Fortinet FortiGate is an innovative line of firewalls that aim to protect organizations from all types of web-based network threats. They come in a wide variety of product types. Fortinet FortiGate’s solutions are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.
Fortinet has one or two license types, and the VPN numbers are only limited by the hardware chassis make.
Go for long term pricing negotiated at the time of purchase.
Fortinet has one or two license types, and the VPN numbers are only limited by the hardware chassis make.
Go for long term pricing negotiated at the time of purchase.
pfSense is a powerful and reliable network security appliance primarily used for security purposes such as firewall and VPN or traffic shaping, network management, and web filtering. It is commonly used by small businesses and managed service providers to protect their customers' networks and enable remote access through VPNs.
PFSENSE turns out to be very economical, the license is free and for little money you get very good support
If you need to buy hardware onto which to install PfSense, go with their boxes on their website, they are great.
PFSENSE turns out to be very economical, the license is free and for little money you get very good support
If you need to buy hardware onto which to install PfSense, go with their boxes on their website, they are great.
Cisco Secure Firewall, including Firepower, is a powerful perimeter security solution used for network security, data center protection, advanced malware protection, and site-to-site VPNs. Its most valuable features include NGIPS, application visibility and control, VLAN implementations, intrusion prevention, threat defense, and NAT.
Cisco devices are for sure costly and budget could be an important constrain on selecting them as our security solution.
I have to admit that the price is high. But I think it's worth it if the stability of your solution counts for you.
Cisco devices are for sure costly and budget could be an important constrain on selecting them as our security solution.
I have to admit that the price is high. But I think it's worth it if the stability of your solution counts for you.
OPNsense is a user-friendly, fast-track, open-source FreeBSD-based firewall and routing platform. This software offers features that are generally available from costly commercial firewalls, with the added benefit of open and verifiable sources. The firewall provides users, developers, and organizations with an advantageous environment through transparency. The development of this project is driven by a strong focus on security and code quality.
We are not paying any licensing fees. OPNsense is completely free for us.
It costs about $1000.
We are not paying any licensing fees. OPNsense is completely free for us.
It costs about $1000.
Sophos XG Firewall is a complete firewall solution that provides all the real-time security and insights you need to protect your network from ransomware and advanced threats. Sophos XG Firewall provides visibility into suspicious users, unknown and unwanted apps, encrypted traffic, and other threats. With its advanced artificial intelligence capabilities, Sophos XG Firewall immediately identifies potential risks and intrusions on web servers and networks.
For licensing the XG 210, we paid approximately $3000 for three years. There are no additional fees on top of this.
It's a suitable price and license.
For licensing the XG 210, we paid approximately $3000 for three years. There are no additional fees on top of this.
It's a suitable price and license.
Microsoft Defender for Office 365 is a comprehensive security solution designed to protect organizations against advanced threats in their email, collaboration, and productivity environments. It combines the power of Microsoft's threat intelligence, machine learning, and behavioral analytics to provide real-time protection against phishing, malware, ransomware, and other malicious attacks.
It's a user-base subscription.
From the pricing point of view, like any other product in the market, there is scope for negotiation.
It's a user-base subscription.
From the pricing point of view, like any other product in the market, there is scope for negotiation.
Cisco Meraki MX appliances are next-generation firewalls with all the advanced security services needed for today’s IT security. The appliances are ideal for organizations considering a unified threat management (UTM) solution for branch offices, data centers, distributed sites, or campuses. Since Meraki MX is 100% cloud-managed, installation and remote management are simple and zero-touch.
The Meraki UTM is excellent when you buy the Advanced Security license. If you buy a different license you lost all the valuable functions.
It can always improve pricewise regarding throughput.
The Meraki UTM is excellent when you buy the Advanced Security license. If you buy a different license you lost all the valuable functions.
It can always improve pricewise regarding throughput.
Zscaler Internet Access is a cloud-native security service edge (SSE) platform. Its main purpose is to provide AI-powered protection for all users, all applications, and all locations. The solution replaces other legacy network security solutions to stop advanced attacks and prevent data loss by using a comprehensive zero trust approach.
