Alternatives to pfSense
Compare pfSense alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to pfSense in 2026. Compare features, ratings, user reviews, pricing, and more from pfSense competitors and alternatives in order to make an informed decision for your business.
-
1
Cloudflare
Cloudflare
Cloudflare is the foundation for your infrastructure, applications, and teams. Cloudflare secures and ensures the reliability of your external-facing resources such as websites, APIs, and applications. It protects your internal resources such as behind-the-firewall applications, teams, and devices. And it is your platform for developing globally scalable applications. Your website, APIs, and applications are your key channels for doing business with your customers and suppliers. As more and more shift online, ensuring these resources are secure, performant and reliable is a business imperative. Cloudflare for Infrastructure is a complete solution to enable this for anything connected to the Internet. Behind-the-firewall applications and devices are foundational to the work of your internal teams. The recent surge in remote work is testing the limits of many organizations’ VPN and other hardware solutions. -
2
enforza
enforza
The cost-effective alternative to AWS Network Firewall, Azure Firewall, and cloud-native NAT Gateways. Same features. Less cost. No data processing charges. enforza is a cloud-managed firewall platform that helps you build a unified multi-cloud perimeter with powerful firewall, egress filtering and NAT Gateway capabilities. With easy cloud management at its core, enforza is truly multi-cloud, enabling you to apply consistent security policies across multiple clouds and regions. - Install the agent on *your* linux instance (cloud or on-prem) with one command. - Claim your device on the portal. - Manage your policies.Starting Price: $39/month/gateway -
3
AlgoSec
AlgoSec
Discover, map and migrate business application connectivity to the cloud. Proactively analyze security risk from the business perspective Automate network security policy changes - with zero touch Link cyber-attacks to business processes. Automatically discover, map, and securely provision network connectivity for business applications. Manage on-premise firewalls and cloud security groups in a single pane of glass. Automate the security policy change process – from planning through risk analysis, implementation and validation. Proactively assess every security policy change to minimize risk, avoid outages and ensure compliance. Automatically generate audit-ready reports and reduce audit preparation efforts and costs by up to 80%. Clean up firewall rules and reduce risk – without impacting business requirements. -
4
Cisco Meraki
Cisco
Network security is hard. Current solutions are complex and tedious to implement. Learn how to simplify security with Cisco Meraki! Trusted by influential brands around the world. With over a million active networks and counting, organizations far and wide count on Meraki to help deliver premium, reliable experiences. All Cisco Meraki devices are centrally and securely managed from the cloud using a single web-based dashboard. Our feature-rich, intuitive architecture enables customers to save time, reduce operating costs, and solve new business problems. The industry standard for easy-to-manage, fast and dependable Wi-Fi. Protect and securely connect what matters most, regardless of location. Uncompromising performance and reliability at the heart of your network. Remote monitoring and identity-based configuration for all your devices.Starting Price: $40.00 -
5
Fortinet
Fortinet
Fortinet is a global leader in cybersecurity solutions, known for its comprehensive and integrated approach to safeguarding digital networks, devices, and applications. Founded in 2000, Fortinet provides a wide range of products and services, including firewalls, endpoint protection, intrusion prevention systems, and secure access solutions. At the core of its offerings is the Fortinet Security Fabric, a unified platform that seamlessly integrates security tools to deliver visibility, automation, and real-time threat intelligence across the entire network. Trusted by businesses, governments, and service providers worldwide, Fortinet emphasizes innovation, scalability, and performance, ensuring robust defense against evolving cyber threats while supporting digital transformation and business continuity. -
6
VyOS
VyOS Networks
VyOS Networks is the global leader in open-source networking for organizations that need secure, scalable, automated networking across bare metal, cloud, and edge. Designed with flexibility and scalability in mind, VyOS provides an enterprise-grade networking platform for consistent operations and automation at scale, delivering full control and high performance with zero vendor lock-in. Our mission is to restore ownership of network infrastructure to our users through transparent, vendor-neutral networking. VyOS Universal Router provides a single, consistent networking layer across all of them: • Same operating system • Same configuration model • Same CLI and APIs • Same automation workflows • Same operational model across tenants and regions Your network, your rules.Starting Price: $7500 -
7
Security Onion
Security Onion
Security Onion is a comprehensive open source platform for intrusion detection, network security monitoring, and log management. It provides a set of powerful tools to help security professionals detect and respond to potential threats across an organization's network. Security Onion integrates various technologies, including Suricata, Zeek, and Elastic Stack, to collect, analyze, and visualize security data in real-time. Security Onion’s intuitive user interface allows for easy management and analysis of network traffic, security alerts, and system logs. It also includes built-in tools for threat hunting, alert triage, and forensic analysis, helping users identify potential security incidents quickly. Security Onion is designed for scalability, making it suitable for environments of all sizes, from small businesses to large enterprises.Starting Price: Free -
