We performed a comparison between Check Point NGFW and SonicWall NSa based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The initial installation is very straightforward."
"The most valuable feature is the FortiManager for centralized management."
"It is quite easy to handle."
"We use the filtering feature the most. It has filtering and inbuilt securities. We can create customized rules to define which users can access a particular type of site. We can create policies inside the firewall."
"I like that you are able to manage FortiGate from the FortiManager to create a more centralized environment."
"The most valuable feature is the web filter."
"The IPsec tunnels are very easily created, and quite interoperable with devices from other vendors."
"The ease of setting the solution up is a valuable aspect for us."
"Some of the most valuable features are URL filtering, web filtering, and content filtering."
"The solution is easy to use. I like the monitoring the most."
"The different hardware models focus on a wide spectrum of the market, so any company can choose a model that makes sense for them from the range."
"One ability that Check Point has is that it is the first to provide us with the ability to use identities instead of using the traditional IP-based format, which allows way more flexibility in what we can do with the rule base."
"The Check Point appliances are considered NGFW devices and can process both the ASA and FTD requirements on a single instance, removing the requirement for an expansion SSD module and/or additional hardware."
"By far, it's the best security solution one can adopt for their organization."
"It is easy to use, and its management is the best. Check Point has a great unified management solution for firewalls and security products."
"The features that I have found most valuable are its flexibility and user interface. This is already a well-established product in the market for quite a long time, more than 20 years. They've got a huge customer base."
"Content Filtering and sandboxing are valuable features."
"SonicWall's sales support is much better than other vendors'."
"I like this solution because we are focused on VPN and have many brands that need to link a VPN and have security, like ransomware, spyware, and basic protection."
"We have utilized all the features. The most valuable are the URL filtering by category, DMZ zoning, load balancing and site-to-site VPN."
"The most valuable feature I've found is VPN and web protection, particularly with navigation assessment. We use the application control feature to create rules controlling specific application navigation."
"The most valuable aspect of the solution is its ability to work like any other firewall."
"Setup is easy. Anyone with basic firewall experience can do it."
"The features I found most valuable are email security and web filtering."
"I would prefer to have more detailed logs within the FortiGate products themselves rather than relying on a separate tool."
"Its customer service could be better."
"Some features of Fortinet FortiGate are actually fee enabled that are inconvenient for deploying in production. Other issues relate to isolation with Cisco products and your server."
"I would like Fortinet to add more automation to FortiGate."
"FortiLink is the interface on the firewall that allows you to extend switch management across all of your switches in the network. The problem with it is that you can't use multiple interfaces unless you set them up in a lag. Only then you can run them. So, it forces you to use a core type of switch to propagate that management out to the rest of the switches, and then it is running the case at 200. It leaves you with 18 ports on the firewall because it is also a layer-three router that could also be used as a switch, but as soon as you do that, you can't really use them. They could do a little bit more clean up in the way the stacking interface works. Some use cases and the documentation on the FortiLink checking interface are a little outdated. I can find stuff on version 5 or more, but it is hard to find information on some of the newer firmware. The biggest thing I would like to see is some improvement in the switch management feature. I would like to be able to relegate some of the ports, which are on the firewall itself, to act as a switch to take advantage of those ports. Some of these firewalls have clarity ports on them. If I can use those, it would mean that I need to buy two less switches, which saves time. I get why they don't, but I would still like to see it because it would save a little bit of space in the server rack."
"There are a lot of bugs I have found in the solution and it is difficult to upgrade. These areas need improvement."
"Fortinet doesn't provide multiple virtual firewalls which would facilitate end users and customers."
"The renewal price and the availability could be improved."
"My customers complain that the interface isn't user-friendly."
"It could be more stable and scalable. Check Point price and support could be better."
"Geo-blocking would be very useful. There are too many attempts to infiltrate by non-country users. I can block access by IP address or IP network, however, a country-level blocking would be more useful and much quicker to implement."
"Lately, Check Point seems to be pushing new products too early."
"The NAT services part needs improvement. It's not sophisticated. It needs functions like range assignment for NATing. The way you assign a list of IPs for NATing is too simple. It just allows you to use pools."
"It would be nice to add more features to the WatchTower app to be able to perform certain administrative functions without the need for local access."
"This solution requires management software that is sold separately; it's actually a different appliance altogether."
"Several security modules are based on HTTPS inspection, losing a relevant security capability if you don't implement it in your network."
"It's very hard to manage this box. You really need a lot of skills to operate the SonicWall. There is training and the like, but it's just hard to manage. Even if you have the knowledge, there are too many options. The menus are not very clear, where you should find the information."
"We also use the Sophos Firewall for web configuration, which we don't have in SonicWall. Only Sophos has those options. If SonicWall included that feature, that would be a benefit for us."
"The cloud services may be in need of some improvement."
"It is very modular and with native resources which are much lower than its competitors."
"This product is unable to secure access to endpoints for our external employees."
"We're not particularly fond of the way it generally performs. We are finding ourselves rebooting often. There are freeze-ups and that kind of thing. The stability needs to improve exponentially."
"In terms of improvement, features like App Control do not work properly"
"Do not even consider NetExtender - probably one of the most horrific, nightmare grade Java-based VPN clients. We have but all given up trying to make it work reliably."
Check Point NGFW is ranked 5th in Firewalls with 277 reviews while SonicWall NSa is ranked 19th in Firewalls with 80 reviews. Check Point NGFW is rated 8.8, while SonicWall NSa is rated 7.8. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of SonicWall NSa writes "Great performance and security with reasonable pricing". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Cisco Secure Firewall, Netgate pfSense and Sangfor NGAF, whereas SonicWall NSa is most compared with SonicWall TZ, Meraki MX, Sophos XG, Cisco Secure Firewall and Palo Alto Networks NG Firewalls. See our Check Point NGFW vs. SonicWall NSa report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.