Fortinet FortiGate is a leading network security solution to enhance cybersecurity and protect against cyber threats.
Users highlight its effectiveness in preventing unauthorized access, securing data transmission, and offering robust firewall protection. Key features include advanced threat protection capabilities, reliable performance, and a user-friendly interface.
The device is highly praised for its scalability and ability to handle high network traffic without compromising speed or stability. Organizations benefit from improved efficiency, streamlined processes, and enhanced collaboration among team members.
The software's customizable features and intuitive interface make it easy for employees to adapt and integrate into their daily workflows, ultimately optimizing operations and achieving organizational goals.
Fortinet has one or two license types, and the VPN numbers are only limited by the hardware chassis make.
Go for long term pricing negotiated at the time of purchase.
Fortinet has one or two license types, and the VPN numbers are only limited by the hardware chassis make.
Go for long term pricing negotiated at the time of purchase.
pfSense is a powerful and reliable network security appliance primarily used for security purposes such as firewall and VPN or traffic shaping, network management, and web filtering. It is commonly used by small businesses and managed service providers to protect their customers' networks and enable remote access through VPNs.
PFSENSE turns out to be very economical, the license is free and for little money you get very good support
If you need to buy hardware onto which to install PfSense, go with their boxes on their website, they are great.
PFSENSE turns out to be very economical, the license is free and for little money you get very good support
If you need to buy hardware onto which to install PfSense, go with their boxes on their website, they are great.
Cisco Secure Firewall stands as a robust and adaptable security solution, catering to organizations of all sizes. It's designed to shield networks from a diverse array of cyber threats, such as ransomware, malware, and phishing attacks. Beyond mere protection, it also offers secure access to corporate resources, beneficial for employees, partners, and customers alike. One of its key functions includes network segmentation, which serves to isolate critical assets and minimize the risk of lateral movement within the network.
Cisco devices are for sure costly and budget could be an important constrain on selecting them as our security solution.
I have to admit that the price is high. But I think it's worth it if the stability of your solution counts for you.
Cisco devices are for sure costly and budget could be an important constrain on selecting them as our security solution.
I have to admit that the price is high. But I think it's worth it if the stability of your solution counts for you.
Based on user feedback, the overall consensus is that the solution has received positive reception. Users have expressed satisfaction with various aspects, highlighting its quality, functionality, and value for money. They appreciate its user-friendly interface and the convenience it offers. Additionally, users have praised the prompt and helpful customer support provided. Some users have also mentioned the product's durability and reliability. The user reviews indicate a favorable experience with the solution.
We are not paying any licensing fees. OPNsense is completely free for us.
It costs about $1000.
We are not paying any licensing fees. OPNsense is completely free for us.
It costs about $1000.
Sophos XG Firewall is a complete firewall solution that provides all the real-time security and insights you need to protect your network from ransomware and advanced threats. Sophos XG Firewall provides visibility into suspicious users, unknown and unwanted apps, encrypted traffic, and other threats. With its advanced artificial intelligence capabilities, Sophos XG Firewall immediately identifies potential risks and intrusions on web servers and networks.
For licensing the XG 210, we paid approximately $3000 for three years. There are no additional fees on top of this.
It's a suitable price and license.
For licensing the XG 210, we paid approximately $3000 for three years. There are no additional fees on top of this.
It's a suitable price and license.
Cisco Umbrella offers flexible, cloud-delivered security according to users’ requirements Cisco Umbrella includes secure web gateway, firewall, and cloud access security broker (CASB) functionality all delivered from a single cloud security service. Cisco Umbrella’s protection is extended to devices, remote users, and distributed locations anywhere. As company employees work from many locations and devices, Cisco Umbrella is the easiest way to effectively protect users everywhere in minutes.
The pricing is fair.
You can request an evaluation license.
The pricing is fair.
You can request an evaluation license.