The pricing is an issue. It is expensive compared to other firewalls on the market.
Our monthly fee is around R3000.
The pricing is an issue. It is expensive compared to other firewalls on the market.
Our monthly fee is around R3000.
Palo Alto Networks NG Firewalls are next-generation firewalls used for security to protect networks from threats and attacks. It is used for perimeter security, data center protection, and managing secure access to environments. Users highlight the NGFW's effectiveness in providing comprehensive security without impacting network performance. Users appreciate its ease of use, particularly in setup and ongoing management, making it a favored choice for businesses looking to secure their cloud environments.
Annually, the licensing costs are too much.
The licensing is annual, and there aren't any additional fees on top of that.
Annually, the licensing costs are too much.
The licensing is annual, and there aren't any additional fees on top of that.
Azure Firewall is a user-friendly, intuitive, cloud-native firewall security solution that provides top-of-the-industry threat protection for all your Azure Virtual Network resources. Azure Firewall is constantly and thoroughly analyzing all traffic and data packets, making it a very valuable and secure fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability. Azure Firewall allows users to create virtual IP addresses and provides for secure DDoS protection for the virtual machines on your network. It also provides fast and efficient east-west and north-south traffic security.
Azure Firewall is a managed, cloud-based network security service built to protect your Azure Virtual Network resources. It is a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability.
Azure Firewall is quite an expensive product.
The licensing module is good.
Azure Firewall is quite an expensive product.
The licensing module is good.
Check Point NGFW is a next generation firewall that enables safe usage of internet applications by blocking malicious applications and unblocking safe applications. Check Point NGFW, which uses deep packet inspection to identify and control applications, has features such as application and user control and integrated intrusion prevention (IPS), as well as more advanced malware prevention capabilities like sandboxing.
The price is high in comparison to other solutions.
We pay $5,000-$6,000 a year.
The price is high in comparison to other solutions.
We pay $5,000-$6,000 a year.
CyberArk Privileged Access Manager is a next-generation solution that allows users to secure both their applications and their confidential corporate information. It is extremely flexible and can be implemented across a variety of environments. This program runs with equal efficiency in a fully cloud-based, hybrid, or on-premises environment. Users can now protect their critical infrastructure and access it in any way that best meets their needs.
Pricing and licensing depend on the environment.
It is not a cheap solution. It is expensive as compared with other solutions. However, it is one of the best solutions in their domain.
Pricing and licensing depend on the environment.
It is not a cheap solution. It is expensive as compared with other solutions. However, it is one of the best solutions in their domain.
Palo Alto Networks WildFire is a highly effective cloud-based advanced threat protection (ATP) solution that organizations in a wide variety of fields trust to help them keep safe from digital threats. It is designed to enable businesses to confront even the most evasive threats and resolve them. It combines many techniques to maximize the level of threat protection available to users.
It IS a bit expensive, but I think you get what you pay for. Value is there.
It's not particularly cheap, but it is absolutely worth it.
It IS a bit expensive, but I think you get what you pay for. Value is there.
It's not particularly cheap, but it is absolutely worth it.
Sophos UTM is a unified threat management platform designed to protect your businesses from known and emerging malware including viruses, rootkits and spyware. The solution provides a complete network security package with everything your organization needs in a single modular appliance.
The licensing model is very straightforward, it's a bit pricey, but for what you get, it's well worth it.
If you can afford it, go for a small Check Point, as it is easier to manage.
The licensing model is very straightforward, it's a bit pricey, but for what you get, it's well worth it.
If you can afford it, go for a small Check Point, as it is easier to manage.
Getting licenses in our country, Ghana, is not easy. Though, once we have them, adding them is quick (about a day).
The pricing was a factor for us, and we felt that the price was good.
Getting licenses in our country, Ghana, is not easy. Though, once we have them, adding them is quick (about a day).
The pricing was a factor for us, and we felt that the price was good.
