Fortinet FortiGate vs SonicWall NSa comparison

Cancel
You must select at least 2 products to compare!
Cisco Logo
98,383 views|65,159 comparisons
Fortinet Logo
164,508 views|128,317 comparisons
SonicWall Logo
14,024 views|11,381 comparisons
Comparison Buyer's Guide
Executive Summary
Updated on Sep 5, 2022

We performed a comparison between Fortinet FortiGate vs SonicWall NSa based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: Users of both products note that they are straightforward and simple to set up. A few Fortinet Fortigate users mention a learning curve and a bit of complexity.
  • Features: Users of both products are happy with their flexibility, stability, and scalability, although a few SonicWall NSa users noted problems with scalability.

    Fortinet FortiGate users note being particularly satisfied with its stability and range of features and that its visualization feature and cloud feature are robust, but that its monitoring and reporting could be better.

    SonicWall NSa users are happy with its firewalling, its control over IPS, signatures, and its ability to manage bandwidth and mapping. Some users would like to see reporting be part of the subscription, better desktop antivirus, and a more user-friendly GUI.
  • Pricing: Users feel that the pricing of both solutions are affordable and fair, with a few Fortinet FortiGate users mentioning that add-on features can raise the price.
  • ROI: Fortinet FortiGate users are very pleased with the ROI, whereas SonicWall NSa users make no mention of ROI.
  • Service and Support: Both solutions’ users report average to good service and support.

Comparison Results: Fortinet FortiGate has the winning edge in this comparison. Customers are more satisfied with Fortinet FortiGate’s scalability, robust features, and ROI.

To learn more, read our detailed Fortinet FortiGate vs. SonicWall NSa Report (Updated: January 2023).
670,331 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection.""I like the IPS feature, it is the most valuable.""The Packet Tracer is a really good tool. If someone calls because they're having problems, you can easily create fake traffic without having to do an extended packet capture. You can see, straight away, if there's a firewall rule allowing that traffic in the direction you're trying to troubleshoot.""Cisco tech is always good and helpful. I would rate them as 10 out of 10.""One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful.""The high-availability and remote VPN features are most valuable.""One of the best features is the ease of use. It's also easy to teach new engineers to use the ASA CLI.""I like that Cisco Firepower NGFW Firewall is reliable. Support is also good."

More Cisco Secure Firewall Pros →

"The most valuable features of Fortinet FortiGate are the ease of use and the UI. It has always provided me with what I needed. I have no need for additional costs that other solutions have, such as Sophos.""Some of the valuable features are the firewall, IPS, web filter, and gateway capabilities. Additionally, it is easy to use and flexible.""The most valuable feature is the FortiManager for centralized management.""Fortigate represents a really scalable way of delivering perimeter network security, some level of layer 7 security, WAF, and also a way to create a meshed ADVPN solution.""The most valuable feature is the interface, which is very user friendly. We are utilizing most of the features, like content filtering. The firewall is powerful.""It increases security posture and is helpful for firewall reporting, intrusion protection, web filtering, and SD-WAN implementation.""The most valuable features of Fortinet FortiGate are it is one of the most mature firewalls in the UTM bundle.""Whenever I need something, Fortinet improves and updates the software for me."

More Fortinet FortiGate Pros →

"SonicWall has USCS and anti-virus at the gateway level. Everything is filtered, and if it detects an intruder, it drops the line.""I like this solution because we are focused on VPN and have many brands that need to link a VPN and have security, like ransomware, spyware, and basic protection.""Overall SonicWall NSa is a good solution for our use case.""The most valuable features to us are the security services which is a critical factor in our deployment. Today we need to have all the security services enabled because firewalls are not enough.""SonicWall NSa has a user-friendly firmware""The most valuable features of this solution are the GUI pre-filtering and the ATP (advanced threat protection).""Easy to scale solution that provides advanced threat protection. Their technical support is very good, very knowledgeable, and easy to reach.""We can do the hosting and security all under one box. The UTM is a good feature."

