Advice From The Community

Read answers to top Firewall Security Management questions. 431,024 professionals have gotten help from our community of experts.
Menachem D Pritzker
There are so many products in the market today. Who are we going to be talking about 3-5 years from now?
author avatarRony_Sklar
Community Manager

Would you mind elaborating on why you think Netscope and Zscaler are on the way up? What are they doing that sets them apart from other vendors?

author avatarStuart Berman
Real User

I doubt we will see a new firewall vendor, but I believe we will see new architectures that leverage the advanced capabilities of NGFW delivery through ISPs, think of it is a clean pipe for Internet access. The ISPs will use firewalls (virtualized and segmented by customers) to do the filtering before it hits your networks, just like we see with spam filtering.I also believe we will see more edge networking, 5G networking where the firewall function will be built into the network at the edge. We already are seeing early versions of the with things like Curiosity OS by Sprint working with Ericsson. I think they will easily add existing VM firewalls to their platform and not reinvent the wheel.

author avatarRony_Sklar
Community Manager

@Stuart Berman Interesting perspective. Thanks for sharing. Are there examples of companies working together like Ericsson and Sprint?

author avatarISRAEL DIAZ DOMINGUEZ
User

Those firewalls that allow extend the perimeter. Nowadays, there is a issue with the static perimeter and all is going to change in the next semesters. In my opinion, solutions like Netskope are offering this extended perimeter functionality and they could lead the market.

author avatarNehad Elkordi
Real User

Cisco Portfolio is focusing on total security inside and outside including cloud security,two factor authentication & SDWAN.
Forti Portfolio is focusing on total security too inside and outside including cloud security & two factor authentication.
both are working with Sandbox which is important for 0 day attack.
Therefore If R&D for both vendors will keep as they are today i think they'll be market leaders and away by far for the next 5 years 

author avatarRony_Sklar
Community Manager

@Nehad Elkordi Cisco and Fortinet are currently top players - are there other products that are less known that you think are going to compete with Cisco and Fortinet?

author avatarLipaz Hessel
Real User

Well with the SD-WAN raising it is common to see cloud firewall implementations, like ZScaler.
but as data center firewall, I don’t see any new player comes out unless it will come with a new surprising feature as the market have so many good vendors.

author avatarBrianCook
Reseller

I can think of 2 Firewalls that should be doing much better then they are, Kerio Control and ZyXEL ZyWall. Both have been around for a long time but have never gained the market share I feel they should have and I often find people have never heard of them. 

author avatarIan MacFarlane
Real User

Meraki / Fortinet / SonicWall

author avatarMukesh_Sharma
Real User

It,s totally depends on your security requirements.

Charudatta Kulkarni
I work in a small organization in the educational sector.  We would like to extend firewall licenses, So we need to evaluate vendors. On what criteria/basis should we compare vendors and devices?
author avatarNawaaz Toonah
Real User

In the educational sector, the main challenge is to have control over all content that students or educators will be accessing.
We have many vendors that offer this service, a few examples will be Fortigate, Sonicwall, Cisco, and Sophos.
Now it will depend on what aspect of firewall that you want to focus on if you want content filtering I would recommend going for Sophos.
With Sophos, everything has been made simple to manage and not really need to be an expert to maintain this nice piece of technology.

author avatarBrad Nawrocki
User

I support about 100 employees with a WatchGuard Firebox. There easy to configure and support is great if you do need help. They make many models to fit you business.

author avatarCari Lahoz
Real User

For vendors, I think there are more options in the US but I would like to know how their support and expertise is in case you need assistance in configuring the firewall and pricing.

For devices, I think it depends on what your needs are because there are very basic firewalls and there are ones that have lots of modules. I would also consider the user interface and ease of configuring. Also, consider the cost of license renewal.

author avatarAdriano-Simao
Real User

As per you description situation, you can consider at least the following aspects.
Financial Aspect: What amount do you expect to spend for this device. If you have online payments, if the availability is one of your constraints so you will need two for failover and load balance;
Support Aspect: Its difficult to evaluate this point as allmost all vendors says that they have a good support methodology and expert teams, so you need to consider all aspect of the SLA, regarding what you company can pay;
Cybersecurity Aspect: So, if you need firewall means you have mail and web services at least. At this point you need to take a look at what vendors say about this ourdays problems, our they face it, where is the vendors on Gartner Quadrant. Most of the expensive one are not good enough but visionars and chanllenger can be considered. Of course you kind of service and kind of data your dealing with is one of aspects you must consider too.
You can design a table/check list with all aspects you need to consider, like throughtput you need, No. of VPN/Branch office and some other features you need to safe you environment and put values on it and some assumptions that you need to consider and at last you decide and i believe you will do the best.

author avatarChandanaPiyaratne
Real User

There are more than half a dozen of reliable vendor options are available for small organization.

Evaluation criteria need to align with the identified requirement; such as if the requirement is for.
* Secure the network from outside attacks?
* Control outgoing traffic?
* Remote network access?
* Integration with End devices?
* Network visibility?
* Added features such as; spam filtering, Data leakage prevention etc?

Once the requirement is identified, as with any other networking procurement evaluation, following criteria can be looked at for evaluation.
* How long the vendor has been in the industry
* Reviews by 3rd party evaluators such as Gartner
* Customer references related to the same industry
* Capacity criteria such as; number of interfaces, total throughput, session capacity
* Cost aspects such as; TCO for 3~5 years, warranty and replacement service levels, technical support levels

author avatarStanley Honour
User

I second those observations.

See more Firewall Security Management questions »
Find out what your peers are saying about AlgoSec, Tufin, FireMon and others in Firewall Security Management. Updated: July 2020.
431,024 professionals have used our research since 2012.