2020-05-27T16:32:00Z
Charudatta Kulkarni - PeerSpot reviewer
Head - UICT and Associate Professor at MIT Pune
  • 7
  • 139

Comparing network security vendors and devices

I work in a small organization in the educational sector. 

We would like to extend firewall licenses, So we need to evaluate vendors. On what criteria/basis should we compare vendors and devices?

10
PeerSpot user
10 Answers
it_user1200345 - PeerSpot reviewer
CEO with 1-10 employees
User
2020-06-01T18:57:59Z
Jun 1, 2020

A Firewall is only one brick in your cyber-security wall, if you will, but an important one.

Considerations - you have endpoints (laptops) that may travel in and out of network, connecting to the internet while not on your local network. They have the potential to bring problems with them when they come back into the network, especially if they have been infected with a cryptolocker virus and have shared network drives when they reconnect. A firewall, no matter how good it is, won't protect you from this.

Are you willing and budgeting for paying for license renewals every year?
How much CyberSecurity are you going to put on your firewall, vs offloaded to other systems - spam management for email is a good example of this.
What other security solutions are you also using, such as Barracuda email essentials, OpenDNS (Umbrella), file and image-level backups at the endpoint, enterprise grade AV, etc>

Are you protecting application servers?
Do you have compliance requirements such as HIPAA or PCI you have to manage?

You've asked a very generic question, so the answers you get as to the criteria required to evaluate an appropriate solution will be just as generic. In the world of security, Sophos and Fortinet are very good solutions if you want the best of the best, and those aren't always the best solution for the application - if there's no servers, the endpoints (desktops and laptops) are hardened, everything is backed up, and there's no critical data floating around, then a reasonable firewall with great throughput like a Ubiquiti UDM Pro could be a great solution that doesn't ransom you for an annual license fee.

In other words, without being more specific about your application, you're not going to get a lot of really useful responses here.

Search for a product comparison in Firewalls
FT
IT Adviser/Manager with 51-200 employees
Real User
2020-06-02T12:19:46Z
Jun 2, 2020

You should defer on what purpose you want to use the firewall and who is supporting it.

Means: If you like to use a firewall to protect the computer users from accessing the internet, you should look for integration with your other security aspects like AV, IPS, EMail Protection, classification service catalog, integration in Cloud-based management or SIEM, life protection with isolation or network disruption, reporting to fulfill certification audits like SOX, remote management and location awareness, SSL VPN Clients, access security with 2.nd factor, Active directory integrated security groups, other security products from the same vendor to extend portfolio but keep management in one tool, VPN to other branches, multi-vendor VPNs, throughput with all FW features in place, how many physical network ports you can configure internal/external, multi internet provider network ports to get redundant provider setups, failover or both at the same time, traffic management features to limit the traffic is due to application or service using it (VOIP, Netflix, ...).

Also, you should think of what part this firewall takes in due to your other chain of security. Does it fit to them? Do you want to change them in the future as well?

Last but not least is the amount of knowledge and support/maintenance the firewall solution would need. DO you want to keep/have an expert just for that? Is it going to be integrated into other management services (AV/Data Gov./Compliance), can you provide compliance access to the reports without compromising internal security? Can you restrict access to browsing or user history but grant access to security alarms and actions?

If you have a security concept it should be easy to find the right FW. If not, start with that.

NT
Operations Manager at Cybernaptics
Reseller
Top 5Leaderboard
2020-06-02T04:11:54Z
Jun 2, 2020

In the educational sector, the main challenge is to have control over all content that students or educators will be accessing.
We have many vendors that offer this service, a few examples will be Fortigate, Sonicwall, Cisco, and Sophos.
Now it will depend on what aspect of firewall that you want to focus on if you want content filtering I would recommend going for Sophos.
With Sophos, everything has been made simple to manage and not really need to be an expert to maintain this nice piece of technology.

it_user1298886 - PeerSpot reviewer
I.T Director at a healthcare company with 11-50 employees
User
2020-06-02T15:38:52Z
Jun 2, 2020

I support about 100 employees with a WatchGuard Firebox. There easy to configure and support is great if you do need help. They make many models to fit you business.

CL
IT Manager at Concretemastersinc
Real User
2020-06-02T11:22:26Z
Jun 2, 2020

For vendors, I think there are more options in the US but I would like to know how their support and expertise is in case you need assistance in configuring the firewall and pricing.

For devices, I think it depends on what your needs are because there are very basic firewalls and there are ones that have lots of modules. I would also consider the user interface and ease of configuring. Also, consider the cost of license renewal.