More SonicWall NSa Pros →

Cons
"Setting firewall network rules should be more straightforward with a clearer graphical representation. The rule-setting method seems old-fashioned. The firewall and network rules are separate from the Firepower and web access rules.""The configuration in Firepower Management Center is very slow. Deployment takes two to three minutes. You spend a lot of time on modifications. Whereas, in FortiGate, you press a button, and it takes one second.""Cisco is not cheap, however, it is worth investing in these technologies.""There is limited data storage on the appliance itself. So, you need to ship it out elsewhere in order for you to store it. The only point of consideration is around that area, basically limited storage on the machine and appliance. Consider logging it elsewhere or pushing it out to a SIEM to get better controls and manipulation over the data to generate additional metrics and visibility.""The change-deployment time can always be improved. Even at 50 seconds, it's longer than some of its competitors. I would challenge Cisco to continue to improve in that area.""Maybe the dashboard could be a bit better.""They need to do an overhaul of the management console.""They should work on making it a little more intuitive for users and not quite as complex. Still, it's a good product."

More Cisco Secure Firewall Cons →

"The stability could be a bit better.""Price, of course, can always be more competitive or better.""I would like to see better pricing in the next release, as well as a simplification of the installation.""It would be good if they had fewer updates.""I think that the infrastructure for the VPN could be improved. The way that it is bundled also made it difficult to use and sell as it is too expensive.""Fortinet FortiGate could improve by having more capabilities for troubleshooting VPN connections. For example, I do get some feedback about the current status, but I could use some history and logging of important events. The information is logged in our Syslog server, but I could use that information from the device. If they could provide a GUI to have some more insight on what's going with my VPN would be useful.""It is quite new for us, and we need to go more in-depth into the monitoring tools. It provides different features that we need to do what we want. So far, it is okay for us. In terms of improvement, in the future, they can provide a faster implementation of features. Some of the features are first available in other solutions. Fortinet sometimes takes a little bit longer than other solutions, such as Check Point, to implement new features.""There aren't really any negative aspects to discuss."

More Fortinet FortiGate Cons →

"The cost could be lower. There could also be more flexibility for smaller companies.""The implementation for VLANs is a little bit cumbersome. It would be good to make that a little bit easier.""In terms of improvement, features like App Control do not work properly""The content ID needs to be improved.""An area for improvement would be SonicWall NSa's integration with antiviruses.""I would like to have a built-in vulnerability scanner in the firewall. It would be great to have such functionality. Its price could also be better. It would also be good to have a local warehouse. It doesn't get damaged a lot, but if a customer needs a replacement, currently, it has to come from Miami or Mexico, which can take a few days. It would be better if they have a local warehouse from where we can just pick replacements and quickly solve a client's needs in terms of replacing equipment. It would be great to have it locally instead of waiting for it from Mexico or the USA.""Overall, Im satisfied with SonicWall NSa, but it would be better if they could add a small terminal to each device. This would help me deal with certain issues by running a small bot onto any PC.""I'd like to see integration with Microsoft 365 for authentication."

More SonicWall NSa Cons →

Pricing and Cost Advice
  • "The price is comparable."
  • "We sell Cisco ASA Firewall as a bundle — the price is very cheap. If a customer were to go for renewal direct from Cisco, then the price would be quite high."
  • "It definitely competes with the other vendors in the market."
  • "The price for Firepower is more expensive than FortiGate. The licensing is very complex. We usually ask for help from Solutel because of its complexity. I have a Cisco account where I can download the VPN client, then connect. Instead, I create an issue with Solutel, then Solutel solves the case."
  • "I know that licensing for some of the advanced solutions, like Intrusion Prevention and Secure Malware Analytics, are nominal costs."
  • "It is affordable. The hardware is not that expensive anymore. It is a matter of licensing these days."
  • "Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
  • "I like the Smart Licensing, because it is more dynamic and easier to keep track of where you are at. If we have a high availability firewall pair and they are deployed in active/standby rather than active/active, I would expect that we would only pay for one set of licenses because you are using only one firewall at any one time. The other is there just for resiliency. The licensing, from a Firepower perspective, still requires you to have two licenses, even if the firewalls are in active/standby, which means that you pay for the two licenses, even though you might only be using one firewall any one time. This is probably not the best way to do it and doesn't represent the best value for money. This could be looked at to see if it could be done in a fairer way."
  • More Cisco Secure Firewall Pricing and Cost Advice →

