Network Security Software
These products won a Top Rated award for having excellent customer satisfaction ratings. The list is based purely on reviews; there is no paid placement, and analyst opinions do not influence the rankings. Read more about the Top Rated criteria.
Network Security Software TrustMap
TrustMaps are two-dimensional charts that compare products based on trScore and research frequency by prospective buyers. Products must have 10 or more ratings to appear on this TrustMap.
WatchGuard Network Security is a network security and firewall software. WatchGuard includes secure Wi-Fi, multi-factor authentication, and network intelligence products and services designed for SMB’s.
Cisco now offers OpenDNS Umbrella Web Filtering. Cisco acquired OpenDNS in August 2015, and rebranded the product as Cisco Umbrella.
FireMon is a real-time security policy management solution built for today’s complex multi-vendor, enterprise environments. Supporting the latest firewall and policy enforcement technologies spanning on-premises networks to the cloud, FireMon delivers visibility and control across…
ADAudit Plus offers real-time monitoring, user and entity behaviour analytics, and change audit reports that helps users keep AD and IT infrastructure secure and compliant.Track all changes to Windows AD objects including users, groups, computers, GPOs, and OUs.Achieve hybrid AD…
The Qualys Cloud Platform (formerly Qualysguard), from San Francisco-based Qualys, is network security and vulnerability management software featuring app scanning and security, network device mapping and detection, vulnerability prioritization schedule and remediation, and other…
Cisco routers support secure, reliable enterprise connections. These enterprise routers help users implement an intent-based, future-ready WAN that is constantly learning, adapting, and protecting. Deploy routers for the branch, cloud, co-location, or the data center with any type…
The Cisco Identity Services Engine (ISE) offers a network-based approach for adaptable, trusted access everywhere, based on context. It gives the user intelligent, integrated protection through intent-based policy and compliance solutions.
Nmap is a free, open source network discovery, mapper, and security auditing software. Its core features include port scanning identifying unknown devices, testing for security vulnerabilities, and identifying network issues.
Symantec Advanced Threat Protection is a single unified solution that uncovers, prioritizes, and remediates advanced attacks. The product fuses intelligence from endpoint, network, and email control points, as well as Symantec’s massive global sensor network, to stop threats that…
Forescout Technologies headquartered in San Jose actively defends the Enterprise of Things by identifying, segmenting and enforcing compliance of every connected thing. Forescout boasts a widely deployed, enterprise-class platform at scale across IT, IoT, and OT managed and unmanaged…
Darktrace AI interrupts in-progress cyber-attacks, including ransomware, email phishing, and threats to cloud environments. It's able to detect and establish baselines for your organization so it can make the distinction between what is and what isn't normal network activity for…
SolarWinds Threat Monitor empowers MSSPs of all sizes by reducing the complexity and cost of threat detection, response, and reporting. You get an all-in-one security operations center (SOC) that is unified, scalable, and affordable.
Qualys VMDR 2.0 with TruRisk gives enterprises visibility and insight into cyber risk exposure with the goal of making it easy to prioritize vulnerabilities, assets, or groups of assets based on business risk. Security teams can take action to mitigate risk, helping the business…
Cloudflare's Zero Trust Network Access (ZTNA) technologies create secure boundaries around applications. When resources are protected with ZTNA, users are only allowed to access resources after verifying the identity, context, and policy adherence of each specific request. Cloudflare'…
IOS Security from Cisco is network security technology.
Zscaler Private Access (ZPA) is a ZTNA as a service, that takes a user- and application-centric approach to private application access. A cloud-delivered service, ZPA is built to ensure that only authorized users have access to specific private applications by creating secure segments…
Israeli company Tufin offers a firewall security management offering via the Tufin Orchestration Suite, including SecureApp for managing network connectivity, SecureChange network change automation, and SecureTrack multi-vendor and next-generation firewall management.
Nipper discovers vulnerabilities in firewalls, switches and routers, automatically prioritizing risks to an organization. Its virtual modelling is designed to reduce false positives and identify exact fixes to help users stay secure and compliant.Audits: Firewalls | Switches | Routers…
RSA NetWitness Network (formerly RSA Security Analytics) is network detection and response security application from RSA Security company NetWitness.