8
vSRX Virtual Firewall
Juniper Networks
Organizations are increasingly moving workloads to the cloud to capitalize on virtualization benefits—but with that move comes new security requirements. Enter the vSRX Virtual Firewall, providing scalable, secure protection across private, public, and hybrid clouds. -
9
CacheGuard
CacheGuard Technologies
CacheGuard-OS transforms a virtual or bare metal machine into a powerful and easy to handle network appliance. It's a Linux based Operating System built from scratch and especially designed to Secure and Optimize the network traffic. Great care has been taken by CacheGuard-OS developers to select the best of the best Open Source technologies to integrate into CacheGuard-OS. The result is a robust and trustworthy solution that can be up and running within minutes. CacheGuard-OS integrates Open Source software such as but not limited to OpenSSL, NetFilter, IProute2, StrongSwan, ClamAV, Apache, ModSecurity, Squid and Open Source developments made by CacheGuard-OS developers.Starting Price: $0 -
10
m0n0wall
m0n0wall
m0n0wall is a project aimed at creating a complete, embedded firewall software package that, when used together with an embedded PC, provides all the important features of commercial firewall boxes (including ease of use) at a fraction of the price (free software). m0n0wall is based on a bare-bones version of FreeBSD, along with a web server, PHP and a few other utilities. The entire system configuration is stored in one single XML text file to keep things transparent. m0n0wall is probably the first UNIX system that has its boot-time configuration done with PHP, rather than the usual shell scripts, and that has the entire system configuration stored in XML format.Starting Price: Free -
11
ClearOS
ClearCenter
Applications and an operating system come with your computer, tablet, and phone. So, why not on your server? HPE is redefining the small business server by offering ClearOS with HPE ProLiant servers. ClearOS is a simple, open, and affordable operating system with an intuitive graphical web-based user interface and an application marketplace with over 100 apps to choose from, with more being added every day. Leveraging open source software, you decide what applications you need and only pay for the applications and support you want. HPE and ClearCenter are making it easy for small, home, remote, and branch offices to have a server ready to use, out of the box, at no additional cost. HPE ProLiant integrated with ClearOS offers a simple, affordable, and secure experience. Building the IT solution that is just right for you has never been easier. -
12
Zentyal
Zentyal
Join Windows® clients to the domain and manage them transparently. No disruption to your users, no user or device CALs. Comes with industry-standard SMTP and POP3/IMAP mail server built upon the most established technologies and protocols. Guarantees reliable and secure Internet access and helps to manage all the basic network infrastructure services. Receive software updates until the EOL-date of each version and get support when needed. Zentyal offers an easy to use Windows Server® alternative. It comes with native compatibility with Microsoft Active Directory® allowing you to join Windows® clients to the domain and manage them easily, causing no disruption to your users. Zentyal includes the industry-standard SMTP and POP3/IMAP mail servers built upon the most established technologies and protocols. Gives you the opportunity to deploy Zentyal as a mail server, domain & directory server with mail or all-in one server.Starting Price: €195 per server -
13
FortiGate NGFW
Fortinet
High threat protection performance with automated visibility to stop attacks. FortiGate NGFWs enable security-driven networking and consolidate industry-leading security capabilities such as intrusion prevention system (IPS), web filtering, secure sockets layer (SSL) inspection, and automated threat protection. Fortinet NGFWs meet the performance needs of highly scalable, hybrid IT architectures, enabling organizations to reduce complexity and manage security risks. FortiGate NGFWs are powered by artificial intelligence (AI)-driven FortiGuard Labs and deliver proactive threat protection with high-performance inspection of both clear-text and encrypted traffic (including the industry’s latest encryption standard TLS 1.3) to stay ahead of the rapidly expanding threat landscape. FortiGate NGFWs inspect traffic as it enters and leaves the network. These inspections happen at an unparalleled speed, scale, and performance and prevent everything from ransomware to DDoS attacks. -
14
IPFire
IPFire
IPFire is a hardened, versatile, state-of-the-art Open Source firewall based on Linux. Its ease of use, high performance in any scenario, and extensibility make it usable for everyone. Security is the highest priority in IPFire. It is hardened to protect itself from attacks from the Internet and prevents attacks on your network. Its powerful firewall engine and intrusion prevention system protect your network against attacks from the Internet and denial-of-service attacks. IPFire is free software developed by an open community and trusted by hundreds of thousands of users from all around the world. The primary objective of IPFire is security. It's easy to configure a firewall engine and an intrusion prevention system stops any attackers from breaking into your network. In the default configuration, the network is split into various zones with different security policies such as a LAN and DMZ to manage risks inside the network and have a custom configuration for specific needs.Starting Price: Free -
15
NethServer
NethServer
