KerioControl vs SonicWall NSa comparison

GFI and SonicWall are both solutions in the Firewalls category. GFI is ranked #26 with an average rating of 8.3, while SonicWall is ranked #18 with an average rating of 8.1. GFI holds a 1.5% mindshare in Firewalls, compared to SonicWall’s 1.6% mindshare. Additionally, 88% of GFI users are willing to recommend the solution, compared to 88% of SonicWall users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 16, 2024

SonicWall NSa and KerioControl are firewall solutions for business security. SonicWall NSa seems to have the upper hand with its advanced features and high-performance security, while KerioControl is noted for its affordability and ease of use.

Features: SonicWall NSa offers advanced threat protection, deep packet inspection, and high throughput performance. KerioControl is commended for simple management, integrated VPN, and user-friendly firewall configuration.

Room for Improvement: SonicWall NSa could enhance its reporting capabilities, simplify the configuration process, and improve UI design. KerioControl could benefit from better scalability, more frequent updates, and enhanced logging features.

Ease of Deployment and Customer Service: SonicWall NSa may present a steeper learning curve due to its advanced features, but users appreciate its responsive customer service. KerioControl is easier to deploy and manage, though there are mixed reviews regarding the support experience.

Pricing and ROI: SonicWall NSa has higher upfront costs, justified by its robust performance and security features. KerioControl is praised for its cost-effectiveness and solid return on investment despite its simpler feature set.

To learn more, read our detailed KerioControl vs. SonicWall NSa Report (Updated: January 2025).

Buyer's Guide

KerioControl vs. SonicWall NSa

January 2025

Download the complete report

Helped 831,158 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortinet FortiGate

Mindshare comparison

As of January 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 20.3%, up from 17.4% compared to the previous year. The mindshare of KerioControl is 1.5%, up from 0.9% compared to the previous year. The mindshare of SonicWall NSa is 1.6%, up from 1.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Firewalls

Featured Reviews

EhabAli

Sr. Cybersecurity Solutions Architect at BMB

Efficient, user-friendly, and affordable

In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.

Read full review

Constantnos Achilleos

Product manger at Asbis Mediteranean

Leveraging geo-tagging and web filtering for enhanced network security

The solution is used for site-to-site VPN connections and it is valued for its cost efficiency and easy connectivity. It is especially beneficial for multi-site VPNs and is used in about fifteen different components KerioControl has provided a financial benefit as it allows purchasing one license…

Read full review

MohammedMateen

Network Administrator at Transgulf Readymix

Easy to scale advanced threat protection solution with knowledgeable technical support, but has occasional bugs

An area for improvement in SonicWall NSa is that sometimes, we experience bugs when upgrading, so we have to contact their technical support to fix issues. It would be much easier if this improvement was in place: if the one-time password which is built-in, was provided as an OTP for the administrator logging into the console, so that we'll have a quicker awareness of it, rather than needing to check emails for it. Having a Telegram or WhatsApp bot integrated with the device, for example, will be very helpful for us, so we can instantly take action, without us needing to log into and check our emails, meaning we'll be able to put things right faster. This may not be possible in SonicWall NSa, but I'm also looking for any kind of controller or device for the Windows server or client, e.g. Windows 11 and Windows 10 from SonicWall NSa itself, so that a security domain or the gateway of the organization would be able to identify the latest update for a product, whether that product is installed or not. This feature would be very helpful, and it's what I'd like to see in the next release.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The web filtering feature and the intrusion protection system are the most valuable. It is a resilient appliance. I never had an issue with it in terms of any security breaches."

"The Intrusion Prevention System and the web filtering are both working well."

"The most valuable feature is the FortiManager for centralized management."

"A strong point of FortiGate is that the graphical interface is complete and easy to use, especially if we think there is a list of operations that we are able to perform inside."

"FortiGate firewalls are easy to manage through a user-friendly web interface. They also have advanced features like DDoS and DLP. However, I wouldn't recommend enabling all of these features on one device because it can cause performance issues."

"Fortinet FortiGate is a stable solution."

"Its stability is the most valuable."

"The virtual firewall feature is the most valuable. We have around 1,500 firewalls. We did not buy individual hardware, and the virtual firewalls made sense because we don't have to keep on buying the hardware. FortiGate is easier to use as compared to Checkpoint devices. It is user friendly and has a good UI. You don't need much expertise to work on this firewall. You don't need to worry much about DCLA, commands, and things like that."

More Fortinet FortiGate pros

"The solution provides feasibility regarding cyber privacy."

"The most valuable feature is to provide users with the ability to log in to the portal page, keep track of their data usage and perform bandwidth management."

"I have found the most valuable features of Kerio Control to be the IPS and firewall."

"Compared to other solutions, accounting and live monitoring of firewall status are very good features in KerioControl."

"The ease of use in the GUI itself is the most valuable feature. The GUI is really the best part of it. We like the traffic rules so we can control who can get to what. It's easy to determine the flow of the traffic itself so we aren't having to guess through command lines and reading out basically command-driven output. It's just a very easy-to-use interface. The interface is the best part of the product."