Darktrace is a leading cybersecurity solution that leverages artificial intelligence and machine learning to provide advanced threat detection, response, and risk management capabilities. Many reviewers find Darktrace's AI and machine-learning capabilities to be valuable. They appreciate its ability to detect anomalies and threats that might go unnoticed by traditional security tools. Overall, the general sentiment towards Darktrace from reviewers is positive. Users seem to appreciate its scalability, stability, AI capabilities, visibility, and ease of use.
It is inexpensive considering what it can do and the competition.
If you consider the features and the cost of market leaders, we are satisfied with the pricing.
It is inexpensive considering what it can do and the competition.
If you consider the features and the cost of market leaders, we are satisfied with the pricing.
Cisco Meraki MX appliances are next-generation firewalls with all the advanced security services needed for today’s IT security. The appliances are ideal for organizations considering a unified threat management (UTM) solution for branch offices, data centers, distributed sites, or campuses. Since Meraki MX is 100% cloud-managed, installation and remote management are simple and zero-touch.
The Meraki UTM is excellent when you buy the Advanced Security license. If you buy a different license you lost all the valuable functions.
It can always improve pricewise regarding throughput.
The Meraki UTM is excellent when you buy the Advanced Security license. If you buy a different license you lost all the valuable functions.
It can always improve pricewise regarding throughput.
Palo Alto Networks NG Firewalls are next-generation firewalls used for security to protect networks from threats and attacks. It is used for perimeter security, data center protection, and managing secure access to environments. Users highlight the NGFW's effectiveness in providing comprehensive security without impacting network performance. Users appreciate its ease of use, particularly in setup and ongoing management, making it a favored choice for businesses looking to secure their cloud environments.
Annually, the licensing costs are too much.
The licensing is annual, and there aren't any additional fees on top of that.
Annually, the licensing costs are too much.
The licensing is annual, and there aren't any additional fees on top of that.
Azure Firewall is a user-friendly, intuitive, cloud-native firewall security solution that provides top-of-the-industry threat protection for all your Azure Virtual Network resources. Azure Firewall is constantly and thoroughly analyzing all traffic and data packets, making it a very valuable and secure fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability. Azure Firewall allows users to create virtual IP addresses and provides for secure DDoS protection for the virtual machines on your network. It also provides fast and efficient east-west and north-south traffic security.
Azure Firewall is a managed, cloud-based network security service built to protect your Azure Virtual Network resources. It is a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability.
Azure Firewall is quite an expensive product.
The licensing module is good.
Azure Firewall is quite an expensive product.
The licensing module is good.
Check Point NGFW is a next generation firewall that enables safe usage of internet applications by blocking malicious applications and unblocking safe applications. Check Point NGFW, which uses deep packet inspection to identify and control applications, has features such as application and user control and integrated intrusion prevention (IPS), as well as more advanced malware prevention capabilities like sandboxing.
The price is high in comparison to other solutions.
We pay $5,000-$6,000 a year.
The price is high in comparison to other solutions.
We pay $5,000-$6,000 a year.
WatchGuard Firebox is a versatile security solution primarily used for security purposes such as firewalling, VPN, and protecting networks from outside and inside threats. It is also used for routing, multi-factor authentication, vulnerability management, and segregating industrial networks from corporate networks.
Very competitive pricing regarding throughput compared to other alternatives.
Cheap.
Very competitive pricing regarding throughput compared to other alternatives.
Cheap.
Cisco SD-WAN is a software-defined WAN (wide area network) solution that provides for secure stable connections to applications for enterprises and organizations. Cisco SD-WAN works to speed up the seamless movement to the cloud. A very robust and reliable solution, Cisco SD-WAN is cutting-edge in threat security and stability of the complete network and has very low latency. Cisco SD-WAN uses Infrastructure as a Service (IaaS), Software as a Service (SaaS), data centers, and even the internet to smoothly advance the move to a SASE (Service Access Service Edge)-based architecture. The Cisco SD-WAN dashboard gives you a complete visual of your entire infrastructure; you can see everything in real time. You will also have simplified IT operations and gain advanced network capabilities, dependability, and security. One valued feature is the overlay management protocol (OMP), which applies to your entire network to speedily connect all your company data centers. Cisco SD-WAN has a very flexible architecture and can be deployed on premises, in the cloud, hybrid, and even has multi-cloud options. Cisco SD-WAN instantly discovers, authenticates, and provisions all devices, both existing and new.
