enforce those policies.""Network filtering is valuable. The scalability capability from the cloud-native service helps us a lot because it simplifies our day-to-day maintenance activity.""I like its order management feature. It doesn't have the kind of threat intelligence that Palo Alto has, but the order management makes it much simpler to know the difference."

More Azure Firewall Pros →

"Check Point definitely has a great architecture, where you can just enable the software blades and deploy a secure service. Overall, it provides ease of deployment and ease of use.""The performance has been very good.""The central management console has helped with segregation, where planned interventions with management consoles do not have any impact on production or critical business traffic.""Check Point NGFW provides a bunch of different products or Blades, as they call it in Check Point. The firewall engine is what we use the most but we also use the IPS IDS and Anti-Bot features. The solution provides many features.""With the new SmartTask offered in R80.40, we will be happy to configure some automatic control-functions.""One of the benefits that we have realized from using this product is that the user interface makes it easier to operate, compared to using the CLI.""The solution is scalable.""I think the VSX has been the most valuable feature for us."

More Check Point NGFW Pros →

Cons
"The performance should be improved.""The price and SD-WAN capabilities are the areas that need improvement.""One of the few things that are brought up is that for the overall management, it would be great to have a cloud instance of that. And not only just a cloud instance, but one of the areas that we've looked at is using an HA type of cloud. To have the ability to have a device file within a cloud. If we had an issue with one, the other one would pick up automatically.""They need a VTI. I know it's going to be available in the next software version, which is the 6.7 version. However, the problem with that is that the 6.7 is going to deprecate all the older IKEv1 deployment tunnels. Therefore, the problem is that we have a lot of customers which are using older encryptions. If I do that, update it, it's not going to work for me.""When you make any changes, irrespective of whether they are big or small, Firepower takes too much time. It is very time-consuming. Even for small changes, you have to wait for 60 seconds or maybe more, which is not good. Similarly, when you have many IPS rules and policies, it slows down, and there is an impact on its performance.""FirePOWER does a good job when it comes to providing us with visibility into threats, but I would like to see a more proactive stance to it.""My team tells me that other solutions such as Fortinet and Palo Alto are easier to implement.""The initial setup could be simplified, as it can be complex for new users."

More Cisco Firepower NGFW Firewall Cons →

"They can improve the pricing of Azure Firewall.""Currently, it only supports IP addresses, so you have to be specific about the IPs that are in your environment.""The solution lacks artificial intelligence and machine learning. It might be in the roadmap. However, currently, it's not available.""The interface could be improved, it's not very user friendly.""The reporting, logging, and monitoring features, as well as the flexibility of the policies, need to be improved.""Azure should be able to work better as a balancer also, instead of just being a firewall. It should have a wider mandate.""Azure Firewall definitely needs a broader feature base. It should be able to go all the way up to layer 7 when looking at applications and things like that.""It is a cloud service, but the lending speed for each region is not always the same. For example, in China, the speed is slow. They need to think about how to make sure that the service pace or speed is always the same in all regions. It would be a great improvement if they can provide the same pace worldwide."

More Azure Firewall Cons →

"The exterior of the physical device can be improved with the use of a display and not just simple lights.""The equipment is complex, so you need guidance from specialized people or those who constantly work with Check Point. Better forums and information manuals could be provided so that users from different institutions can have more access to the information.""One of the most complicated aspects is the VPN Configuration, which should be simplified in future releases.""It would help if they were easier to deploy, without needing more technical people. It would be nice if we could just give basic information, how to connect, and that would be all, while the rest of the setup could be done remotely.""The pricing for the Check Point products should be reconsidered - we found it to be quite expensive to purchase, and to maintain (the licenses and the support services need to be prolonged regularly).""The biggest improvement they could make is having one software to install on all three levels of their products, so that the SMBs, the normal models, and the chassis would all run the same software. Now, while there is central management, everything that has to be configured on the gateway itself works differently on the three kinds of devices.""I would like the user interface to be more user-friendly. I want the UI to be easier to use than Check Point's competitors.""The area where Check Point can improve is the antivirus, as it only provides a small number of updates for it. Updates should be more frequent."

