CrowdSec is a CTI tool leveraging crowdsourced data to identify and block malevolent IPs in real time worldwide. It is an open-source & collaborative IPS able to analyze visitor behavior by parsing logs & provide an adapted response to all kinds of attacks. It also enables users to protect each other. Each time an IP is blocked, all community members are informed so they can also block it. That way, they are generating a real-time crowdsourced CTI database.
N/A
SonicWall NSA Series
Score 8.5 out of 10
N/A
The SonicWall NSA Series is the company's mid-range next generation firewall (NGFW).
N/A
Pricing
CrowdSec
SonicWall NSA Series
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
CrowdSec
SonicWall NSA Series
Free Trial
No
No
Free/Freemium Version
Yes
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
—
More Pricing Information
Community Pulse
CrowdSec
SonicWall NSA Series
Features
CrowdSec
SonicWall NSA Series
Firewall
Comparison of Firewall features of Product A and Product B
Since I've only used CrowdSec in a homelab/small-medium sized business setup, that's really the only market I can safely recommend it and say it's well suited for, because I don't know how much it would cost to run it in an enterprise environment. I've heard some pricing and how they plan on rolling out a subscription model, but it's still in talks. Either way, if you have publicly exposed web applications hosted locally or on a virtual private server, then CrowdSec should be part of every virtual machine and/or network. Even with the lmited number of filter you get out of the free subscription, it provides a nice layer of constantly updated data,
This is a higher-end firewall, built for a medium to large business. It handles traffic and scanning and protection well but it would be a bit of a budget-buster and probably overkill for a small to (barely) medium sized business. SonicWall makes SoHo devices for those use cases and they would be more appropriate.
Provides great integrations with tools you already use, such as fail2ban, Cloudflare, WordPress, NGINX, Linux Firewalls, etc.
Lightweight agents can run on individual servers and report to a main security engine so that if there's an attack on one server and a block is implemented, the entire network can be protected
There are a lot of ways to receive alerts and store logs
CrowdSec Central API is a nice way to manage everything externally
Getting CrowdSec to run on OPNsense can be a challenge, but that's also a limitation of the OS
You can only subscribe to a couple of feeds before paying an unknown amount of money that's part of their "Enterprise" package. So, there could be better transparency.
There is room for improvement when it comes to learning the UI, but the UI is overall pretty good. It doesn't take long to learn if you are famaliar with firewalls.
Most of the time, calling SonicWall NSA Support, you get an expert who can help resolve your issues. RMAs are pretty easy once they determine there is an issue with the hardware. Support is available 24x7, which makes emergency calls easy. The only downside is the support engineers may have thick accents; however, their expertise more than makes up for any language barriers.
We compared the FortiGate to Sonicwall and continued with Sonicwall as we were a mid-size school where the Sonicwall was performing adequately, and the learning curve was steep to switch platforms. The Sonicwall offered everything the FortiGate did, and was not as costly, both in the appliance and in licensing.
