Industry reports indicate that over 50% of SMBs suffer data breaches, yet less than 30% have effective protection against cyberattacks.
While training your employees against social engineering attacks (like phishing) is a crucial step toward improving your cybersecurity, the easiest step is investing in a network firewall. Network firewalls automatically protect against a variety of malicious data and users and can also offer peripheral security services to your business.
While firewalls traditionally targeted enterprise-level companies, some vendors have tailored their offerings to suit the scale and unique needs of SMBs. Small to midsize business reviewers on TrustRadius highlight these products as the best options for their businesses:
- Watchguard Network Security
- Cisco Meraki MX
- SonicWall TZ
- SonicWall NSA series
6 leading firewalls for SMBs
This list includes the products present on the Small Business Firewall TrustMap, which is dynamically generated based on the intersection of B2B buyers’ interest and trScore. They are ordered according to the number of small business ratings and reviews each product has.
#1 WatchGuard Network Security — The Option for MSPs
Some businesses find value in partnering with a 3rd-party Firewall-as-a-Service (FWaaS) provider to outsource their firewall security rather than having to manage it in-house. WatchGuard excels for those small or midsize 3rd-party Managed Service Providers looking to provide FWaaS.
MSP reviewers report that WatchGuard’s Fireboxes are very easy to manage. Particularly when managing firewalls across multiple clients, WatchGuard’s customizable configuration allows you to adapt your services to each client without creating an unruly ecosystem for your security specialists. WatchGuard’s customer support is also highly praised by MSP reviewers and in-house users alike. The vendor’s ability to effectively support both partners and in-house users indicates its flexibility for MSP users or users who want to deploy it for their businesses.
Some users take issue with the cost of the platform. This complaint is more common among security platforms like WatchGuard that also boast a wider range of features than traditional firewall products. For businesses that utilize the full range of features offered, such as managed service providers, the layers of security can justify the added cost.
“I have and will continue to recommend WatchGuard Network Security to clients large and small. Our business has had no opportunity to say, “You’re too small or simple to not benefit from this level of security.” WatchGuard has a solution we can confidently offer to even our smallest client with confidence and know we can convey the peace of mind having a WatchGuard Network Security appliance.”Tracy A. | Senior Support Specialist | Tech Help | 1-10 employees
#2 pfSense — The Open Source Option
pfSense is the only open-source firewall software on this list. The software is free, with additional paid features like customer support. pfSense is unique because it only offers the firewall software itself, while third parties like Netgate sell both the software and hardware appliance. pfSense’s recommended appliance for small businesses is the SG-1100 for small or branch offices or the SG-3100 for Single Office/Home Office (SOHO) users.
pfSense includes features to act as a traffic router as well as a firewall, which reviewers say benefit its load-balancing capabilities. The software’s graphical user interface stands out to users as especially user-friendly and accessible. Open-source software is always heavily reliant on the accompanying documentation, and recent users have praised pfSense’s documentation.
While pfSense stands out for its open-source design, that’s also its main drawback. Reviewers note that one drawback to pfSense is that you are unable to purchase the necessary hardware appliances to run the firewall software on. Software updates and improvements are also dependent on community engagement. That said, so long as you are confident in and satisfied with the hardware you’re running the firewall on and the community behind the product, pfSense is a top open source firewall option!
“pfSense is perfect for small-medium businesses (IMO). I also believe it would be a great tool for a home user/IT enthusiast who wants a great high-end firewall solution or someone who just wants to learn, but does not want to buy a bunch of hardware or licenses.”Charles C. | Technical Support Specialist | TimeTrak Systems, Inc. | 11-50 employees
#3 Cisco Meraki MX — The Option for Multi-Location Businesses
Cisco’s Meraki MX firewall is a Unified Threat Management (UTM) and Wide Area Network (WAN) appliance, which means that it can provide centralized firewall protection for networks that connect multiple data centers. It includes features like cloud management and VPN connectivity and has good usability for multi-location security for non-IT specialists.
In addition to the power of Cisco’s brand name in the firewall market, the Meraki line is also touted by users for its administrative friendliness and ease of deployment. In particular, non-IT professionals report having little trouble setting up and running the firewall. The wide range of features Meraki offers as a UTM does not seem to bring any additional complexity or unwieldiness.
If you do run into problems, Meraki’s customer support has left something to be desired for some users. Given the ease of use and deployability of the firewall, the goal may be never to need to utilize customer support in the first place—which may be feasible for smaller, straightforward deployment situations.
“It is well suited for small businesses with little to no IT staff. Larger non-profits that do not have an IT staff, or if IT is made up of volunteers (such as churches,) would be a good fit for Meraki MX.”Brian D. | Systems Analyst and Administrator | Cottage Door Press | 11-50 employees
#4 SonicWall TZ — The Option for IT Pros
SonicWall TZ stands out as a firewall for IT professionals who have prior experience implementing and managing firewalls for businesses. It also offers UTM and NGFW features like VPN connectivity and SD-WAN. Bandwidth management and application control can help manage internet-focused resources. These include content filtering features and malware detection.