AS
IT System Integrator at a financial services firm
Real User
Top 5Leaderboard
2020-06-30T17:21:11Z
Jun 30, 2020

As per you description situation, you can consider at least the following aspects.


Financial Aspect: What amount do you expect to spend for this device. If you have online payments, if the availability is one of your constraints so you will need two for failover and load balance;


Support Aspect: Its difficult to evaluate this point as allmost all vendors says that they have a good support methodology and expert teams, so you need to consider all aspect of the SLA, regarding what you company can pay;


Cybersecurity Aspect: So, if you need firewall means you have mail and web services at least. At this point you need to take a look at what vendors say about this ourdays problems, our they face it, where is the vendors on Gartner Quadrant. Most of the expensive one are not good enough but visionars and chanllenger can be considered. Of course you kind of service and kind of data your dealing with is one of aspects you must consider too.



You can design a table/check list with all aspects you need to consider, like throughtput you need, No. of VPN/Branch office and some other features you need to safe you environment and put values on it and some assumptions that you need to consider and at last you decide and i believe you will do the best.

Learn what your peers think about Sophos XG. Get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
670,080 professionals have used our research since 2012.
it_user1304796 - PeerSpot reviewer
Head of Infrastructure Solutions at Thakral One (Pvt) Ltd
Real User
2020-06-03T05:34:27Z
Jun 3, 2020

There are more than half a dozen of reliable vendor options are available for small organization.

Evaluation criteria need to align with the identified requirement; such as if the requirement is for.
* Secure the network from outside attacks?
* Control outgoing traffic?
* Remote network access?
* Integration with End devices?
* Network visibility?
* Added features such as; spam filtering, Data leakage prevention etc?

Once the requirement is identified, as with any other networking procurement evaluation, following criteria can be looked at for evaluation.
* How long the vendor has been in the industry
* Reviews by 3rd party evaluators such as Gartner
* Customer references related to the same industry
* Capacity criteria such as; number of interfaces, total throughput, session capacity
* Cost aspects such as; TCO for 3~5 years, warranty and replacement service levels, technical support levels

SH
Manager Information Systems with 11-50 employees
User
2020-06-02T18:33:18Z
Jun 2, 2020

I second those observations.

SH
Manager Information Systems with 11-50 employees
User
2020-06-02T18:31:00Z
Jun 2, 2020

First, research the quality of the device, reputation and reviews. Generally speaking they don't fail often except for power surges. Second, licence terms and service options. Third, is local service support available? Review the service dept history, quality of employees and turnover. Generally, local support is better, you can go to their office and get in their face. Hmmm, Education eh? student hackers are always a possibility. Prepare questions to the vendor about security features, reverse hacking and spying. Nothing more satisfying than catching the gremlins red handed.

VB
IT Manager at a hospitality company with 201-500 employees
Real User
Top 5Leaderboard
2020-06-02T12:32:33Z
Jun 2, 2020

What is your current firewall infrastructure?

Basic is the budget... Apart from the amount of money, some of the following are mandatory to think about:
1. How many concurrent users internal (on-premise)
2. How many concurrent users through VPN?
3. How many Firewall devices?
4. IPS, URL filtering, antimalware, AV
5. UX/UI, easy-going management
6. Type of warranty & support
7. Advanced security licenses
8. Google SafeSearch and YouTube for Schools (MX Meraki option)
9. Integration with AD
10. Cloud management

