G2 Crowd gives a real-time look at how dreamforce sponsors and exhibitioners stack up.

Best Firewall Software

Firewalls are barriers used to secure networks from hackers, malware, and other attackers. Firewalls come in both hardware and software form, but all provide fortified security between networks and outside threats. IT managers configure firewalls to specific system requirements, ensuring no data is vulnerable. Once implemented, they will monitor firewall tools to ensure security. Smaller companies and personal computers will rarely require hardware firewalls, but large enterprise companies will use hardware firewalls within their own systems to limit access outside the company or between departments. Firewall products will have significant overlap with network security and web security products as they all aim to secure systems and information. Some products may come equipped with vulnerability management tools to detect and defeat threats.

To qualify for inclusion in the Firewall category, a product must:

  • Assess and filter user access
  • Create barriers between networks and the internet
  • Alert administrators when unauthorized access is attempted
  • Outline and enforce security and authentication rules
  • Automate tasks associated with testing or monitoring

Firewall Software Grid® Overview

The best Firewall Software products are determined by customer satisfaction (based on user reviews) and market presence (based on products’ scale, focus, and influence) and placed into four categories on the Grid®:
G2 Crowd Grid® for Firewall
High Performers
Market Presence
Compare Firewall Software
    Results: 65

    Star Rating

    Firewall reviews by real, verified users. Find unbiased ratings on user satisfaction, features, and price based on the most reviews available anywhere.

    A Personal Firewall controls network communication in and out of a single users computer and will restrict the communication based on security policies.

    Firewall solutions from Cisco offer integrated security to help safeguard various network environments.

    SonicWall real-time breach detection and prevention solutions protect more than one million networks worldwide

    Our security solution provides fine-grained access comtrol that identifies, mitigates, and fully reports on the sophisticated security threats of the moment

    Imperva Incapsula delivers an enterprise-grade Web Application Firewall to safeguard your site from the latest threats, an intelligent and instantly effective 360-degree anti-DDoS solutions (layers 3-4 and 7), a global CDN to speed up your website's load speed and minimize bandwidth usage and an array of performance monitoring and analytic services to provide insights about your website's security and performance.

    Cato Networks provides organizations with a cloud-based and secure global SD-WAN. Cato delivers an integrated networking and security platform that securely connects all enterprise locations, people, and data. The Cato Cloud cuts MPLS costs, improves performance between global locations, eliminates branch appliances, provides secure Internet access everywhere, and seamlessly integrates mobile users and cloud datacenters into the WAN. Based in Tel Aviv, Israel, Cato Networks was founded in 2015 by cybersecurity luminary Shlomo Kramer, who previously cofounded Check Point Software Technologies and Imperva, and Gur Shatz, who previously cofounded Incapsula. The Cato Cloud connects all the enterprise network elements, including branch locations, the mobile workforce, and physical and cloud datacenters, into a global, encrypted and optimized SD-WAN in the cloud. With all WAN and Internet traffic consolidated in the cloud, Cato applies a set of security services to protect all traffic at all times.

    Integrated endpoint protection that provides automated next-generation threat protection, as well as visibility and control of your software and hardware inventory across the entire security fabric. Identify and remediate vulnerable or compromised hosts across your attack surface.

    FortiGate offers a network security platform, designed to deliver threat protection and performance with reduced complexity.

    For over 20 years, WatchGuard has pioneered cutting-edge cyber security technology and delivered it as easy-to-deploy and easy-to-manage solutions. With industry-leading network security, secure Wi-Fi, multi-factor authentication, and network intelligence products and services, WatchGuard enables businesses from around the globe to protect their most important assets.

    Our next-generation firewall classifies all traffic, including encrypted traffic, based on application, application function, user and content. You can create comprehensive, precise security policies, resulting in safe enablement of applications. This lets only authorized users run sanctioned applications, greatly reducing the surgace area of cyber attacks across the organization.

    Sucuri is a managed security service provider for websites. Our cloud-based tools provide complete website security solution, including performance optimization via a CDN, mitigation of external attacks like vulnerability exploits and DDoS attacks, and professional response in the event of security incident. The team provides 24/7/365 customer service with a 97% satisfaction rate, and a median response time of 4 hours.

    Barracuda's Cloud Generation Firewalls redefine the role of the Firewall from a perimeter security solution to a distributed network optimization solution that scales across any number of locations and applications, connects on-premises and cloud infrastructures, and helps organizations transform their business.

