We changed our name from IT Central Station: Here's why

SonicWall NSa vs WatchGuard Firebox comparison

Cancel
You must select at least 2 products to compare!
Featured Review
Find out what your peers are saying about SonicWall NSa vs. WatchGuard Firebox and other solutions. Updated: March 2020.
564,143 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The implementation is pretty straightforward.""Feature-wise, we mostly use IPS because it is a security requirement to protect against attacks from outside and inside. This is where IPS helps us out a bunch.""The integration of network and workload micro-segmentation helps a lot to provide unified segmentation policies across east-west and north-south traffic. One concrete example is with Cisco ACI for the data center. Not only are we doing what is called a service graph on the ACI to make sure that we can filter traffic east-west between two endpoints in the same network, but when we go north-south or east-west, we can then leverage what we have on the network with SGTs on Cisco ISE. Once you build your matrix, it is very easy to filter in and out on east-west or north-south traffic.""One of the most valuable features of Firepower 7.0 is the "live log" type feature called Unified Event Viewer. That view has been really good in helping me get to data faster, decreasing the amount of time it takes to find information, and allowing me to fix problems faster. I've found that to be incredibly valuable because it's a lot easier to get to some points of data now.""I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection.""It's got the capabilities of amassing a lot of throughput with remote access and VPNs.""Web filtering is a big improvement for us. The previous version we used, the AC520, did not have that feature included. It was not very easy for us, especially because the environment had to be isolated and we needed to get updates from outside, such as Windows patches. That feature has really helped us when we are going outside to pull those patches.""If you compare the ASA and the FirePOWER, the best feature with FirePOWER is easy to use GUI. It has most of the same functionality in the Next-Generation FirePOWER, such as IPS, IPS policies, security intelligence, and integration and identification of all the devices or hardware you have in your network. Additionally, this solution is user-friendly."

More Cisco Firepower NGFW Firewall Pros →

"The most valuable features of this solution are intrusion detection, intrusion prevention, and the advanced capture client, which provides live traffic analysis.""The most valuable feature is the sandbox.""We have utilized all the features. The most valuable are the URL filtering by category, DMZ zoning, load balancing and site-to-site VPN.""Support has improved dramatically since their separation from Dell.""User friendly and intuitive.""They offer good antivirus solutions.""We like the features, but the main thing is from a commercial and cost perspective it is very good.""SonicWall NSA is easy to deploy, easy to maintain, and easy to configure."

More SonicWall NSa Pros →

"The main reason we went with it was the security protocols. They were more robust on this device.""The main features of the solution are the control of the site-to-site network access and the overall features.""The ease of use is most valuable. You can quickly train someone who hasn't seen a firewall in life. You can get people up to speed, and in a few months, they are able to manage this product very easily. It is a very user-friendly, scalable, and stable product. Its price is also spot-on.""Among the most valuable features is the ease of use — love the interface — of both the web interface and of the WatchGuard System Manager.""WatchGuard has a very easy VPN and branch office VPN setup, so we use those pretty extensively.""I like that this product has very few issues.""The most valuable feature is the NAT-ing, the IP addresses... We can direct the traffic where it needs to go. We can control the traffic.""Because we bought two firewalls... we need a central place to manage the policies and deploy them to both devices. It's good that it provides a system management console that is able to manipulate and manage policies in one place and deploy them to different locations."

More WatchGuard Firebox Pros →

Cons
"An area of improvement for this solution is the console visualization.""They need a VTI. I know it's going to be available in the next software version, which is the 6.7 version. However, the problem with that is that the 6.7 is going to deprecate all the older IKEv1 deployment tunnels. Therefore, the problem is that we have a lot of customers which are using older encryptions. If I do that, update it, it's not going to work for me.""The price and SD-WAN capabilities are the areas that need improvement.""It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience.""We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve.""When you make any changes, irrespective of whether they are big or small, Firepower takes too much time. It is very time-consuming. Even for small changes, you have to wait for 60 seconds or maybe more, which is not good. Similarly, when you have many IPS rules and policies, it slows down, and there is an impact on its performance.""It would be great if some of the load times were faster.""One issue with Firepower Management Center is deployment time. It takes seven to 10 minutes and that's a long time for deployment. In that amount of time, management or someone else can ask me to change something or to provide permissions, but during that time, doing so is not possible. It's a drawback with Cisco. Other vendors, like Palo Alto or Fortinet do not have this deployment time issue."

