An NGFW (next-generation firewall) is an advanced threat protection tool that offers all the features of a stateful network firewall along with integrated intrusion prevention, application and user control, advanced malware detection and threat intelligence feed leveraging.
Fortinet FortiGate and Forcepoint NGFW made our list of the best NGFW vendors on the market. In this guide, we will compare both security vendors in terms of effectiveness, product features, technical support, ease of use, value and other quality metrics.
Fortinet FortiGate overview
Fortinet FortiGate fared well in NSS Labs’ Next Generation Intrusion Prevention Systems (NGIPS) 2019 test. FortiGate NGIPS achieved a sensational collective blocking rate of 99.18% for FortiGate 100F and an industry-low total cost of ownership (TCO) at $2 per protected Mbps.
FortiGate (an integration of FortiSandbox, FortiGate and FortiClient) passed NSS Labs’ Breach Prevention Systems (BPS) 2019 test with overall security effectiveness of 97.8%. The security vendor has been recommended in all 9 NSS Labs tests of performance evaluation and is the only vendor recommended for SD-WAN to have a security rating.
The vendor’s clients include Siemens, the University of Birmingham, Origo, S2 Global, among others. It is safe to say Fortinet FortiGate firewalls offer top security at reasonable prices.
FortiGate NGFWs offer multi-layered security, high performance (we will address this in the next section), deep visibility for end-to-end enterprise protection, threat intelligence updates and automatic alleviation.
Fortinet FortiGate features
Fortinet FortiGate has a number of elements that contribute to its status as a top NGFW product:
- Security Effectiveness: The FortiGate 500E achieved a security effectiveness rating of 99.31% and FortiGate 100F was given a rating of 99.18% by NSS Labs (2019). A “Recommended” stamp from NSS Labs is proof of Fortinet FortiGate’s high-class security and top NGFW vendor credentials.
- Performance: FortiGate 500E achieved an HTTP NSS-tested throughput of 6,438 Mbps.
- Value: best in the business with a TCO at $2 per Mbps (FortiGate 100F, NSS Labs tested).
- High marks from users: FortiGate users praise just about everything, including ease of deployment and use, capabilities, value and support, with an occasional complaint or two about bugs.
- Cloud support
- Pricing: lower-end appliances start at $500, while high-end enterprise-level pricing can cross the $500,000 mark.
Forcepoint NGFW Overview
Much like Fortinet FortiGate, Forcepoint NGFW fared well in NSS Labs’ NGIPS 2019 test. Forcepoint NGFW obtained an industry-high cumulative blocking rate of 99.64% for Forcepoint NGFW 2105 and a reasonably high TCO at $7 per protected Mbps.
Forcepoint NGFW 2105 achieved a sensational HTTP NSS-tested throughput of 7,654 Mbps. The security vendor’s SSL/TLS performance is also exceptional – 5,628 Mbps. Needless to say, Forcepoint NGFW achieved a “Recommended” rating for the 7th year in a row.
That said, what truly sets Forcepoint NGFW apart is its unified operation, allowing enterprises to directly connect their branch locations to the cloud and features like complete network security, web security, SD-WAN networking and CASB (all through a single vendor).
The security vendor allows you to deploy, monitor and update thousands of firewalls, IPSs and VPNs in a rapid manner. Forcepoint’s customers include giants like IBM, MassMutual, Microsoft, Walmart, Toyota, and more.
Forcepoint NGFW Features
- Security Effectiveness: With a blocking rate of 99.64%, Forcepoint NGFW provided the highest security efficacy in the industry as per NSS Labs’ tests in 2019.
- Performance: Forcepoint NGFW 2105 fared well, clocking an HTTP NSS-tested throughput of 7,654 Mbps and a SSL/TLS throughput of 5,628 Mbps.
- Value: TCO is on the higher side at $7 per protected Mbps.
- Easy to set up and manage
- Single management console
- Pricing: starts at under $1,000. A high-end listing can cross $100,000.
Fortinet FortiGate and Forcepoint NGFW compared
With the caveat that both Fortinet and Forcepoint offer strong firewall products, here’s how we grade them head-to-head:
Features | Fortinet FortiGate | Forcepoint NGFW |
Security Performance | ✔ | |
Value | ✔ | |
Implementation | ✔ | |
Management | ✔ | |
Support | ✔ | |
Cloud Features | ✔ | |
Overall Features | ✔ |
Conclusion
Both Fortinet FortiGate and Forcepoint NGFW are top NGFW vendors. Forcepoint may offer better security and performance, particularly in cloud environments, but FortiGate is a compelling value and can’t be topped for small and mid-sized businesses (SMBs), and is also strong in distributed and edge use cases. Which one you buy will be determined by your own needs and budget.