General Manager at a comms service provider with 10,001+ employees
Real User
Top 10
2021-10-07T06:21:23Z
Oct 7, 2021
Generally, FWaaS would be a preferred option for organizations that:
1) Don't have a dedicated security expert team available.
2) Are looking for the perimeter security to be provided by the ISP, typically.
3) Don't want to invest their resource/time in managing the perimeter firewalls.
Nowadays, internet links are provided as clean pipes where the internet service provider uses the cloud firewall and allocates the vDOM to the customer in the cloud, hence a value-added service on top of the internet link. As long as the ISP is flexible enough to configure/change the FW policies as per the requirement, it is a win-win situation for both. Also, it eliminates the capex investment on day 1 for any organization.
Further, ISP (tier-1) have access to all the latest policies from the OEM and other bodies to keep the FW tables updated, ensuring better security for your organizations from malicious traffic.
I have looked at FWaaS for years (originally from Value Added Network service providers such as Virtela) and my best answer is based on the organization's scale/size. Is the organization large enough to support managing your own firewalls? (Let's say perhaps >10,000 people). Smaller organizations need some form of managed services as you can't afford dedicated firewall experts.
The second criteria is network architecture, how does you organization connect to the Internet? If your ISP can provide FWaaS or an overlay for a third party without leakage and being affordable then FWaaS is worth considering.
Third criteria, who is offering FWaaS? How competent is the service provider? Will they be able to provide the kind of derive you need in terms of your specific needs? How complex are its needs or do you need something very generic? How much risk is in your data in your network?
I have been moving many of our systems to cloud providers (SaaS ideally) but when building our own SaaS platforms then we need more sophisticated firewall services like WAF and ADC.
FWaaS offered by an MSSP is a way to ensure your security keeps pace and is always 'fresh'. When an organization has better things to do than constantly upgrade and monitor their firewalls, FWaaS - especially when it's built by an MSSP using centralized virtual firewalls - allows the organization to focus its IT and network security teams on digital transformation and other strategic initiatives.
The most important criterium is: would you be able and willing to do it yourself?
Most smaller companies lack the skills, to be honest. So it's better to leave it up to a professional. Having said that, your FWAAS provider needs to understand your business and set up the FW accordingly.
To set up only a standard FW might not deliver sufficient security for you. In that case, the FWaaS provider is limited to a negative cash generator...
Hello peers,
I work for a large tech services company.
I am currently researching firewalls and am looking for the best solution. Which Firewall solution would you recommend and why?
Thank you for your help.
IT Infrastructure and Security Manager at a logistics company with 1,001-5,000 employees
Aug 22, 2023
For features and functionality, take a look at Palo Alto and Fortinet. Cisco is very good, however, they are not at the level for Next-gen features when compared to Palo Alto and Fortinet. If you have cloud infrastructure then you may wish to look at Zscaler. CheckPoint and Juniper are also very good options. If you are looking at open source then look at pfSense. Take a look at this article: 7 Best Firewall Solutions for Enterprises in 2023 (enterprisenetworkingplanet.com)
Hi Hwaeum, Outta my experience Cisco and Paloalto, both have its own USP's, also it depends on the use case. whether it's for gateway level or at branch level and depends on the usage of the end users. hope you've already considered all these parameters. 1. Cisco - Now the NGFW with new FTD software is really working out good with Enterprise customers, also the operational point of view ease to manage it with the help of FMC gives very good dashboard experience too. ( https://www.cisco.com/site/in/...)2. Paloalto - When application usage is maximum at the Network this helps better. ( https://www.paloaltonetworks.c...)
Hello,
I am looking at firewall options to support an SMB with 50 employees and approximately 100 devices. The ISP provides 1 Gbps service, however, I do not have data regarding specific VPN requirements, concurrent connections, etc.
Untangle, pfSense, Cisco, and Palo Alto are currently being looked at, with hardware and virtualized solutions being considered.Thank you.
We’re launching an annual User’s Choice Award to showcase the most popular B2B enterprise technology products and we want your vote!
If there’s a technology solution that’s really impressed you, here’s an opportunity to recognize that. It’s easy: go to the PeerSpot voting site, complete the brief voter registration form, review the list of nominees and vote. Get your colleagues to vote, too!
...
