Coming October 25: PeerSpot Awards will be announced! Learn more

Top 8 Firewalls

Fortinet FortiGatepfSenseCheck Point NGFWCisco ASA FirewallPalo Alto Networks NG FirewallsSophos XGCisco Firepower NGFW FirewallOPNsense
  1. leader badge
    The most valuable features of Fortinet FortiGate are the APIs. They are the most widely known.The most valuable features of Fortinet FortiGate are the different types of profiling. It has been the most effective for me. The WAF and the antivirus profile are the most effective in network protection.
  2. leader badge
    It is very easy to use. The interface is quite understandable. There is a good community, and I can take over at any time I want. If there is anything wrong with it, I could just reinstall the whole thing and start all over again, and I'll be up again in less than a few minutes
  3. Buyer's Guide
    Firewalls
    September 2022
    Find out what your peers are saying about Fortinet, Netgate, Check Point and others in Firewalls. Updated: September 2022.
    634,590 professionals have used our research since 2012.
  4. leader badge
    Check Point offers virtualized systems, making it easy to scale.There is modern protection against current threats.
  5. leader badge
    It brings us the ability to work from anywhere and has allowed us to work remotely without having to incur a lot of other costs. If we didn't have this type of solution, since we have so many on-prem services that are required, we would have likely lost money and been unable to deliver. We have a video services team who helped build the content for our sporting events. When you are watching a Leaf game and those swipes come by as well as the clips and things, those are all generated in-house. Without the ability to access our on-premise resources, we would have been dead in the water. So, the return on that is pretty impressive.
  6. leader badge
    It has a solid network security with some robust tools. We can block unexpected attacks, especially zero-day attacks. Since they use the Pan-OS engine, they can collect attacks from all over the world and analyze them. They can then protect against zero-day attacks and unexpected attacks.
  7. The security of the solution, thanks to the built-in unified threat management, is one of its most valuable features. Plus, one single pane of glass is all you need to manage the whole solution, and web management can be done from anywhere.
  8. report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    634,590 professionals have used our research since 2012.
  9. We found the initial setup to be easy.I'm a big fan of SecureX, Cisco's platform for tying together all the different security tools. It has a lot of flexibility and even a lot of third-party or non-Cisco integration. I feel like that's a really valuable tool.
  10. OPNsense could improve by making the configuration more web-based rather than shell or command-line-based.It has an open license. It works very well, and there is an update every month.

Advice From The Community

Read answers to top Firewalls questions. 634,590 professionals have gotten help from our community of experts.
Rony_Sklar - PeerSpot reviewer
Rony_Sklar
PeerSpot (formerly IT Central Station)

Why or why not? If so, which are the best providers for this configuration?

PrideChieza - PeerSpot reviewer
PrideChiezaThat is very good question, for SIP we highly recommend using SIP security on… more »
12 Answers
Charudatta Kulkarni - PeerSpot reviewer
Charudatta Kulkarni
Head - UICT and Associate Professor at MIT Pune
I work in a small organization in the educational sector.  We would like to extend firewall licenses, So we need to evaluate vendors. On what criteria/basis should we compare vendors and devices?
Read More »
Jim Bachaud - PeerSpot reviewer
Jim BachaudA Firewall is only one brick in your cyber-security wall, if you will, but an… more »
10 Answers
Menachem D Pritzker - PeerSpot reviewer
Menachem D Pritzker
Director of Growth
PeerSpot (formerly IT Central Station)

Hi community, 

There are so many firewall products in the market today. Who are we going to be talking about 3-5 years from now?

imadam - PeerSpot reviewer
imadamNetscope, Zscaler if they continue route they are on now. FIrewalls needs great… more »
25 Answers
Rony_Sklar - PeerSpot reviewer
Rony_Sklar
PeerSpot (formerly IT Central Station)
There are many cybersecurity tools available, but some aren't doing the job that they should be doing.  What are some of the threats that may be associated with using 'fake' cybersecurity tools? What can people do to ensure that they're using a tool that actually does what it says it does?
Read More »
SimonClark - PeerSpot reviewer
SimonClark Dan Doggendorf gave sound advice. Whilst some of the free or cheap… more »
12 Answers
Nirmal Unagar - PeerSpot reviewer
Nirmal Unagar
Cyber Security Intern at ECS BIZTECH PRIVATE LIMITED

I'm researching Firewalls. Which NGFW do you recommend between Fortinet Fortigate and Cisco Firepower NGFW?

