We performed a comparison between Barracuda CloudGen Firewall and Fortinet FortiGate based on real PeerSpot user reviews.
Find out in this report how the two WAN Edge solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful."
"Since the product is stable, we do not have to spend additional money to buy other firewalls. Once deployed, we can use the product for a long time. Thus, it is cost effective."
"The dashboard is the most important thing. It provides good visibility and makes management easy. Firepower also provides us with good application visibility and control."
"Cisco's technical support is the best and that's why everybody implements their products."
"It's got the capabilities of amassing a lot of throughput with remote access and VPNs."
"Firepower has reduced our firewall operational costs by about 25 percent."
"One of the most valuable features of Firepower 7.0 is the "live log" type feature called Unified Event Viewer. That view has been really good in helping me get to data faster, decreasing the amount of time it takes to find information, and allowing me to fix problems faster. I've found that to be incredibly valuable because it's a lot easier to get to some points of data now."
"The most valuable features of this solution are the integrations and IPS throughput."
"Its central management, especially when it comes to distributed environments, is great. I can generate and save a setting and then apply that setting across the network with just one click."
"Its stability and SD-WAN features are the most valuable."
"Its ability to block incoming attacks is valuable. Its logging, traffic monitoring, and VPN capabilities are also valuable."
"It's great for handling complex items."
"The inspection and web security features are most valuable."
"I have found Fortinet FortiGate to be scalable."
"The pricing is excellent. It's much less expensive than Cisco."
"The payment function for applications is good."
"All of the features of Fortinet FortiGate are useful and the security protection is good."
"The solution is highly scalable because they have devices that can handle a large amount of traffic."
"Overall security features and performance routing is good."
"The SD-WAN is the most valuable feature."
"The price and SD-WAN capabilities are the areas that need improvement."
"The initial setup can be a bit complex for those unfamiliar with the solution."
"This product is managed using the Firepower Management Center (FMC), but it would be better if it also supported the command-line interface (CLI)."
"They could improve by having more skilled, high-level engineers that are available around the clock. I know that's an easy thing to say and a hard thing to do."
"Cisco Firepower is not completely integrated with Active Directory. We are trying to use Active Directory to restrict users by using some security groups that are not integrated within the Cisco Firepower module. This is the main issue that we are facing."
"The application detection feature of this solution could be improved as well as its integration with other solutions."
"My team tells me that other solutions such as Fortinet and Palo Alto are easier to implement."
"There is limited data storage on the appliance itself. So, you need to ship it out elsewhere in order for you to store it. The only point of consideration is around that area, basically limited storage on the machine and appliance. Consider logging it elsewhere or pushing it out to a SIEM to get better controls and manipulation over the data to generate additional metrics and visibility."
"The biggest issue that I have with this solution is that it is not super intuitive. Once you know what to do, things make sense, but you can't just open the program and start doing things. It would be great if there was a little bit more guided usage inside the program."
"The price is a bit higher than other vendors."
"There is room for improvement in performance and the support language. The support they're providing right now is from a different country, and in our country, there are people—network admins and IT heads—who don't speak English properly. So Barracuda needs to provide support agents who speak additional languages, such as Bangla."
"The administration UI could be better. It should also have better application detection policies."
"The initial setup and configuration are not intuitive and require training."
"The search tool needs improvement. It's very difficult to search for policies right now."
"The user interface could be improved."
"Lacks sufficient security options."
"The support from Fortinet FortiGate could improve. They are not easily accessible when we need them. They could improve their response time."
"We have an issue with hotel guest vouchers."
"They are doing good, but they can improve the distributor assignment. The availability of the product and the timeline of delivery are the main things. The distribution should be swift, and the distributor should not reach out to end customers directly. They should work as a distributor. There should also be one more local distributor. Currently, there is only one distributor in Pakistan, and the rest of them are in UAE. It is difficult to work with only one distributor. Sometimes, you don't get along with the same distributor, and that's why they should have one more distributor. Their licensing should also be improved. The activation or renewal of the product should be done from the date of renewal, not from the date on which the license expired."
"The ease of use could be improved."
More Cisco Firepower NGFW Firewall Pricing and Cost Advice →
Barracuda CloudGen Firewall is ranked 12th in WAN Edge with 4 reviews while Fortinet FortiGate is ranked 1st in WAN Edge with 168 reviews. Barracuda CloudGen Firewall is rated 8.4, while Fortinet FortiGate is rated 8.4. The top reviewer of Barracuda CloudGen Firewall writes "My network has never been interrupted or experienced a denial of service". On the other hand, the top reviewer of Fortinet FortiGate writes "Stable, easy to set up, and offers good ROI". Barracuda CloudGen Firewall is most compared with pfSense, Sophos XG, Azure Firewall, Palo Alto Networks WildFire and Meraki MX, whereas Fortinet FortiGate is most compared with pfSense, Cisco ASA Firewall, Sophos XG, Check Point NGFW and WatchGuard Firebox. See our Barracuda CloudGen Firewall vs. Fortinet FortiGate report.
See our list of best Software Defined WAN (SD-WAN) Solutions vendors, best WAN Edge vendors, and best Firewalls vendors.