Analyzes all web traffic and blocks selected websites via HTTP and even HTTPS using Squid proxy. Integrated with ClamAV antivirus and site blacklists. Multi-domain web server with ready LAMP stack. Virtual hosting allows to host multiple domain names on a single server. Based on NextCloud provides universal access to your files via the web, your computer or your mobile devices, wherever you are. Provide a private Slack-alternative with Mattermost. Open source messaging platform that enables secure team collaboration. Modern and powerful web interface based on Cockpit that simplifies common administration tasks, very easy and fast installation. Based on CentOS/RHEL, a widespread and popular server distribution, trusted by routine security updates, and rock solid stability.Starting Price: €48 per year -
16
Arista NG Firewall
Arista Networks
Arista NG Firewall is a modular, software-based network security platform designed to simplify protection and visibility for organizations with limited IT resources. It offers a browser-based, intuitive interface that provides real-time insights into network traffic and user behavior. The firewall proactively blocks malware, phishing, spam, and hacking attempts to safeguard devices and data. With features like content filtering, application shaping, VPN connectivity, and QoS management, it balances security with network performance. The platform integrates with ETM Dashboard for centralized network orchestration and remote management. Flexible deployment options include dedicated hardware, virtual machines, and cloud environments like AWS and Azure. -
17
OPNsense
OPNsense
Simple packet filters are becoming a thing of the past. Even the open-source domain is moving towards Next-Generation Firewalls. And OPNsense is a top player when it comes to intrusion detection, application control, web filtering, and anti-virus. No network is too insignificant to be spared by an attacker. Even home networks, washing machines, and smartwatches are threatened and require a secure environment. Firewalls are a component of the security concept. They protect against known and new threats to computers and networks. A firewall offers the highest level of protection if its functions are known, its operation is simple, and it is ideally positioned in the surrounding infrastructure. OPNsense accepts the challenge and meets these criteria in different ways. This book is the ideal companion for understanding, installing and setting up an OPNsense firewall.Starting Price: Free -
18
SonicWall Next Generation Firewall
SonicWall
Advanced threat protection, from small businesses to global enterprises and cloud environments. Discover network security made boundless. Whether you’re a small business or a large enterprise, whether in your home or in the cloud, SonicWall next-generation firewalls (NGFW) provide the security, control and visibility you need to maintain an effective cybersecurity posture. SonicWall’s award-winning hardware and advanced technology are built into each firewall to give you the edge on evolving threats. With solutions designed for networks of all sizes, SonicWall firewalls are designed to meet your specific security and usability needs, all at a cost that will protect your budget while securing your network. The SonicWall NSv Series virtual firewall offers you all the security advantages of a physical firewall with the operational and economic benefits of virtualization, including system scalability and agility, speed of system provisioning, simple management and cost reduction. -
19
AT&T Premises-Based Firewall
AT&T Business
AT&T premises-based firewall service is a fully managed, network security service that provides the first layer of defense between a Local Area Network (LAN) and the Internet. Premises-based firewall service includes all hardware and software components, configuration, installation, and day-to-day management and maintenance as well as expert customer support and proactive network monitoring. You can choose from several premises-based firewall service solutions to meet your business requirements. They include systems from industry-leading providers from Fortinet®, Check Point®, Palo Alto Networks®, Cisco® and Juniper Networks®. As part of the premises-based firewall service, you can define your own security policy and tailor the solution to meet your business needs. The service also includes high-availability configurations, multi-gigabit throughput capacity, and advanced reporting. -
20
Cisco Secure Firewall
Cisco
Intelligent control points everywhere, with unified policy and threat visibility. Today's dynamic applications run everywhere. To help you keep pace, Cisco's NetWORK security vision includes solutions integration. Dynamic policies work for you, coordinating protection at the network firewall and workload levels. Defending networks against increasingly sophisticated threats requires industry-leading intelligence and consistent protections everywhere. Improve your security posture today with Cisco Secure Firewall. As networks become more interconnected, achieving comprehensive threat visibility and consistent policy management is difficult. Simplify security management and gain visibility across distributed and hybrid networks. Cisco Secure Firewall sets the foundation for integrating powerful threat prevention capabilities into your existing network infrastructure, making the network a logical extension of your firewall solution. -
21
Cisco Adaptive Security Appliance (ASA) Software is the core operating system for the Cisco ASA Family. It delivers enterprise-class firewall capabilities for ASA devices in an array of form factors - standalone appliances, blades, and virtual appliances - for any distributed network environment. ASA Software also integrates with other critical security technologies to deliver comprehensive solutions that meet continuously evolving security needs.
