The process of choosing a firewall that meets the unique needs of a business or network can be challenging. Enterprise tech professionals are increasingly reliant on peer reviews to help make better buying decisions for network security systems such as firewalls.
With more than 160 firewall user reviews on IT Central Station, IT pros can learn about the benefits and drawbacks of different solutions. Some of the most popular firewall products on the site include Fortinet FortiGate, Cisco ASA, Sophos UTM, Palo Alto Networks WildFire, Meraki MX Firewalls, and SonicWALL.
"The trick is to find the vendor that best meets your requirements and provides you with flexibility for the future," one user advised.
Firewall feedback
The IT Central Station community provided a wealth of firewall advice when Terry S., an IT manager at a healthcare company, asked this question:
What do you recommend for a corporate firewall implementation? I have six geographically dispersed locations.
Here are the responses he received. First, from Robofl, director of technology at a hospitality company:
We have been using SonicWALL for about 12 years but over the last couple of years have been moving to the Sophos SG Series. I know many people complain about SonicWALL reliability issues, but for us the UI just didn't keep up with the features they have added on over the years. I also don't care for the perpetual "early release" firmware. We also have a couple of FortiGate units for specific uses. Very reliable but not nearly as user friendly.
Next, from David H., senior security architect at a health, wellness and fitness company:
Depending on the size of the company, most enterprise-level firewalls will demonstrate a centralized management console capable of managing many disparate firewall locations, as well as the virtual elements within each.
If you are at this level, my preference would be the Palo Alto system, that allows the administrator to create rules, and abstractions that ultimately lead to an administrator putting together a policy like: "Inbound reverse web proxy" -> "any external system" -> "our reverse proxies" -> "web protocols". So, while this terminology is still ancient rule-base logic, the wording of the policy is actually readable. In other areas of the system you define what IP address belong to your reverse proxies, what web protocols you will allow, etc.
Like many complex systems, these firewalls may be more capable than you need; IPS, firewall, threat intelligence, malware detection, etc...just ignore the added features until you find the need to expand your requirements, and they will come naturally if needed.
Sean A., DevOps engineer, offered this advice:
The original question did mention ease of use, showing throughput, and the need to connect several regions, which is why I recommended Meraki products. In my opinion, they are by far the easiest firewall to set up and a total no-brainer for distributed use. It is nigh on impossible to accidentally disconnect your remote offices due to configuration mess up, and even if you do, the out-of-band management will allow you to correct the issue. If you know what you're doing, then I'd go with pfSense. Powerful and affordable, and free even if you can do without the support.
We have Meraki MX in our headquarters office as the needs there are simple and ease of management is a top priority along with all the stuff the Advanced Security license brings. We use pfSense in our data center rack
Rrahul H., who works at a printing company, provided this tip:
FortiGate firewalls are best suited for these purposes. You may select the appropriate model either by comparing specs on their website or talking to one of their consultants. Only shortfall with Fortigate is that one needs to be trained to configure and manage these devices. So, you either learn it yourself or sign up a support partner. Online support is not very great for setting the device up. But, pretty quick and efficient in helping resolve specific issues faced.
You can read more real user firewall reviews at IT Central Station, the leading product review site for enterprise technology buyers.
Senior stakeholders who want to hold on to their CISOs must ensure that they have sufficient incentives and, more importantly, support to cope with the burden of risk that they are carrying.
The most alarming takeaway from Cisco’s new Cybersecurity Readiness Index report is that even after decades of having the importance of cybersecurity driven home, cyber threats are still taken too lightly.
In today’s data-driven world, higher educational institution networks and their management must be modernized to address the needs of everyone across campus. Enterprises face similar challenges and also need to modernize their networks.
