We just raised a $30M Series A: Read our story

SonicWall TZ Competitors and Alternatives

Get our free report covering Fortinet, Cisco, Sophos, and other competitors of SonicWall TZ. Updated: November 2021.
552,695 professionals have used our research since 2012.

Read reviews of SonicWall TZ competitors and alternatives

Oscar Bashford
Network Operations Support at EOS IT Management Solutions Ltd
MSP
Top 10
Fast with good usability and fairly scalable

Pros and Cons

  • "I'm told the solution is the fastest, and, so far, I do find that to be the case."
  • "It could use more tutorials."

What is our primary use case?

I primarily use the solution for experimentation. I just wanted to create a site to site VPN. I was hoping that you can make the SRX like a hub, so if I had a site here and then I had a new site, I could just create another VPN from that new site to the virtual X in the cloud. I don't know if it works like that. I'm skeptical if it can. Maybe there is a roundabout with the actual Azure AWS, however, I'm not so sure about that part. That's why I'm learning about Azure, and how that works in connecting to the cloud.

What is most valuable?

I'm told the solution is the fastest, and, so far, I do find that to be the case. 

I'm familiar with the solution, so I'm pretty comfortable with the processes. There's pretty good usability.

What needs improvement?

Largely the solution seems fine to me.

It could use more tutorials.

I think there's a step missing or the use cases are missing information. I'm not sure why you have to connect from the descendant to another SRX. The why part, why would I do that and what's practical, is not really answered in any documentation I have access to. At my last job, we used to hook up a VPN to the data center, and then at each site we would have a device connecting to that data center. Now that project is not 100% right now, I'm still wondering if I were to go and do that project, how would I do it? Should I make it cloud-based?

If I want to use it virtually in the cloud as a hub, I want to see if that's possible, and, if it's possible, they should have documentation on that.

I looked at the config. I played around with the config and then I say, "Okay, I see what they're doing, with the actual Azure part, and yet, on AWS, I'm having the same problem." It's something to do with the public IP. It's only functioning on the management side, on the virtual firewall. I can't get the other side, the other network interface to connect out. I don't have a connection out technically. I could ping, but through management and that's not how it's supposed to work. It's just through the management. I'm not seeing the departments.

For how long have I used the solution?

I haven't been using the solution for that long. Basically it's just this year. I've been tinkering with it since March.

What do I think about the stability of the solution?

The solution is stable. It seemed very good. I'm just trying to learn everything right now, however, from what I've experienced, I'd say it's reliable.

What do I think about the scalability of the solution?

Scalability is very good. I'm not an expert yet, however, I would recommend it to anybody who needs to expand.

There's hundreds, if not thousands, or users on the solution currently.

How are customer service and technical support?

I believe there is something on Amazon and you can ask questions about the solution. I was trying to go through something like that, and maybe they can help. I didn't really follow through, due to the fact that I didn't get an email, so I don't know who could contact me. With Azure, I didn't really go that far in depth.

Mostly I just do my own research and try to troubleshoot issues on my own. I'm figuring out everything from scratch.

Which solution did I use previously and why did I switch?

I'm kind of familiar with ASA firewalls from Cisco. I've worked with SonicWall a lot and Pablo Alto a little bit, however, I'm not 100% familiar with it. I've worked on it, but not every day. For Palo Alto, I just worked on it once. I know the interface. I know some other firewalls as well, however, I don't think they need to be mentioned, as they're not that popular. ASA firewall, I would say, is the most popular one.

How was the initial setup?

At first the implementation was straightforward. I got around quickly. I was able to, after a week, feel like I had the hang of everything. I can move around in Azure and AWS. That said, it's just the part with the elastic IP. I don't know if it's a Juniper issue or it's on there and there's another connection, and that's the part I'm not getting.

I was able to deploy the solution in days. It's just getting it to work properly, however. In that sense, it took weeks, or, at least a week and a half. I had to say "Okay, let me give up this for now" before I really got anywhere.

There isn't really maintenance per se. It's just running. There's 24/7 support. When it goes down, I guess, we're there.

What about the implementation team?