More Cisco Firepower NGFW Firewall Cons →

"You can do zero-trust networking with them, but it's not easy.""Sometimes I found the GUI and some of the features a little bit hard to navigate, as opposed to Fortigate, which is much more user-friendly.""Initially, it may be difficult for some people to learn and become acquainted with it.""I would like to have a built-in vulnerability scanner in the firewall. It would be great to have such functionality. Its price could also be better. It would also be good to have a local warehouse. It doesn't get damaged a lot, but if a customer needs a replacement, currently, it has to come from Miami or Mexico, which can take a few days. It would be better if they have a local warehouse from where we can just pick replacements and quickly solve a client's needs in terms of replacing equipment. It would be great to have it locally instead of waiting for it from Mexico or the USA.""The pricing for this product in India is high and the fees should be reduced.""The content filter needs to be improved.""The product likely isn't a good fit for a large organization.""The reporting and monitoring are a bit complex and should be easier in SonicWall NSa because other firewalls I have experienced have been more simple, such as Palo Alto. We are able to receive a clear view of our network. As a general user with little experience, it would be difficult for them to handle."

More SonicWall NSa Cons →

"Once you start getting into proxy actions and setting up: "Okay, cool. Once this rule gets triggered, what actions have to happen?" I do know a few people who use WatchGuard and they still have to get assistance when they look at that. So I would file that as a con for WatchGuard. Proxy actions can be a little bit complicated.""The data loss protection works well, but it could be easier to configure. The complexity of data loss protection makes it a more difficult feature to fully leverage. Better integration with third-party, two-factor authentication would be advantageous.""The solution is lacking a professional website, they should be updated more often.""There is room for improvement on the education side, regarding what does what, rather than just throwing it at a person and assuming they know everything about it. A lot of times, you have to call WatchGuard support to get the solution that will work, rather than their just having it published so that you can fix the problem on your own.""The only downside is that it is missing an API, that you can use to easily collect information from it.""I would like to see the devices made more flexible by adding modules to increase the ports that we can use.""I would like to have a little more control over access points and the ability to see the bandwidth that is passing through a specific access point. We are not able to see that. We can see what traffic is passing through the Firebox itself, but we can't identify if it is coming from a particular access point or not.""This is a great product and offers great protection but they don't hear the customers' needs. They don't make improvements as per the customers' requests."

More WatchGuard Firebox Cons →

Pricing and Cost Advice
  • "Cisco pricing is premium. However, they gave us a 50 to 60 percent discount."
  • "There are additional implementation and validation costs."
  • "Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed."
  • "This product requires licenses for advanced features including Snort, IPS, and malware detection."
  • "This product is expensive."
  • "For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
  • "The price of Firepower is not bad compared to other products."
  • "The solution was chosen because of its price compared to other similar solutions."
  • More Cisco Firepower NGFW Firewall Pricing and Cost Advice →

  • "Licensed features provide application control, content filtering, antivirus, and anti-malware all in a single appliance."
  • "The CPUs are not able to compete with a similar price point to the Fortinet, WatchGuard, or Palo Alto product."
  • "A firewall doing anti-spam might be a low cost solution, but it is not your best strategy."
  • "You need their analyzer to properly generate reports. This is an expensive, licensed feature, with a complex application or appliance back-end."
  • "If you want to connect more than five concurrent users by VPN then you have to pay an additional fee."
  • "SonicWall is a one-time purchase and there is no renewal license."
  • "The pricing and value are good."
  • "The pricing is good and we are satisfied with the cost of this solution."
  • More SonicWall NSa Pricing and Cost Advice →

  • "We don't have any other costs other than the licensing stuff."
  • "I usually tell people that it's really affordable as well, particularly compared to Cisco."
  • "The pricing of WatchGuard is probably a little higher than the SonicWall, but it makes up for it in dependability. It's worth it to me, especially since it's not much higher. For just a little bit higher price you get the dependability of the firewall with the WatchGuard brand."
  • "The pricing was in line with everyone else; maybe slightly higher."
  • "I think the larger firewall packages are much better because a normal firewall is not enough for these times. You need IPS, APT, and all the security features of a firewall that you can buy."
  • "WatchGuard had a very competitive price. It was only 10 to 20 percent more than a single instance device but with that extra cost it provided a second load balancing device... unlike other brands whose method of hardware and software licensing would have doubled our cost."
  • "They license it. When we buy it, we buy it with a three-year license. That's the most cost-effective way to do it. So, if you're going to buy it, then buy it with the three-year licensing."
  • "I spent $600 or $800 on this product and I'm paying a couple of hundred dollars a year in a subscription service to keep the lights on, on it... It works out to $100 or $200 a year if you buy several years at once. It's fair."
  • More WatchGuard Firebox Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    564,143 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: 
    When you compare these firewalls you can identify them with different features, advantages, practices and… more »
    Top Answer: 
    The Cisco Firepower NGFW Firewall is a very powerful and very complex piece of anti-viral software. When one considers… more »
    Top Answer: 
    It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
    Top Answer: 
    The antivirus and items of that nature were quite helpful to have.
    Top Answer: 
    Our organization would pay for a license every two to three years.
    Top Answer: 
    Sometimes I found the GUI and some of the features a little bit hard to navigate, as opposed to Fortigate, which is much… more »
    Top Answer: 
    We are providing our services to all WatchGuard customers in the region. 
    Top Answer: 
    We just use it as a secondary WiFi device. We're a small office and we needed to set up a WiFi device for a few of our… more »
    Top Answer: 
    We're a hospital and we use it for developing our incoming and outgoing policies, and we also use it for VPN.
    Comparisons
    Also Known As
    Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
    NSA 250M, NSA 2600, NSA 3600, NSA 4600, NSA 5600, Dell SonicWALL NSA
    Learn More
    Overview

    Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
    small/branch offices to high performance data centers and service providers. Available in a wide
    range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
    defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
    Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
    features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
    volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
    for increased performance, high availability configurations, and more.
    Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
    deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
    the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
    can deliver micro-segmentation to protect east-west network traffic.
    Cisco firewalls provide consistent security policies, enforcement, and protection across all your
    environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
    delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
    SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
    greater simplicity, visibility, and efficiency.
    Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

    Achieve a deeper level of security with the SonicWALL Network Security Appliance (NSA) Series of next-generation firewalls. NSA Series appliances integrate automated and dynamic security capabilities into a single platform, combining the patented, SonicWALL Reassembly Free Deep Packet Inspection (RFDPI) firewall engine with a powerful, massively scalable, multi-core architecture. Now you can block even the most sophisticated threats with an intrusion prevention system (IPS) featuring advanced anti-evasion capabilities, SSL decryption and inspection, and network-based malware protection that leverages the power of the cloud.

    WatchGuard's approach to network security focuses on bringing best-in-class, enterprise-grade security to any organization, regardless of size or technical expertise. Ideal for SMBs and distributed enterprise organizations, our award-winning Unified Threat Management (UTM) appliances are designed from the ground up to focus on ease of deployment, use, and ongoing management, in addition to providing the strongest security possible.

    Offer
    Learn more about Cisco Firepower NGFW Firewall
    Learn more about SonicWall NSa
    Learn more about WatchGuard Firebox
    Sample Customers
    Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield
    Orange County Rescue Mission, First Source, Michaels & Taylor, Green Clinic Health System, Aspire Chiltern Skills and Enterprise Centre, UnitedStack, Faith Lutheran College Redlands, Celtic Manor Resort, Star Kay White, Air Works, Unimat Life, NHS Yorkshire and Humber Commissioning Support (YHCS), Hutt City Council, Mato Grosso do Sul, Nspyre
    Ellips, Diecutstickers.com, Clarke Energy, NCR, Wrest Park, Homeslice Pizza, Fortessa Tableware Solutions, The Phoenix Residence
    Top Industries
    REVIEWERS
    Comms Service Provider22%
    Financial Services Firm16%
    Manufacturing Company8%
    Non Profit8%
    VISITORS READING REVIEWS
    Comms Service Provider33%
    Computer Software Company21%
    Government7%
    Manufacturing Company4%
    REVIEWERS
    Manufacturing Company17%
    Educational Organization14%
    Healthcare Company10%
    Insurance Company7%
    VISITORS READING REVIEWS
    Comms Service Provider27%
    Computer Software Company20%
    Government6%
    Educational Organization5%
    REVIEWERS
    Manufacturing Company17%
    Construction Company14%
    Healthcare Company8%
    Computer Software Company6%
    VISITORS READING REVIEWS
    Comms Service Provider35%
    Computer Software Company17%
    Government6%
    Wholesaler/Distributor4%
    Company Size
    REVIEWERS
    Small Business43%
    Midsize Enterprise28%
    Large Enterprise29%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise13%
    Large Enterprise66%
    REVIEWERS
    Small Business65%
    Midsize Enterprise18%
    Large Enterprise18%
    REVIEWERS
    Small Business65%
    Midsize Enterprise24%
    Large Enterprise11%
    VISITORS READING REVIEWS
    Small Business85%
    Midsize Enterprise3%
    Large Enterprise13%
    Find out what your peers are saying about SonicWall NSa vs. WatchGuard Firebox and other solutions. Updated: March 2020.
    564,143 professionals have used our research since 2012.

    SonicWall NSa is ranked 17th in Firewalls with 38 reviews while WatchGuard Firebox is ranked 3rd in Unified Threat Management (UTM) with 27 reviews. SonicWall NSa is rated 7.8, while WatchGuard Firebox is rated 8.6. The top reviewer of SonicWall NSa writes "A rugged solution capable of defeating advanced threats". On the other hand, the top reviewer of WatchGuard Firebox writes "Competent, basic front-end; the ports that I have assigned appear to be unattainable to outsiders". SonicWall NSa is most compared with Meraki MX, Fortinet FortiGate, SonicWall TZ, Cisco ASA Firewall and Palo Alto Networks NG Firewalls, whereas WatchGuard Firebox is most compared with Fortinet FortiGate, Sophos XG, pfSense, Cisco ASA Firewall and Azure Firewall. See our SonicWall NSa vs. WatchGuard Firebox report.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.