More Check Point NGFW Cons →

Pricing and Cost Advice
  • "Cisco pricing is premium. However, they gave us a 50 to 60 percent discount."
  • "There are additional implementation and validation costs."
  • "Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed."
  • "This product requires licenses for advanced features including Snort, IPS, and malware detection."
  • "This product is expensive."
  • "For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
  • "The price of Firepower is not bad compared to other products."
  • "The solution was chosen because of its price compared to other similar solutions."
  • More Cisco Firepower NGFW Firewall Pricing and Cost Advice →

  • "Azure Firewall is more expensive. If Microsoft can make Azure Firewall cheaper, I can see that all clients will think of using it. One client used FortiGate because it is much cheaper. Some clients ask me for Cisco, but in the cloud estimate, I found its cost is the same as Azure Firewall."
  • "Azure Firewall is quite an expensive product."
  • "The licensing module is good."
  • "The total cost of ownership is much less than Palo Alto, Cisco, or any other brand."
  • "It is pay-as-you-go. So, you pay based on the usage. If I remember it well, there is a basic fee, and there is a traffic fee. It is not per month. It is per hour or something like that. It is not so expensive."
  • "Azure Firewalls operate on a pay-as-you-go model, similar to cloud services."
  • More Azure Firewall Pricing and Cost Advice →

  • "Maybe the pricing is a bit high but you get the durability and the duration."
  • "Licensing issues may be confusing at times."
  • "It is quite an expensive product, although security is a top priority."
  • "This product is not cheap and there are additional costs that depend on what model or package that you buy."
  • "Palo Alto is somehow not as good as Check Point, budget-wise and performance-wise. Palo Alto is more costly than Check Point."
  • "Comparatively, Check Point pricing is a little high. However, if you have that budget, I would recommend anybody to go with Check Point."
  • "The pricing and licensing are expensive. If you compare it with Fortinet, then it is cheaper on a yearly basis. However, Check Point is the most expensive firewall right now in terms of licenses and its appliance. My recommendation is if you want a long-term investment, then you should use an open server. If you use an open server, then the latency is really low. If you pay for a full appliance, it's more expensive."
  • "Use the basic sizing tool to do the correct sizing so you don't waste too much money, because it's not a very cheap solution when compared to other vendors."
  • More Check Point NGFW Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    564,599 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: 
    When you compare these firewalls you can identify them with different features, advantages, practices and… more »
    Top Answer: 
    The Cisco Firepower NGFW Firewall is a very powerful and very complex piece of anti-viral software. When one considers… more »
    Top Answer: 
    It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
    Top Answer: 
    Azure Firewall Vs. Palo Alto Network NG Firewalls Both solutions provide stellar stability and security. Azure… more »
    Top Answer: 
    Both products are very stable and easily scalable. The setup of Azure Firewall is easy and very user-friendly and the… more »
    Top Answer: 
    Both of these solutions are excellent options that provide flexible scalability and solid security. Fortinet Fortigate… more »
    Top Answer: 
    I have experience on both from Disti and channel experience. Please find below my comments (nothing new as such)… more »
    Top Answer: 
    Azure Firewall is easy to use and provides excellent support. Valuable features include integration into the overall… more »
    Top Answer: 
    The central management console has helped with segregation, where planned interventions with management consoles do not… more »
    Comparisons
    Also Known As
    Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
    Check Point NG Firewall, Check Point Next Generation Firewall
    Learn More
    Overview

    Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
    small/branch offices to high performance data centers and service providers. Available in a wide
    range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
    defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
    Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
    features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
    volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
    for increased performance, high availability configurations, and more.
    Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
    deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
    the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
    can deliver micro-segmentation to protect east-west network traffic.
    Cisco firewalls provide consistent security policies, enforcement, and protection across all your
    environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
    delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
    SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
    greater simplicity, visibility, and efficiency.
    Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

    Azure Firewall is a user-friendly, intuitive, cloud-native firewall security solution that provides top-of-the-industry threat protection for all your Azure Virtual Network resources. Azure Firewall is constantly and thoroughly analyzing all traffic and data packets, making it a very valuable and secure fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability. Azure Firewall allows users to create virtual IP addresses and provides for secure DDoS protection for the virtual machines on your network. It also provides fast and efficient east-west and north-south traffic security.

    Azure Firewall is a managed, cloud-based network security service built to protect your Azure Virtual Network resources. It is a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability.

    Azure Firewall has two significant offerings, Standard and Premium.

    Azure Firewall Standard works directly with Microsoft Cyber Security and supplies excellent L3-L7 filtering and threat awareness. The proactive real-time threat awareness will quickly alert you and immediately deny all traffic to and from any known problematic or suspicious domains or IP addresses. Microsoft Cyber Security is updated continually to protect against all new and known potential threats at all times. To learn more about Azure Firewall Standard, click here.

