1. leader badge
    If you go through that compliance report, it will give you whether your firewall is in compliance or not. It will also give you a recommendation whether you need to change it. The compliance has helped us with customers, e.g., internal audit from the quality team and external auditors.
  2. leader badge
    The reporting on offer is very good. Tufin makes nice reports.Being able to customize your own clarity to that aspect of change management.
  3. Find out what your peers are saying about AlgoSec, Tufin, FireMon and others in Firewall Security Management. Updated: March 2021.
    476,483 professionals have used our research since 2012.
  4. FireMon is nice and provides 360-degree user views. The technical support is very good. They've always been helpful.
  5. The most valuable feature is the Intrusion prevention.With Cisco Defense Orchestrator, we can manage the complete Cisco Security solution. It provides a simple and centralized way to manage all products.
  6. The ability to manage a large number of firewalls from a single point is most valuable.The firewall rules and policies are the most valuable aspects of the solution.
  7. It's very supportive and very user-friendly.It has a good policy management feature and can provide customers with good quality outputs.
  8. report
    Use our free recommendation engine to learn which Firewall Security Management solutions are best for your needs.
    476,483 professionals have used our research since 2012.
  9. Our customers implement this solution so that they can be assured of security in their environment.The solution works well for remote or branch offices.
  10. Once this solution is set up, we hardly have to touch it.The most valuable feature is the centrally managed rule. I also like the central orchestration.

Advice From The Community

Read answers to top Firewall Security Management questions. 476,483 professionals have gotten help from our community of experts.
Menachem D Pritzker
There are so many products in the market today. Who are we going to be talking about 3-5 years from now?
author avatarStuart Berman
Real User

I doubt we will see a new firewall vendor, but I believe we will see new architectures that leverage the advanced capabilities of NGFW delivery through ISPs, think of it is a clean pipe for Internet access. The ISPs will use firewalls (virtualized and segmented by customers) to do the filtering before it hits your networks, just like we see with spam filtering.

I also believe we will see more edge networking, 5G networking where the firewall function will be built into the network at the edge. We already are seeing early versions of the with things like Curiosity OS by Sprint working with Ericsson. I think they will easily add existing VM firewalls to their platform and not reinvent the wheel.


Those firewalls that allow extend the perimeter. Nowadays, there is a issue with the static perimeter and all is going to change in the next semesters. In my opinion, solutions like Netskope are offering this extended perimeter functionality and they could lead the market.

author avatarNehad Elkordi
Real User

Cisco Portfolio is focusing on total security inside and outside including cloud security,two factor authentication & SDWAN.

Forti Portfolio is focusing on total security too inside and outside including cloud security & two factor authentication.

both are working with Sandbox which is important for 0 day attack.

Therefore If R&D for both vendors will keep as they are today i think they'll be market leaders and away by far for the next 5 years 

author avatarLipaz Hessel
Real User

Well with the SD-WAN raising it is common to see cloud firewall implementations, like ZScaler.

but as data center firewall, I don’t see any new player comes out unless it will come with a new surprising feature as the market have so many good vendors.

author avatarLuisCastro
Real User

1- Pfsense

2- Kerio Control

3- Fortinet

4- Cisco solutions

author avatarVaisakh Tr (Prophaze)

Prophaze WAF,  having a disruptive technology that eliminates false positive and false negatives. Visioned for the future as it's built on the Kubernetes platform. The key thing about the product is, it can do auto profiling and can learn typical user behaviour as part of its ML algorithm . 

author avatarBrianCook

I can think of 2 Firewalls that should be doing much better then they are, Kerio Control and ZyXEL ZyWall. Both have been around for a long time but have never gained the market share I feel they should have and I often find people have never heard of them. 

Charudatta Kulkarni
I work in a small organization in the educational sector.  We would like to extend firewall licenses, So we need to evaluate vendors. On what criteria/basis should we compare vendors and devices?
author avatarNawaaz Toonah
Real User

In the educational sector, the main challenge is to have control over all content that students or educators will be accessing.
We have many vendors that offer this service, a few examples will be Fortigate, Sonicwall, Cisco, and Sophos.
Now it will depend on what aspect of firewall that you want to focus on if you want content filtering I would recommend going for Sophos.
With Sophos, everything has been made simple to manage and not really need to be an expert to maintain this nice piece of technology.

author avatarBrad Nawrocki

I support about 100 employees with a WatchGuard Firebox. There easy to configure and support is great if you do need help. They make many models to fit you business.

author avatarCari Lahoz
Real User

For vendors, I think there are more options in the US but I would like to know how their support and expertise is in case you need assistance in configuring the firewall and pricing.

For devices, I think it depends on what your needs are because there are very basic firewalls and there are ones that have lots of modules. I would also consider the user interface and ease of configuring. Also, consider the cost of license renewal.

author avatarAdriano-Simao
Real User

As per you description situation, you can consider at least the following aspects.

Financial Aspect: What amount do you expect to spend for this device. If you have online payments, if the availability is one of your constraints so you will need two for failover and load balance;

Support Aspect: Its difficult to evaluate this point as allmost all vendors says that they have a good support methodology and expert teams, so you need to consider all aspect of the SLA, regarding what you company can pay;

Cybersecurity Aspect: So, if you need firewall means you have mail and web services at least. At this point you need to take a look at what vendors say about this ourdays problems, our they face it, where is the vendors on Gartner Quadrant. Most of the expensive one are not good enough but visionars and chanllenger can be considered. Of course you kind of service and kind of data your dealing with is one of aspects you must consider too.

You can design a table/check list with all aspects you need to consider, like throughtput you need, No. of VPN/Branch office and some other features you need to safe you environment and put values on it and some assumptions that you need to consider and at last you decide and i believe you will do the best.

author avatarChandanaPiyaratne
Real User

There are more than half a dozen of reliable vendor options are available for small organization.

Evaluation criteria need to align with the identified requirement; such as if the requirement is for.
* Secure the network from outside attacks?
* Control outgoing traffic?
* Remote network access?
* Integration with End devices?
* Network visibility?
* Added features such as; spam filtering, Data leakage prevention etc?

Once the requirement is identified, as with any other networking procurement evaluation, following criteria can be looked at for evaluation.
* How long the vendor has been in the industry
* Reviews by 3rd party evaluators such as Gartner
* Customer references related to the same industry
* Capacity criteria such as; number of interfaces, total throughput, session capacity
* Cost aspects such as; TCO for 3~5 years, warranty and replacement service levels, technical support levels

author avatarStanley Honour

I second those observations.

See more Firewall Security Management questions »
Find out what your peers are saying about AlgoSec, Tufin, FireMon and others in Firewall Security Management. Updated: March 2021.
476,483 professionals have used our research since 2012.