We performed a comparison between Check Point NGFW and Cisco Secure Firewall based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Check Point users are happier with its VPN and with its pricing. However, Cisco Secure users are happier with its service and support.
"The ease of setting the solution up is a valuable aspect for us."
"The pipe filter application is an outstanding feature."
"Overall security features and performance routing is good."
"The FortiGate controls the user's activities and maximizes my bandwidth use overall."
"The most valuable feature is the bundled subscription, which is IPS, TV and web filtering."
"FortiGate has a strong security topic which allows all of the Fortinet devices to communicate and share information which makes their security more powerful."
"From the firewall perspective, the rules and policies are very sufficient and easy to use."
"I like several features that this product has, such as antivirus and internet navigation inspection. It is also simple to use."
"I think the VSX has been the most valuable feature for us."
"I have to say that it was Application Control and web filtering are excellent."
"With the outstanding capabilities of Check Point, we managed to have stable site-to-site VPNs with all our partners and with every other vendor's devices."
"It offers a range of models to enhance network security and it can be customized to secure endpoint client machines or user devices by deploying features like malware detection, antivirus, and mail security blades."
"After introducing this NGFW, we have improved our security posture, and now, have peace of mind."
"Its functionality is highly satisfactory."
"I have not had an infected machine behind the firewall since I first installed and started using NGFW."
"Provides very good performance."
"When I was managing these firewalls, I found them easy to understand, easy to deploy, and easy to maintain as compared to some of the other firewalls I have been involved with earlier. The opinion of my coworkers is that it's easy and quick to establish new zones, expand, and maintain."
"It is a very user-friendly product."
"Logging is great. It will show when it reaches its capacity before it is too late, unless you have bursts of traffic."
"I love the ASDM (Adaptive Security Device Manager) which is the management suite. It's a GUI and you're able to see everything at a glance without using the command line. There are those who love the CLI, but with ASDM it is easier to see where everything is going and where the problems are."
"Firewall help with cybersecurity resilience. I really like this Cisco product. It's user-friendly. I don't like some other vendors. I've tried those in the past. Cisco is pretty easy. A caveman could do it."
"The remote VPN and IPsec VPN or site-to-site VPN features are valuable. The clustering feature is also valuable. We have two ISP links. Whenever there is a failover, users don't even get to know. The transition is very smooth, and the users don't notice any latency. So, remote VPN, site-to-site VPN, and failover are three very powerful features of Cisco ASA."
"It has definitely improved our organization. It gives us remote connectivity, helps workers connect remotely, and also gives us good connectivity to our other branches."
"Signature-based detection; user-defined signatures with regular expressions; integrated URL and content filtering; custom URL categories filtering."
"Some of the filtering is not robust, you can escape it with a VPN. Some of the users bypass some of the filters. It catches some but it also misses some, that area could be improved. It's functioning reasonably but there's room for improvement in that area."
"I would like some automated custom reporting."
"The security of Fortinet FortiGate could improve."
"Fortinet should focus on enhancing the capabilities of FortiGate by consolidating its various products, such as FortiGate Cloud, FortiManager, and FortiAnalyzer."
"There is one big configuration file with no separations for the unique VDOMs. Maybe they could separate individual VDOM configuration files with the root VDOM configuration file referencing the individual VDOM config files."
"They've become quite expensive."
"I think they need to improve more in order to be a competitor with the leaders of the field."
"The cloud features and integration could be improved."
"There is room for enhancement in the support system in India."
"I would like less CPU-intensive features to be introduced to replace the existing heavy-duty processes."
"Integration with a third-party authentication mechanism is tricky and needs to be planned well."
"The biggest improvement they could make is having one software to install on all three levels of their products, so that the SMBs, the normal models, and the chassis would all run the same software. Now, while there is central management, everything that has to be configured on the gateway itself works differently on the three kinds of devices."
"One feature that could be improved is the internet object in the application control/URL filtering blade."
"The interface could be better."
"The user interface for management could be improved."
"We'd like an option that can convert other vendors' NGFW configurations to supported Check Point NGFW config for ease of migration."
"It doesn't have a proper GUI to do troubleshooting, so most people have to rely on the command line."
"Managing various product integrations, such as Umbrella, is challenging."
"REST API stability needs improvement in order for customizing resource allocation available to the user rather than just being there transparently. This way users can customize REST API and tailor it to their needs."
"Initial setup can be complex. It is complex. We have to set up ASA, SFR module, and FMC separately, which sometimes requires extensive troubleshooting, even for smaller issues."
"Other products are becoming easier to access and configure. They are providing UI interfaces to configure, take backup, synchronize redundant machines, and so on. It is very easy to take backup and upgrade the images in those products. Cisco ASA should have such features. If one redundant machine is getting upgraded, the technology and support should be there to upgrade other redundant machines. In a single window, we should be able to do more in terms of backups, restores, and upgrades."
"The integration between different tools could be improved. For example, with SecureX, I am yet to find out how to forward security events to different tools such as Microsoft Sentinel, which is what we use for log detection."
"The Cisco Firewall UI could be improved."
"It's lacking one feature: VPN. Also, the 2100 Series lacks a DDoS feature. If they could add that to those platforms, that would be good."
Check Point NGFW is ranked 5th in Firewalls with 275 reviews while Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews. Check Point NGFW is rated 8.8, while Cisco Secure Firewall is rated 8.2. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Netgate pfSense, Azure Firewall and OPNsense, whereas Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and OPNsense. See our Check Point NGFW vs. Cisco Secure Firewall report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