I did the implementation myself, however, I have a lot of tutorials and documentation on hand. I use YouTube as well. I even got Pluralsight the other day. I have IME. I have CBT Nuggets. Anything I can use to find out more about the product I will look at. What has really helped me was I got a lot of PDF files from Juniper and it had some stuff about AWS.

Which other solutions did I evaluate?

I would say this solution was the default selection, however, I know that ASA is up there too. That said, the virtual SRX is what's most popular now.

What other advice do I have?

Our organization is partners with Juniper. We have a business relationship with them.

At work I see it a lot, however, a lot of tasks are automated at work. It's not like you have hands-on from scratch experience. In my position, I'm doing more support or some automation to build the VRX or the virtuals needed for lab equipment. At home and in the labs I am able to learn from scratch, and I'm trying to connect VPNs, etc. I am hoping to get into the cloud in the future.

The version of the solution we use should be the latest. I downloaded it a couple of months ago. It should be the latest, due to the fact that I have a virtual that's a trial. I get it through the partnership through my job. The virtual that I've got is on AWS. Azure is the recommended platform.

I'd recommend the solution. I'd rate it ten out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
TG
Senior Network Engineer at a tech services company with 201-500 employees
MSP
Top 10
Combines many tools in one appliance, giving us a single point of view for our firewall and all related security issues

Pros and Cons

  • "The most valuable features include the different security zones and the ability to identify applications not only by port numbers but by the applications themselves... And with the single-pass architecture, it provides a good trade-off between security and network performance. It provides good security and good network throughput."
  • "The machine learning in Palo Alto NG Firewalls for securing networks against threats that are able to evolve and morph rapidly is good, in general. But there have been some cases where we get false positives and Palo Alto has denied traffic when there have been new updates and signature releases. Valid traffic gets blocked. We have had some bad experiences with this. If there were an ability, before it denies traffic, to get some kind of notification that some traffic is going to be blocked, that would be good."

What is our primary use case?

We use it to segregate traffic between different tenant instances and to manage secure access to environments, DMZ zones, and to communicate what the firewall is doing.

How has it helped my organization?

With Palo Alto NG Firewalls, we can pass all compliance requirements. We trust it and we are building the security of our environment based on it. We feel that we are secure in our network.

It also provides a unified platform that natively integrates all security capabilities. It's very important because it gives us one solution that covers all aspects of security. The unified platform helps to eliminate security holes by enabling detection. It helps us to manage edge access to our network from outside sources on the internet and we can do so per application. It also provides URL filtering. The unified platform has helped to eliminate multiple network security tools and the effort needed to get them to work together with each other. In one appliance it combines URL filtering, intrusion prevention and detection, general firewall rules, and reporting. It combines all of those tools in one appliance. As a result, our network operations are better because we have a single point of view for our firewall and all related security issues. It's definitely a benefit that we don't need different appliances, different interfaces, and different configurations. Everything is managed from one place.

What is most valuable?

The most valuable features include the different security zones and the ability to identify applications not only by port numbers but by the applications themselves.

The DNS Security with predictive analytics and machine learning for instantly blocking DNS-related attacks works fine. We are happy with it.

And with the single-pass architecture, it provides a good trade-off between security and network performance. It provides good security and good network throughput.

What needs improvement?

The machine learning in Palo Alto NG Firewalls for securing networks against threats that are able to evolve and morph rapidly is good, in general. But there have been some cases where we get false positives and Palo Alto has denied traffic when there have been new updates and signature releases. Valid traffic gets blocked. We have had some bad experiences with this. If there were an ability, before it denies traffic, to get some kind of notification that some traffic is going to be blocked, that would be good.

In addition, there is room for improvement with the troubleshooting tools and packet simulator. It would help to be able to see how packets traverse the firewall and, if it's denied, at what level it is denied. We would like to see this information if we simulate traffic so we can predict behavior of the traffic flow, and not just see that information on real traffic.

For how long have I used the solution?

I have been using Palo Alto Networks NG Firewalls for about three years.

What do I think about the stability of the solution?

The solution is pretty stable.

What do I think about the scalability of the solution?

The scalability is good.

In terms of the extensiveness of use, it depends on business needs. Every communication from the company is going through this solution, so it's highly used and we are highly dependent on the solution. 