-
22
Smoothwall Firewall
Smoothwall
Smoothwall Firewall features anti-malware protection, HTTPS inspection, anonymous proxy detection & blocking, and intrusion detection & prevention, to provide you with a complete all-in-one protection package. Combines with Smoothwall Filter for a complete all in one protection package. Can be purchased independently or combined to offer a unified threat management solution. Combines Layer 7 application control with perimeter firewall and stateful packet inspection to provide Next-Generation firewall functionality. Smoothwall is an eligible firewall service provider for Category 2 E-Rate funding. Combines with Smoothwall Filter - the only fully content-aware web filter in US education. You can choose which Filter deployment method works for you. Our US-based customer support team are education specialists and available to help whenever you need them. -
23
Corsa Security
Corsa Security
Many large network owners still want a ‘private network’ approach for their network security to ensure data privacy, data sovereignty and low latency that meets their business needs and regulatory compliance requirements. But when it comes to on-premise firewalls, not much has evolved beyond introducing bigger and bigger hardware appliances. Corsa Security offers the first turnkey network security virtualization solution that helps large enterprises and service providers scale threat protection and automate firewall virtualization, at much lower total cost of ownership (TCO) by replacing their physical firewalls with virtual ones. By tightly integrating firewall virtualization with intelligent orchestration, the Corsa Security Orchestrator provides an aggregated view of all your virtual firewalls while managing their infrastructure health, capacity and performance. -
24
Azure Firewall
Microsoft
Azure Firewall is a managed, cloud-based network security service that protects your Azure Virtual Network resources. It's a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability. Azure Firewall is a managed, cloud-based network security service that protects your Azure Virtual Network resources. The stateful firewall service has built-in high availability and unrestricted cloud scalability to help you create, enforce, and log application and network connectivity policies across subscriptions and virtual networks. Simplify deployment and management of your network security with a scalable and highly available cloud native firewall. Centrally manage security across all virtual networks with a common set of network and application rules. -
25
AWS Firewall Manager
Amazon
AWS Firewall Manager is a security management service which allows you to centrally configure and manage firewall rules across your accounts and applications in AWS Organization. As new applications are created, Firewall Manager makes it easy to bring new applications and resources into compliance by enforcing a common set of security rules. Now you have a single service to build firewall rules, create security policies, and enforce them in a consistent, hierarchical manner across your entire infrastructure. Using AWS Firewall Manager, you can easily roll out AWS WAF rules for your Application Load Balancers, API Gateways, and Amazon CloudFront distributions. Similarly, you can create AWS Shield Advanced protections for your Application Load Balancers, ELB Classic Load Balancers, Elastic IP Addresses and CloudFront distributions. Finally, with AWS Firewall Manager, you can enable security groups for your Amazon EC2 and ENI resource types in Amazon VPCs. -
26
Alibaba Cloud Firewall
Alibaba Cloud
Cloud Firewall is one of the first SaaS firewalls deployed on the public cloud. It is your first choice for network security that safeguards your businesses in the cloud. Alibaba Cloud Firewall centrally manages the policies that control the traffic from the Internet to your businesses. It also controls the traffic between VPC networks, the traffic on Express Connect instances, and the traffic generated by VPN-based remote access. Cloud Firewall is embedded with an Intrusion Prevention System (IPS) and can detect outbound connections from your assets. Alibaba Cloud Firewall can also visualize network traffic and access between businesses as well as can store network traffic logs generated within the last six months. You can quickly activate Cloud Firewall without complex network configuration or image file installation. The firewalls are deployed in clusters to ensure high reliability. Smooth capacity expansion is supported. -
