• Home
  • Check Point NGFW vs. SonicWall NSa

Check Point NGFW vs SonicWall NSa comparison

Cancel
You must select at least 2 products to compare!
Fortinet Logo
Fortinet FortiGate
Read 306 Fortinet FortiGate reviews
120,425 views|88,209 comparisons
90% willing to recommend
Check Point Software Technologies Logo
Check Point NGFW
Read 279 Check Point NGFW reviews
27,173 views|16,714 comparisons
96% willing to recommend
SonicWall Logo
SonicWall NSa
Read 80 SonicWall NSa reviews
8,849 views|6,639 comparisons
87% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Check Point NGFW vs. SonicWall NSa
May 2024
Executive Summary

We performed a comparison between Check Point NGFW and SonicWall NSa based on real PeerSpot user reviews.

Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Check Point NGFW vs. SonicWall NSa Report (Updated: May 2024).
Download the complete report
772,649 professionals have used our research since 2012.
Featured Review
EhabAli
Researched Check Point NGFW but chose Fortinet FortiGate: Efficient, user-friendly, and affordable
For our customers, Secure SD-WAN is very useful for giving the right priority to the applications and controlling the proper use of the... Read more →
reviewer802415
Researched SonicWall NSa but chose Check Point NGFW: Great support, central management, and logging capabilities
Check Points is probably not the easiest or cheapest solution to use, however, we have never had any issues with their security and the technical... Read more →
GK1
Researched Check Point NGFW but chose SonicWall NSa: Stable, easy to set up, has a UTM feature, and provides good support locally
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Overall security features and performance routing is good.""Initial setup is straightforward. There weren't too many issues with setting it up. It takes one hour or so.""Their interface is very easy to use, it is without bugs.""The user interface is relatively easy. The devices are easy to deploy and figure out when you have experience with other security appliances.""The most important feature, normally for small business customers, is link load balancing.""This solution made it very easy to manage our bandwidth.""One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface. I don't have to log into one interface for the firewall, another one for the access points, and another one for the switches. These firewalls have access point controller functionality built right into the system, so I don't even have to purchase additional devices to manage them.""The license management is very valuable. You can get a new license each year, or you can enroll every two to four years. You can get the logs, and you will get the information on the risk in your network and the entire organization. With this information, you can take action on your actives, computers, or devices. You can bring your own device as an SSE."

More Fortinet FortiGate Pros →

"We have found the central management (Smart Console) to be very helpful in managing all the firewalls and keeping the software/hotfix versions up to date.""The most valuable feature is that we are protected against zero-day threats.""The Check Point API let me make 100 net rules in just 10 minutes, which saved us time.""All of the features are very valuable, but the most valuable features are the sandboxing and the advanced IPS/IDS.""One ability that Check Point has is that it is the first to provide us with the ability to use identities instead of using the traditional IP-based format, which allows way more flexibility in what we can do with the rule base.""The management interface is easy to operate and is a standardized way of managing different firewall modules in the same client application.""Its management web interface is very easy and user-friendly.""It offers services like navigation, control, and filtering, which ensure that all users stay connected to business applications."

More Check Point NGFW Pros →

"SonicWall NSa has a user-friendly firmware""It is a brilliant product. It is a Unified Threat Management (UTM) system. It has got about 11 security services that take care of your perimeter security. It takes care of any kind of cyber threats that could come in. It takes care of creating VPNs between two SonicWalls instantly and very easily. It has got spyware in it as well as a firewall. It has also got a gateway antivirus and an application firewall that can block things from outside.""SonicWall NSA is easy to deploy, easy to maintain, and easy to configure.""The most valuable features of this solution are intrusion detection, intrusion prevention, and the advanced capture client, which provides live traffic analysis.""Content Filtering and sandboxing are valuable features.""Deep packet inspection and intelligent application control are the most valuable features. It is a very updated solution. It is very current as compared to other brands and vendors.""With the deployment of the SonicWall NSA solution, we never suffered a problem due to invasion or contamination of any kind.""The technical support is very good."