In terms of increasing our use of the solution, it all comes down to business needs. If the business needs it, and we get to the limit of the current appliance, we will consider updating it or adding more appliances. At this point, we're good.

Which solution did I use previously and why did I switch?

We previously used Cisco. The switch was a business decision and may have had to do with cost savings, but I'm not sure what the driver was.

How was the initial setup?

The initial setup was a little bit complex, but not terrible. The complexity was not related to the product. It was more to do with needing to prepare and plan things properly so that in the future the solution will be scalable. If there were some predefined templates for different use cases, that would help. Maybe it has that feature, but I'm not familiar with it.

The time needed for deployment depends on the requirements. We also continuously optimized it, so we didn't just deploy it and forget it.

Our implementation strategy was to start with allowing less access and then allowing more and more as needed. We made the first configuration more restrictive to collect data on denied traffic, and then we analyzed the traffic and allowed it as needed.

We have less than 10 users and their roles are security engineers and network engineers. We have three to four people for deployment and maintenance and for coordinating with the business, including things such as downtime and a cut-over. The network and security engineers work to confirm that the configuration of the solution is meeting our requirements.

What about the implementation team?

We did it ourselves.

What's my experience with pricing, setup cost, and licensing?

I'm not sure about pricing. I don't know if Palo Alto NG Firewalls are cheaper or not, but I would definitely recommend Palo Alto as an option.

If you need additional features, you need additional licenses, but I'm not aware of the cost details.

Which other solutions did I evaluate?

We evaluated Cisco, Sophos, Dell EMC SonicWall, and FortiGate. Cost and reputation were some of the key factors we looked at, as well as the flexibility of configuration. Another factor was how many users could comfortably work on the solution when publicly deployed.

What other advice do I have?

The fact that Palo Alto NG Firewalls embed machine learning in the core of the firewall to provide inline, real-time attack prevention is important, but I still don't completely trust it. I haven't really seen this feature. Maybe it's somewhere in the background, but I haven't gotten any notifications that something was found or prevented. At this point, we still use traditional approaches with human interaction.

Overall, what I have learned from using Palo Alto is that you need to be very detailed in  your requirements.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Manuel Gellida
Owner at Dinamica en Microsistemas de Informatica, S.A. de C.V.
Reseller
Top 5
Easy to use and deploy with an improved pricing structure in place

Pros and Cons

  • "The initial setup is pretty easy."
  • "They need to allow their solution to integrate with other products and not just other Sophos solutions."

What is our primary use case?

My clients are mostly based in the government. They are my core clients. I install the solution for my clients.

What is most valuable?

The solution is very easy to use. 

Of course, we have the skills, however, it's very easy for us to deploy the solution. That's one of the valuable features. 

They have a communication between the endpoint and the firewall which is very, very useful for security purposes.

Pricing is now pretty good. They changed the pricing structure a few months ago.

The initial setup is pretty easy.

What needs improvement?

The integration could be a bit better. They need to allow their solution to integrate with other products and not just other Sophos solutions.

Sophos has a feature that in my opinion is very limited. They don't have enough VPNs on their models. They have the XG 750, which is a sizeable appliance. On those models, they used to have not enough VPNs. They always were short on that area. 

Pricing used to be very bad, however, they've adjusted their strategy recently. 

The product needs to improve its marketing in Mexico. It's not a well-recognized product in our country.

The solution's technical support is very bad.

There is an overall lack of documentation in relation to features and capabilities. We need these to help explain aspects of the solution to our clients. 

For how long have I used the solution?

I've used the solution since around 2014. I have about six years of experience at this point. It's been a while. I've definitely worked with the product in the last 12 months.

What do I think about the stability of the solution?

The solution is quite stable. There are no bugs and glitches. It doesn't crash and freeze. It's quite reliable. We don't have problems with it.

What do I think about the scalability of the solution?

The solution is very scalable. It is not a problem. Sometimes we have issues when we are trying to do something with a different traditional version of hardware as sometimes the new hardware has more ports. However, if we are talking about scalability in a huge customer, we can do it very easily. 