27
AWS Network Firewall
Amazon
With AWS Network Firewall, you can create firewall rules that provide fine-grained control over network traffic and easily deploy firewall security across your VPCs. Automatically scale your network firewall to protect your managed infrastructure. Protect your unique workloads with a flexible engine that can define thousands of custom rules. Centrally manage security policies across existing accounts and VPCs and automatically enforce mandatory policies on new accounts. With AWS Network Firewall, you can define firewall rules that provide fine-grained control over network traffic. Network Firewall works together with AWS Firewall Manager so you can build policies based on Network Firewall rules and then centrally apply those policies across your virtual private clouds (VPCs) and accounts. Inspect traffic flows using features such as inbound encrypted traffic inspection, stateful inspection, protocol detection, and more. -
28
Agilio OVS Firewall
Netronome
Agilio OVS Firewall gives users the ability to define more intelligent filtering policies, security groups, access control lists, and stateful firewall applications. The solution is a drop-in accelerator for OVS, making it compatible with existing network tools, controllers and orchestration software. Netronome Agilio SmartNICs and Agilio software track the features of standard OVS, which are continuously evolving and include server-based networking functions such as flexible match-action forwarding, connection tracking (Conntrack), network overlay control with tunneling protocols such as VXLAN and NVGRE, and fine-grained statistics and meters. These features enable functions such as L2/L3 forwarding, network virtualization, security, load balancing and analytics. Agilio Firewall Software, combined with Agilio SmartNICs augments the Agilio OVS Software product to enable zero-trust stateful security while significantly improving server-based networking performance. -
29
iSecurity Firewall
Raz-Lee Security
iSecurity Firewall is a comprehensive, all-inclusive intrusion prevention system that secures every type of internal and external access to the IBM i server. It enables you to easily detect remote network accesses and, most importantly, implement real-time alerts. Firewall manages user profile status, secures entry via pre-defined entry points and IBM i file server exit points, and profiles activity by time. Its “top-down” functional design and intuitive logic creates a work environment that even iSeries novices can master in minutes. Protects all communication protocols (including SQL, ODBC, FTP, Telnet, SSH, and Pass-through). Intrusion Prevention System (IPS) with real-time detection of access attempts. Precisely controls what actions users may perform after access is granted – unlike standard firewall products. Protects both native and IFS objects – all of your databases are secured. -
30
FirewallX
FirewallX
FirewallX is an AI-powered unified security platform that replaces traditional firewalls, VPNs, and monitoring dashboards with a consolidated system for network security, access control, real-time visibility, and compliance. It offers modules for security and management (with DNS filtering, AI detection, and centralized policy enforcement), secure access (identity-based remote access without VPN overhead, role-based provisioning, always-on connectivity with cloud/hardware failover), and visibility (live user, device, and traffic monitoring, root-cause identification, bandwidth insights, and actionable performance recommendations). FirewallX also supports audit readiness via user-level logging, identity tracking, templated reports, and secure backups. The platform is deployed rapidly, scales easily, and maintains continuity via a hybrid architecture (e.g., local hardware plus cloud).Starting Price: $1.69 per month -
31
CIRA DNS Firewall
CIRA
