Skip to content Skip to navigation Skip to footer

Why do you Need a Network Firewall?

Today, every business that connects to the Internet needs a network firewall, not only to protect the network from attacks and malicious behavior, but also to enable business productivity as part of an integrated security architecture that keeps network connections reliable and secure. There are many products on the market described as firewalls, ranging in price from a few hundred dollars to tens of thousands of dollars, based on the size and needs of the business and how the firewall will be maintained and supported.

When firewall technology first arrived decades ago, network firewalls were pretty basic. They usually acted as a gateway that sat between the local area network (LAN) and the Internet and examined and filtered packets coming in and out, making decisions on what to approve and what to reject based on attributes such as destination address or port number. Over time, and especially as the variety, sophistication, and frequency of cyberattacks grew, firewalls needed to do more.

The next-generation firewall (NGFW), introduced in the 2000s, added application layer inspection and a number of other detection features intended to stand up to the expanding threat landscape. Today’s firewalls are way more than sentries at the edge of the network, and many have integrated capabilities such as intrusion prevention systems (IPS) that were traditionally standalone network security products. Network firewalls with NGFW characteristics maintain all of the features of stateful firewalls, from packet filtering to VPN support, and also provide deeper inspection capabilities, application control, and advanced visibility, as well as include paths for future updates that allow them to evolve and keep the network system secure from future threats.

Not all network firewalls are equally effective, and some products described as “firewalls” do little more than “stand guard” at a network edge, delivering basic functionality that provides less and less protection every year. Choosing the right network firewall is one of the most essential decisions you will make for the network security of your business. So, it’s time to choose wisely!

Firewall Security Price

Hardware for a firewall for a small business can run anywhere from $700-$1,000. Businesses that have anywhere from 15 to 100 users can expect to pay between $1,500 and $4,000 for firewall hardware. Some other factors that determine the price of a hardware firewall, include:

  • The make, model, and characteristics, including performance, capacity, and redundancy
  • The cost of any ongoing security, services, or support subscriptions
  • The configuration, monitoring, integration, and ongoing maintenance of the firewall

Choosing network firewalls, whether a low cost firewall or standard cost, should include a detailed assessment of your needs, starting with the size of your business.

Consider Business Size and Needs

Sizing your network firewall includes determining how many people (users) will need to use it, how much you expect your organization to grow (or shrink) in the next 24 months, and the balance you anticipate between on-premises and remote workers.

Key questions include:

  • Where will the firewall sit in my network topology?
  • How will it be administered, and by whom?
  • How much traffic will it need to process?
  • How many interfaces will it need to segment traffic?
  • What forms of traffic inspection do I need to perform?
  • How will I best satisfy the needs of my remote users?

Remote work was an already-active trend greatly catalyzed by the COVID-19 pandemic. It’s important that the same rules and policies you enforce inside your corporate network can be applied to connections to corporate resources occurring outside, from homes and hospitals, to schools and coffee shops.

Determine Type of Firewall

Firewalls come in essentially three different form factors. Software firewalls are commonly used on individual computers or corporate devices requiring only basic network security. Hardware firewalls are appliances that typically sit near network edges so they can easily evaluate what’s coming in from the Internet or leaving from your network. They can be delivered in physical or virtual form factors. There is also firewall-as-a-service (FWaaS), which essentially eliminates the need for a physical or virtual appliance and delivers integrated firewall capabilities similar to how other software-as-a-service offerings work. Businesses with many remote locations may prefer a managed FWaaS solution for the flexibility cloud-delivered services offer.

Beyond the basics, which include VPN for remote access options, when doing a network firewall comparison be sure to consider the following features:

It’s important to remember that feature-by-feature discussions may not be the most effective way to consider firewall price or total TCO. Feature adoption will vary based on your organization’s needs, users, and budget. You don’t want to undersize your firewall needs and risk over-spending on upgrades, slow your network performance, degrade your user experience, or, worst of all, incur the costs associated with a successful cyber breach because your firewall selection was the wrong choice.

Another helpful way to assess network firewall needs is by use case. Network firewalls with next-generation firewall capabilities are often employed for use cases such as reducing complexity, delivering encrypted cloud access, and deploying intent-based segmentation—some or all of which likely will apply to your organization.

Calculate Total Cost of Ownership

When considering a the price of hardware firewall, it should also include the cost to operate and maintain it. Total cost of ownership (TCO) for a network firewall, whether physical, virtual, or cloud-delivered, includes these considerations:

  • Acquisition costs
  • Deployment costs
  • Management costs
  • Annual support and/or services provided by the vendor or an authorized partner
  • Installation, integration, and ongoing upkeep

If there’s one area where many organizations underestimate TCO, it’s in management. The industry has a shortage of skilled and experienced security professionals, and all organizations have to weigh the benefits of manual and human-delivered management against the savings and flexibility provided by automation. Either way, businesses should consider the time and resources required to properly deploy and maintain network firewalls. Total TCO can be greatly affected by miscalculating this factor.

It’s also worth noting that several reputable third-party testing services use TCO ratings to help business users determine network firewall prices. NSS Labs, for example, uses a rating that calculates dollar cost per protected Mbps. In the most recent NSS Labs NGFW Comparative TCO Report, Fortinet’s TCO per protected Mbps was the lowest at $2, compared with nine other NGFW vendors, some with TCO as high as $57 per protected Mbps.

Choosing Your Firewall

Fortinet Network Firewalls meet the performance needs of highly scalable, hybrid IT architectures, enabling organizations to reduce complexity and manage security risks.