Fortinet FortiGate is an innovative line of firewalls that aim to protect organizations from all types of web-based network threats. They come in a wide variety of product types. Fortinet FortiGate’s solutions are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.
Fortinet has one or two license types, and the VPN numbers are only limited by the hardware chassis make.
Go for long term pricing negotiated at the time of purchase.
Fortinet has one or two license types, and the VPN numbers are only limited by the hardware chassis make.
Go for long term pricing negotiated at the time of purchase.
pfSense is a powerful and reliable network security appliance primarily used for security purposes such as firewall and VPN or traffic shaping, network management, and web filtering. It is commonly used by small businesses and managed service providers to protect their customers' networks and enable remote access through VPNs.
PFSENSE turns out to be very economical, the license is free and for little money you get very good support
If you need to buy hardware onto which to install PfSense, go with their boxes on their website, they are great.
PFSENSE turns out to be very economical, the license is free and for little money you get very good support
If you need to buy hardware onto which to install PfSense, go with their boxes on their website, they are great.
Cisco Secure Firewall, including Firepower, is a powerful perimeter security solution used for network security, data center protection, advanced malware protection, and site-to-site VPNs. Its most valuable features include NGIPS, application visibility and control, VLAN implementations, intrusion prevention, threat defense, and NAT.
Cisco devices are for sure costly and budget could be an important constrain on selecting them as our security solution.
I have to admit that the price is high. But I think it's worth it if the stability of your solution counts for you.
Cisco devices are for sure costly and budget could be an important constrain on selecting them as our security solution.
I have to admit that the price is high. But I think it's worth it if the stability of your solution counts for you.
OPNsense is a user-friendly, fast-track, open-source FreeBSD-based firewall and routing platform. This software offers features that are generally available from costly commercial firewalls, with the added benefit of open and verifiable sources. The firewall provides users, developers, and organizations with an advantageous environment through transparency. The development of this project is driven by a strong focus on security and code quality.
We are not paying any licensing fees. OPNsense is completely free for us.
It costs about $1000.
We are not paying any licensing fees. OPNsense is completely free for us.
It costs about $1000.
Sophos XG Firewall is a complete firewall solution that provides all the real-time security and insights you need to protect your network from ransomware and advanced threats. Sophos XG Firewall provides visibility into suspicious users, unknown and unwanted apps, encrypted traffic, and other threats. With its advanced artificial intelligence capabilities, Sophos XG Firewall immediately identifies potential risks and intrusions on web servers and networks.
For licensing the XG 210, we paid approximately $3000 for three years. There are no additional fees on top of this.
It's a suitable price and license.
For licensing the XG 210, we paid approximately $3000 for three years. There are no additional fees on top of this.
It's a suitable price and license.
Cisco Meraki MX appliances are next-generation firewalls with all the advanced security services needed for today’s IT security. The appliances are ideal for organizations considering a unified threat management (UTM) solution for branch offices, data centers, distributed sites, or campuses. Since Meraki MX is 100% cloud-managed, installation and remote management are simple and zero-touch.
The Meraki UTM is excellent when you buy the Advanced Security license. If you buy a different license you lost all the valuable functions.
It can always improve pricewise regarding throughput.
The Meraki UTM is excellent when you buy the Advanced Security license. If you buy a different license you lost all the valuable functions.
It can always improve pricewise regarding throughput.
Zscaler Internet Access is a cloud-native security service edge (SSE) platform. Its main purpose is to provide AI-powered protection for all users, all applications, and all locations. The solution replaces other legacy network security solutions to stop advanced attacks and prevent data loss by using a comprehensive zero trust approach.
The pricing is an issue. It is expensive compared to other firewalls on the market.
Our monthly fee is around R3000.
The pricing is an issue. It is expensive compared to other firewalls on the market.
Our monthly fee is around R3000.
Azure Firewall is a user-friendly, intuitive, cloud-native firewall security solution that provides top-of-the-industry threat protection for all your Azure Virtual Network resources. Azure Firewall is constantly and thoroughly analyzing all traffic and data packets, making it a very valuable and secure fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability. Azure Firewall allows users to create virtual IP addresses and provides for secure DDoS protection for the virtual machines on your network. It also provides fast and efficient east-west and north-south traffic security.
Azure Firewall is a managed, cloud-based network security service built to protect your Azure Virtual Network resources. It is a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability.
Azure Firewall is quite an expensive product.
The licensing module is good.