CIRA's DNS Firewall provides protection against malware and phishing attacks by blocking access to malicious websites. CIRA combines advanced data science with decades of experience managing the DNS to provide a critical element of your defense-in-depth strategy. Cybersecurity is a game of layers. No one cybersecurity solution is 100% effective. Whether you have traditional endpoint or firewall protection, a defense-in-depth strategy that includes a DNS firewall is essential. DNS Firewall adds a cost-effective, low-maintenance layer to your cybersecurity footprint. By monitoring and analyzing your DNS traffic, DNS Firewall can block users from accessing malicious websites, prevent phishing attacks, and even stop malware already on your network from accessing the internet. Faster data can optimally route on networks in Canada to improve performance. Private with all data kept secure and sovereign. -
32
Palo Alto Networks VM-Series
Palo Alto Networks
Meet demand with automatable, scalable and easy-to-deploy virtual firewalls ideal for environments where deploying hardware firewalls is difficult or impossible. VM-Series virtual firewalls provide all the best-in-class, ML-powered capabilities of the Palo Alto Networks next-generation hardware firewall in a virtual machine form factor, so you can secure the environments that are vital for your competitiveness and innovation. Now you can leverage a single tool to safeguard cloud speed and software-defined agility by infusing segments and microsegments with threat prevention. -
33
Bit Guardian Firewall
Bit Guardian
Bit Guardian Firewall is a robust security solution designed to provide a safe, secure, and seamless browsing experience. It offers real-time protection against malicious content by blocking unsafe URLs and filtering unwanted websites and applications. The software includes an ad-blocking feature to eliminate distracting and potentially harmful pop-up and banner ads, ensuring uninterrupted browsing. Additionally, Bit Guardian Firewall safeguards user privacy by preventing online tracking, allowing users to connect to their favorite websites without the fear of being traced. For enhanced security, it offers add-on protection with Avira's malware databases, providing an impenetrable layer against online and offline threats. The firewall is compatible with Windows operating systems and is developed by Bit Guardian GmbH, a leading software development company based in Gräfelfing, Germany.Starting Price: Free -
34
Protectstar Firewall AI
Protectstar
Android Firewall is not only ready to use in seconds but also protects you from hacker attacks and notifies you when an app tries to send data to the internet. Get a real-time view of which apps are accessing which servers or wasting mobile data. With simple filter rules, you can even allow or deny certain connections of an app. With the firewall, you can monitor and block this data traffic. You can also completely block the online access of an app. The AI Android firewall can block unwanted access from known intelligence agencies and government organizations. With our built-in Intrusion Prevention System (IPS), all known servers and IP addresses of the FBI, CIA, NSA, GCHQ, and many more are automatically blocked. If there is an access attempt, you will receive a special warning. Firewall AI protects you from spy servers in countries like China, Iran, and Russia, as well as mobile trackers.Starting Price: $9.90 per year -
35
Imunify360
CloudLinux, Inc.
Imunify360 is a security solution for web-hosting servers. Imunify360 goes beyond antivirus and WAF and is a combination of an Intrusion Prevention and Detection system, a Application Specific Web Application Firewall, Real-time Antivirus protection, a Network Firewall, and Patch Management components in one security suite. Imunify360 is a fully-automated solution and it collects all statistics under an intuitive dashboard.Starting Price: $12 -
36
Centralize and simplify your firewall admin and intrusion prevention. With visibility across ever-changing and global networks, you can manage modern applications and malware outbreaks in real-time. Easily switch between managing hundreds of firewalls, controlling applications, and blocking intrusion attempts and the spread of malware. Write a policy and scale its enforcement across multiple security controls within your network. Enjoy unified management and control over firewalls, applications, intrusion prevention, and file and malware protection. Comprehensibly manage your firewalls using our on-premises hardware or from any virtual environment of your choice. Flexibly deploy the same manager on your public cloud infrastructure, or boost productivity one step further with our cloud-delivered solution. Detect the most sophisticated threats sooner across all vectors and prioritize by impact for faster responses.