Untangle NG Firewall is an open-source firewall and gateway security platform that helps keep networks safe while accessing the internet. It offers a free core firewall platform with paid add-ons, and a cloud-based management platform with a variety of deployment options for smaller teams. The solution also has a cloud-based management console for remote management that can either be deployed on premises or as SaaS, and virtualized or cloud-based. It also has flexible deployment options, including third-party hardware, as a virtual machine, or as a turnkey appliance. Untangle NG Firewall is ideal for small IT teams with limited budgets.
It is the most cost-effective to use.
We pay $350 USD per year for the solution. There are no additional costs. As long as you're not using a physical appliance, that's all you need.
It is the most cost-effective to use.
We pay $350 USD per year for the solution. There are no additional costs. As long as you're not using a physical appliance, that's all you need.
Juniper SRX is a next-generation security solution that enables users to expand and secure their networks without incurring heavy costs or sacrificing performance.
The prices are very good as compared to other vendors.
Pricing is good. Most of the costs are in the UTM (IDS/IPS, virus scanning, etc) subscription.
The prices are very good as compared to other vendors.
Pricing is good. Most of the costs are in the UTM (IDS/IPS, virus scanning, etc) subscription.
SonicWall NSa dispenses advanced threat protection using a high-performance security platform. The NSa series implements intuitive deep learning technologies in the SonicWall Capture Cloud Platform to dispatch the automated real-time threat detection and deterrence enterprise organizations need today. SonicWall Network Security appliance (NSa) series is best for mid-sized organizations to distributed enterprises and data centers.
SonicWall NSa series next-generation firewalls (NFGWS) combine two very robust security ideologies to deliver advanced threat protection to keep users’ networks safe. Boosting SonicWall’s multi-engine advanced threat protection (ATP) is their Real-time Deep Memory Inspection (RTDMI™). The RTDMI intuitively identifies and stops aggressive zero-day threats and vicious malware by investigating memory directly. This real-time process allows SonicWall RTDMI to be accurate, lessen false positives and discover and alleviate malicious threats and attacks. SonicWall’s single-pass Reassembly-Free Deep Packet Inspection (RFDPI) will audit every byte of each and every packet by investigating both outbound and inbound traffic on the firewall. By combining the SonicWall Capture Cloud Platform along with on-box offerings such as intrusion prevention, web/URL filtering, and anti-malware, the NSa series is able to block the most malicious and dangerous threats at the gateway.
Licensed features provide application control, content filtering, antivirus, and anti-malware all in a single appliance.
The CPUs are not able to compete with a similar price point to the Fortinet, WatchGuard, or Palo Alto product.
Licensed features provide application control, content filtering, antivirus, and anti-malware all in a single appliance.
The CPUs are not able to compete with a similar price point to the Fortinet, WatchGuard, or Palo Alto product.
FortiGate Virtual Appliances allow you to mitigate blind spots by implementing critical security controls within your virtual infrastructure. They also allow you to rapidly provision security infrastructure whenever and wherever it is needed. FortiGate virtual appliances feature all of the security and networking services common to traditional hardware-based FortiGate appliances. With the addition of virtual appliances from Fortinet, you can deploy a mix of hardware and virtual appliances, operating together and managed from a common centralized management platform.
The pricing and licensing are not as expensive as its competitors.
It is an expensive solution if you are migrating from an open source solution.
The pricing and licensing are not as expensive as its competitors.
It is an expensive solution if you are migrating from an open source solution.
Kerio Control is a popular security product for small and medium-sized businesses. It is a next-generation firewall that provides unified threat management without complexity. Kerio Control provides advanced anti-virus protection and industry-leading web and content application filtering, and has a secure VPN.
Search and compare.
Pricing is good, but the licensing took a lot of time.
Search and compare.
Pricing is good, but the licensing took a lot of time.
ZyWALL USG Series delivers high-access quality to help businesses satisfy the demand for always-online communications. For internal deployments, the ZyWALL USG Series provides active-passive High-Availability (HA) service to support device or connection failover.
This gateway is pretty cheap.
This gateway is pretty cheap.