Thanks!

David Storey - PeerSpot reviewer
David StoreyMore than the products themselves and their capabilities, you must consider the… more »
3 Answers
Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Sep 15 2022

Hi,

When would you suggest using an internal SOC and when SOC-as-a-Service? What are the pros and cons of each?

Shibu Babuchandran - PeerSpot reviewer
Shibu BabuchandranHello, Below there are views on the pros and cons of Internal SOC and… more »
13 Answers
Ariel Lindenfeld - PeerSpot reviewer
Ariel Lindenfeld
Sr. Director of Community
PeerSpot (formerly IT Central Station)
Sep 08 2022
Let the community know what you think. Share your opinions now!
it_user339975 - PeerSpot reviewer
it_user339975Awesome answers all around! The most important aspect to look for is relative… more »
49 Answers
Rajagopal Naidu Vaddapalli - PeerSpot reviewer
Rajagopal Naidu Vaddapalli
Divisional Engineer at Aptransco
Aug 18 2022

Hi members,

What kinds of throughputs should we consider while designing/estimating the required firewall throughput in our organization?

Thank you.

Cesar Reza - PeerSpot reviewer
Cesar RezaUsually, it is the Internet bandwidth, a number of users and (in the case of… more »
5 Answers
Shibu Babuchandran - PeerSpot reviewer
Shibu Babuchandran
Regional Manager/ Service Delivery Manager at ASPL INFO Services
May 19 2022

Hi community,

What are your top 5 (or less) cyber security trends in 2022?

Thanks in advance!

Pablo Cousino - PeerSpot reviewer
Pablo Cousino1) Security in endpoints (especially because of remote work), especially to… more »
10 Answers
Niranjan Prajapati - PeerSpot reviewer
Niranjan Prajapati
Network & System Support Engineer at ITCG Solutions Pvt Ltd
Hi professionals, Which factors do you need to take into account to calculate the size of a firewall required for your network? Thanks for the help!
Read More »
Alexandre RASTELLO - PeerSpot reviewer
Alexandre RASTELLOHi Niranjan, In my case, I use this simple template: Throughput: - Total… more »
7 Answers

