We performed a comparison between Check Point NGFW and Cisco Secure Firewall based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Check Point users are happier with its VPN and with its pricing. However, Cisco Secure users are happier with its service and support.
"The management console is pretty simple, so anyone who understands networking can initially deploy the solution."
"The solution is highly scalable because they have devices that can handle a large amount of traffic."
"The solution is stable."
"FortiGate firewalls are user-friendly, and I like the security profiling features."
"It's a user-friendly firewall. Most of the tasks are very simple. It's simple to configure and troubleshoot this firewall."
"Secure, user-friendly, stable, and scalable network security solution. Installation is straightforward."
"The most valuable features of Fortinet FortiGate are the ease of use and there are several operating systems that can include the hardware capacities. In the newer releases, the resources were more useful because they were included in the operating system."
"The Fortinet FortiGate local partners were good. I did not have direct contact with Fortinet support."
"The level of security is excellent. It protects our organization well."
"It creates granular security policies based on users or groups to identify, block or limit the usage of web applications."
"The threat emulation blade and user identity awareness feature has helped us a lot in terms of perimeter security and have given us granular visibility of user access."
"I think that the most valuable feature is the prevention of known and zero-day threats because they are constantly trying to access your company and compromise its data."
"The Smart Dashboard allows for rule creation and administration and management and is user-friendly."
"It's offering great security while also being rather easy to manage."
"It excels in malware prevention, utilizing features like fan black pattern and vulnerability-driven detection, ensuring comprehensive security against evolving threats."
"The uncomplicated configuration ensures that mistakes are avoided and rules are easily audited."
"The feature my customers find the most valuable is the exportability."
"Their performance is most valuable."
"On the network side, where you create your rules for allowing traffic — what can come inside and what can go out — that works perfectly, if you know what you want to achieve. It protects you."
"IPSec Tunnel and AnyConnect (of course), the context awareness was a good feature, but clumsy at the beginning. I think it's better now."
"Cisco's technical support is the best and that's why everybody implements their products."
"Because of the deeper inspection it provides we have better security and sections that allow users broader access."
"IPS and Snort are very important because they also differentiate Cisco from other vendors and competitors."
"The most valuable feature of the Firepower solution is FireSIGHT, which can be easily managed and is user-friendly."
"Fortinet FortiGate could improve if it had a cloud-managed solution."
"The logs need to be better. They need to be more visible and easier to access."
"The customization could be improved. Cisco, for example, is much better at this. They need to work to be at least as good as they are."
"They've become quite expensive."
"There are problems with the custom reporting of the unique traffic. The data is there, but it is too difficult for us to extract."
"We would like to see better pricing."
"I think they need to improve more in order to be a competitor with the leaders of the field."
"I could not configure sFlow from the FortiGate graphical user interface. I realized that the sFlow configuration is available only from the CLI, and discovered that sFlow is not supported on virtual interfaces, such as VDOM links, IPsec, or GRE."
"I have had some issues in the past with the desktop client being slow to come up for logging in, and then slow to respond to screen changes, however, overall, it really hasn't been too bad."
"We need east/west Check Point firewalls in order to do micro-segmentation."
"IoT should be considered in future development."
"I would like less CPU-intensive features to be introduced to replace the existing heavy-duty processes."
"The only thing that we've seen is instances where console and administrative interfaces get locked up or freeze, and we have to get the machine rebooted."
"SmartEvent Settings and Policy GUI, and the rest of external apps should be improved."
"The only downside to Check Point, is, due to the vast expanse of configurable options, it does become easily overwhelming."
"The complexity could be fixed. It's a bit complex to set up, for example."
"Most of the features don't work well, and some features are missing as well."
"We would really like to see dual dual power supplies for some Cisco Firewall products."
"One of my main concerns, an area that could use improvement is in adjusting the need to buy a license to enable features."
"The dashboard can be improved."
"The worst part of the entire solution, and this is kind of trivial at times, is that management of the solution is difficult. You manage FireSIGHT through an internet browser. I've had Cisco tell me to manage it through Firefox because that's how they develop it. The problem is, depending on the page you're on, they don't function in the same way. The pages can be very buggy, or you can't resize columns in this one, or you can't do certain things in that one. It causes a headache in managing it."
"The policies module in FMC specifically isn't the most user-friendly. Coming from Cisco ASA, Cisco ASA is a little bit easier to use. When you get into particularly complex deployments where you have a lot of different interfaces and all that kind of stuff, it's a little bit tricky. Some usability improvements there would be nice."
"The scalability has room for improvement."
"This product is managed using the Firepower Management Center (FMC), but it would be better if it also supported the command-line interface (CLI)."
Check Point NGFW is ranked 5th in Firewalls with 277 reviews while Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews. Check Point NGFW is rated 8.8, while Cisco Secure Firewall is rated 8.2. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Netgate pfSense, Azure Firewall and OPNsense, whereas Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and OPNsense. See our Check Point NGFW vs. Cisco Secure Firewall report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.