    Check Point Firewall. The Check Point Firewall Software Blade incorporates all of the power and capability of the revolutionary FireWall-1 solution while adding user identity awareness to provide granular event awareness and policy enforcement.

    The pfSense project is a powerful open source firewall and routing platform based on @FreeBSD.

    SiteLock, the global leader in website security solutions, is the only provider to offer complete, cloud-based website protection. Its 360-degree monitoring detects and fixes threats, prevents future attacks, accelerates website performance, and meets PCI compliance standards for businesses of all sizes. Founded in 2008, the company protects over 12 million ​websites worldwide. For more information, please visit sitelock.com.

    SiteLock Reviews

    AWS WAF is a web application firewall that helps protect web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources.

    Cloudbric is a cloud-based web security provider, offering an award-winning Web Application Firewall (WAF), DDoS protection, and SSL. Cloudbric offers security primarily to startup and SMB websites that lack cybersecurity experience or can't afford expensive IT security solutions. Cloudbric’s services are free for all websites with less than 4GB of bandwidth per month. We charge based on amount of web traffic, making Cloudbric perfect for SMEs and new startups. Our services are military-grade protection for the little guy.

    Adaptive Security Virtual Appliance is a virtualized network security solution based on the market-leading Cisco ASA 5500-X Series firewalls.

    F5 provides solutions for an application world. With F5, businesses deliver the most secure, fast & reliable applications to anyone anywhere at any time.

    GlassWire's free firewall helps protect your computer, privacy, and data by visualizing your network activity.

    Avast is the global leader in next-gen cyber security products for consumers and businesses and protects over 400 million people online. Avast offers products under the Avast and AVG brands, that protect people from threats on the internet with one of the most advanced threat detection networks in the world. Avast digital security products are top ranked for mobile, PC and Mac. For businesses, Avast offers comprehensive antivirus security that keeps your devices, data, and employees safe from the latest cyber threats. Work and browse confidently from anywhere knowing your business is completely protected. If you are a MSP or VAR, you can also deliver enhanced managed services to your customers and take your business even further. Just choose from our Avast CloudCare cloud-based protection solution or our full-stack, remote monitoring and management platform.

    NETGEAR ProSAFE business-class VPN Firewalls are ideal for remote/branch offices and telecommuters and deliver full secure network access between headquarter locations, remote/branch offices and telecommuters.

    Alert Logic Threat Manager with ActiveWatch is a cloud-based managed intrusion detection and vulnerability assessment solution.

    Ultimate enterprise firewall performance, security, and control.

    AWS Firewall Manager is a security management service that makes it easier to centrally configure and manage AWS WAF rules across your accounts and applications.

    The mobilization of workforce has led to demand for anytime-anywhere access to network resources.

    We protect against the full spectrum of threats your web applications and APIs actually face.

    Untangle protects your network with simply powerful solutions for web filtering, policy control, malware protection, bandwidth management and more!

    AlgoSec is a business-driven security management solution.

    Highly Available, Scalable and Flexible Protection Against Advanced Threats

    FortiGate-VM is a full-featured FortiGate packaged as a virtual appliance.

    Huawei Enterprise is a leading global ICT solutions provider.

    The IPCop Firewall is a Linux firewall distribution It is geared towards home and SOHO users.

    ModSecurity is an Open Source web application firewall developed by Trustwave's SpiderLabs.

    Tufin Orchestration Suites SecureTrack is a comprehensive firewall and security policy management solution for multi-vendor firewalls, next-generation firewalls and cloud platforms (public, private and hybrid).

    To deliver next gen firewall functionality for all users, think outside the box

    The Agilio OVS Firewall Software is designed to enable zero-trust stateful security in data centers using OpenStack-based automation. Agilio OVS Firewall Software, combined with Agilio SmartNICs, enable zero-trust stateful security while significantly improving server-based networking performance. Agilio OVS Firewall Software restores valuable CPU cores by offloading OVS and connection tracking (Conntrack) to Netronome's SmartNICs.

    WAF is a cloud firewall service that protects core website data and safeguards the security and availability of your site

    Azure Firewall automatically scales with your usage during peak load or as your business grows, eliminating the need to predict and reserve capacity for peak usage.

    Cloud-Delivered Application Security Protects Your Data, Your Reputation, and Helps you Achieve Compliance

    ditno's network security products enables complete security protection of all assets, regardless of the platform or where they are hosted. Control everything through a single portal with negligible performance impact and a PAYG charging model it's easy to optimise your expenditure.