Firewalls Articles

Ariel Lindenfeld - PeerSpot reviewer
Ariel Lindenfeld
Sr. Director of Community
PeerSpot (formerly IT Central Station)
Aug 21 2022
We’re launching an annual User’s Choice Award to showcase the most popular B2B enterprise technology products and we want your vote! If there’s a technology solution that’s really impressed you, here’s an opportunity to recognize that. It’s easy: go to the PeerSpot voting site, complete the brie...
Read More »
Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Aug 17 2022
Hi dear community members, In this edition of PeerSpot's Community Spotlight, you can find out what your peers are discussing and join in the conversation. Ask and answer questions on the topics that interest you most! Read and respond to articles or contribute your own! Trending The...
Read More »
Evgeny Belenky - PeerSpot reviewer
Evgeny BelenkyThank you to all the community members who share their knowledge with other… more »
1 Comment
Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Jul 11 2022
Hi community members, As usual, this new Community Spotlight shares with you the latest articles, questions and trending discussions from your peers. Trending See what is trending at the moment and chime in to discuss! Top 8 Extended Detection and Response (XDR) Tools 2022 Would you reco...
Read More »
Ravi Suvvari - PeerSpot reviewer
Ravi SuvvariGood very informative
2 Comments
Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Jul 05 2022
Dear PeerSpot community members, This is our latest Community Spotlight for YOU. Here we've summarized and selected the latest posts (professional questions, articles and discussions) contributed by PeerSpot community members.  Check them out! Trending See what your peers are discussing a...
Read More »
Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)
May 30 2022
Hi peers, This is our new bi-weekly Community Spotlight that includes recent contributions (questions, articles and discussions) by the PeerSpot community members.  Articles Check the top products and solutions below (selected based on peer reviews) or contribute your own article! ...
Read More »
Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Apr 27 2022
Hi dear community members, Here we go again with a new bi-weekly Community Spotlight where we share with you recent contributions: articles, questions and discussions. Check them out below! Trending Cybersecurity Trends To Look Out For in 2022 Top 5 Network Access Control (NAC) Softw...
Read More »
Ravi Suvvari - PeerSpot reviewer
Ravi Suvvarivery good and valuable information
1 Comment
Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Apr 04 2022
Hi peers, This is our new Community Spotlight that includes recent contributions (questions, articles and discussions) by the PeerSpot community members. Trending Is RPA beneficial for a healthcare organization? With the increasing risk of cyber attacks in the west, due to the war in Ukra...
Read More »
Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Hi community members, Here we go with a new Community Spotlight. We publish it to help YOU catch up on recent contributions by community members. Trending What open-source HCI solution do you recommend? How much time does SSO save? What are the main technical differences between Microso...
Read More »
Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Hi community members, Spotlight #2 is our fresh bi-weekly community digest for you. It covers cybersecurity, IT and DevOps topics. Check it out and comment below with your feedback! Trending What are the pros and cons of internal SOC vs SOC-as-a-Service? Join The Moderator Team at IT Ce...
Read More »
Netanya Carmi - PeerSpot reviewer
Netanya Carmi
Content Manager
PeerSpot (formerly IT Central Station)
Firewall security, which provides the first barrier against malicious traffic, is essential for securing an organization’s network. Although it is a widely used tool, choosing the right solution for your organization’s needs can be tricky. In this post, we’ll walk you through how firewalls wor...
Read More »

Firewalls Topics

Why Use Firewall Software?

Firewalls are key to network security. They prevent unwanted visitors from entering your network as well as preventing in-network users from accessing websites or servers that could potentially be dangerous. It is essential to have firewall software to protect your organization’s data devices.

Who Uses Firewall Software?

Firewalls are an essential network security component, used in both personal settings as well as by businesses that need to protect large networks of computers, servers, and employees. Within a company, the digital security team is the main user of firewall solutions, and network administrators have the greatest control and use of firewall software.

What Makes the Best Firewall?

When IT Central Station (soon to be Peerspot) users were asked about what makes the best firewall, they described a number of factors that will help anyone make the right choice. Some security professionals want to know what is the best free firewall? IT Central Station reviews suggest that this is a question that should be asked only after one has assessed many basic requirements about usability and features first.

Visibility is offered as one of the most critical aspects of an effective firewall. Users want global reports and traffic visibility as well as application visibility. IT Central Station members also want the firewall to provide visibility into specific users’ behaviors. Visibility as a key point of value cuts across different types of solutions, including Windows firewalls, firewall software and network firewalls.

Ease of use and simplicity of administration also rated as high priorities for firewall buyers. A firewall should be easy to manage and configure. Easy installation is essential, as is integration. According to IT Central Station reviewers, firewalls typically function in complex, heterogeneous security environments. In parallel, solid vendor support is important. Reviewers noted that the first line of response to an issue with a firewall is almost always an in-house technical resource. That resource needs to be trained easily. If training is too cumbersome or if the firewall admin is a hard-to-find hire, the department will suffer.

Firewall users list many specific functions as “must haves.” These include intrusion protection (IPS), VPN, high throughput, data loss prevention, SSL, IPSEC, application control and web content filtering. Some users want a firewall to easily integrate with an LDAP Server or Radius Server. Anti-spam is desirable, as is anti-virus and anti-spyware protection. Users emphasize the importance of IPv6 native support as well as traffic shaping and bandwidth control.

Kinds of Firewall Software

Firewalls can either be either hardware or software. It’s best to have both kinds. A physical (hardware) firewall is a piece of equipment that you install between a gateway and the network. A software firewall is a program that you install on each computer, that regulates traffic through applications and port numbers.

