Best Firewall Software44Firewalls are designed to block unauthorized access to and from networks, but chiefly to stop Internet users from accessing private networks.WatchGuard Network Security1https://media.trustradius.com/product-logos/5W/jq/VAPTVJ0UKFRX.JPEGCisco ASA2https://media.trustradius.com/vendor-logos/KP/BJ/EKH5RFTLCO4X-180x180.PNGFortinet FortiGate3https://media.trustradius.com/vendor-logos/MZ/NA/I0WLZ36A46RB-180x180.JPEGCisco Meraki MX Firewalls4https://media.trustradius.com/product-logos/xb/mX/4WFZL1ANOD5T.JPEGPalo Alto Networks Next-Generation Firewalls - PA Series5https://media.trustradius.com/product-logos/DS/BU/ULEO0WQAHCO8.PNGpfSense6https://media.trustradius.com/product-logos/1c/pa/ZO1A4AO15GEQ.JPEGSonicWall TZ7https://media.trustradius.com/vendor-logos/zc/Na/VOD2KUJ9G2Z3-180x180.JPEGSophos UTM8https://media.trustradius.com/vendor-logos/aW/xM/0AFACIEHNKRT-180x180.JPEGZscaler Web Security9https://media.trustradius.com/product-logos/IH/93/E4CITT6N520T.pngUntangle NG Firewall10https://media.trustradius.com/product-logos/1G/OL/1ZTB7ZMOO181.pngBarracuda CloudGen Firewall (formerly NG Firewalls)11https://media.trustradius.com/vendor-logos/cV/TT/VZW5UWK3DW36-180x180.JPEGWatchGuard XTM - Discontinued Product12https://media.trustradius.com/vendor-logos/T8/mJ/EAZDGZK4BJZG-180x180.PNGJuniper SRX13https://media.trustradius.com/vendor-logos/gB/Ia/1U86W7216QBM-180x180.PNGRackFoundry Total Security Management14https://media.trustradius.com/product-logos/Jl/h8/UUKVPXASSP28.PNGPalo Alto Networks Virtualized Next-Generation Firewalls - VM Series15https://media.trustradius.com/vendor-logos/MK/NG/UKHCVB1FA0XT-180x180.PNGCisco Firepower NGFW (formerly Sourcefire)16https://media.trustradius.com/vendor-logos/KP/BJ/EKH5RFTLCO4X-180x180.PNGStonesoft Firewall (Discontinued)17https://media.trustradius.com/vendor-logos/Ih/Yn/XPF0T8T20KCE-180x180.JPEGCyberoam18https://media.trustradius.com/product-logos/gY/sV/LUCR8FMGRNKH.jpegTrustwave Firewall19https://media.trustradius.com/vendor-logos/2A/tk/VKTU2N003FWJ-180x180.jpgSmoothwall UTM20https://media.trustradius.com/vendor-logos/wS/uZ/14O7AMO40TQD-180x180.PNGCheck Point 2200 Appliances- Discontinued21https://media.trustradius.com/product-logos/uf/VE/F78KTIQOQ1MV.gifCheck Point 4000 Appliances22https://media.trustradius.com/vendor-logos/N5/Pq/9GTB1XOCNWCX.pngCheck Point Next Generation Firewall23https://media.trustradius.com/vendor-logos/N5/Pq/9GTB1XOCNWCX.pngCheck Point Firewall Software Blade24https://media.trustradius.com/product-logos/el/42/JT46P4SQMN0S.jpegForcepoint NGFW25https://media.trustradius.com/product-logos/Cb/mk/IDALAKILI45W.JPEG

Firewall Software

Best Firewall Software

TrustMaps are two-dimensional charts that compare products based on satisfaction ratings and research frequency by prospective buyers. Products must have 10 or more ratings to appear on this TrustMap.

Firewall Software Overview

What are Firewall Software?