Microsoft Defender for Identity is a comprehensive security solution that helps organizations protect their identities and detect potential threats. It leverages advanced analytics and machine learning to provide real-time visibility into user activities, enabling proactive identification of suspicious behavior.
Defender for Identity is a little more expensive than other Microsoft products. Identity and Microsoft Defender for Cloud are both a bit costly.
It is very affordable considering that other SIEM solutions are much more expensive and have many more licensing restrictions and fees.
Defender for Identity is a little more expensive than other Microsoft products. Identity and Microsoft Defender for Cloud are both a bit costly.
It is very affordable considering that other SIEM solutions are much more expensive and have many more licensing restrictions and fees.
For mid-sized companies, they sell their appliances for good prices.
The SN200 series costs between $500 USD and $600 USD per year, whereas the SN700 series costs approximately $1,000 annually.
For mid-sized companies, they sell their appliances for good prices.
The SN200 series costs between $500 USD and $600 USD per year, whereas the SN700 series costs approximately $1,000 annually.
Barracuda CloudGen Firewall is a comprehensive network security solution that provides advanced protection for organizations of all sizes. It offers next-generation firewall capabilities, including application control, intrusion prevention, and web filtering.
It is a product with a very transparent model of licensing. In the sense of hidden expenses, they do not exist with this model.
We evaluated a lot of different options. We concluded that Barracuda NG Firewall provided the most features for an exemplary price.
It is a product with a very transparent model of licensing. In the sense of hidden expenses, they do not exist with this model.
We evaluated a lot of different options. We concluded that Barracuda NG Firewall provided the most features for an exemplary price.
Sangfor Next Generation Firewall (also known as NGAF) is a converged security solution providing protection against advanced threat, malware, viruses, ransomware and web-based attacks using integrated security features like firewall, IPS, anti-virus, anti-malware, APT, URL filtering, Cloud Sandbox, and WAF. As the world's first AI-enabled and fully integrated Next Generation Firewall & Web Application Firewall (WAF), NGAF offering the security visibility, real-time detection and response, simplified operation and maintenance and high-performance application layer security needed to operate an enterprise network in total security. Tested and proven to provide cutting-edge network security by ICSA Labs and endorsed by Gartner Inc., NGAF harnesses the power of Sangfor’s Neural-X threat intelligence and analytics platform and Engine Zero’s innovative malware detection to provide next-generation protection for today’s enterprise.
It costs about 8 to 10 thousand dollars per year for 500 users, standard licensing fees included.
Sangfor is cheaper than competing vendors.
It costs about 8 to 10 thousand dollars per year for 500 users, standard licensing fees included.
Sangfor is cheaper than competing vendors.
Forcepoint Next Generation Firewall is a versatile and comprehensive solution for perimeter security, offering features such as SD-WAN, IPS, VPN, and cloud or on-premises subscription keys. It is preferred by many clients over Cisco and is used for obligation redundancy, VPN access, and as the main point of security in infrastructure.
The big advantage of this solution is that we can select the right model for our requirements, which is not too expensive.
Forcepoint is very expensive but it's really secure.
The big advantage of this solution is that we can select the right model for our requirements, which is not too expensive.
Forcepoint is very expensive but it's really secure.
Detect the undetectable and stop evasive attacks. Trellix Network Detection and Response (NDR) helps your team focus on real attacks, contain intrusions with speed and intelligence, and eliminate your cybersecurity weak points.
Its price is lower compared to similar solutions.
We're partners with Cisco so we get a reasonable price. It's cheaper than Palo Alto in terms of licensing.
Its price is lower compared to similar solutions.
We're partners with Cisco so we get a reasonable price. It's cheaper than Palo Alto in terms of licensing.
CloudGuard Network Security is a firewall solution that provides network security for cloud environments. It protects against cyber threats with multi-layered security for public, private, and hybrid clouds.
On average, it is normally on the lower end, being less expensive than Palo Alto or Cisco.
It is more expensive than other solutions and would be more competetive in the market if it came down in price.
On average, it is normally on the lower end, being less expensive than Palo Alto or Cisco.