  • Packet-filtering firewalls are the most common kind. They examine packets and block those that do not match the established security rules. (Usually this means that the packet’s source and destination IP addresses must match those that are “allowed.”) There are two kinds of packet-filtering firewalls. Stateless firewalls lack context when examining packets independently of one another. This makes them easy targets for cyber criminals. Stateful firewalls, on the other hand, remember information about packets that have previously passed and therefore are considered more secure. Packet-filtering firewalls provide very basic protection but they can be limited.
  • Next-generation firewalls (NGFW) have an added functionality in addition to traditional firewall technology. This might include intrusion prevention systems, encrypted traffic inspection, and antivirus NGFW also includes DPI ( deep packet inspection, which examines the data within the packet itself rather than only looking at packet headers. This enables users to identify, categorize, or block packets with malicious data more effectively.
  • Proxy firewalls filter network traffic at the application level. The proxy, unlike a basic firewall, acts as an intermediary between two end systems. Proxy firewalls use both deep impact and stateful inspection to detect malicious traffic.
  • Network address translation (NAT) firewalls operate on routers. They allow multiple devices with independent network addresses to use a single IP address to connect to the internet. This keeps the individual IP addresses hidden, providing greater security because it means that attackers can’t capture specific details. NAT firewalls are similar to proxy firewalls in that they act as intermediaries between a group of computers and outside traffic.
  • Stateful multilayer inspection (SMLI) firewalls filter packets at the transport, application, and network layers, and compare them against known trusted packets. Like NGFW firewalls, SMLI firewalls examine the entire packet and allow them to pass only if they pass each layer individually. SMLI firewalls examine packets to ensure that there is only communication with trusted sources.
Firewall Software Features
  • Access Control - Firewall solutions act as a gatekeeper, only allowing authorized users to enter the network.
  • Custom Restriction - Network administrators are able to dictate what servers and websites network users are allowed to access. These can be set to block non-business-related websites as well as to block IP addresses or servers of potential or known threats.
  • Alerts - If there is an attempt at unauthorized access, firewall solutions will send an alert about it to network administrators detailing the breach. This both helps admins understand potential threat sources as well as letting them know who within the network may be trying to access sources they shouldn’t be.
  • Automation - One benefit of firewall software is the ability to automate some of the menial tasks of network administration, such as rule-testing and monitoring. This leaves administrators with time to focus on other things.
  • Reporting - Some firewall tools will document all kinds of data, such as logins, access points, penetration attempts, and security failures.
  • Integration Capabilities - Check prospective products’ integrations lists to see how they match up with your company’s existing IT strategy and software. Various integrations and plugins can provide functions such as content filtering, device support, and data integration.
When evaluating Firewalls, what is the most important thing to look for?

You’ve been tasked with selecting a Firewall for your company. You’ve started researching different solutions, and the options are endless. What aspects of firewalls are most important when choosing one?

IT Central Station users have given their opinions of what is the most important aspect to take into account when evaluating firewalls. With a wide variety of opinions in the answers, one thing is clear – there isn’t one single aspect that can determine what’s the best firewall.

One user emphasized that the first step in selecting the right firewall starts with knowing what your network needs are: “The most important aspect to look for is relative to one question: How informed are you with the actual needs of your network? Overall I think there are too many specific details to choose any one primary aspect when selecting a security appliance and/or firewall device based on functionality alone.” He further explained that each individual case requires in-depth research depending on one’s specific network needs.

Bearing in mind that there are many considerations, here’s a snapshot of a few of the aspects that users mentioned:

  • Stability
  • Performance
  • Extensive logging
  • Price
  • Good support
  • Scalability
  • Good reporting abilities

One user noted that opinions on what is the “best” firewall differ widely, and that firewalls and firewall vendors as well as the people that implement them are very partial to what they are familiar with. He suggested that the right question to ask is, ”What are you looking for and need in a firewall?”

Another user, Ray KIngdon, pointed out that the most important considerations for selecting a firewall are budget and the person managing the firewall: “If you spend £40k on a firewall and have an idiot configure it and administer it – the firewall is next to useless, what ever vendor's product you buy!!”

Buyer's Guide
Firewalls
September 2022
Find out what your peers are saying about Fortinet, Netgate, Check Point and others in Firewalls. Updated: September 2022.
634,590 professionals have used our research since 2012.