We're a small company with 50-100 users looking to replace our current firewall and transition to ZTNA as an alternative to our SSL VPN. I've been considering several options and noted what makes each one attractive:
- **Checkpoints**: Known for having very low historical CVEs, making them seem quite secure.
- **WatchGuard**: Praised for excellent customer service and support.
- **Palo Alto**: I find their GUI user-friendly, and they offer great logging and visibility.
- **Cato Networks**: Easily deployable with an option to set up an IPsec tunnel to their private cloud, eliminating the need for on-premises hardware.
I also heard Cato allows you to replace existing firewall hardware with their appliance. While some may advocate for FortiGate, it has too many CVEs historically for my liking, so it's not on my evaluation list. What's your take?
1 Answer
Palo Alto is generally the best choice, but they've been focusing on larger businesses, which might be a concern for you. However, I think they may offer competitive pricing for smaller organizations too. They’re reliable and quite popular for a reason, though you pay for the quality.
I've found the pricing can become competitive, especially if you compare it to Fortinet. They can be flexible to keep smaller businesses in mind.