We performed a comparison between Check Point NGFW and SonicWall NSa based on real PeerSpot user reviews.Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"In terms of security, we have not experienced any security flaws or loopholes, and it has proven to be quite stable."
"The most valuable feature of Fortinet FortiGate is security. They are known for efficiency and are on the top of Gartner Quadrant reviews. Fortinet FortiGate has an easy-to-use platform with a good graphical interface. The configuration is simple and the solution provides an overall good layer of security."
"The solution is very user-friendly."
"Fortinet FortiGate protects against internet-based threats, both internal and external. It is scalable, stable, easy to use, and easy to install."
"It increases security posture and is helpful for firewall reporting, intrusion protection, web filtering, and SD-WAN implementation."
"The reporting and monitoring are very good."
"From the firewall perspective, the rules and policies are very sufficient and easy to use."
"FortiGate improved our security. It's one of the best hardware firewalls."
"We have found the central management (Smart Console) to be very helpful in managing all the firewalls and keeping the software/hotfix versions up to date."
"The Check Point architecture and packet are very good."
"It has allowed us to grow in a safe way and in accordance with our particular needs."
"The management of the firewall and advanced routing is great."
"Making configuring numerous layers of security policies easy to use was always one of the things I liked most about their firewall solution."
"The Check Point firewall features for Next Generation Firewalls are excellent."
"The user interface is very cool and easy to use."
"HTTP forwarding is something I haven't seen elsewhere."
"SonicWall NSa's most valuable features are the ease of configuration and the GUI."
"SonicWall's sales support is much better than other vendors'."
"The most valuable feature of SonicWall NSa is the control aspect of the solution."
"The features that I have found most valuable are the firewalling, which is very good and the GUI which is very intuitive. It is easy to use, and provides great security."
"The most valuable features to us are the security services which is a critical factor in our deployment. Today we need to have all the security services enabled because firewalls are not enough."
"SonicWall has all the usual functions, like LAN configurations, security features, word filters, etc., but it also has the CFS agent, which isn't available in any other firewall. Reporting port support is also there."
"The features I found most valuable are email security and web filtering."
"The firewall feature is most valuable since my work is to analyze if there is any potential attack. SonicWall NSa gives the perfect analysis."
"The logging details need to be improved."
"I would like reporting to be improved and should offer a lot more tools to monitor the products."
"I would like to see better pricing in the next release, as well as a simplification of the installation."
"Scalability for Fortinet FortiGate needs to be improved. SD-WAN security for this solution also needs some improvement."
"I haven't had a single issue since using Fortinet."
"The improvement is related to logs. Instead of the CLI, we should be able to have more insights into the logs of the firewall in the GUI."
"My only complaint about FortiGate is a lack of QinQ VLAN tunneling. I haven't found this feature in any Fortinet product. You can do this on all Cisco routers, including the smaller models. However, QinQ isn't available on the biggest, most expensive Fortinet units. They still don't have that. I think now we're on software version 6.0, and they still haven't found a solution for QinQ. It isn't a dealbreaker, but that's my main complaint."
"Lacks sufficient security options."
"The network automation and security automation could be better."
"It could be easier to access the installation of the Hostfix for VSX solutions. The CLI commands help us understand how virtual firewalls behave in terms of processor, memory, and other aspects. More graphic visualizations of CPUSE commands would be a welcome improvement, and Check Point could expand scripts to run within the solution for multiple tasks."
"The smart console is heavy."
"VMware is not supported by the platform."
"In terms of what could be improved, we have a cluster with two nodes and usually we have some problems when process gets really high and it has to choose which services it keeps going. I would like to have a better solution here, like if instead of just one we could use both at the same time. It would be good if it could work together. Then when one has a failure or something like that, the other one is there to transfer, to take all the services and keep working."
"Support cases have been generated several times, and it takes time for the case to be resolved."
"The current model is predominantly hardware appliance-based, which can incur substantial costs"
"Currently, upgrades are quite cumbersome."
"The features I would like to see improve are the dashboard and the UI."
"SonicWall NSa needs to make their product more user-friendly."
"It is not scalable. If your enterprise is growing hard then you have to buy another, bigger product. Maybe if you use it virtually it is more scalable."
"The dynamics needs to be improved. The solution is not very compatible compared to the market products."
"Overall, Im satisfied with SonicWall NSa, but it would be better if they could add a small terminal to each device. This would help me deal with certain issues by running a small bot onto any PC."
"Competitors provide SSL encryption licenses for free, whereas SonicWall only provides two licenses by default, but you have to pay for the rest of the licenses."
"I'd like to see integration with Microsoft 365 for authentication."
"SonicWall NSa has occasional bugs, particularly during upgrades, and that's an area for improvement."
Fortinet FortiGate is an innovative line of firewalls that aim to protect organizations from all types of web-based network threats. They come in a wide variety of product types. Fortinet FortiGate’s solutions are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.
Fortinet FortiGate provides users with next-generation firewall solutions that provide proven protection with unmatched performance across the network, from internal segments to data centers to cloud environments. You can protect every part of your network without exception. Additionally, your protections can be managed from a single central location. This ensures that the task of protecting your network is infinitely easier to accomplish.
Benefits of Fortinet FortiGate
Some of the benefits of using Fortinet FortiGate include:
Reviews from Real Users
Fortinet FortiGate’s firewall solutions are cutting edge. They stand out from competitors for a number of reasons. Two major ones are the robustness and power of their firewalls. Fortinet FortiGate’s firewall provides users with many valuable features that allow them to maximize what they can do with the solution. These firewalls enable users to use a single piece of software to accomplish tasks that often require the use of multiple pieces of software.