Azure Firewall is quite an expensive product.
The licensing module is good.
Check Point NGFW is a next generation firewall that enables safe usage of internet applications by blocking malicious applications and unblocking safe applications. Check Point NGFW, which uses deep packet inspection to identify and control applications, has features such as application and user control and integrated intrusion prevention (IPS), as well as more advanced malware prevention capabilities like sandboxing.
The price is high in comparison to other solutions.
We pay $5,000-$6,000 a year.
The price is high in comparison to other solutions.
We pay $5,000-$6,000 a year.
WatchGuard Firebox is a versatile security solution primarily used for security purposes such as firewalling, VPN, and protecting networks from outside and inside threats. It is also used for routing, multi-factor authentication, vulnerability management, and segregating industrial networks from corporate networks.
Very competitive pricing regarding throughput compared to other alternatives.
Cheap.
Very competitive pricing regarding throughput compared to other alternatives.
Cheap.
Sophos UTM is a unified threat management platform designed to protect your businesses from known and emerging malware including viruses, rootkits and spyware. The solution provides a complete network security package with everything your organization needs in a single modular appliance.
The licensing model is very straightforward, it's a bit pricey, but for what you get, it's well worth it.
If you can afford it, go for a small Check Point, as it is easier to manage.
The licensing model is very straightforward, it's a bit pricey, but for what you get, it's well worth it.
If you can afford it, go for a small Check Point, as it is easier to manage.
Untangle NG Firewall is an open-source firewall and gateway security platform that helps keep networks safe while accessing the internet. It offers a free core firewall platform with paid add-ons, and a cloud-based management platform with a variety of deployment options for smaller teams. The solution also has a cloud-based management console for remote management that can either be deployed on premises or as SaaS, and virtualized or cloud-based. It also has flexible deployment options, including third-party hardware, as a virtual machine, or as a turnkey appliance. Untangle NG Firewall is ideal for small IT teams with limited budgets.
It is the most cost-effective to use.
We pay $350 USD per year for the solution. There are no additional costs. As long as you're not using a physical appliance, that's all you need.
It is the most cost-effective to use.
We pay $350 USD per year for the solution. There are no additional costs. As long as you're not using a physical appliance, that's all you need.
Juniper SRX is a next-generation security solution that enables users to expand and secure their networks without incurring heavy costs or sacrificing performance.
The prices are very good as compared to other vendors.
Pricing is good. Most of the costs are in the UTM (IDS/IPS, virus scanning, etc) subscription.
The prices are very good as compared to other vendors.
Pricing is good. Most of the costs are in the UTM (IDS/IPS, virus scanning, etc) subscription.
SonicWall NSa dispenses advanced threat protection using a high-performance security platform. The NSa series implements intuitive deep learning technologies in the SonicWall Capture Cloud Platform to dispatch the automated real-time threat detection and deterrence enterprise organizations need today. SonicWall Network Security appliance (NSa) series is best for mid-sized organizations to distributed enterprises and data centers.
SonicWall NSa series next-generation firewalls (NFGWS) combine two very robust security ideologies to deliver advanced threat protection to keep users’ networks safe. Boosting SonicWall’s multi-engine advanced threat protection (ATP) is their Real-time Deep Memory Inspection (RTDMI™). The RTDMI intuitively identifies and stops aggressive zero-day threats and vicious malware by investigating memory directly. This real-time process allows SonicWall RTDMI to be accurate, lessen false positives and discover and alleviate malicious threats and attacks. SonicWall’s single-pass Reassembly-Free Deep Packet Inspection (RFDPI) will audit every byte of each and every packet by investigating both outbound and inbound traffic on the firewall. By combining the SonicWall Capture Cloud Platform along with on-box offerings such as intrusion prevention, web/URL filtering, and anti-malware, the NSa series is able to block the most malicious and dangerous threats at the gateway.
Licensed features provide application control, content filtering, antivirus, and anti-malware all in a single appliance.
The CPUs are not able to compete with a similar price point to the Fortinet, WatchGuard, or Palo Alto product.
Licensed features provide application control, content filtering, antivirus, and anti-malware all in a single appliance.
The CPUs are not able to compete with a similar price point to the Fortinet, WatchGuard, or Palo Alto product.
