Best Firewall Software
- Top Rated Firewall Software include: Cisco Meraki MX Firewalls, Sophos UTM, Next-Generation Firewalls - PA Series, Malwarebytes, Barracuda NG Firewall, pfSense, and Zscaler Web Security.
- Other Firewall Software on the TrustMap include: FortiGate, Cisco ASA, Juniper SRX, and SonicWall TZ.
- A complete list of Firewall Software is available here.
TrustMaps are two-dimensional charts that compare products based on satisfaction ratings and research frequency by prospective buyers. Products must have 10 or more ratings to appear on this TrustMap, and those above the median line are considered Top Rated.
Firewall Software Overview
What are Firewall Software?
Firewalls are filters that stand between a computer or computer network and the Internet. Each firewall can be programmed to keep specific traffic in or out. All messages passing through the firewall are examined and those not meeting pre-defined security criteria are blocked.
For example, on the outbound side, firewalls can be configured to prevent employees from transmitting sensitive data outside the network, while on the inbound side, firewalls can be configured to prevent access to certain kinds of websites like social media sites.
Firewall Software Features & Capabilities
Application visibility and control
Identify and control evasive app threats
Intrusion Prevention integration
Physical and virtual environment support
Integration with LDAP and Active Directory
Firewalls use several methods to control traffic flowing in and out of a network:
Packet filtering: This method analyzes small pieces of data against a set of filters. Those that meet the filter criteria are allowed to pass through, while others are discarded.
Proxy service: In this method, computers make a connection to the proxy which then initiates a new network connection based on the content of the request. In this way, there is no direct connection or packet transfer on either side of the firewall. Network addresses are effectively hidden.
Stateful inspection: Stateful inspection is a newer firewall security method that monitors communications packets over a period of time. Outgoing packets that request specific types of incoming packets are tracked. Only incoming packets that are an appropriate response are allowed to pass. Firewalls using this method are often referred to as next-generation firewalls (NGFW).
The cost of firewalls can vary from free (for personal use) to significant sums of money for enterprise firewalls. Firewalls are often on-premise appliances, but can also be purchased as software which must be installed on a server, or as a cloud service. The range of pricing models is broad making it difficult to compare across vendors. However, an enterprise firewall may cost upwards of $30,000, depending on capability and type.
FortiGate, from San Francisco-based company Fortinet, is a firewall option.
Palo Alto next-generation firewalls classify all traffic, including encrypted traffic, based on application, application function, user and content. Users can create security policies, resulting in enablement of applications. This lets only authorized users run sanctioned applications, reducing...
WatchGuard XTM is a firewall option, from WatchGuard Technologies.
Juniper SRX is product-line of firewall technology and intrusion detection / prevention systems from Juniper Networks in California.
Zscaler Web Security from the company Zscaler in San Jose, California, is a firewall option.
Untangle in San Jose, California offers NG Firewall, a firewall platform with network performance monitoring and web content filtering features.
RackFoundry Total Security Management offers a complete solution featuring powerful firewall, VPN, Intrusion Detection/Prevention, SIEM, automated vulnerability scanning and log management that is monitored by the vendor’s security operations center. According to the vendor, it is the first...
McAfee Firewall Enterprise (MFE) is firewall technology from McAfee / Intel Security.
The VM-Series is a virtualized form factor of Palo Alto next-generation firewall that can be deployed in a range of private and public cloud computing environments based on technologies from VMware®, Amazon® Web Services, Microsoft®, Citrix®, and KVM. The VM-Series natively analyzes all...
Sourcefire was acquired by Cisco in 2013 to expand their own firewall technology.
Check Point Power-1 is a firewall option, from Check Point Software Technologies.