More SonicWall NSa Pros →

Cons
"If they had better integration with security products, such as Cisco ISE or Rapid Threat Containment, then it would be an improvement.""They should make the rule sets more understandable for the end user. When you're trying to explain to somebody how a computer network is secured, sometimes it's difficult for an end user or customer to understand. If there was a way to make the terminology more accessible to the end user, the set up could be easier. They should translate the technical jargon to an easily relatable and understandable conversation for the end user, the customer, that would be brilliant. Particularly in an environment where the IT structure is audited regularly, there's always pressure from the auditor to up the standards and up the security and you get your USCERT's that come out and there's a warning about this and the customer will want to lock out so much and when you apply it they run into issue where they can't search the internet or print to their remote office. Of course they can't print to your remote office, they just locked it up. They should make the language more understandable for the customer. If there's a product out there that made the jargon understandable to John Q. Public, I would buy that.""The support system could be improved.""I would like Fortinet to add more automation to FortiGate.""The renewal price and the availability could be improved.""It should provide better visibility over the network and more information in the form of reports for the end users. Its installation should also be easier.""It is quite new for us, and we need to go more in-depth into the monitoring tools. It provides different features that we need to do what we want. So far, it is okay for us. In terms of improvement, in the future, they can provide a faster implementation of features. Some of the features are first available in other solutions. Fortinet sometimes takes a little bit longer than other solutions, such as Check Point, to implement new features.""With the reports, you can see it, and you can get good feelings so upper management can go, "Oh, wow. That looks pretty." However, it's very basic."

More Fortinet FortiGate Cons →

"With the version we're on, it's a bit time-consuming if you have multiple IP addresses to add. But in the later versions, which we're moving to, it makes it a lot easier to add IP addresses with dynamic objects, as they call it.""The current model is predominantly hardware appliance-based, which can incur substantial costs""Check Point's support, at all levels, needs a complete overhaul.""I would like there to be a way to run packet captures more easily in the GUI environment. Right now, if we want to read packet captures, we have to do so from the command line.""Check Point should quickly update and expand its application database to have what Palo Alto has.""Although they have it now, we don't have a license for it, and I think mobile device security should be a standard feature. I cannot control someone bringing their device to my network and what they do.""Pricing needs to be lowered from start, this would be more effective than lowering it during negotiations.""The user interface for management could be improved."

More Check Point NGFW Cons →

"We're not particularly fond of the way it generally performs. We are finding ourselves rebooting often. There are freeze-ups and that kind of thing. The stability needs to improve exponentially.""One area for improvement in SonicWall NSa is the GUI. It isn't easy to understand. The support for SonicWall NSa is mediocre, which is another area for improvement.""The dynamics needs to be improved. The solution is not very compatible compared to the market products.""Port forwarding could use streamlining.""The ongoing service fees are high.""The reporting and monitoring are a bit complex and should be easier in SonicWall NSa because other firewalls I have experienced have been more simple, such as Palo Alto. We are able to receive a clear view of our network. As a general user with little experience, it would be difficult for them to handle.""SonicWall needs to work on SD-WAN.""Vendor support needs improvement. The frequency of time and support should be increased."

More SonicWall NSa Cons →

Pricing and Cost Advice
  • "Fortinet has one or two license types, and the VPN numbers are only limited by the hardware chassis make."
  • "These boxes are not that expensive compared to what they can do, their functionality, and the reporting you receive. Fortinet licensing is straightforward and less confusing compared to Cisco."
  • "Go for long term pricing negotiated at the time of purchase."
  • "Work through partners for the best pricing."
  • "The value is the capability of having multiple services with one unique license, not having the limitation per user licensing schema, like other vendors."
  • "Easy to understand licensing requirements."
  • "​We saved a bundle by not needing all the past appliances from an NGFW.​"
  • "The cost is too high... They have to focus on more features with less cost for the customer. If you see the market, where it's going, there are a lot of players offering more features for less cost."