We pay for the Cisco Customer Care support, which is a couple of hundred dollars.
80 percent reduction in WAN costs. There are no MPLS or P2P circuits left in the organization.
We pay for the Cisco Customer Care support, which is a couple of hundred dollars.
80 percent reduction in WAN costs. There are no MPLS or P2P circuits left in the organization.
Sophos UTM is a unified threat management platform designed to protect your businesses from known and emerging malware including viruses, rootkits and spyware. The solution provides a complete network security package with everything your organization needs in a single modular appliance.
The licensing model is very straightforward, it's a bit pricey, but for what you get, it's well worth it.
If you can afford it, go for a small Check Point, as it is easier to manage.
The licensing model is very straightforward, it's a bit pricey, but for what you get, it's well worth it.
If you can afford it, go for a small Check Point, as it is easier to manage.
Juniper SRX is a next-generation security solution that enables users to expand and secure their networks without incurring heavy costs or sacrificing performance.
The prices are very good as compared to other vendors.
Pricing is good. Most of the costs are in the UTM (IDS/IPS, virus scanning, etc) subscription.
The prices are very good as compared to other vendors.
Pricing is good. Most of the costs are in the UTM (IDS/IPS, virus scanning, etc) subscription.
Cisco Secure Network Analytics is a highly effective network traffic analysis (NTA) solution that enables users to find threats in their network traffic even if those threats are encrypted. It turns an organization’s network telemetry into a tool that creates a complete field of vision for the organization’s administrators. Users can find threats that may have infiltrated their systems and stop them before they can do irreparable harm.
It is worth the cost.
Pricing is much higher compared to other solutions.
It is worth the cost.
Pricing is much higher compared to other solutions.
SonicWall NSa dispenses advanced threat protection using a high-performance security platform. The NSa series implements intuitive deep learning technologies in the SonicWall Capture Cloud Platform to dispatch the automated real-time threat detection and deterrence enterprise organizations need today. SonicWall Network Security appliance (NSa) series is best for mid-sized organizations to distributed enterprises and data centers.
SonicWall NSa series next-generation firewalls (NFGWS) combine two very robust security ideologies to deliver advanced threat protection to keep users’ networks safe. Boosting SonicWall’s multi-engine advanced threat protection (ATP) is their Real-time Deep Memory Inspection (RTDMI™). The RTDMI intuitively identifies and stops aggressive zero-day threats and vicious malware by investigating memory directly. This real-time process allows SonicWall RTDMI to be accurate, lessen false positives and discover and alleviate malicious threats and attacks. SonicWall’s single-pass Reassembly-Free Deep Packet Inspection (RFDPI) will audit every byte of each and every packet by investigating both outbound and inbound traffic on the firewall. By combining the SonicWall Capture Cloud Platform along with on-box offerings such as intrusion prevention, web/URL filtering, and anti-malware, the NSa series is able to block the most malicious and dangerous threats at the gateway.
Licensed features provide application control, content filtering, antivirus, and anti-malware all in a single appliance.
The CPUs are not able to compete with a similar price point to the Fortinet, WatchGuard, or Palo Alto product.
Licensed features provide application control, content filtering, antivirus, and anti-malware all in a single appliance.
The CPUs are not able to compete with a similar price point to the Fortinet, WatchGuard, or Palo Alto product.
FortiGate Virtual Appliances allow you to mitigate blind spots by implementing critical security controls within your virtual infrastructure. They also allow you to rapidly provision security infrastructure whenever and wherever it is needed. FortiGate virtual appliances feature all of the security and networking services common to traditional hardware-based FortiGate appliances. With the addition of virtual appliances from Fortinet, you can deploy a mix of hardware and virtual appliances, operating together and managed from a common centralized management platform.
