I'm in the process of reviewing enterprise firewalls and would love to get everyone's thoughts. If you had to pick a next-gen firewall for a medium to large organization today, which vendor would you choose and why? Here are some key aspects we're considering: security capabilities (like threat prevention, IDS/IPS, and SSL inspection), performance and scalability, management ease, integration with existing systems (such as SIEM and EDR), and support quality. We're looking at vendors like Palo Alto, Fortinet, Cisco (FTD), Check Point, and maybe even Juniper or Sophos. I'd really appreciate insights on real-world performance, cost-effectiveness, and vendor support!
5 Answers
I’ve been out of the loop for a while, but here’s my take:
- **Palo Alto**: The best overall, a bit expensive but worth it.
- **Fortinet**: Not bad for the price but can have some bugs, plus their API access is a bit limited.
- **Cisco (FTD)**: I'd actually recommend staying away from these; they were unreliable last I checked.
- **Check Point**: Haven't used it, so can't say much.
- **Juniper**: Great for traffic handling, but lacking some next-gen features. Watch out for their acquisition by HPE.
- **Sophos**: I wouldn’t use this for anything beyond small businesses.
Is there a good open-source firewall option out there? I’m curious if anything could compete with these big names.
If budget allows, I'd lean towards Palo Alto; if not, go for Fortinet. But for cloud needs, Check Point seems to have the best scalability right now. Just my two cents!
In my experience, Palo Alto is the gold standard for enterprises. It's super reliable and packed with features, though it can be pricey and a bit difficult to use at times. But experienced engineers are usually familiar with it.
I’d probably go with Fortinet, especially if you want something that works well both on-prem and in the cloud. They're pretty versatile!
Good point, I think a lot has changed in the market recently.
Yeah, Fortinet is a solid option. But I wonder how it compares to others nowadays, given how fast things change.