FortiGate Virtual Appliances allow you to mitigate blind spots by implementing critical security controls within your virtual infrastructure. They also allow you to rapidly provision security infrastructure whenever and wherever it is needed. FortiGate virtual appliances feature all of the security and networking services common to traditional hardware-based FortiGate appliances. With the addition of virtual appliances from Fortinet, you can deploy a mix of hardware and virtual appliances, operating together and managed from a common centralized management platform.
The pricing and licensing are not as expensive as its competitors.
It is an expensive solution if you are migrating from an open source solution.
The pricing and licensing are not as expensive as its competitors.
It is an expensive solution if you are migrating from an open source solution.
Palo Alto Networks VM-Series is a highly effective advanced threat protection (ATP) solution and firewall that can be hosted on cloud computing technologies designed by many different companies. It decreases the amount of time that it will take administrators to respond to threats. Users that deploy VM-series have 70% less downtime than those who use similar firewalls. Neither protection nor efficiency are concerns when this next-generation firewall is in play.
For what you get, it does do what it says. It is a good value for an enterprise firewall.
The licensing is pretty much like everyone else.
For what you get, it does do what it says. It is a good value for an enterprise firewall.
The licensing is pretty much like everyone else.
Kerio Control is a popular security product for small and medium-sized businesses. It is a next-generation firewall that provides unified threat management without complexity. Kerio Control provides advanced anti-virus protection and industry-leading web and content application filtering, and has a secure VPN.
Search and compare.
Pricing is good, but the licensing took a lot of time.
Search and compare.
Pricing is good, but the licensing took a lot of time.
ZyWALL USG Series delivers high-access quality to help businesses satisfy the demand for always-online communications. For internal deployments, the ZyWALL USG Series provides active-passive High-Availability (HA) service to support device or connection failover.
This gateway is pretty cheap.
This gateway is pretty cheap.
For mid-sized companies, they sell their appliances for good prices.
The SN200 series costs between $500 USD and $600 USD per year, whereas the SN700 series costs approximately $1,000 annually.
For mid-sized companies, they sell their appliances for good prices.
The SN200 series costs between $500 USD and $600 USD per year, whereas the SN700 series costs approximately $1,000 annually.
Barracuda CloudGen Firewall is a comprehensive network security solution that provides advanced protection for organizations of all sizes. It offers next-generation firewall capabilities, including application control, intrusion prevention, and web filtering.
It is a product with a very transparent model of licensing. In the sense of hidden expenses, they do not exist with this model.
We evaluated a lot of different options. We concluded that Barracuda NG Firewall provided the most features for an exemplary price.
It is a product with a very transparent model of licensing. In the sense of hidden expenses, they do not exist with this model.
We evaluated a lot of different options. We concluded that Barracuda NG Firewall provided the most features for an exemplary price.
Sangfor Next Generation Firewall (also known as NGAF) is a converged security solution providing protection against advanced threat, malware, viruses, ransomware and web-based attacks using integrated security features like firewall, IPS, anti-virus, anti-malware, APT, URL filtering, Cloud Sandbox, and WAF. As the world's first AI-enabled and fully integrated Next Generation Firewall & Web Application Firewall (WAF), NGAF offering the security visibility, real-time detection and response, simplified operation and maintenance and high-performance application layer security needed to operate an enterprise network in total security. Tested and proven to provide cutting-edge network security by ICSA Labs and endorsed by Gartner Inc., NGAF harnesses the power of Sangfor’s Neural-X threat intelligence and analytics platform and Engine Zero’s innovative malware detection to provide next-generation protection for today’s enterprise.
It costs about 8 to 10 thousand dollars per year for 500 users, standard licensing fees included.
Sangfor is cheaper than competing vendors.
It costs about 8 to 10 thousand dollars per year for 500 users, standard licensing fees included.
Sangfor is cheaper than competing vendors.
Forcepoint Next Generation Firewall is a versatile and comprehensive solution for perimeter security, offering features such as SD-WAN, IPS, VPN, and cloud or on-premises subscription keys. It is preferred by many clients over Cisco and is used for obligation redundancy, VPN access, and as the main point of security in infrastructure.
The big advantage of this solution is that we can select the right model for our requirements, which is not too expensive.
Forcepoint is very expensive but it's really secure.
The big advantage of this solution is that we can select the right model for our requirements, which is not too expensive.
Forcepoint is very expensive but it's really secure.
Sophos XGS is a comprehensive network security solution designed to protect organizations from advanced threats. It combines next-generation firewall capabilities with advanced threat protection, web filtering, and application control.