The pricing and licensing are not as expensive as its competitors.
It is an expensive solution if you are migrating from an open source solution.
The pricing and licensing are not as expensive as its competitors.
It is an expensive solution if you are migrating from an open source solution.
Cato Networks is a leading SASE (Secure Access Service Edge) platform, combining SD-WAN and network security to obtain a cloud-native service. Cato Networks optimizes and secures application access for users and identities. The platform delivers a next-generation secure networking architecture that minimizes legacy IT infrastructures’ complexity, costs, and risks. The goal of Cato Suite is to connect any user to any application securely and optimally.
The price is not an issue for us, as it is priced more competitively than some other vendors.
If you compare with VeloCloud, the price is the same or even cheaper.
The price is not an issue for us, as it is priced more competitively than some other vendors.
If you compare with VeloCloud, the price is the same or even cheaper.
Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.
I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.
The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.
I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.
The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.
VMware Software-Defined Wide Area Network (SD-WAN) is a secure access service edge (SASE) platform that combines many types of software-based network technologies in an attempt to enable users to virtualize their wide area networks and reduce their reliance on hardware. In essence, this solution makes it possible for users to reliably access their applications from anywhere in the world by leveraging cloud technologies. Users can simply, efficiently, and completely control their network devices and traffic. It ensures that organizations are always able to use the best possible connection to their data centers. VMware SD-WAN steers traffic so that it is always using the most reliable connections and at the same time takes steps to remediate any problems that it detects in other network links. This guarantees that organizations can access high-priority applications at all times.
VeloCloud performs as well as the Cisco SD-WAN but it is cheaper in price.
The price of this solution is higher than that of other SD-WAN vendors.
VeloCloud performs as well as the Cisco SD-WAN but it is cheaper in price.
The price of this solution is higher than that of other SD-WAN vendors.
Kerio Control is a popular security product for small and medium-sized businesses. It is a next-generation firewall that provides unified threat management without complexity. Kerio Control provides advanced anti-virus protection and industry-leading web and content application filtering, and has a secure VPN.
Search and compare.
Pricing is good, but the licensing took a lot of time.
Search and compare.
Pricing is good, but the licensing took a lot of time.
Palo Alto Networks VM-Series is a highly effective advanced threat protection (ATP) solution and firewall that can be hosted on cloud computing technologies designed by many different companies. It decreases the amount of time that it will take administrators to respond to threats. Users that deploy VM-series have 70% less downtime than those who use similar firewalls. Neither protection nor efficiency are concerns when this next-generation firewall is in play.
For what you get, it does do what it says. It is a good value for an enterprise firewall.
The licensing is pretty much like everyone else.
For what you get, it does do what it says. It is a good value for an enterprise firewall.
The licensing is pretty much like everyone else.
Splunk User Behavior Analytics is a behavior-based threat detection is based on machine learning methodologies that require no signatures or human analysis, enabling multi-entity behavior profiling and peer group analytics for users, devices, service accounts and applications. It detects insider threats and external attacks using out-of-the-box purpose-built that helps organizations find known, unknown and hidden threats, but extensible unsupervised machine learning (ML) algorithms, provides context around the threat via ML driven anomaly correlation and visual mapping of stitched anomalies over various phases of the attack lifecycle (Kill-Chain View). It uses a data science driven approach that produces actionable results with risk ratings and supporting evidence that increases SOC efficiency and supports bi-directional integration with Splunk Enterprise for data ingestion and correlation and with Splunk Enterprise Security for incident scoping, workflow management and automated response. The result is automated, accurate threat and anomaly detection.
There are additional costs associated with the integrator.
The licensing costs is around 10,000 dollars.
There are additional costs associated with the integrator.
The licensing costs is around 10,000 dollars.
