CrowdSec vs. SonicWall NSA Series

Since I've only used CrowdSec in a homelab/small-medium sized business setup, that's really the only market I can safely recommend it and say it's well suited for, because I don't know how much it would cost to run it in an enterprise environment. I've heard some pricing and how they plan on rolling out a subscription model, but it's still in talks. Either way, if you have publicly exposed web applications hosted locally or on a virtual private server, then CrowdSec should be part of every virtual machine and/or network. Even with the lmited number of filter you get out of the free subscription, it provides a nice layer of constantly updated data,

Incentivized

SonicWall NSA is best suited for small to mid-size companies or small to medium K-12 school districts. It's less appropriate for larger businesses and schools. This is due to their ease of use and well-rounded feature set but lacks in advanced configuration, performance, and reliability.

Incentivized

• Provides great integrations with tools you already use, such as fail2ban, Cloudflare, WordPress, NGINX, Linux Firewalls, etc.
• Lightweight agents can run on individual servers and report to a main security engine so that if there's an attack on one server and a block is implemented, the entire network can be protected
• There are a lot of ways to receive alerts and store logs
• CrowdSec Central API is a nice way to manage everything externally

Incentivized

• Relatively inexpensive compared to some of the higher-end products, like Palo Alto Networks.
• Easy to set up, as the SonicWall NSA interface is consistent across all models.

Incentivized

• Getting CrowdSec to run on OPNsense can be a challenge, but that's also a limitation of the OS
• You can only subscribe to a couple of feeds before paying an unknown amount of money that's part of their "Enterprise" package. So, there could be better transparency.

Incentivized

• Ideal with smaller businesses. Would have to examine for more complex needs of larger businesses.
• Scalability might be an issue for super large organizations.

Most of the time, calling SonicWall NSA Support, you get an expert who can help resolve your issues. RMAs are pretty easy once they determine there is an issue with the hardware. Support is available 24x7, which makes emergency calls easy. The only downside is the support engineers may have thick accents; however, their expertise more than makes up for any language barriers.

Incentivized

We compared the FortiGate to Sonicwall and continued with Sonicwall as we were a mid-size school where the Sonicwall was performing adequately, and the learning curve was steep to switch platforms. The Sonicwall offered everything the FortiGate did, and was not as costly, both in the appliance and in licensing.

Incentivized

• It flat-out blocks malicious IPs from accessing any PC on my network.
• It's free-tier makes this a no brainer to implement

Incentivized

• Was affordable, allowing for advanced routing and security.
• Enabled us to build VPNs without purchasing additional services
• Was simple enough to manage in house without external support.

Incentivized