We monitor all WAN Edge reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
I strongly recommend you SonicWall 5600. Its having lots of feature for network security and Comparison of price and Support it would be great choice.
Fortigate firewalls are quite rugged and offer great flexibility in configuring the policies and managing them. For individuals as well as group level user privileges. The antivirus offered is also very effective and not at all resource hungry. The only drawback is, the admin should be very well trained and aware of configuring the firewall. It’s quite complicated that way. Or the support provider (reseller) should have expert level admins to configure and set these firewalls in the infrastructure.
I would alternatively suggest looking into Sophos firewalls. They are equally rugged and effective. And also have a much user-friendly configuration and management console.
Barracuda: No Presence in the market at all, quite different way to install manage the product. Impossible to find the technical resource. If it is managed by Multinet then it’s a different story.
UTM control was not good back in the days, not sure about recent improvements.
Support Generally good feedback of Barracuda support.
Sonicwall: Very little presence in the local market, will have compatibility issues when establishing VPN with other vendors or any other integration.
UTM should be good, not experienced it first-hand.
Support, Have horrible feedback about support. they don’t respond for months.
Fortinet: Firewall full of features, good market presence with official REPs in the country. It is basically the same Juniper SSG ScreenOS platform with good UTM.
UTM is good
Support, Support in the region from India is poor, fright. A good local partner can make your day. If case is escalated to US/Canada teams, the experience is much better. You need in-country REPs support to escalate the cases.
China effect, the downside of Fortinet is, its QA of new FortiOS release is not good at all. Things running fine on one release fail badly when upgraded to new release. you need to be ready for an alternate solution when faced with such situation.
But it is better than Barracuda and SonicWall anyways.
RMA time is not next day.
Palo Alto: I would recommend Palo Alto, it can do everything typically required from a NGFW/UTM. Price can be expensive. Typically models with high throughput are quoted from most vendors. In reality, the actual required throughput is not that much. PA820 and PA220 can cater 90% of requirement we have in our environments. This way solution will be comparatively competitive cost wise. Compatibility with third-party devices is good.
Per-user bandwidth limit is missing.
UTM is best.
Support is good. The first level is through support partners, but the experience is good.
No rapid RMA, as no in-country depot exists. But On site spare is best, as the customer owns the spare unit on his premises.
Fortinet is a good option, the interesting thing with them is all the other bits you can add. Many of these such as email protection, Sandbox, edge device protection (anti-virus, VPN Connector for PCs), tokens (electronic or hardware), switches, Wireless Access Points all talk to each other so the Fortinet security umbrella covers them as well. Fortinet has a SIEM as well.
Whatever you buy, get training on it. Also, evaluate the reseller's ability to do an install. Some folks just sell the product, other also know how to install - buy from the latter, and get some Pro Services for the installation.
I have always thought Barracuda's marketing was better than the products (it is very good marketing) and SonicWALL R&D suffered under Dell, and I don't know that it is any better now they are owned by an Investment house.
Out of these three firewalls I would, and have chosen Fortinet. Checkout NSS Labs for real world comparisons. I have been using Fortigates for 2 years now in HA configurations and have only once had to use the cli. Also updates and firmware upgrades never bring the network or internet down. These firewalls get new features added at no extra cost and the throughput is amazing. Buying the UTM bundles gets you all of the features you need and more. I heard about support issues but evertime i call i get routed to someone who knows how the features work and actually helps. We added a fortianalyzer and now we can see logs from all of the firewalls in one console and hold them for a year. Fortinet doesn't just manage their antivirus products they are the developers. These firewalls decrypt data on the fly and scan for viruses before it gets to your email, desktops or servers. Within the first week it caught ransomware within a yahoo email before it could infect our systems. We replaced our websense URL filtering with the URL filtering within the fortigates and never looked back.
I could go on and on but the real tilt in Fortinets favor was it was near half the cost of similar features and functions PA had quoted. Write down what you want and then ask if the vendors have these included in their firewalls or if they have separate appliances that can do them. Every appliance has a latency cost associated with it. You might find that all three can do what you want then it will come down to the management of the firewalls and cost.
Good luck.
I've utilized both SonicWALL and Fortinet in many implementations over the years. Fortinet does a better job in large, multi-tenant deployments and has excellent stateful packet inspection throughput. If you're planning to do SSL decryption and inspection, SonicWALL is the way to go (and currently, the product we lead with). I've found SonicWALL to be easier to manage and have also found that if you're a GUI-oriented user, all of the features are there in the UI. On the Fortigate you'll often have to dig into the CLI to enable some features.
The Barracuda products are very good and quite pricey, especially since you mentioned you were looking at the Sonicwall TZ series. The Sonicwall TZ series is meant for a smaller environment. The Fortinet firewalls are great but require a little more training. My experience with Sophos is that they have been a little buggy and support is not great. Since Sonicwall was sold by Dell the support has been better. I work with several small companies and I would say go with whatever product you have the most experience with. The learning curve can be a little much when you don't know what you're looking at. Both Sonicwall and Fortinet have pretty good support and a pretty extensive KB. Good Luck!
fortinet or baracuda and CISCO ASA 5500 series also good