While always an integral part of a company\u2019s security procedures, firewalls are becoming even more important as more companies move to the cloud and software defined networks.A firewall is a network security system that controls and monitors incoming and outgoing network traffic, based on preset security parameters. Firewalls create a barrier between a secure internal network and a potentially less-secure outside network.Four of the top firewall solutions on the market are Fortinet FortiGate, Cisco ASA, Sophos UTM and Palo Alto Networks WildFire, according to online reviews by enterprise users in the IT Central Station community.But what do enterprise users really think about these tools? Here, users give a shout out for some of their favorite features, but also give the vendors a little tough love.Editor's note: These reviews of select firewall solutions come from the IT Central Station community. They are the opinions of the users and are based on their own experiences.Fortinet FortiGateValuable featuresPolicy control, web filtering, and the application filter works smoothly. Controlling and tracing with the web console works nicely for Windows systems. [It has] better QoS than Checkpoint, I believe. \u2014 Manan P., Network Engineer at a tech services companyIt's version of throughput is good. It has a strong active cluster, as you can have between three and 32 units to a cluster. \u2014 Adithyo W., Network Security Infrastructure - Tech Specialist at a tech services companyI am using different features of this product but the most valuable are - SSL VPN, Web filter, Explicit proxy, IPS, Application control and Routing. \u2014 Zain R., Senior Information Security Engineer at a tech services company.Room for improvementI'm happy with the product, however the licensing fees could be lower. \u2014 Marcin W., Senior NetOps Engineer at a tech services companyIts web interface needs to be more stable, and more functional, through the variety of browsers. Additionally a nice add-on would be a \u201cdiagnostic sniffer\u201d capability in the web interface. \u2014 Achilleas G., IP Senior Engineer at a comms service providerI'd like to see an improvement in the Bandwidth Management and Traffic limit control. \u2014 Mohammed A., IT Network Engineer at a energy\/utilities company.Read more FortiGate reviews on IT Central StationCisco ASAValuable featuresIt blocks all outside to inside traffic and only permits the specific internet traffic from the outside. VPN functionality is very useful, we can create remote access and tunnel VPN in the simplest way. \u2014 Rizwan S., Network Security Consultant at a tech services companyIt's a great solution that amalgamates a firewall and VPN into one device. It also has a well organized GUI- ASDM. \u2014 Bratislav V., System\/Network administrator at a software R&D companyRoom for improvementThe configuration\/management interface is complex and can be confusing. Technical documentation is often sparse and can be incomplete when covering specific implementations. \u2014 SecurityArch819, Global Security Architect\/Perimeter Systems Administration\/Active Directory and System Administrator at a retailerThe ASA has room for improvement in the areas of layers four through seven. I would love to see application specific control, e.g.Facebook, Gmail, etc. \u2014 Jason B., Senior Network Architect\/Owner at a tech services companyThey should make the ASA accessible via the web instead of ASDM. Also, a big improvement is needed on the transparent mode. \u2014 Bagus P., Security Engineer at a tech services companyRead more Cisco ASA reviews on IT Central Station.Sophos UTMValuable featuresValuable Features include Sophos Remote Access VPN, Country Based Firewall, Web Application Firewall, Ease of access (via browser) and Reporting. \u2014 Sanket D., Founder at a tech services companyThe web filter and the ATP (Advanced Threat Protection) are great and easy to manage, and the integrated WAF (Web Application Firewall) allows the administrator to seamlessly protect HTTP\/S services without having to pay thousands of dollars. \u2014 Juan S., CEO and Founder at a tech services companyValuable features include: reliability, usability, number of features that fully cover goals, perfect support and the possibility to get \u201cunder the hood\u201d. \u2014 Gregory O., Systems Engineer at a tech services companyRoom for improvementI wish the internet failover worked better. As it stands right now, when we have an internet failure on WAN1, it takes several minutes before our WAN2 connection picks up the traffic, with many things not working until I manually fail over to the other WAN. \u2014 Jeff B., Network Engineer II at a legal firmThe unit offers great failover and load balancing features that can be complex to understand, some streamlining of the process would help. \u2014 David D., CEO, Technologist at a tech services companyHA needs to be improved for the software appliance because if Sophos is deployed in ESXI\/Hyper-V then the HA is unstable. Also, the web application firewall only allows the use of ports 80 and 443, and if we could use others ports than that would be a welcome addition. \u2014 Arnold B., IT\/Telecom Specialist at a comms service providerRead more Sophos UTM reviews on IT Central Station.Palo Alto Networks WildfireValuable featuresIt can do sandboxing on the premises, and it can be directly integrated with Palo Alto NGFW. The malware information on the file that has been sandboxing will be directly updated to the Palo Alto NGFW, and added to the Palo Alto Networks NGFW malware signature library. \u2014 Saia647, IT Security Engineer at a tech services companyIt has one of the best WebUIs that I have used, because at a glance looks simple, but offers us a lot of options to secure all the traffic that is passing through the device (or all traffic that the user decides to pass through). \u2014 Jes\u00fas A., Presales Technical Consultant at a tech services companyApp-ID User-I.D, ease of deployment, usability and the filtering mechanism like SP3 Engine. \u2014 Girish V., Senior Service Delivery Engineer at a comms service providerRoom for improvementInspection over different protocols (not just HTTP\/FTP) Inspecting more file types Providing information back to the community that it uses to support its product. \u2014 Eric M., Chief Information Security Officer at a financial services firmI'd like to see a wizard to create IPSec VPNs. They need to improve the graphics to show the network behavior. \u2014 Jes\u00fas A., Presales Technical Consultant at a tech services companyIP SLA tracking GRE tunnel support. I believe these are the major improvements in the pipeline. \u2014 Girish V., Senior Service Delivery Engineer at a comms service providerRead more Palo Alto Networks Wildfire reviews on IT Central Station.