Cisco offers the Firepower 2100 Series NGFW, designed to allow businesses to gain resiliency through superior security with sustained performance. The Firepower 2100 Series has a dual multicore CPU architecture that optimizes firewall, cryptographic, and threat inspection functions simultaneously, to achieve security doesn’t come at the expense of network performance.
N/A
Untangle NG Firewall
Score 7.0 out of 10
N/A
Untangle NG Firewall is an open-source firewall and gateway security platform. It offers a free core firewall platform with paid add-ons, and a cloud-based management platform with a variety of deployment options for smaller teams.
$25
per month
Pricing
Cisco Firepower 2100 Series
Untangle NG Firewall
Editions & Modules
Firepower 2100
3,000-20,000
per appliance
Open Source Firewall
$0.00
free under the GNU General Public License (GPL)
NG Firewall Complete
$25.00
per month
z4 appliance
$299
one-time purchase
z4w appliance
$329
one-time purchase
z4 Plus appliance
$399.00
one-time purchase
z6 appliance
$1199.00
one-time purchase
z12 appliance
$1999.00
one-time purchase
z20 appliance
$3499.00
one-time purchase
Offerings
Pricing Offerings
Cisco Firepower 2100 Series
Untangle NG Firewall
Free Trial
No
Yes
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
—
More Pricing Information
Community Pulse
Cisco Firepower 2100 Series
Untangle NG Firewall
Features
Cisco Firepower 2100 Series
Untangle NG Firewall
Firewall
Comparison of Firewall features of Product A and Product B
Cisco Firepower 2100 Series
8.5
2 Ratings
2% below category average
Untangle NG Firewall
8.2
6 Ratings
5% below category average
Identification Technologies
9.02 Ratings
8.06 Ratings
Visualization Tools
6.01 Ratings
7.06 Ratings
Content Inspection
9.02 Ratings
8.06 Ratings
Policy-based Controls
9.02 Ratings
8.06 Ratings
Active Directory and LDAP
9.02 Ratings
9.06 Ratings
Firewall Management Console
8.02 Ratings
9.06 Ratings
Reporting and Logging
9.02 Ratings
7.06 Ratings
VPN
10.02 Ratings
9.06 Ratings
High Availability
10.02 Ratings
9.05 Ratings
Stateful Inspection
10.02 Ratings
8.06 Ratings
Proxy Server
5.02 Ratings
8.03 Ratings
Best Alternatives
Cisco Firepower 2100 Series
Untangle NG Firewall
Small Businesses
pfSense
Score 8.8 out of 10
pfSense
Score 8.8 out of 10
Medium-sized Companies
Quantum Firewalls and Security Gateways
Score 9.3 out of 10
Quantum Firewalls and Security Gateways
Score 9.3 out of 10
Enterprises
Palo Alto Networks Virtualized Next-Generation Firewalls - VM Series
Score 9.2 out of 10
Palo Alto Networks Virtualized Next-Generation Firewalls - VM Series
The Cisco [Firepower] 2100 [Series] is an easy sell for anyone looking. You already know Cisco excels in the security department, but now that firepower lives right on the box and inline with the rest of the firewall data flow you can save yourself a lot of time and headaches. Unless you cant quite afford Cisco's 2100 line, there's not much reason to go with the competition.
Untangle is very strong in the "traditional" sense of security. That means an edge appliance that either works with an existing router or is the router itself (recommended). This approach has also been adapted well to cloud environments in order to protect virtual servers and VDI workstations. As mentioned earlier, many schools are using cloud-based filtering for their 1:1 solutions for their students. This is an area where Untangle is unable to serve. Some have used an instance of Untangle in the cloud with VPN to serve their remote needs, but it is not the same as solutions that are designed for cloud-based filtering of devices without VPN.
Web Filtering is strong, and can also do application fingerprinting to allow Facebook, but not Facebook games. Secondly, a separate partition called a "rack" can be set up to give one subnet or group of users different web filtering policies than another. For example, teachers would get more freedom to browse the web than students at a school.
Built-in SD-WAN connectivity as part of your license. IPSEC tunnel creation is also amazingly easy.
Will install on any x86 hardware created in the last 5-10 years. Ram and processor requirements per user are very low.
Reporting is phenomenal, however you can get death by details very easily.
Career-wise very familiar with the ASAs, you know, the previous gen firewalls, Pyxis, ASAs, the CHA. As far as being intuitive, those seem to be far more intuitive to learn and figure out what the features and changes and config management, all that stuff is. With Firepower, it's a learning curve and I feel like I have quite a bit of experience with it, and so does my team, but feels like it's not as intuitive, and trying to make changes just always seems harder for some reason. We've gone to some Cisco security training and all that, but even then it's just harder to work with. The other big thing is, and this is a big gripe of mine, I suppose, that on any other firewall, when we have various different manufacturers, if you make a change, you know, a simple change object, object name gets changed or object is deleted or whatever the simplest of change is, it gets implemented instantly.
With the Firepower system, you have to deploy the change and it'll take about six or seven minutes for the change to actually take, which is insanely different than any other platform where that change is instantaneous. So let's say if I'm making seven different changes for a troubleshooting job I don't know which one of the seven is gonna fix it, I do one by one by one. I'm like, oh, let me try one change, one second, change, third change, four changes. It's going to take seven deploys. And seven deploys mean it's gonna take an hour of just deploy time. So that is a big, big gripe
The full suite can be expensive for business but will be powerful enough.
The full suite for home or small office isn't that bad of a price but may be out of reach for most home users but remember the basics are FREE so anyone can get started with it.
I would like to see it promoted for mid to large businesses as I think it can handle it.
There are three main problems with this platform: - short EoL time - it is really missery because this platform was overrated from cisco sales and after shor time they accepted on EoL - sometimes problems with upgrades paths, because of strange behaviour between FXOS and ASA image on the top of it - not good performance when comparing to newer 1k platform
The phone support reps are highly competent and native-English speakers. big plus vs some other vendors with difficult to understand or less knowledgable support engineers.
In the days of purchase of Cisco Firepower 2100 series it was new platform and Cisco aimed their sailsmains to force selling this platfrom. It was one of the first platform with FXOS with full support of ASA images. It was cheper then 4k series and would be better than ASA 5500-x series (but regarding all problems with upgrades and EoL , it is not).
Untangle NG Firewall has a partnership with third parties to provide an amazing suite of applications. You pay for those. With free software, you have to wait for it to be updated. With Unifi, the hardware was too underpowered to do anything meaningful. I don't mind the monthly fees because these companies update quickly; they have a reputation to maintain.