Palo Alto Networks Advanced Threat Prevention is a cloud-based security service that combines cutting-edge technologies, including machine learning, artificial intelligence, and expert human monitoring, to effectively thwart advanced threats like malware, zero-day attacks, and command-and-control threats. It offers inline protection, scrutinizing all network traffic irrespective of port, protocol, or encryption. An integral component of Palo Alto Networks' security platform, it enjoys widespread adoption across diverse organizations. With its robust security capabilities, it's an ideal choice for entities of all sizes, particularly those in high-risk sectors such as finance, healthcare, and government agencies, seeking to safeguard their networks from a broad spectrum of advanced threats.
It's not too expensive.
If you want to have all of the good features then you have to pay extra for licensing.
It's not too expensive.
If you want to have all of the good features then you have to pay extra for licensing.
Sangfor Next Generation Firewall (also known as NGAF) is a converged security solution providing protection against advanced threat, malware, viruses, ransomware and web-based attacks using integrated security features like firewall, IPS, anti-virus, anti-malware, APT, URL filtering, Cloud Sandbox, and WAF. As the world's first AI-enabled and fully integrated Next Generation Firewall & Web Application Firewall (WAF), NGAF offering the security visibility, real-time detection and response, simplified operation and maintenance and high-performance application layer security needed to operate an enterprise network in total security. Tested and proven to provide cutting-edge network security by ICSA Labs and endorsed by Gartner Inc., NGAF harnesses the power of Sangfor’s Neural-X threat intelligence and analytics platform and Engine Zero’s innovative malware detection to provide next-generation protection for today’s enterprise.
It costs about 8 to 10 thousand dollars per year for 500 users, standard licensing fees included.
Sangfor is cheaper than competing vendors.
It costs about 8 to 10 thousand dollars per year for 500 users, standard licensing fees included.
Sangfor is cheaper than competing vendors.
For mid-sized companies, they sell their appliances for good prices.
The SN200 series costs between $500 USD and $600 USD per year, whereas the SN700 series costs approximately $1,000 annually.
For mid-sized companies, they sell their appliances for good prices.
The SN200 series costs between $500 USD and $600 USD per year, whereas the SN700 series costs approximately $1,000 annually.
The Versa Unified Secure Access Service Edge (SASE) Platform is a comprehensive solution that provides secure access to cloud applications and services. It combines networking and security functions into a single platform, making it easier for organizations to manage their network infrastructure. The platform includes features such as SD-WAN, VPN, firewall, web filtering, and more. It also offers advanced security capabilities such as intrusion prevention, malware protection, and threat intelligence. With the Versa SASE Platform, organizations can ensure secure access to their cloud applications and services from any location, while also reducing costs and simplifying network management.
The price is expensive but it makes sense for the market.
While I cannot provide too much commentary on the price, I feel it to be fair for the moment.
The price is expensive but it makes sense for the market.
While I cannot provide too much commentary on the price, I feel it to be fair for the moment.
Deep Discovery is available as a physical or virtual network appliance. It’s designed to quickly detect advanced malware that typically bypasses traditional security defenses and exfiltrates sensitive data. Specialized detection engines and custom sandbox analysis detect and prevent breaches.
Overall, the price is good.
The price of the solution is lower compared to the competition.
Overall, the price is good.
The price of the solution is lower compared to the competition.
Keep ahead of the latest threats and protect your critical data with ongoing threat prevention and analysis.
TippingPoint is not as expensive as Palo Alto but it's not as cheap as Fortigate.
It's an expensive product.
TippingPoint is not as expensive as Palo Alto but it's not as cheap as Fortigate.
It's an expensive product.
The EdgeConnect SD-WAN platform secures and powers a self-driving wide area network for cloud-first enterprises.
You have to negotiate when it comes to pricing and licensing.
The license could improve for Silver Peak VX.
You have to negotiate when it comes to pricing and licensing.
The license could improve for Silver Peak VX.
