Forcepoint Next-Generation Firewall delivers network security at scale. They can be deployed from anywhere through the Secure Management Console (SMC) and unify policy management, incident response and reporting.
$900
one-time fee for the entry tier Forcepoint N60 (approx)
SonicWall TZ
Score 8.3 out of 10
N/A
SonicWall TZ is an entry to mid-tier NGFW for small to mid-sized companies. It is a Unified Threat Management solution, with additional native decryption and deep-packet inspection capabilities.
If you are looking for a smaller network/security team, the ease and low complexity create an easy to manage environment. One engineer can easily manage 100 nodes/locations. If you are just starting to get security conscious and predict regular adjustments to policy, routing, and access, this is a very good system for making easy to understand and low impact changes on a regular basis without operations interruption.
Based on my experience, this is a solid platform for a small to mid sized company, especially when there is someone who has IT experience, or can get outsourced IT help. I would not recommend for someone who is a technology novice. Also, this is a competent device for someone who is looking to add VPN services for remote workers.
Easy to manage and make changes on - ACL's are done with ease.
Easy USB initial configuration - The easy initial setup of a new location and firewall saves massive time. Settings are automatically pushed to new nodes upon contact with the controller.
Low Complexity - This system does not have a lot of complexity requiring extra hours, training, or personnel to manage.
Poor Reporting - It exists but even when calling in to support for assistance, they have no idea how to tackle customizing reports or searching for specific data.
There are Service Bundles in SonicWall TZ that are Unlicensed and do not know why they have not be Activated - would need help to further understand benefits
Do not know why Standard Support is Unlicensed
WiFi range of TZ270W is very limited - need to add Access Points or Extended to obtain adequate coverage
Overall the new interface is very logical and easy to navigate. We did struggle at first coming from the older interface and finding our way around the new. But our new users found it very simple to find what they were looking for. One negative we do all struggle with is packet cpature not always being clear how its set/what is being monitored. this could do with more information on teh intial page instead of having to look for it
Once you get to a competent technician the support experience is better. But I have found that the lower tiers of support are very slow to respond (like 1 email per day) and you typically have to re-explain yourself a couple times before they get it. I have not used Phone support, and that may be a better experience.
SonicWall and WatchGuard are both fine appliances, but I am accustomed to the Barracuda NG. The Barracuda Control Center is so powerful and useful that it beats out the other two. SonicWall does a great job of dividing up firewall rules and NAT policies, but this is a preference among engineers.
Efficiency/Productivity increase. The company moved from Cisco firewall and routing hardware to Forcepoint NGFW. It now takes fewer people and fewer hours to manage the new product. This has allowed the company to put the man-hours to use on other projects and tasks.
Long term viability. This has been a concern in the past when the company started as Stonegate, merged to become Stonesoft then got purchased by McAfee, then McAfee got purchased by Intel. However, with Forcepoint the product seems to have found a stable home.
Low complexity. The Web GUI based system for management has reduced the cost of personnel and training required. There is no longer a need for the company to have higher trained and higher salary cost employees to manage the system. Mid-level admins at lower salaries are capable of managing the GUI based system with ease.