  • "The pricing of the solution is very competitive."
  • "Pricing and licensing is a little bit complicated in FortiGate. They are always on the higher side. This is one issue that we always raise with the company that they should reduce the price according to Indian market requirements. There are no costs in addition to the standard licensing fees."
  • "The price of the license and warranty can be better because it is very expensive."
  • "It's expensive, but compared to the competition it's okay."
  • "In terms of the market, it's not a cheap product, but it's cost-effective."
  • "Fortinet Secure SD-WAN delivered the lowest total cost of ownership (TCO) per Mbps among all other vendors."
  • "I had to pay for the license for the firewall, but it is guaranteed to have updates. I expect a good service for it. It was about €1000 for a year, and there was no additional cost."
  • "It is more expensive than Sophos. Fortinet is overall more expensive than Sophos. The small range of Fortinet, such as 60F and 80F, is more expensive than the small range of Sophos. Sophos is cheaper. In addition, if you jump from 80F Series to 100F Series, the price doubles."
  • More Fortinet FortiGate Pricing and Cost Advice →

  • "Its price is okay."
  • "Normally, when we buy any product, we buy it with a five-year service built into it. Later on, depending on the growth of the organization, we go for a new one or an upgrade."
  • "It would be better if it has a better price, but its price is okay considering the benefits that you receive."
  • "SonicWall still is only a dollar or Euro per gigabit. This means, of the IPsec, it's the cheapest solution."
  • "While I don't know the exact amount off the top of my head, I would estimate the licensing package was about $15,000 to $20,000 a year."
  • "We are on a three-year license for the solution. The price is inexpensive compared to other solutions."
  • "They do have the option to purchase yearly, or two years, and three years renewal."
  • "There is a license required for this solution and you can purchase a one, two, or three year term. Typically businesses choose the one year subscription and then later choose the three year licensing option if they are satisfied."
  • More SonicWall NSa Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    670,331 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and… more »
    Top Answer:One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet… more »
    Top Answer:It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
    Top Answer:From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know… more »
    Top Answer:As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite… more »
    Top Answer:We have Meraki Mx devices now, we are looking to replace them. But that is because the Meraki MX platform lacks SSL… more »
    Top Answer:The antivirus and items of that nature were quite helpful to have.
    Top Answer:Our organization would pay for a license every two to three years.
    Top Answer:Sometimes I found the GUI and some of the features a little bit hard to navigate, as opposed to Fortigate, which is much… more »
    Comparisons
    Also Known As
    Cisco ASA Firewall, Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
    FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
    NSA 250M, NSA 2600, NSA 3600, NSA 4600, NSA 5600, Dell SonicWALL NSA
    Learn More
    Overview

    The Cisco Secure Firewall portfolio delivers greater protections for your network against an increasingly evolving and complex set of threats. With Cisco, you’re investing in a foundation for security that is both agile and integrated- leading to the strongest security posture available today and tomorrow.

      From your data center, branch offices, cloud environments, and everywhere in between, you can leverage the power of Cisco to turn your existing network infrastructure into an extension of your firewall solution, resulting in world class security controls everywhere you need them.

      Investing in a Secure Firewall appliance today gives you robust protections against even the most sophisticated threats without compromising performance when inspecting encrypted traffic. Further, integrations with other Cisco and 3rd party solutions provides you with a broad and deep portfolio of security products, all working together to correlate previously disconnected events, eliminate noise, and stop threats faster.

      Fortinet FortiGate is an innovative line of firewalls that aim to protect organizations from all types of web-based network threats. They come in a wide variety of product types. Fortinet FortiGate’s solutions are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.

      Fortinet FortiGate provides users with next-generation firewall solutions that provide proven protection with unmatched performance across the network, from internal segments to data centers to cloud environments. You can protect every part of your network without exception. Additionally, your protections can be managed from a single central location. This ensures that the task of protecting your network is infinitely easier to accomplish.