The price of the solution is reasonable and their target market is small to medium-sized companies.
The license for Sophos XGS is for three years, paid on a yearly basis. Everything is included with the license; there are no additional fees.
The price of the solution is reasonable and their target market is small to medium-sized companies.
The license for Sophos XGS is for three years, paid on a yearly basis. Everything is included with the license; there are no additional fees.
CloudGuard Network Security is a firewall solution that provides network security for cloud environments. It protects against cyber threats with multi-layered security for public, private, and hybrid clouds.
On average, it is normally on the lower end, being less expensive than Palo Alto or Cisco.
It is more expensive than other solutions and would be more competetive in the market if it came down in price.
On average, it is normally on the lower end, being less expensive than Palo Alto or Cisco.
It is more expensive than other solutions and would be more competetive in the market if it came down in price.
Huawei's Next-Generation Firewall (NGFW) is a cutting-edge security solution designed to protect networks from advanced threats. With its advanced threat detection and prevention capabilities, the Huawei NGFW ensures the highest level of network security.
Licensing fees are billed on an annual basis.
The price of the license of this solution is high.
Licensing fees are billed on an annual basis.
The price of the license of this solution is high.
Zscaler enables the world’s leading organizations to securely transform their networks and applications for a mobile and cloud first world. Its flagship services, Zscaler Internet Access and Zscaler Private Access, create fast, secure connections between users and applications, regardless of device, location, or network. Zscaler services are 100% cloud-delivered and offer the simplicity, enhanced security, and improved user experience that traditional appliances or hybrid solutions are unable to match. Used in more than 185 countries, Zscaler operates the world’s largest cloud security platform, protecting thousands of enterprises and government agencies from cyberattacks and data loss.
The licensing is on a yearly basis. It is somewhere around 30 or 40 pounds per user for our organization.
There are licensing costs, and I would not say that it's a cheap vendor.
The licensing is on a yearly basis. It is somewhere around 30 or 40 pounds per user for our organization.
There are licensing costs, and I would not say that it's a cheap vendor.
The licensing is on a subscription basis, and it is fairly costly. I would prefer a one-time payment.
The licenses for this solution are expensive.
The licensing is on a subscription basis, and it is fairly costly. I would prefer a one-time payment.
The licenses for this solution are expensive.
Juniper vSRX is a virtualized security platform that provides advanced threat protection for virtualized and cloud environments. It offers a comprehensive set of security features, including firewall, VPN, intrusion prevention system (IPS), and unified threat management (UTM).
Our experience purchasing the solution through the AWS Marketplace was good.
We like pricing through the AWS Marketplace.
Our experience purchasing the solution through the AWS Marketplace was good.
We like pricing through the AWS Marketplace.
Hillstone E-Series is a comprehensive network security solution designed to protect organizations from advanced threats. It offers a range of features including a firewall, intrusion prevention system (IPS), virtual private network (VPN), and application control.
The cost per year for licensing, and hardware, is approximately $850 for the basic plan.
Hillstone's pricing is economical and neither very high nor very low.
The cost per year for licensing, and hardware, is approximately $850 for the basic plan.
Hillstone's pricing is economical and neither very high nor very low.
GajShield Next Generation Firewall (NGFW) is a cutting-edge cybersecurity solution designed to protect organizations from advanced threats and secure their network infrastructure. With its advanced features and robust capabilities, GajShield NGFW offers comprehensive security, high performance, and simplified management.
It was about 15% cheaper compared to Sophos.
The price of the GajShield Next Generation Firewall is very attractive when compared to other solutions.
It was about 15% cheaper compared to Sophos.
The price of the GajShield Next Generation Firewall is very attractive when compared to other solutions.
Designed to handle growing throughput needs due to increasing amounts of application-, user-, and device-generated data, the K2-Series offers amazing performance and threat prevention capabilities to stop advanced cyberattacks and secure mobile network infrastructure, subscribers, and services.
Products by the leader in the field are justifiably a bit more expensive compared to other vendors.
The price of this solution is too high.
Products by the leader in the field are justifiably a bit more expensive compared to other vendors.
The price of this solution is too high.
Valtix makes network security for public cloud applications shockingly simple. Designed with a cloud-native approach, Valtix automatically discovers your apps, and enables admins to specify deep inspection policies within minutes. This DevOps-friendly approach empowers security teams to deploy an auto-scaling security service without incurring the costs and complexity of multiple WAF and NGFW vendor appliances.