PeerSpot user Eric S., a Solutions Engineer and Consultant at a tech-services company, notes the robustness of this solution when he writes, "One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface.”
PeerSpot user Jim M., a network admin at Penobscot Valley Hospital, notes the power of Fortinet FortiGate’s security software when he writes, "It does a lot for you for intrusion protection and as an antivirus. The threat management bundle is worth the money. You don't need another company to monitor your web traffic for you. You can do everything yourself on the firewall. You restrict your own black list for people on the firewall.”
Check Point NGFW is a next generation firewall that enables safe usage of internet applications by blocking malicious applications and unblocking safe applications. Check Point NGFW, which uses deep packet inspection to identify and control applications, has features such as application and user control and integrated intrusion prevention (IPS), as well as more advanced malware prevention capabilities like sandboxing.
Check Point NGFW includes 23 firewall models optimized for running all threat prevention technologies simultaneously, including full SSL traffic inspection, without compromising on security or performance.
Benefits of Check Point's Next Generation Firewall
Check Point NGFW is suitable for organizations of all sizes, from small businesses to larger enterprises.
Reviews from Real Users
Check Point NGFW stands out among its competitors for a number of reasons. Two major ones are its intrusion prevention feature as well as its centralized management, which makes it very easy to deploy firewall policies to many firewalls with one click.
Shivani J., a network security administrator, writes, "Check Point has a lot of features. The ones I love are the antivirus, intrusion prevention, and data loss prevention."
G., a network administrator at Secretaría de Finanzas de Aguascalientes, writes, “Within the organization, the inspection of packages has given us great help in detecting traffic that may be a threat to the institution. The configuration of policies has allowed us to maintain control of access and users for each institution that is incorporated into our headquarters.”
Arun J., a senior network engineer, notes, “The nicest feature is the centralized management of multiple firewalls. With the centralized management, we can easily use and operate multiple firewalls as well as create a diagram of them.”
SonicWall NSa dispenses advanced threat protection using a high-performance security platform. The NSa series implements intuitive deep learning technologies in the SonicWall Capture Cloud Platform to dispatch the automated real-time threat detection and deterrence enterprise organizations need today. SonicWall Network Security appliance (NSa) series is best for mid-sized organizations to distributed enterprises and data centers.
SonicWall NSa series next-generation firewalls (NFGWS) combine two very robust security ideologies to deliver advanced threat protection to keep users’ networks safe. Boosting SonicWall’s multi-engine advanced threat protection (ATP) is their Real-time Deep Memory Inspection (RTDMI™). The RTDMI intuitively identifies and stops aggressive zero-day threats and vicious malware by investigating memory directly. This real-time process allows SonicWall RTDMI to be accurate, lessen false positives and discover and alleviate malicious threats and attacks. SonicWall’s single-pass Reassembly-Free Deep Packet Inspection (RFDPI) will audit every byte of each and every packet by investigating both outbound and inbound traffic on the firewall. By combining the SonicWall Capture Cloud Platform along with on-box offerings such as intrusion prevention, web/URL filtering, and anti-malware, the NSa series is able to block the most malicious and dangerous threats at the gateway.
Additionally, SonicWall firewalls supply absolute protection by executing complete inspection and decryption of SSH and TLS/SSL encryption connections - no matter the port or protocol. The firewall takes a deep dive into each and every packet (the header and data) routing out any anomalies, zero-day intrusions, threats, and protocol non-compliance. Users can also define unique criteria specific to their organization to ensure their networks remain safe. This aggressive deep packet inspection is able to identify and block malicious attacks, stop dangerous malware downloads, prevent the spread of infections, and defeat command and control (C&C) communications and data exfiltration. Protocols involving inclusion and exclusion allow users complete control to decide, based on specific governance policies, organizational policies, or government or legal compliance, which traffic is to be investigated for decryption or inspection.
SonicWall Nsa offers enterprise organizations the network control and fluid flexibility they desire using an intrusion prevention system (IPS), VPN, real-time visualization, and other advanced powerful security features, making it a popular firewall solution in today's marketplace.
Reviews from Real Users
“The features that I have found most valuable are the firewalling, which is very good, and the GUI which is very intuitive. It is easy to use and provides great security.” - Network Engineer at a maritime company
“What's valuable in SonicWall NSa is the ATP (advanced threat protection). It can protect users from malicious links. SonicWall NSa also has a Sandboxing service that is very helpful for us, especially when end users accidentally click on malicious links. Another valuable feature of this solution is that it is very useful for site-to-site VPN connectivity issues. SonicWall NSa has very good hardware. I also love that SonicWall has very good technical support, who are very knowledgeable, provide good suggestions, and they're easy to reach.” - Mohammed M., Network Administrator at Transgulf Readymix
Check Point NGFW is ranked 5th in Firewalls with 103 reviews while SonicWall NSa is ranked 16th in Firewalls with 26 reviews. Check Point NGFW is rated 8.8, while SonicWall NSa is rated 8.0. The top reviewer of Check Point NGFW writes "Robust control and security that enables a comprehensive application management". On the other hand, the top reviewer of SonicWall NSa writes "Easy to scale advanced threat protection solution with knowledgeable technical support, but has occasional bugs". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Netgate pfSense, Sophos XG, Azure Firewall and Sangfor NGAF, whereas SonicWall NSa is most compared with SonicWall TZ, Meraki MX, Sophos XG, Cisco Secure Firewall and Sophos UTM. See our Check Point NGFW vs. SonicWall NSa report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.