      Benefits of Fortinet FortiGate

      Some of the benefits of using Fortinet FortiGate include:

      • The ability to manage your firewalls from a centralized automated control console. Fortinet FortiGate’s FortiManager enables administrators to exercise control of their firewalls in a streamlined manner. Administrators have full visibility and control over their system from a single location. It utilizes automation that collects information in real time, which greatly simplifies and reduces the cost of running various types of workflows. Administrators can free up resources by automating the most basic tasks.
      • The ability to produce uniform, appropriate, and coordinated responses to threats across networks. Fortinet FortiGate’s FortiGuard feature generates system protections in near real time. This allows administrators to address threats to the system with custom-made solutions that can be uniformly enforced.
      • The ability to scale up your security to fit your changing security needs. Fortinet FortiGate’s design allows users to accelerate the transfer of data between users and escalate the number of users that are covered without compromising security of performance. This means that users can grow their networks and continue to collaborate without worrying about the system slowing down or coming under attack.

      Reviews from Real Users

      Fortinet FortiGate’s firewall solutions are cutting edge. They stand out from competitors for a number of reasons. Two major ones are the robustness and power of their firewalls. Fortinet FortiGate’s firewall provides users with many valuable features that allow them to maximize what they can do with the solution. These firewalls enable users to use a single piece of software to accomplish tasks that often require the use of multiple pieces of software.

      PeerSpot user Eric S., a Solutions Engineer and Consultant at a tech-services company, notes the robustness of this solution when he writes, "One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface.”

      PeerSpot user Jim M., a network admin at Penobscot Valley Hospital, notes the power of Fortinet FortiGate’s security software when he writes, "It does a lot for you for intrusion protection and as an antivirus. The threat management bundle is worth the money. You don't need another company to monitor your web traffic for you. You can do everything yourself on the firewall. You restrict your own black list for people on the firewall.”

      SonicWall NSa dispenses advanced threat protection using a high-performance security platform. The NSa series implements intuitive deep learning technologies in the SonicWall Capture Cloud Platform to dispatch the automated real-time threat detection and deterrence enterprise organizations need today. SonicWall Network Security appliance (NSa) series is best for mid-sized organizations to distributed enterprises and data centers.

      SonicWall NSa series next-generation firewalls (NFGWS) combine two very robust security ideologies to deliver advanced threat protection to keep users’ networks safe. Boosting SonicWall’s multi-engine advanced threat protection (ATP) is their Real-time Deep Memory Inspection (RTDMI™). The RTDMI intuitively identifies and stops aggressive zero-day threats and vicious malware by investigating memory directly. This real-time process allows SonicWall RTDMI to be accurate, lessen false positives and discover and alleviate malicious threats and attacks. SonicWall’s single-pass Reassembly-Free Deep Packet Inspection (RFDPI) will audit every byte of each and every packet by investigating both outbound and inbound traffic on the firewall. By combining the SonicWall Capture Cloud Platform along with on-box offerings such as intrusion prevention, web/URL filtering, and anti-malware, the NSa series is able to block the most malicious and dangerous threats at the gateway.

      Additionally, SonicWall firewalls supply absolute protection by executing complete inspection and decryption of SSH and TLS/SSL encryption connections - no matter the port or protocol. The firewall takes a deep dive into each and every packet (the header and data) routing out any anomalies, zero-day intrusions, threats, and protocol non-compliance. Users can also define unique criteria specific to their organization to ensure their networks remain safe. This aggressive deep packet inspection is able to identify and block malicious attacks, stop dangerous malware downloads, prevent the spread of infections, and defeat command and control (C&C) communications and data exfiltration. Protocols involving inclusion and exclusion allow users complete control to decide, based on specific governance policies, organizational policies, or government or legal compliance, which traffic is to be investigated for decryption or inspection.

      SonicWall Nsa offers enterprise organizations the network control and fluid flexibility they desire using an intrusion prevention system (IPS), VPN, real-time visualization, and other advanced powerful security features, making it a popular firewall solution in today's marketplace.