Reviewers frequently point to SonicWall TZ’s geo-filtering capabilities as a standout feature, which can be beneficial if your traffic is geographically centralized. Its graphical interface is also mentioned consistently for its contributions to the firewall’s ease of use and accessibility.
While the graphical user interface (GUI) can help with accessibility, reviewers recommend against novices. If you’re not familiar with utilizing the documentation that comes with the firewall, it can be an uphill battle to set up and manage the product properly. The price point is also a sore point for some users. In particular, users criticized the product’s licensing model.
“Based on my experience, this is a solid platform for a small to mid-sized company, especially when there is someone who has IT experience, or can get outsourced IT help.”Benjamin H. | Freelance IT Advisor/Specialist | Orbis Education | 1-10 employees
#5 SonicWall NSA — A Step Up For Fast Growers
Sonicwall NSA series is a separate product from the TZ series offered by the same vendor. In terms of base functionality, the two share many traits. The intrusions detection and resource management on both are comprehensive.
The NSA series is the TZ series’ slightly bigger brother. This version includes larger capacity servers for more internet connections. Higher packet capabilities ensure organizations’ protection for those with more data or users. Basic features such as storage and physical mounting are also increased in size.
The NSA Series has many of the same benefits as its younger brother, with higher capacity. Users praise the relatively simple installation and maintenance. Data loss prevention capacity is higher, as a result of the increased potential.
Once again, this is not a novice system. It is important to note that the NSA Series would not be suitable for significantly larger organizations. This would be best suited to small businesses looking for complete protection while they grow quickly. NSA series will work well for midsize companies.
“The SonicWall NSA Series provides firewall protection at each of our branch locations. The NSA series specifically has the hardware power to accommodate the number of active connections we have at each branch. Combined with the comprehensive gateway security license, SonicWall NSA provides a solid first line of defense of whatever bad stuff our users may try to download.”Kenny McGarrity | IT Infrastructure Manager | Pace SupplyWholesale, 1001-5000 employees
#6 Untangle— The Option for IT Pros
Right away, it is important to mention that Untangle offers basic features for free. Very small businesses or those with limited security concerns may be able to get away with not paying for the firewalls at all.
Setup is easy for this firewall. You can use their hardware firewalls, or install them on your own devices. The paid tiers offer comprehensive security features. Intrusion prevention is led by their filtering service. This targets rouge applications, drive-by malvertising, and malware distribution points. As of May 2021, a mobile app is in beta.
Untangle firewalls are easy to set up, manage, and run. Users on TrustRadius praise the strong content filters. Reviewers also note that support is responsive and easy to get in touch with.
Some reviewers say the tutorials could be improved and updated. The full suite of paid software can be rather expensive for some small businesses.
“Untangle NG Firewall is well suited in most scenarios where you are looking for a piece of software that can perform many functions, such as web filtering, spam prevention, phishing prevention, application control, and IP Sec VPN. They offer different licensing options with the paid product. The free product comes with a handful of apps and does not include technical support.”Gary Lamontagne | Network and Systems Administrator | Coos County Family Health ServicesHospital & Health Care, 51-200 employees
Criteria to look for in SMB firewalls
All six of the tools listed above pass our criteria for being useful in the small business setting. However, if you’re considering products beyond this list, be sure to look for the following points.
Next-generation firewall and Unified Threat Management platforms have become more financially accessible at smaller scales. This tier of products offers multilayer security on the network level and the application level, protecting you against a wider range of threats. For smaller tech businesses or any business that handles customer data through a website, application-layer security is a must-have.
You should also look for a firewall’s VPN capabilities, which are becoming more commonplace among SMB firewalls. VPN connections allow you to securely and privately connect remote locations or traveling employees. Unless you only conduct business at a single location, and your employees never travel for work, native VPN capabilities will make remote security much more cost-effective and easy to use than a standalone VPN.
Your firewall’s ease of use is particularly important as a small business. Since you likely don’t have the same IT resources as a large business or enterprise, your firewall’s day-to-day management should be as easy and automated as possible. Some vendors may advertise “set and forget” functionality, but users’ experiences will be the best guide of whether a product is easy to manage.
Finding the firewall that’s right for you
As vendors have fleshed out their firewall offerings for SMBs, the market is quickly approaching feature parity. There are still concrete distinctions between what various products offer, but over the long term, qualitative factors like customer support, implementation assistance, and specialist access will become the main differentiating factors between firewalls. Unfortunately, these features are hard to evaluate during a demo. Feedback on customer support, implementation experience, and how well the product ultimately protects against intrusions is more readily available in user reviews.
Before you buy a firewall, the best way to get insights into the qualitative aspects of the products is to find reviews from users similar to you. Reading user reviews of the product gives you insight into the positives and negatives of the qualities that matter most to you.
TrustRadius allows you to filter reviews to see businesses most similar to you so you can get the most representative insights possible. Check out our SMB-specific firewall reviews to see this feature in action. The insights you gain can help guarantee that your new firewall software is secure and easy to manage.