Network Firewall Price: Comparing Security Costs
Network firewall price is determined by a range of factors, including business size, security integration, and services and support agreements.Learn about Fortinet Next-Generation Firewalls
Why do you Need a Network Firewall?
Today, every business that connects to the Internet needs a network firewall, not only to protect the network from attacks and malicious behavior, but also to enable business productivity as part of an integrated security architecture that keeps network connections reliable and secure. There are many products on the market described as firewalls, ranging in price from a few hundred dollars to tens of thousands of dollars, based on the size and needs of the business and how the firewall will be maintained and supported.
When firewall technology first arrived decades ago, network firewalls were pretty basic. They usually sat between the local area network (LAN) and the Internet and examined and filtered packets coming in and out, making decisions on what to approve and what to reject based on attributes such as destination address or port number. Over time, and especially as the variety, sophistication, and frequency of cyberattacks grew, firewalls needed to do more.
The next-generation firewall (NGFW), introduced in the 2000s, added application layer inspection and a number of other features intended to stand up to the expanding threat landscape. Today’s firewalls are way more than sentries at the edge of the network, and many have integrated capabilities such as intrusion prevention systems (IPS) that were traditionally standalone network security products. Network firewalls with NGFW characteristics maintain all of the features of stateful firewalls, from packet filtering to VPN support, and also deliver deeper inspection capabilities, application control, and advanced visibility, as well as include paths for future updates that allow them to evolve and keep the network secure from future threats.
Not all network firewalls are equally effective, and some products described as “firewalls” do little more than “stand guard” at a network edge, delivering basic functionality that provides less and less protection every year. Choosing the right network firewall is one of the most important decisions you will make for the network security of your business. So, it’s time to choose wisely!
How Much Is a Network Firewall?
There are several factors that inform the price of a network firewall, including:
- The make, model, and characteristics, including performance, capacity, and redundancy
- The cost of any ongoing security, services, or support subscriptions
- The configuration, monitoring, integration, and ongoing maintenance of the firewall
Choosing network firewalls should include a detailed assessment of your needs, starting with the size of your business.
Consider Business Size and Needs
Sizing your network firewall includes determining how many people (users) will need to use it, how much you expect your organization to grow (or shrink) in the next 24 months, and the balance you anticipate between on-premises and remote workers.
Key questions include:
- Where will the firewall sit in my network topology?
- How will it be administered, and by whom?
- How much traffic will it need to process?
- How many interfaces will it need to segment traffic?
- What forms of traffic inspection do I need to perform?
- How will I best satisfy the needs of my remote users?
Remote work was an already-active trend greatly catalyzed by the COVID-19 pandemic. It’s important that the same rules and policies you enforce inside your corporate network can be applied to connections to corporate resources occurring outside, from homes and hospitals, to schools and coffee shops.
Determine Type of Firewall
Firewalls come in essentially three different form factors. Software firewalls are commonly used on personal computers or corporate devices requiring only basic network security. Hardware firewalls are appliances that typically sit near network edges so they can evaluate what’s coming in from the Internet or leaving from your network. They can be delivered in physical or virtual form factors. There is also firewall-as-a-service (FWaaS), which essentially eliminates the need for a physical or virtual appliance and delivers integrated firewall capabilities similar to how other software-as-a-service offerings work. Businesses with many remote locations may prefer a managed FWaaS solution for the flexibility cloud-delivered services offer.
Beyond the basics, which include VPN for remote access options, common firewall features to consider include:
- Website and spam filtering
- Antivirus scanning
- SSL/encrypted traffic inspection
- Wireless access point control
It’s important to remember that feature-by-feature discussions may not be the most effective way to consider firewall price or total TCO. Feature adoption will vary based on your organization’s needs, users, and budget. You don’t want to undersize your firewall needs and risk over-spending on upgrades, slow your network performance, degrade your user experience, or, worst of all, incur the costs associated with a successful cyber breach because your firewall selection was the wrong choice.
Another helpful way to assess network firewall needs is by use case. Network firewalls with next-generation firewall capabilities are often employed for use cases such as reducing complexity, delivering encrypted cloud access, and deploying intent-based segmentation—some or all of which likely will apply to your organization.
Calculate Total Cost of Ownership
Total cost of ownership (TCO) for a network firewall, whether physical, virtual, or cloud-delivered, includes these considerations:
- Acquisition costs
- Deployment costs
- Management costs
- Annual support and/or services provided by the vendor or an authorized partner
- Installation, integration, and ongoing upkeep
If there’s one area where many organizations underestimate TCO, it’s in management. The industry has a shortage of skilled and experienced security professionals, and all organizations have to weigh the benefits of manual and human-delivered management against the savings and flexibility provided by automation. Either way, businesses should consider the time and resources required to properly deploy and maintain network firewalls. Total TCO can be greatly affected by miscalculating this factor.
It’s also worth noting that several reputable third-party testing services use TCO ratings to help business users determine network firewall prices. NSS Labs, for example, uses a rating that calculates dollar cost per protected Mbps. In the most recent NSS Labs NGFW Comparative TCO Report, Fortinet’s TCO per protected Mbps was the lowest at $2, compared with nine other NGFW vendors, some with TCO as high as $57 per protect Mbps.
Choosing Your Firewall
Fortinet Network Firewalls meet the performance needs of highly scalable, hybrid IT architectures, enabling organizations to reduce complexity and manage security risks.