-
37
Xvirus Firewall
Xvirus
Xvirus Firewall is designed as a simple application that enables the user to check all active connections and control which are granted access or not. Xvirus Firewall is a straightforward application that relies on whitelisting and blacklisting for managing the connections. There are no parameters to set up or other assessment capabilities that could determine the legitimacy of a connection. Xvirus Firewall is simple enough for novice users and advanced enough for experienced users. You can just install and forget it or change the settings for a more customizable experience, either way, you know you will be secure. Thanks to Xvirus' Network Monitor you can see all the details of the connections of your applications, like the protocol, IP and port, status, and the process id. Xvirus Firewall allows you to control what programs run on your computer. With its simple rules list, you can manage which program should be allowed to run or block.Starting Price: €19.99 per year -
38
Google Cloud Firewalls
Google
Google Cloud firewalls are fully embedded in the cloud networking fabric, highly scalable, and granular to meet your enterprise’s unique security needs. Flexible and customizable: Benefit from protection at the organization, folder, and project level with flexible control over firewall rules and policies. Visibility and optimization: Gain insights into firewall rule usage and optimization opportunities to help you keep your deployment safe and easy to manage. Granular controls: Leverage network tags and service accounts to define granular control for both north-south and east-west traffic. -
39
Barracuda CloudGen Firewall
Barracuda
Get comprehensive protection for on-premises and multi-cloud deployment using the firewall built in and for the cloud. Frictionless, cloud-hosted Advanced Threat Protection detects and blocks advanced threats, including zero-day and ransomware attacks. Gain rapid protection against the newest threats with the help of a global threat intelligence network fed by millions of data collection points. Modern cyber threats such as ransomware and advanced persistent threats, targeted attacks, and zero-day threats, require progressively sophisticated defense techniques that balance accurate threat detection with fast response times. Barracuda CloudGen Firewall offers a comprehensive set of next-generation firewall technologies to ensure real-time network protection against a broad range of network threats, vulnerabilities, and exploits, including SQL injections, cross-site scripting, denial of service attacks, trojans, viruses, worms, spyware, and many more. -
40
NetFortris Total Control Firewall
NetFortris
NetFortris Total Control Firewall prevents unauthorized access to corporate data, while giving your employees the access they need to do their jobs. NetFortris delivers flexible and scalable Firewall and Unified Threat Management (UTM) solutions to protect our single-location and multi-site customers, their data, and their customers from unwanted malicious traffic. -
41
discrimiNAT Firewall
Chaser Systems
The discrimiNAT is a solution to being unable to specify hostnames/FQDNs in Google Cloud Firewall Rules and AWS Security Groups for scalable egress filtering. It works by monitoring and blocking traffic without decryption, with our Deep Packet Inspection engine, inline as a high-availability NAT Instance on the egress of your VPC network. We have made the configuration of this firewall as simple as possible. Just specify the allowed destination FQDNs in the applications' outbound rules itself and the firewall will take care of the rest. See the brief video demos for how straightforward this is. From complete multi-zone network configurations that work with a single click and have sane defaults, to DIY instance deployments so you can configure the networking around it, we have all templates ready to go in our CloudFormation library for AWS and as a Deployment Manager template for Google Cloud. -
42
Forcepoint NGFW
Forcepoint
The Forcepoint Next Generation Firewall has multiple layers of defenses that protect your network, your endpoints, and your users against modern, advanced threats. Ability to manage large quantities of firewalls and fleets of firewalls at scale without compromising performance. Ease of management, the granularity of controls, and scalability of management capabilities. Assessed block rate, IP Packet Fragmentation/TCP Segmentation, false-positive testing, stability, and reliability. Assessed ability to protect against evasions, HTTP evasions, and a combination of evasion techniques. Designed like software, rather than hardware, NGFW gives you the flexibility to deploy on hardware, virtually or in the cloud. Open API's let you customize automation and orchestrations to your own specifications. Our products routinely undergo rigorous certification testing to meet the most stringent needs of sensitive and critical industries, agencies, organizations and governments around the world. -
43
VMware vDefend Distributed Firewall
Broadcom
Stop the lateral spread of threats across multi-cloud environments with a software-based Layer 7 firewall distributed at each workload. Threat actors moving throughout your infrastructure and increasingly sophisticated ransomware attacks make east-west the new battleground. Get the advantage with a software-defined Layer 7 firewall that delivers granular enforcement at scale to secure east-west traffic across today’s multi-cloud world. Easily segment the network, stop the lateral spread of threats, and securely move at the speed of development on your path to Zero Trust. Gain visibility across all network flows to easily achieve granular micro-segmentation and generate context-aware policies for each workload. Reduce the attack surface and defend against known and unknown threats moving within and across clouds with a modern, distributed firewall solution that is purpose-built to secure multi-cloud traffic across virtualized workloads. -
44
Securd DNS Firewall
Securd