      Reviews from Real Users

      “The features that I have found most valuable are the firewalling, which is very good, and the GUI which is very intuitive. It is easy to use and provides great security.” - Network Engineer at a maritime company

      “What's valuable in SonicWall NSa is the ATP (advanced threat protection). It can protect users from malicious links. SonicWall NSa also has a Sandboxing service that is very helpful for us, especially when end users accidentally click on malicious links. Another valuable feature of this solution is that it is very useful for site-to-site VPN connectivity issues. SonicWall NSa has very good hardware. I also love that SonicWall has very good technical support, who are very knowledgeable, provide good suggestions, and they're easy to reach.” - Mohammed M., Network Administrator at Transgulf Readymix

      Offer
      Learn more about Cisco Secure Firewall
      Learn more about Fortinet FortiGate
      Learn more about SonicWall NSa
      Sample Customers
      There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
      Pittsburgh Steelers, LUSH Cosmetics, NASDAQ, Verizon, Arizona State University, Levi Strauss & Co. Whitepaper and case studies here
      Orange County Rescue Mission, First Source, Michaels & Taylor, Green Clinic Health System, Aspire Chiltern Skills and Enterprise Centre, UnitedStack, Faith Lutheran College Redlands, Celtic Manor Resort, Star Kay White, Air Works, Unimat Life, NHS Yorkshire and Humber Commissioning Support (YHCS), Hutt City Council, Mato Grosso do Sul, Nspyre
      Top Industries
      REVIEWERS
      Financial Services Firm16%
      Comms Service Provider13%
      Computer Software Company9%
      Government8%
      VISITORS READING REVIEWS
      Computer Software Company20%
      Comms Service Provider18%
      Government7%
      Educational Organization5%
      REVIEWERS
      Comms Service Provider17%
      Financial Services Firm10%
      Computer Software Company9%
      Manufacturing Company7%
      VISITORS READING REVIEWS
      Comms Service Provider20%
      Computer Software Company19%
      Government6%
      Educational Organization5%
      REVIEWERS
      Manufacturing Company19%
      Educational Organization10%
      Construction Company10%
      Healthcare Company7%
      VISITORS READING REVIEWS
      Computer Software Company19%
      Comms Service Provider14%
      Government7%
      Retailer6%
      Company Size
      REVIEWERS
      Small Business35%
      Midsize Enterprise25%
      Large Enterprise40%
      VISITORS READING REVIEWS
      Small Business28%
      Midsize Enterprise18%
      Large Enterprise53%
      REVIEWERS
      Small Business47%
      Midsize Enterprise24%
      Large Enterprise29%
      VISITORS READING REVIEWS
      Small Business30%
      Midsize Enterprise20%
      Large Enterprise50%
      REVIEWERS
      Small Business57%
      Midsize Enterprise22%
      Large Enterprise22%
      VISITORS READING REVIEWS
      Small Business40%
      Midsize Enterprise17%
      Large Enterprise43%
      Buyer's Guide
      Fortinet FortiGate vs. SonicWall NSa
      January 2023
      Find out what your peers are saying about Fortinet FortiGate vs. SonicWall NSa and other solutions. Updated: January 2023.
      670,331 professionals have used our research since 2012.

      Fortinet FortiGate is ranked 1st in Firewalls with 92 reviews while SonicWall NSa is ranked 16th in Firewalls with 36 reviews. Fortinet FortiGate is rated 8.4, while SonicWall NSa is rated 7.8. The top reviewer of Fortinet FortiGate writes "SSL proxy makes URL filtering easier because the encryption is done before the packet ever leaves ". On the other hand, the top reviewer of SonicWall NSa writes "Easy to scale advanced threat protection solution with knowledgeable technical support, but has occasional bugs". Fortinet FortiGate is most compared with pfSense, Sophos XG, Check Point NGFW, Meraki MX and Stormshield Network Security, whereas SonicWall NSa is most compared with SonicWall TZ, Meraki MX, Sophos XG, WatchGuard Firebox and pfSense. See our Fortinet FortiGate vs. SonicWall NSa report.

      See our list of best Firewalls vendors.

      We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.