"The most valuable features of this solution are the integrations and IPS throughput."
"One of the most valuable features of Firepower 7.0 is the "live log" type feature called Unified Event Viewer. That view has been really good in helping me get to data faster, decreasing the amount of time it takes to find information, and allowing me to fix problems faster. I've found that to be incredibly valuable because it's a lot easier to get to some points of data now."
"If configured, Firepower provides us with application visibility and control."
"The dashboard is the most important thing. It provides good visibility and makes management easy. Firepower also provides us with good application visibility and control."
"The customer service/technical support is very good with this solution."
"It's got the capabilities of amassing a lot of throughput with remote access and VPNs."
"There are no issues that we are aware of. It does its job silently in the background."
"The most important feature is the intensive way you can troubleshoot Cisco Firepower Firewalls. You can go to the bit level to see why traffic is not handled in the correct way, and the majority of the time it's a networking issue and not a firewall issue. You can solve any problem without Cisco TAC help, because you can go very deeply under the hood to find out how traffic is flowing and whether it is not flowing as expected. That is something I have never seen with other brands."
"The most valuable feature for us is the VSX, the virtualization."
"Check Point is very administrator-friendly and the SmartDashboard is easy to use."
"There are many useful features including the Office VPN, which provides us with a seamless connection for users who are working remotely."
"I use it as well as a VM. We use it a lot because we have all fiber optic connections, so we could use almost all of that. The federation is beautiful because I can transfer all traffic to my main site where I can use just one link to the internet, and I can use it as a proxy as well. It is good to keep control and security."
"The features that are important include: IPS, sandbox, SandBlast, Anti-Bot, and URL filtering."
"In R80.10 and above, you can view logs in SmartConsole. You don't have to open another smart tracker to view logs. That is the improvement Check Point has done which makes it better because it is much easier to find logs. This saves time, approximately 40 to 50 a day in one shift."
"The easy and standardized management interface, now with a complete and functional API mechanism, provides the administrator several ways of managing the solution."
"The uncomplicated configuration ensures that mistakes are avoided and rules are easily audited."
"The management console is pretty simple, so anyone who understands networking can initially deploy the solution."
"The most valuable feature of this solution is Quota."
"I think that the UTM features are the most value, as it truly protects my infrastructure."
"It is a safe product."
"The solution is stable."
"I only deal with it from a security analyst's point of view. I don't really get into the features of the actual FortiGate. From the security point of view, it works, and it does its job."
"FortiGate is flexible and easy to use."
"It's inexpensive compared to some of the other technology out there."
"I believe that the current feature set of the device is very good and the only thing that Cisco should work on is improving the user experience with the device."
"The solution could offer better control that would allow the ability to restrictions certain features from a website."
"The product line does not address the SMB market as it is supposed to do. Cisco already has an on-premises sandbox solution."
"Cisco makes horrible UIs, so the interface is something that should be improved."
"The change-deployment time can always be improved. Even at 50 seconds, it's longer than some of its competitors. I would challenge Cisco to continue to improve in that area."
"The initial setup can be a bit complex for those unfamiliar with the solution."
"One feature I would like to see, that Firepower doesn't have, is email security. Perhaps in the future, Cisco will integrate Cisco Umbrella with Firepower. I don't see why we should have to pay for two separate products when both could be integrated in one box."
"I would like it to have faster deployment times. A typical deployment could take two to three minutes. Sometimes, it depends on the situation. It is better than it was in the past, but it could always use improvement."
"The only reasons we are looking at other solutions are price and integration."
"They should integrate all blades to use a single policy rather than multiple."
"They have few predefined reports and it would be nice to increase them since the logs are excellent."
"There have been a few requests/issues about the Identity Awareness feature."
"Management: Check Point should move away from its current architecture wherein it mandatorily requires a management server to manage the gateways. They should develop A feature in the gateway itself so that no management server is needed for policy and gateway management."
"The client for the central tools is very big - maybe using web access in future releases, similar to other vendors should be possible."
"I hope for product simplification. It would be better to use one security console, instead of many of them (for licensing and monitoring). The solution is hard for newcomers and takes much time to deep in. Also, I want a historical graph for throughput and system resources usage. Maybe it will be great to make easy step-by-step installation and configuration cookbooks as Fortinet did, and integrate the documentation within the solution."
"The management of memory in the hardware needs to improve. They have had a lot of issues with memory leakage."
"You do need some IT knowledge in order to effectively work with the solution."
"We would like to see better pricing."
"The support costs and licensing are sometimes so expensive."
"To the best of my knowledge, Fortinet does not have a CASB solution and Fortinet does not have a Zero trust solution."
"The integration with third-party tools may be something that they should work on."
"They can do more tests before they release new versions because I would like to be more assured. We had some experiences where they release something new and great, but some of the old features are disabled or they don't work well, which impacts the product satisfaction. The manufacturer should be able to prove that everything works or not only that it might work. This is applicable to most of the other services, software, and hardware companies. They all should work on this. We cannot trust every new release, such as a beta release, on the first day. We wait for some comments on the forums and from other companies that we know. We always wait a few weeks before we use the updated version. They should also extend the VPN client application, especially for Linux versions. Currently, it has an application for Linux devices, but it doesn't work the way we want to connect to the VPN. They use only the old connection, not the new one. They have VPN client applications for Windows and Mac, but they can add more useful features to better manage the devices and monitor the current health of each device. Such features would be helpful for our company."
"Technical support could be better. You don't always get the level of help you need right away."
"The performance and speed are aspects of the solution that could always be improved upon."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Offered via the Check Point Infinity architecture, Check Point’s NGFW includes 23 Firewall models optimized for running all threat prevention technologies simultaneously, including full SSL traffic inspection, without compromising on security or performance. Learn More about Next Generation Firewall and What is Firewall?
The FortiGate family of NG firewalls provides proven protection with unmatched performance across the network, from internal segments, to data centers, to cloud environments. FortiGates are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.
Check Point NGFW is ranked 2nd in Firewalls with 160 reviews while Fortinet FortiGate is ranked 1st in Firewalls with 98 reviews. Check Point NGFW is rated 8.8, while Fortinet FortiGate is rated 8.4. The top reviewer of Check Point NGFW writes "Central architecture means we can see an end-to-end picture of attacks". On the other hand, the top reviewer of Fortinet FortiGate writes "Stable, easy to set up, and offers good ROI". Check Point NGFW is most compared with Azure Firewall, Palo Alto Networks NG Firewalls, Meraki MX, Cisco ASA Firewall and Juniper SRX, whereas Fortinet FortiGate is most compared with Cisco ASA Firewall, pfSense, Meraki MX, Sophos XG and SonicWall TZ. See our Check Point NGFW vs. Fortinet FortiGate report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.