Related Questions
RC
Specialist at Bloque de Armas
Jan 3, 2023
Hello peers,  I work at a media company and am researching firewalls. What are the differences between WatchGuard 390 and FortiGate 80F? Which solution do you prefer and why? Thank you for your help.
See 2 answers
AN
Instrutor at a tech services company with 1,001-5,000 employees
Dec 20, 2022
Hello, The 820 and 850 belong to the family 800 of Palo Alto Firewall.I caught a comparison between both firewalls on the Palo Alto site and I believe it will help with your decision.Regards820 and 850 comparison
LJ
Head of Customer Success at a tech services company with 51-200 employees
Jan 3, 2023
Firewall - Appliance Performance Analysis S.No Technical Parameter Watchguard M390 Fortigate 80F 1 IPS Throughput 3.3 Gbps 1.4 Gbps 2 NGFW 5.8 Gbps 1 Gbps 3 Threat Protection 1.47 Gbps 900 Mbps 4 Total no of RJ45 ports 8 GbE Ports 8 GbE Ports 5 Concurrent Sessions 4.5 million 1.5 million 6 New Sessions per second 98000 45000 The WatchGuard M390 NGFW Appliance gives on average 2 + times better performance than the FortiGate 80F
Jan 13, 2023
Hello peers, We are looking for a firewall solution in Fortigate for a software training institution with 2000 students. Each student has one laptop and two mobile phones (maximum). There are four Internet connections, two broadbands, and two leased lines (optical fiber). There is no need for content filtering and application control. We need a solution for load balancing and traffic shaping. ...
2 out of 7 answers
SB
Regional Manager/ Service Delivery Manager at ASPL INFO Services
Dec 7, 2022
Hi @Gulzar C ​, Some of the preferred solutions seen in educational institutes are mentioned below: Sophos. Fortinet Fortigate. Juniper SRX Firewall. SonicWall.
CR
Director at REDCO
Dec 7, 2022
Untangle was born in the educational sector, and now it has been acquired by Arista in case you would like to check it out. Any solution is recommended, it all depends on the budget, you can also check pfSense which is free. fatpipeinc.com is a native solution for balancing WAN, VERSA for 8 wan, FortiGate, Sophos, VMware and Cisco are the leaders on Gartner. Greetings 
Related Articles
Ariel Lindenfeld - PeerSpot reviewer
Director of Community at PeerSpot
Aug 21, 2022
We’re launching an annual User’s Choice Award to showcase the most popular B2B enterprise technology products and we want your vote! If there’s a technology solution that’s really impressed you, here’s an opportunity to recognize that. It’s easy: go to the PeerSpot voting site, complete the brief voter registration form, review the list of nominees and vote. Get your colleagues to vote, too! ...
EB
Director of Community at PeerSpot (formerly IT Central Station)
Aug 17, 2022
Hi dear community members, In this edition of PeerSpot's Community Spotlight, you can find out what your peers are discussing and join in the conversation. Ask and answer questions on the topics that interest you most! Read and respond to articles or contribute your own! Trending These are the topics your peers are talking about on PeerSpot this week How do I estimate the requir...
See 1 comment
EB
Director of Community at PeerSpot (formerly IT Central Station)
Aug 17, 2022
Thank you to all the community members who share their knowledge with other peers! Also, special thanks to the articles' contributors included in this Community Spotlight: @Janet Staver, @Abhirup Sarkar, @Manoj Narayanan, @Beth Safire and @Shibu Babuchandran.
EB
Director of Community at PeerSpot (formerly IT Central Station)
Jul 5, 2022
Dear PeerSpot community members, This is our latest Community Spotlight for YOU. Here we've summarized and selected the latest posts (professional questions, articles and discussions) contributed by PeerSpot community members.  Check them out! Trending See what your peers are discussing at the moment! What were your main pain points during the SIEM product purchase process? What...
EB
Director of Community at PeerSpot (formerly IT Central Station)
May 30, 2022
Hi peers, This is our new bi-weekly Community Spotlight that includes recent contributions (questions, articles and discussions) by the PeerSpot community members.  Articles Check the top products and solutions below (selected based on peer reviews) or contribute your own article! Top Security Orchestration Automation and Response (SOAR) Solutions Top 8 Data Loss Prevention (DL...
EB
Director of Community at PeerSpot (formerly IT Central Station)
Jul 11, 2022
Hi community members, As usual, this new Community Spotlight shares with you the latest articles, questions and trending discussions from your peers. Trending See what is trending at the moment and chime in to discuss! Top 8 Extended Detection and Response (XDR) Tools 2022 Would you recommend replacing Cisco ASA Firewall with Fortinet FortiGate FG 100F due to cost reasons? What is the...
See 2 comments
RS
Performance and Fault-tolerance Architect with 1,001-5,000 employees
May 30, 2022
Good very informative
Jairo Willian Pereira - PeerSpot reviewer
Information Security Manager at a retailer with 10,001+ employees
Jul 11, 2022
Analyze the wave of product at Gartner Hype Cycle. EDR was good in the past. After that, MDR joined the hype and now, XDR is the trend. Wait for more in a couple of months and (sic) know the ZDR!
Moderator
DS
Owner at David Strom Inc.
Related Articles
Ariel Lindenfeld - PeerSpot reviewer
Director of Community at PeerSpot
Aug 21, 2022
PeerSpot User's Choice Award 2022
We’re launching an annual User’s Choice Award to showcase the most popular B2B enterprise technol...
EB
Director of Community at PeerSpot (formerly IT Central Station)
Aug 17, 2022
Community Spotlight #20
Hi dear community members, In this edition of PeerSpot's Community Spotlight, you can find out w...
Download Free Report
Download our free Sophos XG Report and get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
DOWNLOAD NOW
670,080 professionals have used our research since 2012.