Firewalls are filters that stand between a computer or computer network and the Internet. Each firewall can be programmed to keep specific traffic in or out. All messages passing through the firewall are examined and those not meeting pre-defined security criteria are blocked.


For example, on the outbound side, firewalls can be configured to prevent employees from transmitting sensitive data outside the network, while on the inbound side, firewalls can be configured to prevent access to certain kinds of websites like social media sites.

Firewall Software Features & Capabilities

  • Application visibility and control

  • Identify and control evasive app threats

  • Intrusion Prevention integration

  • Physical and virtual environment support

  • Integration with LDAP and Active Directory

  • "Sandbox," or isolated, cloud-based threat emulation

Firewall vendors are beginning to bundle firewall offerings with other security or privacy features, although this is not a universal practice. The most common example is support for Virtual Private Networks (VPN), and load-management is often featured as well.

Firewall methods

Firewalls use several methods to control traffic flowing in and out of a network:


  • Packet filtering: This method analyzes small pieces of data against a set of filters. Those that meet the filter criteria are allowed to pass through, while others are discarded.

  • Proxy service: In this method, computers make a connection to the proxy which then initiates a new network connection based on the content of the request. In this way, there is no direct connection or packet transfer on either side of the firewall. Network addresses are effectively hidden.

  • Stateful inspection: Stateful inspection is the new standard firewall security method that monitors communications packets over a period of time. Outgoing packets that request specific types of incoming packets are tracked. Only incoming packets that are an appropriate response are allowed to pass. Firewalls using this method are often referred to as next-generation firewalls (NGFW).

Pricing Information

The cost of firewalls can vary from free (for personal use) to significant sums of money for enterprise firewalls. Firewalls are often on-premise appliances, but can also be purchased as software which must be installed on a server, or as a cloud service. The range of pricing models is broad making it difficult to compare across vendors. However, an enterprise firewall may cost upwards of $30,000, depending on capability and type.

Firewall Products

Listings (1-25 of 52)

WatchGuard Network Security

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow noopener noreferrer'>Customer Verified: Read more.</a>
127 Ratings

WatchGuard Network Security is a network security and firewall software. WatchGuard includes secure Wi-Fi, multi-factor authentication, and network intelligence products and services designed for SMB’s.

Cisco ASA

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow noopener noreferrer'>Customer Verified: Read more.</a>
Top Rated
157 Ratings

Cisco Adaptive Security Appliance (ASA) software is the core OS for the ASA suite. It provides firewall functionality, as well as integration with context-specific Cisco security modules. It is scaled for enterprise-level traffic and connections.

Fortinet FortiGate

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow noopener noreferrer'>Customer Verified: Read more.</a>
Top Rated
106 Ratings

FortiNet FortiGate is a firewall option with high integrability. It offers a variety of deployment options and next-gen firewall capabilities, including integration with IaaS cloud platforms and public cloud environments.

Cisco Meraki MX Firewalls

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow noopener noreferrer'>Customer Verified: Read more.</a>
Top Rated
64 Ratings

Cisco Meraki MX Firewalls is a combined UTM and Software-Defined WAN solution. Meraki is managed via the cloud, and provides core firewall services, including site-to-site VPN, plus network monitoring.

Palo Alto Networks Next-Generation Firewalls - PA Series

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow noopener noreferrer'>Customer Verified: Read more.</a>
59 Ratings

Palo Alto next-generation firewalls classify all traffic, including encrypted and internal traffic, based on application, application function, user and content. Users can create security policies to enable only authorized users to run sanctioned applications.

32 Ratings

pfSense is an open-source firewall and load management product. It provides combined firewall, VPN, and router functionality, and it can be deployed through AWS or Azure clouds or on-premises via Netgate.

Forcepoint Next Generation Firewall (NGFW) promises seamless and central management, whether physical, virtual or in the cloud. Administrators can deploy, monitor and update thousands of firewalls, VPNs and IPSs in minutes, all from a single console. The vendor says that the product reduces netwo...