    • More Fortinet FortiGate Pricing and Cost Advice →

  • "I don't think the product's pricing is a good value. I feel it's very overpriced. I feel a lot of the features for a next gen firewall are there. But I feel it's overpriced, because of the stability issues. As far as support goes, I really can't speak to direct Check Point support, but the third-party was pretty terrible... As far as the licensing goes, it's pretty complex. If anybody was to purchase the Check Point product, definitely make sure they have an account rep come on site, and explain it line by line, what each thing is. It's not straightforward. It's very convoluted. There's no way you could just figure it out by looking at it."
  • "Check Point solutions are very expensive here. They're good, but they're expensive... Check Point is only useful for customers that have a big IT budget."
  • "The price is high in comparison to other solutions."
  • "We pay $5,000-$6,000 a year."
  • "Maybe the pricing is a bit high but you get the durability and the duration."
  • "Licensing issues may be confusing at times."
  • "It is quite an expensive product, although security is a top priority."
  • "This product is not cheap and there are additional costs that depend on what model or package that you buy."

    • More Check Point NGFW Pricing and Cost Advice →

  • "Additional resources are too expensive."
  • "Considering the market, I believe that the price of this solution is great."
  • "In our evaluation, we found that the costs of deploying the solution, and also purchasing the hardware and licenses, were very attractive."
  • "Licensed features provide application control, content filtering, antivirus, and anti-malware all in a single appliance."
  • "The CPUs are not able to compete with a similar price point to the Fortinet, WatchGuard, or Palo Alto product."
  • "A firewall doing anti-spam might be a low cost solution, but it is not your best strategy."
  • "You need their analyzer to properly generate reports. This is an expensive, licensed feature, with a complex application or appliance back-end."
  • "If you want to connect more than five concurrent users by VPN then you have to pay an additional fee."

    • More SonicWall NSa Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    See Recommendations
    772,649 professionals have used our research since 2012.
    Questions from the Community
    Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
    Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and usage at… more »
    Read all 3 answers   →
    What is the biggest difference between Sophos XG and FortiGate?
    Top Answer:From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know… more »
    Read all 13 answers   →
    What are the biggest technical differences between Sophos UTM and Fortine...
    Top Answer:As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite… more »
    Read all 11 answers   →
    How does Check Point NGFW compare with Fortinet Fortigate?
    Top Answer:I have experience on both from Disti and channel experience. Please find below my comments (nothing new as such)… more »
    Read all 5 answers   →
    Which would you recommend - Azure Firewall or Check Point NGFW?
    Top Answer:Azure Firewall is easy to use and provides excellent support. Valuable features include integration into the overall… more »
    Read all 2 answers   →
    What do you like most about Check Point NGFW?
    Top Answer:Check Point NGFW provides essential security, featuring no-obligation access for secure connections, strong intrusion… more »
    Read all 165 answers   →
    What do you like most about SonicWall NSa?
    Top Answer:The product blocks access when I visit unrecognized websites.
    Read all 53 answers   →
    What is your experience regarding pricing and costs for SonicWall NSa?
    Top Answer:The solution is cheaper than others. It has a reasonable price.
    Read all 39 answers   →
    What needs improvement with SonicWall NSa?
    Top Answer:The dashboard must be improved. The product should enable alerts. When hackers compromise our websites and applications… more »
    Read all 53 answers   →
    Comparisons
    Also Known As
    FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
    Check Point NG Firewall, Check Point Next Generation Firewall
    NSA 250M, NSA 2600, NSA 3600, NSA 4600, NSA 5600, Dell SonicWALL NSA
    Learn More
    Fortinet
    Check Point Software Technologies
    SonicWall
    Overview

    Fortinet FortiGate enhances network security, prevents unauthorized access, and offers robust firewall protection. Valued features include advanced threat protection, reliable performance, and a user-friendly interface. It improves efficiency, streamlines processes, and boosts collaboration, providing valuable insights for informed decision-making and growth.

    Check Point NGFW is a next generation firewall that enables safe usage of internet applications by blocking malicious applications and unblocking safe applications. Check Point NGFW, which uses deep packet inspection to identify and control applications, has features such as application and user control and integrated intrusion prevention (IPS), as well as more advanced malware prevention capabilities like sandboxing.