Make sure the Internet is always safe and available, to all your worldwide users, with our global, anycast dns firewall and dns resolver featuring 10ms resolutions, real-time threat protection, and a zero-trust posture to reduce your attack surface at the edge. Anti-virus protection can't keep up with the pace of modern malware, ransomware, and phishing attacks. It takes a layered approach to defend your assets from these threats. Deploying DNS filtering reduces the risk of a successful cyber attack by blocking access to malicious domains, disrupting downloads from compromised sites, or preventing malware from exfiltrating your data. DNS firewalls also provide real-time and historical visibility into endpoint DNS queries and resolution, which is necessary to hunt down and remediate infected and compromised devices quickly. Securd DNS Firewall is powered by a worldwide anycast network. -
45
Sangfor Athena NGFW
Sangfor Technologies
Sangfor Athena NGFW is a next-generation firewall that provides comprehensive protection for network perimeters using AI-powered threat detection. It blocks over 99% of external threats in real time through cloud-delivered AI and integrates network and web application security into a single appliance. The firewall includes a built-in SOC Lite module for rapid threat assessment and incident response. Sangfor’s solution connects with a holistic security ecosystem, including endpoint protection, secure web gateways, and extended detection and response tools. Recognized for its proven security effectiveness, Athena NGFW holds top ratings in independent cybersecurity tests. It is trusted by enterprises across industries to safeguard valuable data and maintain stable network performance. -
46
Palo Alto Networks Next-Generation Firewalls
Palo Alto Networks
Palo Alto Networks offers ML-powered Next-Generation Firewalls (NGFW) that use inline deep learning to detect and stop the most evasive and unknown zero-day threats. These firewalls provide zero-delay signature updates, ensuring threats are blocked within seconds across the network. The platform delivers detailed visibility into IoT and connected devices, profiling them accurately to prevent unmanaged access. With AI-driven operations, it maximizes security effectiveness while minimizing downtime and resource costs. Recognized as a leader by industry analysts like Forrester, Palo Alto Networks’ NGFWs protect organizations of all sizes and complexities. They support a wide range of deployment environments including branch offices, data centers, public cloud, and 5G networks under a unified security architecture. -
47
Palo Alto Networks Strata
Palo Alto Networks
Strata is our industry-leading network security suite. Prevent attacks and manage network transformation while consistently securing users, applications, and data, wherever they reside. Drawing on data collected through PAN-OS device telemetry, Device Insights gives you an overview of the health of your next-generation firewall deployment and identifies areas of improvement. Driven by innovation and dedicated to protecting your business proactively, our award-winning security features the world's first ML-Powered NGFW and empowers you to stay ahead. Best-in-class capabilities, natively integrated, resulting in simplified and highly effective networking and security. Our ML-Powered Next-Generation Firewalls enable you to stay ahead of unknown threats, see everything, including IoT, and reduce errors with automatic policy recommendations. -
48
Falcon Firewall Management
CrowdStrike
Falcon Firewall Management makes it easy to create, manage and enforce policies with a simple, centralized approach. Defend against network threats, and gain instant visibility to enhance protection and inform action.Delivered via the same lightweight Falcon agent, management console and cloud-native architecture, it deploys and is operational in minutes. Simplifies operations by using the same lightweight Falcon agent, management console and cloud-native architecture. Deploys and is operational in minutes without requiring reboots, fine-tuning or complex configuration. Streamlines workflows and increases visibility across endpoint security controls due to the single management console for both endpoint protection and host firewall management. Automatically identify and view specific activities, potential threats and network anomalies. -
49
Kerio Control
GFI Software
Detect threats, block viruses and secure VPN with the firewall built for SMB. Configure your firewall with easy-to-use traffic rules, controlling in- and outbound communications by URL, application, traffic type and more. Intrusion detection and prevention using the Snort system constantly monitors inbound and outbound network communications for suspicious activity. Log or block the communications depending on the severity. Prevent viruses, worms, Trojans and spyware from entering your network. Kerio Control goes beyond just checking files for malicious code; it scans your network traffic for potential attacks. Create secure, high-performance server-to-server connections between your offices running Kerio Control with an easy-to-setup VPN technology. Or, you can create a secure VPN connection to a remote office that doesn’t have Kerio Control deployed, using industry-standard VPN protocols.Starting Price: $270 per year -
50
Quantum Firewall Software R82
Check Point
New AI innovations prevent millions of new zero-day attacks, accelerate security for DevOps, and increase data center operational simplicity and scale. Quantum Firewall Software R82 provides uncompromising security and operational simplicity for Quantum on-premises and CloudGuard Network firewalls. AI-powered, adaptive threat prevention for novel and encrypted threats. Dynamic tools to accommodate rapidly changing environments. Automatically keep up with business growth & unpredictable traffic spikes. NIST-certified encryption to protect against quantum computing hacking. Find hidden relationships and traffic patterns to prevent novel malicious campaigns and brand impersonation. Increases the effectiveness of website categorization to make the most of your security policies. R82 delivers powerful new protection from the most evasive phishing, malware, and DNS attacks, even in encrypted traffic.