Mexico is very different than other countries and continents as here, when we say it's a big customer, we are talking about 2,000 to maybe 3,000 users. There aren't too many large-scale operations in the country. However, in general, for our area, we tend to deal with large-scale companies.

For a company that has maybe 1,000 users, Sophos seems to work very well. We have one operation with 10,000 endpoints and it is working quite well.

How are customer service and technical support?

Technical support from Sophos is very bad.

Sometimes we lose a project due to the fact that we need to solve some issues or answer questions. Things that may be technical but also involve the administrative side. I'm talking about licensing and the capabilities of the feature. We need some documentation, something we can show clients. They can better in those cases. They can either help us or supply us with what we need. 

In response time, they are terrible. In the area of technical knowledge, they are getting better, however, they aren't where they need to be. Right now, we are not satisfied with the level of support provided.

How was the initial setup?

The initial setup is not complex. However, here in Mexico, it's very complex to sell the product. The brand is not as well known.

That said, the process is pretty straightforward. 

The deployment times vary. It depends on the end-user and what they need. Sometimes, it's easy as they don't have too many policies. The more policies they have, the longer it takes.

In other cases, clients may have a lot of VPNs. We have to work on those VPNs, and we have to do a lot of routing. However, that depends on the customer. Not all are like that.

For one appliance, you just need one person for deployment and maintenance. If we are working a lot of VPNs, we would have to use more people. We need to involve maybe two or three individuals and re-apply the configuration in that case. 

What about the implementation team?

We handle the installation process ourselves. We do not need the assistance of consultants.

What's my experience with pricing, setup cost, and licensing?

The pricing has recently changed on Sophos. Their licensing and cost structures are much more clear now. It's much better than it was.

Which other solutions did I evaluate?

Clients, in many cases, evaluate for Check Point, Forcepoint, and sometimes Fortinet. Occasionally, they may look at SonicWall, or Palo Alto however, the others are the main big competitors. 

Palo Alto is very expensive as are Check Point and Forcepoint. That's why we sometimes win the projects. We find Fortinet, is very, very hard to beat as they have a lot of market share, have a lot of marketing. Sophos doesn't have that presence, that marketing. Also, when you have to think about prices, Fortinet gives customers everything and it's hard to beat.

The biggest issue I've found with Sophos is the small number of VPNs that we can do compared to a similar appliance with Fortinet or in the same level center. In fact, many other brands offer more VPNs than Sophos.

What other advice do I have?

I'm a Sophos reseller.

We use multiple versions. We have worked with XG 460 and XG 135 and some others -such as XG 230. In those cases, sometimes it has been Rev 1 and in other cases Rev 2 in terms of the hardware versions.

I mostly work with on-premise deployments. The only item I have installed in the cloud is an email solution by Sophos.

I'd recommend the solution to other organizations. Overall, I would rate it at a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Flag as inappropriate
AT
Project manager at computer care company
Real User
Top 20
Robust operating in an HA environment, but it is expensive and the training videos should be improved

Pros and Cons

  • "The most valuable feature is robustness."
  • "The training videos that are available need to be improved, and made more educative."

What is our primary use case?

We are a solution provider and we work closely with our clients to identify their requirements, and then we suggest a solution. Once they accept it, we implement it. The Juniper SRX is one of the models that our clients have chosen.

It is primarily used as a firewall.

What is most valuable?

The most valuable feature is robustness.

What needs improvement?

The training videos that are available need to be improved, and made more educative. This will help users to become more familiar with the product.

For how long have I used the solution?

I have been using Juniper SRX for the past four years.

What do I think about the stability of the solution?

We had suggested an HA-based environment, or architecture in the majority of places that we have implemented Juniper. In these cases, it has been very stable. There have been other products that we couldn't upgrade to the latest format, but Juniper could always be upgraded. It always worked and never crashed.

What do I think about the scalability of the solution?

I am not very sure about scalability, but I believe that we were able to migrate a few of the lower models to the high-end models and it worked perfectly well. There was no problem.

How are customer service and technical support?

They have technical support over the phone as well as the online ticketing system and that has worked out pretty well. They have been able to solve problems for us, although I do not know all of the details because we direct our clients to them. When our clients get in touch with customer support to resolve their issues, they share the information with us later.