    With Infoblox DNS Firewall you gain proactive network protection against fast-evolving, elusive malware threats that exploit DNS to communicate with command and control (C&C) servers and botnets.

    Next Generation FireWall. Enterprise sd-wan meets the #1 most secure next generation firewall

    Innovating firewall intelligence for the cloud era

    HOPZERO's revolutionary approach precludes risk by limiting the movement of packets.

    The endpoint detection and remediation market is a crowded space with several great options for large organizations. However, most require analysts with security expertise, only integrate with enterprise products, and come at a steep price point.

    IBM Cloud Internet Services is a simple set of edge network services for customers looking to secure their internet-facing applications from distributed denial-of-service (DDoS) attacks, data theft and bot attacks, as well as for those customers needing to optimize their web applications, or ensure global responsiveness and the ongoing availability of their internet-facing applications

    Firewalls and security groups are important in securing your cloud environment and the information stored in it, as well as preventing malicious activity from reaching your servers or users.

    Lastline Breach Defender is the only breach protection system that provides a dynamic blueprint of a network breach as it unfolds. This blueprint provides your security teams with complete breach visibility, displaying movement of the attack across your network.

    Protect your email, web, or network traffic from malicious content engineered to evade your existing security controls. You can deploy Lastline Enterprise anywhere you need to improve your protection against advanced malware entering your network:

    N2 Secure Business is a cloud-based DNS security solution offered as a network-based service by internet service providers (ISPs) to protect their enterprise and small and mid-sized business (SMB) customers against the damage caused by cyberthreats, like ransomware, phishing attacks and other malware.

    Netsurion Connect SD-WAN combines powerful yet easily-deployed edge devices, secure cloud gateways, cloud orchestration, and managed services to efficiently deliver secure and resilient network connectivity for branch locations. At the core of Netsurion Connect SD-WAN is the power-packed and cost-effective edge device, the CXD. This multi-function device dramatically reduces hardware complexity and cost by combining multi-WAN connectivity, Wi-Fi, cellular failover, and a stateful firewall while future-proofing your edge location networks by enabling cloud-delivery of next-gen firewall and more network services via SD-WAN. This comprehensive, affordable solution is available with either CXD edge devices or next-generation firewalls as customer on-premise equipment.

    TippingPoint integrates with the Deep Discovery Advanced Threat Protection Solution to detect and block targeted attacks and malware through preemptive threat prevention, threat insight and prioritization, and real-time enforcement and remediation.

    Acting as your last line of defense, PARANOID protects against threats that bypass your perimeter and endpoint security layers.

    PoliWall TIG does the heavy lifting needed to reduce your attack surface and stop critical data losses. It is a threat intelligence gateway that blocks up to 90% of IP threats and domain threats before they hit your perimeter. It also stops data exfiltration attempts in their tracks with the same granular, automated and robust outbound filtering. PoliWall, it keeps the storm surge of attacks out and your valuable data in.

    Entrerprise threat prevention and security intelligence software.

    PT Application Firewall is a protection solution designed to provide proactive and continuous protection for internet-accessible applications against both known and unknown attacks.

    SANGFOR is a vendor of Web Security, WAN Optimization and Internet Access Management in the Asia Pacific Region.

    The Sepio security suite detects infected peripherals or altered and malicious device behavior, isolates the attack and triggers alerts—stopping the rogue hardware before it can jeopardize normal operations.

    Designed to provide a complete security solution in a single product, giving you complete protection and visibility in all-in-one.

    AhnLab TrusGuard integrates firewall, IPS, VPN, anti-virus, and anti-spam security features with a unique self-defense system against DDoS attacks.

    Try a real firewall - one that doesn't run hacker code. Introducing the future cloud.

    Zenedge's feature-rich web application security platform is 100% cloud-based. It's artificial intelligence based machine learning algorithms effectively protect web applications from cyber attacks. Configured as a reverse-proxy, the Zenedge Web Application Protection platform inspects all traffic destined to your web application origin and identifies and blocks any malicious traffic.

    Web Application Protector is designed to easily safeguard web assets from web application and DDoS attacks, while improving performance. Built on the globally distributed Akamai Intelligent Platform, Web Application Protector offers quick installation and self-deploying rules for high performance, scalability, global security intelligence, and operational simplicity.