Hi dear community members,
In this edition of PeerSpot's Community Spotlight, you can find out what your peers are discussing and join in the conversation. Ask and answer questions on the topics that interest you most! Read and respond to articles or contribute your own!
Trending
These are the topics your peers are talking about on PeerSpot this week
How do I estimate the requir...
Director of Community at PeerSpot (formerly IT Central Station)
Aug 17, 2022
Thank you to all the community members who share their knowledge with other peers!
Also, special thanks to the articles' contributors included in this Community Spotlight:
@Janet Staver, @Abhirup Sarkar, @Manoj Narayanan, @Beth Safire and @Shibu Babuchandran.
Dear PeerSpot community members,
This is our latest Community Spotlight for YOU. Here we've summarized and selected the latest posts (professional questions, articles and discussions) contributed by PeerSpot community members.
Check them out!
Trending
See what your peers are discussing at the moment!
What were your main pain points during the SIEM product purchase process?
What...
Hi peers,
This is our new bi-weekly Community Spotlight that includes recent contributions (questions, articles and discussions) by the PeerSpot community members.
Articles
Check the top products and solutions below (selected based on peer reviews) or contribute your own article!
Top Security Orchestration Automation and Response (SOAR) Solutions
Top 8 Data Loss Prevention (DL...
Hi community members,
As usual, this new Community Spotlight shares with you the latest articles, questions and trending discussions from your peers.
Trending
See what is trending at the moment and chime in to discuss!
Top 8 Extended Detection and Response (XDR) Tools 2022
Would you recommend replacing Cisco ASA Firewall with Fortinet FortiGate FG 100F due to cost reasons?
What is the...
Information Security Manager at a retailer with 10,001+ employees
Jul 11, 2022
Analyze the wave of product at Gartner Hype Cycle. EDR was good in the past. After that, MDR joined the hype and now, XDR is the trend. Wait for more in a couple of months and (sic) know the ZDR!
Generally, FWaaS would be a preferred option for organizations that:
1) Don't have a dedicated security expert team available.
2) Are looking for the perimeter security to be provided by the ISP, typically.
3) Don't want to invest their resource/time in managing the perimeter firewalls.
Nowadays, internet links are provided as clean pipes where the internet service provider uses the cloud firewall and allocates the vDOM to the customer in the cloud, hence a value-added service on top of the internet link. As long as the ISP is flexible enough to configure/change the FW policies as per the requirement, it is a win-win situation for both. Also, it eliminates the capex investment on day 1 for any organization.
Further, ISP (tier-1) have access to all the latest policies from the OEM and other bodies to keep the FW tables updated, ensuring better security for your organizations from malicious traffic.
I have looked at FWaaS for years (originally from Value Added Network service providers such as Virtela) and my best answer is based on the organization's scale/size. Is the organization large enough to support managing your own firewalls? (Let's say perhaps >10,000 people). Smaller organizations need some form of managed services as you can't afford dedicated firewall experts.
The second criteria is network architecture, how does you organization connect to the Internet? If your ISP can provide FWaaS or an overlay for a third party without leakage and being affordable then FWaaS is worth considering.
Third criteria, who is offering FWaaS? How competent is the service provider? Will they be able to provide the kind of derive you need in terms of your specific needs? How complex are its needs or do you need something very generic? How much risk is in your data in your network?
I have been moving many of our systems to cloud providers (SaaS ideally) but when building our own SaaS platforms then we need more sophisticated firewall services like WAF and ADC.
FWaaS offered by an MSSP is a way to ensure your security keeps pace and is always 'fresh'. When an organization has better things to do than constantly upgrade and monitor their firewalls, FWaaS - especially when it's built by an MSSP using centralized virtual firewalls - allows the organization to focus its IT and network security teams on digital transformation and other strategic initiatives.
The most important criterium is: would you be able and willing to do it yourself?
Most smaller companies lack the skills, to be honest. So it's better to leave it up to a professional. Having said that, your FWAAS provider needs to understand your business and set up the FW accordingly.
To set up only a standard FW might not deliver sufficient security for you. In that case, the FWaaS provider is limited to a negative cash generator...
Hi @Swapnil Talegaonkar, @Devanand PR, @Manish Nalawade and @Basil Dange.
Can you please share your professional advice with other peers?