Best business firewalls: Which firewall is suitable for your business?

Security is essential for every organisation and firewall protection is a vital part of any strategy. However, with perimeter protection coming in various options, making the choice over which one is the best fit for your business can be a challenge.

The firewalls listed here cater to most sizes of organisation, from small businesses that only require virtual firewalls, to larger enterprises that should house external firewall hardware.

With recent data breaches highlighting the importance of securing your network, Computerworld UK investigates the best firewalls on the market for every business' first line of defence.

Read next: 10 best business antivirus 2017.

Barracuda CloudGen Firewall
© Barracuda

Barracuda CloudGen Firewall

Barracuda CloudGen Firewall offers a simple, user-friendly interface which is built to ensure that users have uninterrupted network availability with robust access to the cloud.

It delivers advanced security with its host of physical, virtual and cloud-based appliances that are designed to protect and enhance a dispersed network infrastructure.

The firewall also features VPN technology and WAN optimisation capabilities, which is particularly suited for small to medium-sized businesses to enable them to reduce line costs and improve network availability and site-to-site connectivity.

Bitdefender Internet Security
© Bitdefender

Bitdefender Internet Security

Bitdefender Internet Securityprovides an excellent firewall which includes privacy protection and multi-layer ransomware protection for PCs and mobile devices.

The 2019 version features network threat prevention, along with privacy tools such as Bitdefender VPN and Safepay, which act as an adaptive layer of protection to prevent vulnerabilities from entering the system.

It is particularly effective for businesses as you can ensure you are protected against any threats on Windows, iOS or Android.

Juniper SRX220

Juniper SRX220

Juniper offers an SRX220 Services Gateway firewall, which is packed with security, routing, switching and WAN connectivity in an all-in-one U device designed for small to medium-sized businesses.

The SRX220 provides up to 950 Mbps firewall, 100 Mbps IPsec VPN and 80 Mbps intrusion prevention system (IPS). It also provides features such as consolidated switching, routing and security, flexible configuration scaling and secure applications.

Juniper SRX220 is part of the SRX Series Services product family which offers next-generation firewall protection with application awareness and user role-based controls, partnered with unified threat management (UTM) to protect businesses.

Cato Networks

Cato Networks

The next generation cloud-based Firewall as a Service (FWaaS) is Cato Networks' firewall service offering, which is built into a global cloud network. It gathers all enterprise traffic from data centres, branches, mobile users and cloud infrastructure directly to the cloud.

Cato's FWaaS provides full visibility, unrestricted scalability, a unified security policy and simple lifecycle management.

Kaspersky Internet Security
iStock

Kaspersky Internet Security

Able to secure both local and broader networks, Kaspersky Internet Security can block ads, third-party cookies and malicious content while also providing an impressive two-way Windows firewall.

The firewall monitors each connection made over the network and it will flag and challenge any connection it deems as untrustworthy. This is ideal if you're using a public Wi-Fi network or an office one with controls over certain files and documentation. And if you're looking for a cluster of internet safety tools, this suite is a solid choice.

FortiGate
iStock

FortiGate

Originating from Fortinet's security platform, FortiGate provides a one-stop-shop approach to network protection that includes a firewall, Virtual Private Network (VPN), application control, anti-malware, IPS, antispam, web filtering, and wireless control.

It offers two different types of firewall, the enterprise firewall and the next generation firewall, so depending on what you're looking for FortiGate can tailor to you. Both provide high-performance firewalls particularly suited to larger businesses.

pfSense

pfSense

pfSenseis a free open source firewall that provides powerful security and doesn't stray from its core firewall function.

With flexible and customisable features, which include Network Address Translation (NAT), Multi-WAN, Server Load Balancing, Virtual Private Network (VPN), Dynamic DNS and more, this standalone firewall is excellent at what it does.

However, if you require additional non-firewall features like Cisco ASA then you may need to outsource them.

Comodo Internet Security Pro

Comodo Internet Security Pro

Comodooffers an excellent firewall able to efficiently filter ICMP, outbound TCP and UDP traffic and monitor all connections made within your network, detecting ones that are not safe.

