Firewalls Forum

Ron Zelt
Oct 12 2019
If you could go back in time, would you change your decision to buy that firewall and why? What do you think?
Girish VyasThis answer depends on the provider one has. These days people in enterprise are moving away from big names to Fortinet, WatchGuard. I would recommend them to stick to secure architecture than just names. Check the frequency at which their threat database is updated. Ask them about their threat Intelligence provider. Is it in-house vs third-party? Check if they have an integrated suite rather than just a one-off product. See how long have they been in the market and where are they positioned in Gartner Report. Now coming to the original question, do I want to change my Vendor for my security services. My answer is no.
Werner SchonbornIf I could go back and buy a different firewall, I would do so immediately. The main reason is that when layer 7 capabilities are implemented, everything changes in terms of: * Performance * Functionalities * Routing * Reliability I would buy a much stronger firewall i.t.o. CPU power, more ethernet ports. Salespersons always try to sell you what they think will be best, but the technical person should have the final say in the decision-making process. .
Reon SmithWith the Cisco Meraki and FortiGate solutions, we have no regrets. It does what it's designed to do and just keeps on getting better on the deployment side. From security to performance, these solutions just work. Fair understanding is required to set up properly but once configured it's almost set and forget. Reporting is also a plus on these 2. No fancy configuration of an on-premise analyzer solution required.
Alvaro Picado
Systems Manager at a non-profit with 201-500 employees
Oct 05 2019
Which do you recommend? Cisco ASA 5516-X Security Appliance with FirePOWER Services or Fortinet  FG-100D-DBL?
Zaw AungI like both firewall but you should consider your team or yourself availability and resources to support the business. Cisco is better threw put, Fortigate is better interface management and easy to implementation than cisco. Hope it help.
it_user668298@DataDeptMgr674 Sophos is the leader ? oh thats new for me. :) in real tests - we test all suppliers in front - Sophos failed every time. They have a big mouth.
Stuart BermanWe have migrated off of Cisco and Checkpoint over the last three years. We recently purchased a Fortigate 100E which is the model I would recommend as the 'D' series is older and less powerful. We use models that ranged from FG-60C (obsolete now) to series 3000. The 100E is great for our regional sites and provides IPS, VPN, A/V, web filtering and application control. These systems are both advanced and powerful as well as very affordable. We also use virtual images for our cloud (Azure and AWS) subscriptions as well as for internal firewalls on VMware. Additionally the Fortigate integrates well with their WAF (FortiWeb reverse proxy), RADIUS servers, logging and reporting servers as well as SIEM.
Ariel Lindenfeld
Sr. Director of Community
IT Central Station
Let the community know what you think. Share your opinions now!
Simon CoombsComprehensive protection, reliability, straightforward administration, total cost of ownership over three to five years.
Owenmpk1. I can figure out how to use it so it must have GUI interface. 2. Good support so when I need help I can get it. 3. Renewal fees are reasonable (not half the price of the unit). 4. Of course, that it does the job.
Girish VyasThere are already some good answers about it but this is what I understand for a firewall. It is a luxury when compared in a networking domain. So basics first, we would need to suit your networking requirement. For this you need to settle down for Vendor whom you need to buy this firewall. From an organization level, Try to get a best deal. Now from networking perspective, take that spec sheet out and look for the models they offer and see which one fits your network. I mean check the throughput of the firewall. Can it handle the load you are going to push it through ? Ok so you got your vendor and the model but wait let's see that spec sheet again. Why? The features. Yes the features are also important as everyone already pointed it out. You need to compare the feature and see if it meets your organization policy. Most of the firewalls have all that is required for an organization. This includes but not limited to deployment mode, high availability, application visibility, custom application definition, central management (required if you have more than one firewall to standardize your policy), Throughput post going through IPS / URLF, SSL VPN capability (I don't want to spend more to get this new extra feature right), IPSEC VPN, and others. The core of deploying the firewall is the throughput. I don't know how to emphasize more on that. Once you get this checklist complete. I believe you are good to purchase a firewall for your organization. I would request people to try these firewalls on the VM instance for demo and see how they function. Check with your vendor for demo. This is to ensure that your IT engineer is comfortable with the look and feel as he is the one going to handle your firewall right ? All the best ! on getting a new firewall.
Sign Up with Email