    Check Point NGFW includes 23 firewall models optimized for running all threat prevention technologies simultaneously, including full SSL traffic inspection, without compromising on security or performance.

    Benefits of Check Point's Next Generation Firewall

    • Robust security: Check Point NGFW delivers the best possible threat prevention with SandBlast Zero Day protection. The SandBlast protection agent constantly inspects passing network traffic for exploits and vulnerabilities. Suspicious files are then emulated in a virtual sandbox in order to detect and report malicious behavior.

    • Security at hyperscale: On-demand hyperscale threat prevention performance provides cloud level expansion and resiliency on premises.

    • Unified management: Check Point's SmartConsole makes it easy to manage and configure network security environments and policies. With the SmartConsole, users can manage all the firewall gateways and access logs and install databases from one location. Unified management control across the network increases the efficiency of security operations and reduces IT costs.
    • Continuous logging: Check Point NGFW’s Threat Management feature detects vulnerabilities and logs them. Using the logged data, users can easily create and implement efficient security policies.

    • Remote access: The remote access VPN provides a seamless connection for remote users.

    Check Point NGFW is suitable for organizations of all sizes, from small businesses to larger enterprises.

    Reviews from Real Users

    Check Point NGFW stands out among its competitors for a number of reasons. Two major ones are its intrusion prevention feature as well as its centralized management, which makes it very easy to deploy firewall policies to many firewalls with one click.

    Shivani J., a network security administrator, writes, "Check Point has a lot of features. The ones I love are the antivirus, intrusion prevention, and data loss prevention."

    G., a network administrator at Secretaría de Finanzas de Aguascalientes, writes, “Within the organization, the inspection of packages has given us great help in detecting traffic that may be a threat to the institution. The configuration of policies has allowed us to maintain control of access and users for each institution that is incorporated into our headquarters.”

    Arun J., a senior network engineer, notes, “The nicest feature is the centralized management of multiple firewalls. With the centralized management, we can easily use and operate multiple firewalls as well as create a diagram of them.”

    SonicWall NSa dispenses advanced threat protection using a high-performance security platform. The NSa series implements intuitive deep learning technologies in the SonicWall Capture Cloud Platform to dispatch the automated real-time threat detection and deterrence enterprise organizations need today. SonicWall Network Security appliance (NSa) series is best for mid-sized organizations to distributed enterprises and data centers.

    SonicWall NSa series next-generation firewalls (NFGWS) combine two very robust security ideologies to deliver advanced threat protection to keep users’ networks safe. Boosting SonicWall’s multi-engine advanced threat protection (ATP) is their Real-time Deep Memory Inspection (RTDMI™). The RTDMI intuitively identifies and stops aggressive zero-day threats and vicious malware by investigating memory directly. This real-time process allows SonicWall RTDMI to be accurate, lessen false positives and discover and alleviate malicious threats and attacks. SonicWall’s single-pass Reassembly-Free Deep Packet Inspection (RFDPI) will audit every byte of each and every packet by investigating both outbound and inbound traffic on the firewall. By combining the SonicWall Capture Cloud Platform along with on-box offerings such as intrusion prevention, web/URL filtering, and anti-malware, the NSa series is able to block the most malicious and dangerous threats at the gateway.

    Additionally, SonicWall firewalls supply absolute protection by executing complete inspection and decryption of SSH and TLS/SSL encryption connections - no matter the port or protocol. The firewall takes a deep dive into each and every packet (the header and data) routing out any anomalies, zero-day intrusions, threats, and protocol non-compliance. Users can also define unique criteria specific to their organization to ensure their networks remain safe. This aggressive deep packet inspection is able to identify and block malicious attacks, stop dangerous malware downloads, prevent the spread of infections, and defeat command and control (C&C) communications and data exfiltration. Protocols involving inclusion and exclusion allow users complete control to decide, based on specific governance policies, organizational policies, or government or legal compliance, which traffic is to be investigated for decryption or inspection.

    SonicWall Nsa offers enterprise organizations the network control and fluid flexibility they desire using an intrusion prevention system (IPS), VPN, real-time visualization, and other advanced powerful security features, making it a popular firewall solution in today's marketplace.

