Ten Top Next-Generation Firewall (NGFW) Vendors

Here are our picks for top NGFW vendors, with links to in-depth pieces on each vendor, and we’ve included a chart at the end of this article comparing key features such as security effectiveness, value, technical support and ease of installation and management. Read more about our top security vendor methodology.

1. Fortinet FortiGate

Fortinet FortiGate firewalls offer top security at a good price point, making them one of the most popular firewall vendors and a frequent finalist on enterprise shortlists. FortiGate firewalls fared well in NSS Labs tests, where they received high marks for security effectiveness, performance and value. If you’re looking for top security at a good price point, Fortinet should be on your evaluation list.

Learn more about Fortinet FortiGate

2. Forcepoint logoForcepoint NGFW

Forcepoint firewalls might set you back a little more, but you get best-in-class security and performance for your money. Top-notch R&D has produced features such as detection engines resistant to evasion techniques and a strong centralized management console.

Learn more about Forcepoint NGFW

3. Palo Alto Networks PA Series

Palo Alto Networks also isn’t cheap, but offers NGFWs with strong security and performance that top all comers, and breadth of features to match. Gartner notes that Palo Alto frequently winds up with the highest overall evaluation score on shortlists.

Learn more about Palo Alto Networks PA Series

4. SonicWall

SonicWall offers a firewall for everyone, and is ranked as a good value too, with good performance and ease of management. The company offers its SuperMassive line for the largest networks; NSA for midrange companies; and TZ series firewalls for small companies.

Learn more about SonicWall

5. Barracuda F-Series

Not every NGFW vendor offers strong cloud support, but it’s an area where Barracuda shines: With support for AWS, Azure, Google Cloud and VMware vCloud Air, the company’s cloud capabilities are market-leading, and strong VPN features support distributed office use cases.

Learn more about Barracuda F-Series

6. Cisco Firepower NGFW

Cisco’s biggest strength might be the breadth of security services it offers or integrates with its firewall, among them intrusion prevention, advanced malware protection, cloud-based sandboxing, URL filtering, endpoint protection, web gateway, email security, network traffic analysis, network access control and CASB. However, that broad protection comes with above average prices.

Learn more about Cisco Firepower NGFW

7. Check Point Advanced Threat Protection

Check Point’s breadth of offerings and features give it broad applicability, and centralized management and role-based administration are market-leading features. The firewalls combine perimeter, endpoint and mobile security, and also offer application control, URL filtering, data loss prevention and strong cloud protections.

Learn more about Check Point Advanced Threat Protection

8. Sophos XG Firewall

Sophos XG Firewalls are good candidates for mid-sized and distributed enterprises and those already using Sophos’ endpoint protection solution. Dedicated remote branch devices and an easy-to-learn management interface are also strengths.

Learn more about Sophos XG Firewall

9. Juniper Networks SRX

Juniper is a good candidate for enterprises desiring high throughput at low cost and advanced routing support, and for those combining security and networking purchases. Ease of management, branch office offerings and software-defined secure network (SDSN) technology are also positives.

Learn more about Juniper Networks SRX

10. Huawei USG

Huawei is strongest with Asia and EMEA countries seeking value and performance, and for Huawei networking customers. Support for EMEA compliance requirements are another strength.

Learn more about Huawei USG

Vendor vs. Vendor Comparisons

See these pages to compare two NGFW vendors against each other:

Honorable Mentions

Lastly, two honorable mentions: WatchGuard and Versa Networks both demonstrated good security performance and value in NSS Labs tests.

Top Next-generation firewall vendors compared

best ngfw products

Paul Shread
eSecurity Editor Paul Shread has covered nearly every aspect of enterprise technology in his 20+ years in IT journalism, including an award-winning series on software-defined data centers. He wrote a column on small business technology for Time.com, and covered financial markets for 10 years, from the dot-com boom and bust to the 2007-2009 financial crisis. He holds a market analyst certification.

Top Products

Top Cybersecurity Companies

Cybersecurity is the hottest area of IT spending. That's why so many vendors have entered this lucrative $100 billion+ market. But who are the...

Top Endpoint Detection and Response (EDR) Solutions

Endpoint security is a cornerstone of IT security, so our team put considerable research and analysis into this list of top endpoint detection and...

Top CASB Security Vendors for 2021

Any cloud-based infrastructure needs a robust cloud access security broker (CASB) solution to ensure data and application...

Best SIEM Tools & Software for 2021

Security Information and Event Management (SIEM, pronounced "sim") is a key enterprise security technology, with the ability...

Related articles