Cisco Secure Firewall (formerly Firepower NGFW) vs Stonesoft Firewall (Discontinued)

Likelihood to Recommend

Excellent enterprise grade solution with full features to perform any security scenario. Available licenses that can be customized to suit the security needs. Backed by Cisco Talos security centre that provides IPS and security signatures to keep the business protected at all times. Backed by manufacturer support and excellent help desk resources.

Read full review

Victor Lau

Network Architect

BSSTelecommunications, 10,001+ employees

View all 8 answers on this topic

Any scenario where a dedicated firewall administrator is on staff and a secure firewall solution that requires high availability is needed will be a good solution for the McAfee Firewall Enterprise product. The McAfee Firewall Enterprise however comes with some of its own parlance that is different from other vendors and does require some comfort on the administrators side when it comes to working in the command line. Added knowledge of protocols and how they interact is a must for any firewall admin but particularly for the McAfee Firewall Enterprise product due to its flexible nature. If the environment is to be mostly hands off where a very limited rule set is to be configured and not likely to change often, I would defer to a different product

Read full review

Jacob Corzine

Systems Engineer

University of Florida Jacksonville Physicians, Inc.Financial Services, 501-1000 employees

View all 1 answers on this topic

Feature Rating Comparison

Cisco Secure Firewall (formerly Firepower NGFW)

Stonesoft Firewall (Discontinued)

Identification Technologies

Visualization Tools

Content Inspection

Policy-based Controls

Active Directory and LDAP

Firewall Management Console

Reporting and Logging

VPN

High Availability

Stateful Inspection

Proxy Server

Pros

Its very fast
Cisco products are generally very stable.
Cisco is on top of bug fixes.
You get well built hardware at this price point.
Compatibility with most 3rd party equipment.

Read full review

Verified User

Manager in Information Technology

Government Administration Company, 501-1000 employees

View all 8 answers on this topic

Based on the SecureComputing Sidewinder firewalls, the McAfee Firewall Enterprise does similar backend containerization of each service which provides for added security in the unlikely event of failures or breeches.
Tie in reporting services (if used by the admin) provide very granular details on rules accessed and the firewalls response to the requests.
Configurable options are plentiful. Unbound DNS can be configured on each "burb" (SecureComputing/McAfee parlance for interface), similar options for sendmail while rulesets can be configured at the application level down to simple IP-filter making options for enhancing security as well as troubleshooting equally as useful.
Full control over shell for scripting and/or scheduling (cron) purposes.
Solid HA and patching architecture.
Support was always helpful, knowledgeable and insightful (especially the staff that migrated from SecureComputing).

Read full review

Jacob Corzine

Systems Engineer

University of Florida Jacksonville Physicians, Inc.Financial Services, 501-1000 employees

View all 1 answers on this topic

Cons

The integration between ASA/Firewall functions and SourceFire functions could use some work.
Some little glitches in the interface which require refreshes or additional clicks.
Cost is high but it is likely because you're now buying two products in one.

Read full review

Verified User

Engineer in Engineering

Government Administration Company, 501-1000 employees

View all 8 answers on this topic

For an application-layer firewall the applications supported (at the time I managed them) were too few and would need to be expanded and the application ruleset needed to be expanded as well.
The remote access VPN client configuration was overly complex for the average user and would need to be supplemented with a configuration file that had already been generated. Other solutions from CheckPoint or Cisco ASA are not as complex for end user remote access.
Enhancing the GUI with a builtin "packet capture" feature would be useful for administrators not familiar with tcpdump.

Read full review

Jacob Corzine

Systems Engineer

University of Florida Jacksonville Physicians, Inc.Financial Services, 501-1000 employees

View all 1 answers on this topic

Usability

Cisco Secure Firewall (formerly Firepower NGFW) 8.0

Based on 1 answer

It's overall very great, however the Management Console needs updating to fix the slowness of policy and rule deployments.

Read full review

Kenneth Ma

AVP Network Security Team Lead

East West BankFinancial Services, 1001-5000 employees

View all 1 answers on this topic

No score

No answers yet

No answers on this topic

Support Rating

Cisco Secure Firewall (formerly Firepower NGFW) 8.0

Based on 6 answers

Cisco support is not at all suitable for this product, at least. It takes a long for them to help us with our server issues. A lot of the time, the customer support person keeps on redirecting calls to another person. They need to be well versed with the terminologies of the product they are supporting us with. Support needs a lot of improvement. Cisco Fire Linux OS, the operating system behind Cisco Firepower NGFW (formerly Sourcefire), also doesn't receive regular patches. In short, average customer service.

Read full review

Kuntal Das

Graduate Research Assistant

University of Colorado DenverHigher Education, 5001-10,000 employees

View all 6 answers on this topic

No score

No answers yet

No answers on this topic

Alternatives Considered

We selected Firepower after evaluating all features in nonproduction environment and validated against other similar vendors such as Fortinet, Palo Alto, Checkpoint, Sophos and Watchguard. NGFW provides flexibility in selecting the licensing model and is very cost-effective, easy to integrate with third-party tools and applications and offers user-friendly control.

Read full review

Verified User

Manager in Information Technology

Information Technology and Services Company, 10,001+ employees

View all 8 answers on this topic

Compared to other firewalls I've managed (Palo Alto, Cisco ASA & CheckPoint) I would say that McAfee Firewall Enterprise was probably at the time not the leader in its field however it is a product that proved its reliability and flexibility over the other vendors. The addition of many new features usually comes as a detriment to some other area (restricted CLI, decreased logging etc.). In my experience this product gave the flexibility and options that the organization needed.

Read full review

Jacob Corzine

Systems Engineer

University of Florida Jacksonville Physicians, Inc.Financial Services, 501-1000 employees

View all 1 answers on this topic

Return on Investment

Not having security levels on the Cisco Firepower NGFW (formerly Sourcefire) negatively impacted when we cutover.
It has been rock solid in the running, has not been any downtime.

Read full review

Cody Plassmeyer

IT Network Specialist

Central Electric Power CooperativeUtilities, 51-200 employees

View all 8 answers on this topic

In its highly available configuration the impact on any business objective has been positive given the fact that any downtime of the firewall would negatively impact all business objectives.

Read full review

Jacob Corzine

Systems Engineer

University of Florida Jacksonville Physicians, Inc.Financial Services, 501-1000 employees

View all 1 answers on this topic

Pricing Details

General

Free Trial

—

Free/Freemium Version

—

Premium Consulting/Integration Services

—

Entry-level set up fee?

No

General

Free Trial

—

Free/Freemium Version

—

Premium Consulting/Integration Services

—

Entry-level set up fee?

No

Rating Summary

Cisco Secure Firewall (formerly Firepower NGFW)

Stonesoft Firewall (Discontinued)

Cisco Secure Firewall (formerly Firepower NGFW)

Stonesoft Firewall (Discontinued)

Cisco Secure Firewall (formerly Firepower NGFW)

Stonesoft Firewall (Discontinued)