5 Best Next Gen Firewalls for Small Business in 2021
Every business needs a firewall. Firewalls act as your network’s gatekeeper, letting “good” traffic move freely and stopping risky traffic in its tracks.
However, the prospect of choosing a business firewall can be a confusing one – especially if you’re not particularly tech savvy.
If you’re looking for a new firewall in 2021 and you’re unsure where to turn, worry no more. Here are our top 5 firewall picks for small and micro business users this year. It’s a really mixed bag, so we’re certain there will be a solution here to suit you!
1. SonicWall TZ370W
Though this form factor firewall may seem small, it’s surprisingly fast and incredibly powerful. On the back of the unit, you’ll find 8 high speed Gigabit Ethernet ports, as well as two 802.11ac Wave 2 WiFi antennae.
Under the virtual bonnet, the TZ370W’s firewall throughput specs are really something. Firewall inspection throughput (basically the amount of data that can flow through and be filtered) is a whopping 3Gbps, with 1Gbps throughput for SonicWall’s industry leading gateway anti-malware measures and 1Gbps threat prevention rate too. And let’s not forget the simple, “single pane of glass” control interface, available through the cloud or through the unit itself.
As with any SonicWall unit, the TZ370W allows you to seamlessly incorporate any of SonicWall’s numerous security solutions (with the right licenses of course). Most notably, this includes SonicWall’s Advanced Gateway Security Suite (AGSS), Capture ATP, Secure Mobile Access (SMA), Content Filtering Service (CFS), and more.
The rise of encrypted HTTPS web traffic means that threats can potentially pass into a network totally encrypted – and therefore unchecked by older firewalls. This makes Deep Packet Inspection (DPI) capabilities a must for any new firewall. In short, DPI allows a firewall to decrypt incoming and outgoing data packets and inspect what’s inside; sending them on their way if they’re safe or securely dropping them if they aren’t. The TZ370W’s SSL-DPI inspection and decryption rate is impressive, at 500 Gigabits per second, especially given the device’s diminutive size.
If your team is distributed across sites or if you rely heavily on remote working, the TZ370W is invaluable. It has capacity for 100 site-to-site VPN tunnels and a 1.3Gbps VPN throughput, so your team can stay secure and productive wherever they’re working from.
For a microbusiness looking to grow, or a small team who commonly “remote in” to your network via VPN, we feel you can’t go wrong with this small but mighty unit.
2. WatchGuard Firebox T40-W
Great small businesses need a great firewall. Recommended for up to 20 users, the Firebox T40-W is an excellent little unit that truly packs a punch for small businesses with busy networks.
The unit includes 5 high speed Gigabit Ethernet ports and dual-band 802.11ac wireless technology. The T40-W even allows you to set up a segmented guest WiFi network, keeping internal traffic and guest traffic separate from one another.
The T40 range presents enviable throughput speeds for its size. Across the whole spectrum of internet traffic, T40’s can achieve up to 1Gbps basic firewall throughput, up to 500,000 concurrent connections, and 30 mobile VPN tunnels for remote security.
The Firebox T40 range features one dedicated Power over Ethernet (PoE+) port which can power a PoE+ enabled IoT device like a security camera, or even a PoE network switch to expand your network’s wired capacity.
All of WatchGuard’s T Series firewalls are fully compatible with WatchGuard Automation Core, a unified security platform which seeks to automate the often laborious task of firewall upkeep.
Though SonicWall’s TZ370W beats the Firebox T40-W on speed, we feel that the guest network capability, PoE+ capability, and the opportunity for security automation make this unit really shine.
3. Firewalla Blue Plus and Gold
Good things often come in small packages – and they don’t get much smaller than Firewalla firewalls! These tiny, yet fearsome units are ideal for micro-businesses and home-based sole-ops – they simply plug straight into your router.
Firewalla units come with robust firewall protection, intrusion prevention, usage insights, geographic filtering, and a mobile VPN server – straight out of the box. You can even use it to block ads! Because Firewalla devices are designed for both business and personal use, they come with parental controls which you can potentially use to filter unproductive content in the workplace.
More high-tech solutions can be overkill for sole operators; yet with Firewalla, business owners can manage their firewall and monitor network usage through a simple, intuitive, smartphone app.
Need something with a little more heft behind it, say for a small team? Go for gold with the Firewalla Gold! This solution is ideal for tiny, yet bustling networks, with 4 routable Gigabit Ethernet ports, site-to-site VPN capabilities, extended geolocation blocking, new device quarantining, Multi-WAN capability, and much more.
Both units come as a one-off purchase with no monthly fees or software licensing to worry about. If Firewalla units just aren’t powerful enough for your business, then why not get one for your home network?
4. Sophos XG86w
Another small and mighty form factor unit, this time from UK manufacturers Sophos. When comparing this unit’s stats to some of the others on this list, it may initially seem a little humdrum. However, there are some hidden treasures inherent in Sophos firewalls that are well worth exploring.
So, let’s get those figures out of the way. The XG86w boasts 3.1 Gbps basic firewall throughput, next generation firewall throughput at 350 Mbps, and XStream DPI-SSL decryption (with threat protection) at 75 Mbps. The unit features 4 copper Gigabit Ethernet ports, with two external 802.11a/b/g/n/ac WiFi antennae. XG86w units can handle just over 8,000 simultaneous connections using XStream functionality, making it surprisingly powerful.
However, Sophos firewalls boast a few features that you just don’t get from other providers. XG Firewalls come compatible with Sophos’ XStream architecture which enables rapid SSL Deep Packet Inspection and introduces Network Flow FastPath: an accelerated fast track for trusted traffic. This is particularly useful for freeing up firewalling resources and for prioritising voice and video call traffic which is particularly sensitive to lagging. Sophos are well-renowned for their endpoint antivirus solutions, so if you already use Sophos’ Intercept X Endpoint Protection, you’ll be able to tap into Sophos Synchronized Security and Security Heartbeat™. These services work together to provide unparalleled visibility into endpoint security, and can help you immediately respond to a compromised device on your network.
5. Cisco Meraki MX68W
The MX68W is a sleek, unassuming desktop firewall that’s surprisingly powerful for its graceful appearance. The first thing that stands head and shoulders above the other firewalls on this list is its connectivity. There are 10 Gigabit Ethernet ports on the back – 2 of which provide PoE+. The MX68W’s dual band Wave 2 WiFi capability supports up to 4 different SSIDs (wireless network IDs), making it ideal for shared workspaces and guest WiFi connectivity.
Moving on to the stats for a moment, the MX68W features 450Mbps firewall throughput (which only reduces to 300 Mbps with all security features enabled); 50 maximum site-to-site VPN connections with a max VPN throughput of 200 Mbps; and central, secure cloud management.
Investing in Meraki’s Advanced Security License really helps to round out this package, adding comprehensive content filtering; intrusion detection and prevention (IDS/IPS); and Advanced Malware Protection (AMP). All in all, the MX68W’s in-built connectivity and throughput makes it ideal for businesses maturing past the “micro business” mantle and venturing into SME territory.
Learn more about the Cisco Meraki MX Range over on their website.
Next Gen Firewalls for Small Businesses
Still unsure? Don’t worry, just give us a call! We’ll talk you through our free, no obligation cyber and network security health check; all you need is a moderate knowledge of your network, an hour of your time, and a willingness to give our suggestions a try!
Together, we’ll chat about your current cyber-preparedness measures and offer our honest, unbiased advice. We may even be able to suggest ideas that you can implement for free! Interested? Get in touch with the team today on 0808 1644414 or request a call back.