Forrester Highlights 10 Enterprise Firewall Offerings: Which Came Out Top?
The Forrester Wave: Enterprise Firewall Solutions, Q4 2024 report lists the research firm’s 10 top firewall picks and details why these products made the list.
(Check Point firewall appliance, courtesy, Check Point)
Research and advisory firm Forrester recently released its top picks for enterprise firewall offerings.
The Forrester Wave: Enterprise Firewall Solutions, Q4 2024 report lists 10 top firewall offerings and details why these products made the list.
Forrester made its selections based on three categories: current offering, strategy and market presence.
There were additional criteria considered. According to Forrester, the vendors had to have:
- “A physical, on-premises, content-aware network firewall appliance for north-south and east-west use cases.”
- “Enforcement of Zero Trust access natively or through integration.”
- “At least $90 million in annual category revenue.”
- “A significant global presence.”
- “Mindshare among Forrester clients within the industry,meaning companies that are frequently on Forrester’s radar, as well as having engagement with “vendor selection RFPs, shortlists, consulting projects and case studies.”
The 10 Forrester Enterprise Firewall Picks in Q4 2024
- Leader: Palo Alto Networks
Forrester designated Palo Alto as a leader in the enterprise firewall space. Lauded for its next-generation firewall, Forrester said that Palo Alto Networks “continues to adapt in the evolving network security space.” Other notable capabilities included firewall decryption, the integration of AI/ML into the firewall appliance, and the ability to provide Prisma SASE across hybrid environments.
- Leader: Cisco Systems
Networking giant Cisco “advances its Secure Firewall into the future with innovation and a strong vision,” Forrester said. Cisco was praised not only for advancing Secure Firewall but also for strong support for its legacy firewall clients, Forrester noted. In addition, by offering capabilities including a shared and consistent UX/UI, enhanced IDS/IPS, and the machine-learning based Encrypted Visibility Engine (EVE), Forrester named Cisco as another leader in the enterprise firewall market.
- Leader: Check Point Software Technologies
Check Point was also highlighted as a leader in the business firewall space. Forrester commended the company for its collaborative tools that enhance “security functions through real-time telemetry—complementary to the Zero Trust Model. “ Forrester also described Check Point as “driven by organic R&D and acquisitions that resulted in the development of native SD-WAN and improvements to [the company’s proprietary] Harmony SASE.”
- Leader: Fortinet
Fortinet “delivers competitive cost-to-performance united by FortiOS,” Forrester said, noting its firewall offering, FortiGate.
“FortiGate has been celebrated for its market-leading cost-effectiveness. Today, the vendor provides greater flexibility through its FortiFlex program while still delivering a comprehensive solution, allowing for investment in complementary solutions including hardware and services,” Forrester said in its report.
- Strong Performer: Juniper Networks
Deemed a “strong performer” in the firewall space, Forrester praised Juniper’s firewall appliances' capabilities but also expressed caution since the company is set to be acquired by Hewlett Packard Enterprise this year.
“Networking vendor Juniper is set to bolster its networking arsenal with enhanced security capabilities. However, its future is uncertain as its acquisition by Hewlett Packard Enterprise, announced in January 2024, is set to be finalized later in the year. The vendor’s innovations include dedicated ASICs to improve hardware performance, integrations with cloud, and its AI-driven Juniper Mist,” Forrester said.
- Strong Performer: SonicWall
SonicWall is a strong contender for small to midsize businesses but lacks some enterprise capabilities, Forrester noted.
Forrester highlighted a key feature in SonicWall’s firewall products: “SonicWall delivers formidable malware analysis and mitigation capabilities with its Capture ATP. Capture ATP’s sandbox is offered as a subscription service, incorporating the vendor’s proprietary Real-Time Deep Memory Inspection (RTDMI) to protect against zero-day threats by blocking traffic with suspicious files at the gateway.”
- Contender: Sophos
Sophos made the list as a contender in the firewall market, but Forrester said that it “misses on microperimeters.”
“Sophos remains committed to delivering ease of use for its firewall solution. The UX and UI are consistent across the firewall control center and Sophos Central. However, the firewall solution lacks features like a policy analyzer, hit counts and dynamic integrations that would streamline and simplify policy creation and management. The vendor now has built-in SD-WAN and a ZTNA gateway but lacks an FWaaS offering. It also lacks the ability to create robust microperimeters or support advanced microsegmentation strategies beyond the network level,” the report stated.
- Contender: Barracuda
Barracuda was listed as another Forrester contender for firewalls but not without some criticism.
“Barracuda’s vision is to create a unified cybersecurity platform, but it lacks depth beyond integrating its portfolio. The vendor is focused on organic growth and engineering, enhancing CloudGen Firewall and SecureEdge SASE with self-healing and a proprietary VPN protocol. However, reference customers note a need to further innovate and keep pace with competitors particularly around cloud integrations,” Forrester said.
- Contender: WatchGuard Technologies
Forrester gave credit to WatchGuard for its ease of use, but said it fell short in a few features. While WatchGuard’s pricing is “simple and straightforward,” Forrester noted that the company “is slow to innovate and embrace cloud-native security as it currently lacks comprehensive ZTE/SASE solutions that can tie to its built-in SD-WAN capability.”
- Contender: Forcepoint
Forcepoint is another contender in the firewall market, according to the report, but it “has now turned its attention away from its on-premises firewalls to focus on its ZTE/SASE services. The vendor’s overall vision is to secure customers with a data-security-focused SASE solution. Its innovation and road map are aligned to the vendor’s Forcepoint ONE ZTE/SASE offering and not on further developing its hardware appliance for on-premises use cases,” Forrester noted.