    Azure Firewall Premium provides everything the standard version does, and additionally adds extra levels of data encryption, network intrusion detection, extended URL filtering, and Web category filters. To learn more about the added features of Azure Firewall Premium, click here.

    Key Benefits and Features of Azure Firewall:

    • High availability - You do not need load balancers with Azure Firewall; it's already built in and ready to go.
    • Self-scalability - Azure Firewall is intuitive and will auto-scale as needed based on traffic flow to be ready for peak traffic times.
    • Threat awareness - Using Microsoft Cyber Security to filter traffic, Azure Firewall will deny any known problematic threats to keep your network safe.
    • Additional IP addresses - You can securely add up to 250 public IP addresses with Azure Firewall
    • Improved web category filtering - You can set up specific protocols to allow or deny categories within websites that are deemed inappropriate for use within your network. You have the ability to organize categories based on a defined set of descriptions.

    What our real users have to say:

    Many IT CEntral Station (soon to be Peerspot) users found Azure Firewall to be very user-friendly and easy to use. They liked that it offers seamless integration to the cloud and were especially pleased with the threat filtering options.

    Regarding integration and threat intelligence, our users wrote:

    “The most valuable feature is the integration into the overall cloud platform.”

    The most valuable feature is threat intelligence. It is based on filtering and can identify multiple threats.”

    I think that one of the best features is definitely the premium version, along with the IDPs in terms of the intrusion detection and prevention system.”



    Offered via the Check Point Infinity architecture, Check Point’s NGFW includes 23 Firewall models optimized for running all threat prevention technologies simultaneously, including full SSL traffic inspection, without compromising on security or performance. Learn More about Next Generation Firewall and What is Firewall?

    Offer
    Learn more about Cisco Firepower NGFW Firewall
    Learn more about Azure Firewall
    Learn more about Check Point NGFW
    Sample Customers
    Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield
    Information Not Available
    Control Southern, Optimal Media
    Top Industries
    REVIEWERS
    Comms Service Provider22%
    Financial Services Firm16%
    Manufacturing Company8%
    Non Profit8%
    VISITORS READING REVIEWS
    Comms Service Provider33%
    Computer Software Company21%
    Government7%
    Manufacturing Company4%
    REVIEWERS
    Computer Software Company23%
    Financial Services Firm23%
    Government15%
    Manufacturing Company15%
    VISITORS READING REVIEWS
    Computer Software Company30%
    Comms Service Provider22%
    Government6%
    Financial Services Firm5%
    REVIEWERS
    Financial Services Firm26%
    Computer Software Company15%
    Comms Service Provider8%
    Retailer6%
    VISITORS READING REVIEWS
    Comms Service Provider33%
    Computer Software Company22%
    Government6%
    Financial Services Firm6%
    Company Size
    REVIEWERS
    Small Business43%
    Midsize Enterprise28%
    Large Enterprise29%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise13%
    Large Enterprise65%
    REVIEWERS
    Small Business23%
    Midsize Enterprise18%
    Large Enterprise59%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise13%
    Large Enterprise69%
    REVIEWERS
    Small Business23%
    Midsize Enterprise19%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise24%
    Large Enterprise56%
    Find out what your peers are saying about Azure Firewall vs. Check Point NGFW and other solutions. Updated: January 2022.
    564,599 professionals have used our research since 2012.

    Azure Firewall is ranked 19th in Firewalls with 20 reviews while Check Point NGFW is ranked 2nd in Firewalls with 160 reviews. Azure Firewall is rated 7.2, while Check Point NGFW is rated 8.8. The top reviewer of Azure Firewall writes "Good value for your money, good URL filtering, supports intrusion prevention, and is stable". On the other hand, the top reviewer of Check Point NGFW writes "Central architecture means we can see an end-to-end picture of attacks". Azure Firewall is most compared with Palo Alto Networks NG Firewalls, Palo Alto Networks VM-Series, Fortinet FortiGate-VM, Cisco ASA Firewall and Sophos XG, whereas Check Point NGFW is most compared with Fortinet FortiGate, Palo Alto Networks NG Firewalls, Meraki MX, Cisco ASA Firewall and Juniper SRX. See our Azure Firewall vs. Check Point NGFW report.

    See our list of best Firewalls vendors.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.