Which solution did I use previously and why did I switch?

I sell other products from vendors such as F5, and they have a good training facility online. Juniper is behind in terms of video training that they have available.

How was the initial setup?

The initial setup is not very easy. We had faced problems in the GUI, so we had to switch back to the CLI to get things done. While using the GUI, it was pretty easy and we could accomplish things by just clicking. However, for some reason, there were errors and we had to complete it using the CLI. I have no idea why this was the case, but we finally achieved what we wanted.

What about the implementation team?

Our team implements this product for our clients.

What's my experience with pricing, setup cost, and licensing?

This is an expensive product. The buying power of companies in my region is such that perhaps 5% of them are pretty good. The majority of them are very bad in terms of buying power, so they look at the cost of these solutions and Juniper is not able to match the price.

Which other solutions did I evaluate?

There are several options that we offer for our clients. These include Pala Alto, Cisco, Dell, SonicWall, F5, and FireEye. Some of our clients choosing Juniper, whereas others choose a solution from another vendor. The majority of our clients choose Cisco or FireEye.

What other advice do I have?

Most of the companies that we deal with have a committee that takes care of purchases. We sit with the committee and they iterate through the various benefits of the solutions, after which the purchase is finalized. We are not biassed toward any particular product. We explain everything to our clients, show them the prices, and they come back to say what product they have chosen.

In summary, this is a good product, although it is a little bit expensive and the training could be improved. Training is something that is very important, and we were not able to get much information. For example, we couldn't get the best-recommended practices, which is something that we look at when implementing solutions. We were able to get a few of them, although not all of them have been updated. Consequently, we have a shortage of information about Juniper. Nonetheless, customer support has been able to help us in a big way.

Overall, things have been a bit slow, but we have been able to catch up.

I would rate this solution a seven out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
MB
IT Support Specialist with 51-200 employees
Real User
Top 20
Very stable, relatively easy to set up, and offers good technical support

Pros and Cons

  • "The built-in open VPN and the VPN Client Export are the solution's most valuable aspects."
  • "There's a bit of a learning curve during the initial implementation."

What is our primary use case?

We just use the solution as a straight-up firewall. There is no VPN access or anything like that. We just use it as a straight-up firewall and we run Suricata on it as a defense.

What is most valuable?

The built-in open VPN and the VPN Client Export are the solution's most valuable aspects.

What needs improvement?

I cannot recall any features that are lacking.

There's a bit of a learning curve during the initial implementation.

You do have to pay extra for better customer service.

For how long have I used the solution?

We've been using the solution for about six months. It hasn't been too long.

What do I think about the stability of the solution?

The solution is very stable. We've had zero issues. There aren't bugs or glitches. It doesn't crash or freeze. It's been reliable.

What do I think about the scalability of the solution?

I have not tried scaling, therefore, I can't really comment on how easy or hard it would be to expand the service.

There's only one person in the organization using the solution, and that's me.

How are customer service and technical support?

The tech support is excellent if you have a support subscription. If you didn't have that, you could be lining up for a while. It could be a hit or miss, whether you get someone that's actually going to help you. 

However, we have a subscription and therefore our support is always excellent. We're quite satisfied with the level of service we're getting.

Which solution did I use previously and why did I switch?

Previously, we used Dell SonicWall. There was just a high cost of licensing all the time, and, with having someone go in and troubleshoot for issues as well, it just wasn't cost-effective anymore. pfSense is simply a better solution.

How was the initial setup?

The initial setup has a bit of a learning curve. It's not complex per se. It just takes some getting used to. After the initial deployment, the other six or seven were easy. I could just copy the configuration of the other ones, change some IP addresses, and I was basically done.

What's my experience with pricing, setup cost, and licensing?

There aren't monthly or yearly licensing costs.

What other advice do I have?

We're just cusomers. We don't have a business relationship with pfSense.

We're using the latest stable version of the solution.

I would 100% recommend the solution to others. On a scale from one to ten, I'd give it a ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Get our free report covering Fortinet, Cisco, Sophos, and other competitors of SonicWall TZ. Updated: November 2021.
552,695 professionals have used our research since 2012.