Speedify is a new kind of bonding VPN designed from the ground up for speed, security, and reliability. The vendor says Speedify's bonding protocol lets it do things no other VPN can: switching between Wi-Fi and Cellular without breaking sockets, and bonding connections together…
Tempered Networks is network security technology from the company of the same name in Seattle, Washington.
Cisco Umbrella Easy Protect is a bare-bones deployment of Cisco Umbrella that offers a baseline of security protection to MSP's customers through network DNS protection. With Easy Protect, the user adds Network identities, have customer change their router's DNS settings to use the…
The Kaspersky Anti Targeted Attack Platform uses machine learning approaches to detect targeted attacks across network telemetry through a combination of automated network traffic analysis, correlative behavioral analysis, and other approaches to detect multi-layer threats across…
What is Network Security Software?
Network security software are tools that track and prevent unauthorized access or denial of network resources through phishing, Trojan horses, spyware, worms, and other vendor-specific vulnerabilities. There is a wide range of specific network security products that help administrators secure organizations’ networks, particularly enterprise networks. This means there is not a single profile for network security software, but rather a spectrum of capabilities tailored to specific security needs.
It is imperative for enterprises to protect themselves from potentially harmful traffic. Many network security tools have focused on enterprise network security, given the scale of the network risks enterprises face. However, network security has become a more pressing issue for SMBs as more processes become digital or cloud-based. Network security vendors have responded to this growing SMB demand by providing software scaled for smaller organizations with fewer in-house IT or security specialists.
Evolution of Network Security Software
Network security software suites usually contain a number of different technologies. Traditionally, the two major components were firewalls and secure web gateways.
Network firewalls were designed to only permit specific protocols and ports to access the network. However, they were essentially ignorant as to whether websites being accessed were malicious. Secure web gateways were designed to perform web filtering and to block websites that were on a blacklist. The tools tend to be used independently of each other and are used to secure the perimeter of a company’s infrastructure.
Recent developments augment these strategies by sharing data across multiple systems and correlating information to better understand potential threats. Next-generation firewalls are able to sniff out malicious packets through “deep packet inspection” techniques. Secure gateways have also become more sophisticated with a focus on web-based virus signatures, not just forbidden URLs.
Another recent network security development is the emergence of malware sandboxes. These sandboxes create a safe environment where tests can be run on suspicious data to expose or trigger malicious content where it cannot impact the business itself.
Network security is also converging with networking itself in unified solutions. New product areas like Secure Access Service Edges (SASE) are driving this convergence of networking and security, particularly for organizations with globally-distributed networks.
Bring Your Own Device (BYOD)
The advent of the BYOD era has also brought more reliance on network access control software. Network access control software protects the network internally by making sure that devices identify themselves on the network in order to regulate access rights. There are also security products that focus on securing endpoints across the network, rather than starting from the network itself.
Network Security Software Features and Capabilities
Network security software encompasses a wide range of security functions. As such, individual products may have distinct feature sets while still serving similar goals. However, there are still some common feature sets among network security software. Network Security software should focus on some, or most, of these capabilities:
Network mapping and visibility
Network Access Control
Network Security Software Comparison
When comparing network security software, consider these factors:
Network-level security vs. endpoint security: Most network security software approaches network security from a network perspective or from an endpoint perspective. If the network is on-premise, and any connected devices primarily remain within the network, then network-level security like firewalls and secure web gateways may be sufficient. However, networks that are exposed to a wider range of endpoints, such as personal devices, will benefit from additional endpoint security.
Network edge vs. intra-network focus: Traditional network security has focused on securing the perimeter of the network. Recently, network monitoring and traffic analysis products have branched into intra-network security monitoring in addition to performance monitoring. These tools may be able to catch breaches inside organizations’ network perimeters, but will be less equipped to block or respond to attacks themselves.
Automated threats vs. behavioral threats: Consider whether the business is also concerned with behavioral attacks on the network. These threats attempt to trick employees into giving malicious actors access to the network. While traditional network security products focus on automated data threats, some are providing more comprehensive protection through behavioral training as well.
Network security management covers a variety of different technologies making it difficult to make general statements about pricing. Firewall devices have a broad range of costs depending on the complexity of the environment. Firewall appliances start at around $100 or less, while enterprise firewalls can cost over $25,000. Pricing structures vary, but a common approach is tiered pricing by the number of users. Secure web gateway pricing takes a similar approach.