Cisco Secure Firewall vs. Stonesoft Firewall (Discontinued)

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Cisco Secure Firewall
Score 7.0 out of 10
N/A
Cisco Secure Firewall (formerly Cisco Firepower NGFW) is a firewall product that integrates with other Cisco security offerings. It provides Advanced Malware protection, including sandboxing environments and DDoS mitigation. Cisco also offers a Next Generation Intrusion Prevention System, which provides security across cloud environments using techniques like internal network segmentation. The firewall can be managed locally, remotely, and via the cloud. The product is scalable to the scope of…N/A
Stonesoft Firewall (Discontinued)
Score 7.8 out of 10
N/A
Stonesoft firewalls were acquired and rebranded as McAfee Firewall Enterprise (MFE), then divested by McAfee and acquired by Forcepoint in 2016, and have reached end of life (EOL).N/A
Pricing
Cisco Secure FirewallStonesoft Firewall (Discontinued)
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Cisco Secure FirewallStonesoft Firewall (Discontinued)
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
Cisco Secure FirewallStonesoft Firewall (Discontinued)
Top Pros
Top Cons
Features
Cisco Secure FirewallStonesoft Firewall (Discontinued)
Firewall
Comparison of Firewall features of Product A and Product B
Cisco Secure Firewall
6.3
45 Ratings
30% below category average
Stonesoft Firewall (Discontinued)
-
Ratings
Identification Technologies6.440 Ratings00 Ratings
Visualization Tools5.441 Ratings00 Ratings
Content Inspection7.443 Ratings00 Ratings
Policy-based Controls7.044 Ratings00 Ratings
Active Directory and LDAP7.539 Ratings00 Ratings
Firewall Management Console5.844 Ratings00 Ratings
Reporting and Logging5.545 Ratings00 Ratings
VPN7.539 Ratings00 Ratings
High Availability6.343 Ratings00 Ratings
Stateful Inspection6.342 Ratings00 Ratings
Proxy Server4.925 Ratings00 Ratings
Best Alternatives
Cisco Secure FirewallStonesoft Firewall (Discontinued)
Small Businesses
WatchGuard Network Security
WatchGuard Network Security
Score 9.2 out of 10
WatchGuard Network Security
WatchGuard Network Security
Score 9.2 out of 10
Medium-sized Companies
Cisco Firepower 4100 Series
Cisco Firepower 4100 Series
Score 9.3 out of 10
Cisco Firepower 4100 Series
Cisco Firepower 4100 Series
Score 9.3 out of 10
Enterprises
Next-Generation Firewalls - PA Series
Next-Generation Firewalls - PA Series
Score 9.3 out of 10
Next-Generation Firewalls - PA Series
Next-Generation Firewalls - PA Series
Score 9.3 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Cisco Secure FirewallStonesoft Firewall (Discontinued)
Likelihood to Recommend
6.2
(45 ratings)
7.0
(1 ratings)
Likelihood to Renew
4.5
(1 ratings)
-
(0 ratings)
Usability
8.2
(2 ratings)
-
(0 ratings)
Availability
9.1
(1 ratings)
-
(0 ratings)
Support Rating
7.3
(7 ratings)
-
(0 ratings)
Implementation Rating
7.3
(1 ratings)
-
(0 ratings)
User Testimonials
Cisco Secure FirewallStonesoft Firewall (Discontinued)
Likelihood to Recommend
Cisco
If you are already using [a] Cisco product like the Cisco ASA Series and you need more security on layer 7 then you can upgrade with firepower. This is well suited for middle and big organizations. If your company deals with credit card information then you should buy this firewall. It provides you all the features to stop any type of advanced attack on your organization
Read full review
Discontinued Products
Any scenario where a dedicated firewall administrator is on staff and a secure firewall solution that requires high availability is needed will be a good solution for the McAfee Firewall Enterprise product. The McAfee Firewall Enterprise however comes with some of its own parlance that is different from other vendors and does require some comfort on the administrators side when it comes to working in the command line. Added knowledge of protocols and how they interact is a must for any firewall admin but particularly for the McAfee Firewall Enterprise product due to its flexible nature. If the environment is to be mostly hands off where a very limited rule set is to be configured and not likely to change often, I would defer to a different product
Read full review
Pros
Cisco
  • Cisco Firepower NGFW (formerly Sourcefire) shows a very detailed report of traffic that it finds as malicious. From Capturing Pcaps to generating analytics corresponding to an incident it makes it very easy for us analysts to decide the next steps.
  • Cisco Firepower NGFW (formerly Sourcefire) has search functionality that allows us to go very specific while on the managing window, unlike Palo Alto Panorama.