    Reviews from Real Users

    “The features that I have found most valuable are the firewalling, which is very good, and the GUI which is very intuitive. It is easy to use and provides great security.” - Network Engineer at a maritime company

    “What's valuable in SonicWall NSa is the ATP (advanced threat protection). It can protect users from malicious links. SonicWall NSa also has a Sandboxing service that is very helpful for us, especially when end users accidentally click on malicious links. Another valuable feature of this solution is that it is very useful for site-to-site VPN connectivity issues. SonicWall NSa has very good hardware. I also love that SonicWall has very good technical support, who are very knowledgeable, provide good suggestions, and they're easy to reach.” - Mohammed M., Network Administrator at Transgulf Readymix

    Sample Customers
    1. Amazon Web Services 2. Microsoft 3. IBM 4. Cisco 5. Dell 6. HP 7. Oracle 8. Verizon 9. AT&T 10. T-Mobile 11. Sprint 12. Vodafone 13. Orange 14. BT Group 15. Telstra 16. Deutsche Telekom 17. Comcast 18. Time Warner Cable 19. CenturyLink 20. NTT Communications 21. Tata Communications 22. SoftBank 23. China Mobile 24. Singtel 25. Telus 26. Rogers Communications 27. Bell Canada 28. Telkom Indonesia 29. Telkom South Africa 30. Telmex 31. Telia Company 32. Telkom Kenya
    Control Southern, Optimal Media
    Orange County Rescue Mission, First Source, Michaels & Taylor, Green Clinic Health System, Aspire Chiltern Skills and Enterprise Centre, UnitedStack, Faith Lutheran College Redlands, Celtic Manor Resort, Star Kay White, Air Works, Unimat Life, NHS Yorkshire and Humber Commissioning Support (YHCS), Hutt City Council, Mato Grosso do Sul, Nspyre
    Top Industries
    REVIEWERS
    Comms Service Provider16%
    Computer Software Company9%
    Financial Services Firm8%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Educational Organization20%
    Computer Software Company15%
    Comms Service Provider7%
    Manufacturing Company6%
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company15%
    Comms Service Provider7%
    Manufacturing Company6%
    VISITORS READING REVIEWS
    Educational Organization51%
    Computer Software Company7%
    Financial Services Firm5%
    Government4%
    REVIEWERS
    Manufacturing Company18%
    Educational Organization8%
    Retailer8%
    Construction Company8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Retailer7%
    Government7%
    Comms Service Provider6%
    Company Size
    REVIEWERS
    Small Business48%
    Midsize Enterprise23%
    Large Enterprise30%
    VISITORS READING REVIEWS
    Small Business28%
    Midsize Enterprise32%
    Large Enterprise40%
    REVIEWERS
    Small Business32%
    Midsize Enterprise18%
    Large Enterprise49%
    VISITORS READING REVIEWS
    Small Business14%
    Midsize Enterprise59%
    Large Enterprise27%
    REVIEWERS
    Small Business58%
    Midsize Enterprise20%
    Large Enterprise22%
    VISITORS READING REVIEWS
    Small Business40%
    Midsize Enterprise16%
    Large Enterprise44%
    Buyer's Guide
    Check Point NGFW vs. SonicWall NSa
    May 2024
    Free Report: Check Point NGFW vs. SonicWall NSa
    Find out what your peers are saying about Check Point NGFW vs. SonicWall NSa and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    772,649 professionals have used our research since 2012.

    Check Point NGFW is ranked 5th in Firewalls with 279 reviews while SonicWall NSa is ranked 19th in Firewalls with 80 reviews. Check Point NGFW is rated 8.8, while SonicWall NSa is rated 7.8. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of SonicWall NSa writes "Great performance and security with reasonable pricing". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Cisco Secure Firewall, Netgate pfSense and Sangfor NGAF, whereas SonicWall NSa is most compared with SonicWall TZ, Meraki MX, Sophos XG, Cisco Secure Firewall and Palo Alto Networks NG Firewalls. See our Check Point NGFW vs. SonicWall NSa report.

    See our list of best Firewalls vendors.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.