Sadly, Comodo does pester users with pop-up notifications, so those wanting a silent firewall working behind the scenes might want to go elsewhere. Although this can be forgiven due to Comodo's impressive response to outside attempts to methodically uncover user data from techniques such as keyloggers, which Comodo can detect and stop before the data is stolen.

Zone Alarm Pro

Zone Alarm Pro

Zone Alarm Prois packed with useful features including online back-up, anti-phishing and a strong two-way firewall that can monitor the current and incoming traffic to your network while looking out for suspicious behaviour.

Zone Alarm also offers 'stealth mode', a feature that will hide any ports or network openings to limit the unauthorised people gaining access to your network, ideal for those with sensitive business files.

McAfee

McAfee

Best suited for small businesses, this McAfee firewall provides excellent protection against intrusions, attacks and problem network traffic. What's great about this firewall is that threats are logged, monitored and reported on so keeping track of attacks and potential weaknesses in your network is easy.

McAfee doesn't require any scheduled downtime for software upgrades, hosts a centralised management of up to 2,000 firewalls and boasts multi-logins and role-based access control.

Palo Alto

Palo Alto

Palo Altoboasts an excellent performance with intrusion and attack blocking capabilities and tracking, logging and reporting, highlighting a superb all-round firewall. And with a built-in sandbox function, Palo Alto can run and test suspicious content.

Palo Alto offers an enterprise-grade firewall that can automate security procedures, and encrypt all traffic coming in and out of the network, as well as a virtualised firewall that can support cloud environments based on environments from VMware, AWS, Microsoft, Citrix and KVM.

Cisco ASA 5505
Getty Images

Cisco ASA 5505

Ciscooffers a range of worthy external firewalls that can also provide integrated antivirus, anti-intrusion and virtual private network (VPN) capabilities while housing both physical and virtual devices. This integrated approach means that this firewall boasts Cisco's cloud security.

While definitely aimed at larger businesses, Cisco does offer the ASA 5500-X which they say is made for small businesses. Either way, for organisations already running a Cisco-shop it could be a no-brainer when choosing a firewall.

WatchGuard XTM

WatchGuard XTM

This fast and reliable external firewall provides real-time visibility tools that allow its users to isolate and treat any threat. WatchGuard XTM can link social networks with an Active Directory that means users can decide who has can login, edit, transfer files, chat and access webmail.

Ideal for medium-sized businesses, WatchGuard XTM firewalls provide excellent centralised management for security protocol.

Sophos UTM

Sophos UTM

Sophos UTM Essential Firewallis the free version of Sophos UTM software, which provides core security functions for medium-sized businesses looking to protect their network.

The firewall offers network protection for unlimited IP addresses, with features which include DNS server and proxy, bridging, stateful packet inspection firewall and network address translation, web-based GUI in local languages and more.

For businesses that may require effective logging and reporting capabilities, Sophos UTM also delivers hardware reports in real-time.

SonicWall TZ

SonicWall TZ

The SonicWall TZ firewall series offers a mixture of products for both small and large businesses. All features are simplified to suit the size of the business but particularly provide wired and wireless network protection.

For small businesses SonicWall TZ offers native VPN remote access for mobile device users of Apple iOS, Google Android, Windows 8.1, Mac OS X, Kindle Fire and Linux.

For businesses that may require protection over remote offices, the firewall also provides TZ products which can be managed by the central office using a larger firewall and GMS.

Zscaler Web Security
© Zscaler

Zscaler Web Security

Zscalerdelivers a fully cloud-managed web security firewall for businesses, which means that whatever threat is detected anywhere in the cloud it's immediately blocked for all users.

The cloud firewall is built with full DPI and control across all ports and protocols, with embedded threat and data protection.

Zscaler is particularly effective based on its ease-of-use capabilities, which include real-time visibility, analytics and reporting across all users.

Meraki MX

Meraki MX

Meraki MXis a cloud-managed security and SD-WAN firewall, providing businesses with control over users, content and network applications.

It is built to automatically detect and classify devices such as Apple iOS, Android, Windows, Mac OS and others.

Best suited for small businesses, Meraki MX delivers an identity-based firewall which automatically assigns firewall and traffic shaping rules, VLAN tags and bandwidth limits.

Copyright © 2018 IDG Communications, Inc.