Read full review
Discontinued Products
  • Based on the SecureComputing Sidewinder firewalls, the McAfee Firewall Enterprise does similar backend containerization of each service which provides for added security in the unlikely event of failures or breeches.
  • Tie in reporting services (if used by the admin) provide very granular details on rules accessed and the firewalls response to the requests.
  • Configurable options are plentiful. Unbound DNS can be configured on each "burb" (SecureComputing/McAfee parlance for interface), similar options for sendmail while rulesets can be configured at the application level down to simple IP-filter making options for enhancing security as well as troubleshooting equally as useful.
  • Full control over shell for scripting and/or scheduling (cron) purposes.
  • Solid HA and patching architecture.
  • Support was always helpful, knowledgeable and insightful (especially the staff that migrated from SecureComputing).
Read full review
Cons
Cisco
  • Support for native VXLAN
  • CLI support on the FTDs
  • Support for all the BGP features, there are commands that show issues with network subnets being received or advertised.
  • Show BGP neighbor x.x.x.x received-routes
  • This shows an issue that soft-inbound is not applied when it is applied.
Read full review
Discontinued Products
  • For an application-layer firewall the applications supported (at the time I managed them) were too few and would need to be expanded and the application ruleset needed to be expanded as well.
  • The remote access VPN client configuration was overly complex for the average user and would need to be supplemented with a configuration file that had already been generated. Other solutions from CheckPoint or Cisco ASA are not as complex for end user remote access.
  • Enhancing the GUI with a builtin "packet capture" feature would be useful for administrators not familiar with tcpdump.
Read full review
Likelihood to Renew
Cisco
There are other vendors on the market with highly complimented solutions and based on the feedback received by fellow engineers using them in production in their organizations it sounds like something worth paying attention to. Proof of concept and feature comparison with Cisco Secure Firewall will would be the next potential step. Overall, the user experience with ease of management of solutions might be the key here.
Read full review
Discontinued Products
No answers on this topic
Usability
Cisco
Solution is highly effective, offers a lot of features with constant improvements and additions of new features over time. It's relatively easy to get familiar with the system, especially if transitioning from adaptive security appliances. If this is not the case, as for learnability there's a learning curve but once learned it is relatively easy to remember the details about the system even after a period of non-use
Read full review
Discontinued Products
No answers on this topic
Reliability and Availability
Cisco
As for the availability, in general we did not experience any issues with it, neither in situations where there's only one physical device implemented nor when there's and High Availability pair. Failover works like a charm, no complaints here, it works as it should and so far it has been highly reliable.
Read full review
Discontinued Products
No answers on this topic
Support Rating
Cisco
Customer service has been great. TAC has been mostly able to identify and fix problems that we may have and have been very responsive. If for some reason something isn't fixed right away, they have been adamant on staying with us and working the issues out before things get escalated up the chain.
Read full review
Discontinued Products
No answers on this topic
Implementation Rating
Cisco
In the beginning transition from Adaptive Security Appliance to Cisco Secure Firewall did not look like the best choice. Solution was new, there were a lot of bugs and unsupported features and the actual execution in the form of configuration via Firepower Management Center was extremely slow. Compare configuring a feature via CLI on ASA in a manner of seconds (copy/paste) to deployment via FMC to Secure Firewall which took approx. 10 mins (no exaggeration). Today, situation is a bit different, overall solution looks much more stable and faster then it was but there's still room for improvement.
Read full review
Discontinued Products
No answers on this topic
Alternatives Considered
Cisco
We've selected the Cisco Secure firewall as there is full Layer 7 functionality. You get more features out of the box so to speak with full application visibility and control, Intrusion Prevention, SI (Security Intelligence), Adavanced Malware Protection and a whole host of other feature. Although some of these are available in Meraki, the Cisco Secure Firewall goes into the next level.
Read full review
Discontinued Products
Compared to other firewalls I've managed (Palo Alto, Cisco ASA & CheckPoint) I would say that McAfee Firewall Enterprise was probably at the time not the leader in its field however it is a product that proved its reliability and flexibility over the other vendors. The addition of many new features usually comes as a detriment to some other area (restricted CLI, decreased logging etc.). In my experience this product gave the flexibility and options that the organization needed.
Read full review
Return on Investment
Cisco
  • Cisco Secure Firewall has provided a single management interface for all of our devices.
  • We have had issues implementing 1010 in HA where a site was using a dynamic IP previously.
  • Lack of DHCP options has slowed deployment to our smaller sites.
Read full review
Discontinued Products
  • In its highly available configuration the impact on any business objective has been positive given the fact that any downtime of the firewall would negatively impact all business objectives.
Read full review
ScreenShots