Peplink’s patent-pending SpeedFusion technology powers enterprise VPNs that tap into the bandwidth of up to 13 low-cost cable, DSL, 3G/4G/LTE, and other links connected anywhere on your corporate or institutional WAN. Whether you’re transferring a few documents or driving realtime POS data, video feeds, and VoIP conversations, SpeedFusion pumps all your data down a single fat datapipe that’s budget-friendly, ultra-fast, and easily configurable to suit any networking environment.
It has lifetime licensing. Its pricing is high for most of the markets.
Its licensing fee is on a yearly basis. For the price, it is actually pretty good value.
It has lifetime licensing. Its pricing is high for most of the markets.
Its licensing fee is on a yearly basis. For the price, it is actually pretty good value.
Palo Alto Networks URL Filtering with PAN-DB is an advanced URL filtering solution that provides a way to control web access, as well as how users interact with online content. With this solution, your organization can prevent credential phishing theft by assuming strict control over which sites users can enter their corporate credentials into. Palo Alto Networks Advanced URL Filtering with PAN-DB provides web protection by using URL database capabilities to help you automatically detect and prevent new malicious and targeted web-based threats instantly.
It is more expensive than ASA but is far cheaper than Checkpoint. So, pricing wise, it is right in the middle.
Expensive, but that's because it provides everything.
It is more expensive than ASA but is far cheaper than Checkpoint. So, pricing wise, it is right in the middle.
Expensive, but that's because it provides everything.
Arista NDR (formerly Awake Security) is the only advanced network detection and response company that delivers answers, not alerts. By combining artificial intelligence with human expertise, Arista NDR hunts for both insider and external attacker behaviors, while providing autonomous triage and response with full forensics across traditional, IoT, and cloud networks. Arista NDR delivers continuous diagnostics for the entire enterprise threat landscape, processes countless network data points, senses abnormalities or threats, and reacts if necessary—all in a matter of seconds. The Arista NDP platform stands out from traditional security because it is designed to mimic the human brain. It recognizes malicious intent and learns over time, giving defenders greater visibility and insight into what threats exist and how to respond to them.
The solution has saved thousands of dollars within the first day. Our ROI has to be in the tens of thousands of dollars since October last year.
The solution is very good and the pricing is also better than others...
The solution has saved thousands of dollars within the first day. Our ROI has to be in the tens of thousands of dollars since October last year.
The solution is very good and the pricing is also better than others...
Snort is an open-source, rule-based, intrusion detection and prevention system. It combines the benefits of signature-, protocol-, and anomaly-based inspection methods to deliver flexible protection from malware attacks. Snort gained notoriety for being able to accurately detect threats at high speeds.
We have a three-year license for this solution.
Licensing for this solution is paid on a yearly basis.
We have a three-year license for this solution.
Licensing for this solution is paid on a yearly basis.
Block More Intrusions
Stop new and unknown attacks with signature-based and signature-less intrusion prevention systems. Signature-less intrusion detection finds malicious network traffic and stops attacks where no signatures exist.
I rate the product’s pricing an eight out of ten.
The tool is competitively priced.
I rate the product’s pricing an eight out of ten.
The tool is competitively priced.
Hillstone Network-based IPS (NIPS) appliance operates in-line, and at wire speed, performing deep packet inspection, and assembling inspection of all network traffic. It also applies rules based on several methodologies, including protocol anomaly analysis and signature analysis to block threats. Hillstone NIPS can be deployed in the network to inspect traffic left undetected by perimeter solutions, and is an integral part of network security systems for its high-performance, no compromise, best-of-breed protection capability and broad and flexible deployment scenarios.
Dell EMC SD-WAN Solution powered by VMware combines purpose-built
networking appliances from Dell EMC with SD-WAN software from VMware in
an all-in-one solution for WAN modernization. VMware has been named a
leader by Gartner in the Magic Quadrant for WAN Edge Infrastructure.*
With simplicity, efficiency, and a full range of flexible support, services and
global supply chain options, Dell EMC SD-WAN Solution delivers a powerful,
all-in-one solution that enables you to transform your network for the Cloud era