It is more expensive than other solutions and would be more competetive in the market if it came down in price.
Huawei's Next-Generation Firewall (NGFW) is a cutting-edge security solution designed to protect networks from advanced threats. With its advanced threat detection and prevention capabilities, the Huawei NGFW ensures the highest level of network security.
Licensing fees are billed on an annual basis.
The price of the license of this solution is high.
Licensing fees are billed on an annual basis.
The price of the license of this solution is high.
NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.
It’s cheaper to run virtual machines in a VMware environment.
The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs).
It’s cheaper to run virtual machines in a VMware environment.
The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs).
Zscaler enables the world’s leading organizations to securely transform their networks and applications for a mobile and cloud first world. Its flagship services, Zscaler Internet Access and Zscaler Private Access, create fast, secure connections between users and applications, regardless of device, location, or network. Zscaler services are 100% cloud-delivered and offer the simplicity, enhanced security, and improved user experience that traditional appliances or hybrid solutions are unable to match. Used in more than 185 countries, Zscaler operates the world’s largest cloud security platform, protecting thousands of enterprises and government agencies from cyberattacks and data loss.
The licensing is on a yearly basis. It is somewhere around 30 or 40 pounds per user for our organization.
There are licensing costs, and I would not say that it's a cheap vendor.
The licensing is on a yearly basis. It is somewhere around 30 or 40 pounds per user for our organization.
There are licensing costs, and I would not say that it's a cheap vendor.
Juniper vSRX is a virtualized security platform that provides advanced threat protection for virtualized and cloud environments. It offers a comprehensive set of security features, including firewall, VPN, intrusion prevention system (IPS), and unified threat management (UTM).
Our experience purchasing the solution through the AWS Marketplace was good.
We like pricing through the AWS Marketplace.
Our experience purchasing the solution through the AWS Marketplace was good.
We like pricing through the AWS Marketplace.
SonicWall NSV is a software-based virtual firewall that provides additional security for customers with public-facing servers or services on Microsoft Azure. The AGSS Bundle is considered the most valuable feature, providing security services such as antivirus, intrusion prevention system, and anti-spyware botnet GUI.
Our initial purchase, which included a three-year term of support, was about $25,000 USD.
We are currently using the trial version.
Our initial purchase, which included a three-year term of support, was about $25,000 USD.
We are currently using the trial version.
Microsoft Defender Threat Intelligence is a comprehensive security solution that provides organizations with real-time insights into the latest cyber threats. Leveraging advanced machine learning and artificial intelligence capabilities, it offers proactive threat detection and response, enabling businesses to stay one step ahead of attackers. With Microsoft Defender Threat Intelligence, organizations gain access to a vast array of threat intelligence data, including indicators of compromise (IOCs), security incidents, and emerging threats. This data is collected from a wide range of sources, such as Microsoft's global sensor network, industry partners, and security researchers, ensuring comprehensive coverage and accuracy. The solution's advanced analytics and machine learning algorithms analyze this threat intelligence data in real-time, identifying patterns, trends, and anomalies that may indicate a potential security breach. By continuously monitoring the network and endpoints, Microsoft Defender Threat Intelligence can quickly detect and respond to threats, minimizing the impact of attacks and reducing the time to remediation.
They offer two license plans: Microsoft Defender for endpoints and Microsoft Defender for businesses.
The product’s pricing is worth it.
They offer two license plans: Microsoft Defender for endpoints and Microsoft Defender for businesses.
The product’s pricing is worth it.
Check Point Infinity is the only fully consolidated cyber security architecture that provides unprecedented protection against Gen V mega-cyber attacks as well as future cyber threats across all networks, endpoint, cloud and mobile. The architecture is designed to resolve the complexities of growing connectivity and inefficient security. Learn more about Check Point Infinity
The pricing of Check Point Infinity could be better. There is a license needed to use the solution and we pay annually.
The product has good pricing considering the features and a global approach.
The pricing of Check Point Infinity could be better. There is a license needed to use the solution and we pay annually.
The product has good pricing considering the features and a global approach.