"In terms of the comprehensiveness of the security features, it does a great job of laying out what it does. It's fairly easy to edit and research. Some of the features were turned on by our IT company and I was able to easily find other features on my own by searching for videos on the internet. I've been able to block certain websites, and content filter, as well as manage some of our bandwidth because we live stream on Sunday. I'm able to dedicate bandwidth for the encoder that goes to the internet. It always has enough bandwidth, no matter how many people are on the network. That's really helpful."

"The flexibility of the system, the capacity to provide the right level of security, and the ability to be integrated into different kinds of infrastructures are the most valuable features."

"What I like the most about Kerio is that I can use the software appliance as a solution, so if the hardware fails for any reason then I can quickly replace it with hardware that I have in stock."

More KerioControl pros

"The filtering is excellent."

"The features I found most valuable are email security and web filtering."

"It has good reporting, the reporting is marvelous."

"The technical support is very good."

"The prices are similar to other vendors and the support is good."

"This product has kept us safe and we haven't had any breaches."

"The stability is better than other products."

"The most valuable features are the VPN, SSL VPN, and IPSec VPN."

More SonicWall NSa pros

Cons

"They have to just improve its performance when we enable all UTM features. When you enable all the features, the performance of FortiGate, as well as of Sophos and SonicWall, goes down."

"Some features of Fortinet FortiGate are actually fee enabled that are inconvenient for deploying in production. Other issues relate to isolation with Cisco products and your server."

"It would be ideal if they had some sort of GUI interface for troubleshooting and diagnostics."

"There aren't really any negative aspects to discuss."

"The configuration part was challenging, especially converting configurations from another OEM to FortiGate."

"It should come integrated or have its own type of network monitor tool in a module. There should just be one package, and you are good to go."

"It is very expensive, and their support is not very good. I hope that their technical support will be better in the future."

"The web-cache feature which was previously on the FortiGate device, but was deleted with the recent upgrade should be returned. It was a very valuable feature for us."

More Fortinet FortiGate cons

"The upgrades make the network slower."

"When we did our last update, we had some trouble with the initial syncing process to get our messaging to go through. But we were also moving a store and a lot was changing during that process. I don't think it was on Kerio's end. It just coincided with the update. Once we got our third-party IT guy involved it was resolved very quickly."

"When it comes to dealing with updates, there are often bugs on the solution. They should do a lot more testing before they release new versions."

"It has a VPN back to our data center but I don't think it has increased the number of VPN clients extended to those outside our environment"

"The overall speed needs improvement. Internet connectivity speed needs to be improved somehow."

"The logs could be improved for better clarity."

"The comprehensiveness of the security features could be improved upon. However, for the most part, it is pretty good. They could add more logs. I would like to see more detailed reporting, custom reporting from the logs, and more of a streamlined interface for certain aspects."

"Kerio Control has just improved on their biggest problem, which was to introduce better support for high-availability requirements in production."

More KerioControl cons

"The dynamics needs to be improved. The solution is not very compatible compared to the market products."

"Port forwarding could use streamlining."

"The reporting format could be improved."

"The pricing for this product in India is high and the fees should be reduced."

"The features I would like to see improve are the dashboard and the UI."

"You can do zero-trust networking with them, but it's not easy."

"The thing main thing is that there's no user admin and in other firewalls, we can enable the scalable features, but SonicWall doesn't have that feature."

"When it comes to security I think all of the features are currently open to improvement."

More SonicWall NSa cons

Pricing and Cost Advice

"Compared to other firewall products, it's a little cheaper in terms of pricing."

"It's very affordable."

"It is not a very costly product if you compare it with other products. The return on investment is also good. If you compare the return of investment and money that you are spending on this product with Palo Alto, Cisco, Check Point, and other solutions, the investment is very less. We are happy with this solution. The optional licenses are there, and you can choose which one you want and which one to avoid."

"You need to pay a license for this solution. Our licensing is now done in our subsidiary."

"The price depends on the size of the company. From the beginning, you just want to know the internet bandwidths, speed, and the number of users to be able to offer the right product and model. They have a lot of products in FortiGate according to the size of the company, like 200D and 300D."

"Fortinet is competitive price-wise."

"The pricing is justified. It's a little pricey, but what you pay for is what you get."

"In the Asian economy in which we operate, FortiGate is expensive."

More Fortinet FortiGate pricing and cost advice

"Pricing is good, but the licensing took a lot of time."

"Its initial cost is less as compared to other products. It becomes a bit costly when you pay for the products that you don't use. We paid for almost all the products through subscription, but we are using only a few products. We use EndPointSecurity, Kerio Connect, WebMonitor, and LanGuard. We don't use the rest of the products."

"We have to pay approximately EUR 175 for the product."

"The price of the solution is reasonable. For additional costs, you can add on more features such as antivirus."

"The biggest advice that I could probably give people is when you buy the solution be prepared to either buy the unlimited license or buy more licenses than you think. Each user license gives you one employee and each a user gives you five devices. In the world nowadays where everybody has a cellphone, tablet, desktop, and laptop, that's four devices. You still get one more device per person. That covers your servers and back-ends."

"I am living in Iran and we cannot buy the product from Kerio because of sanctions."

"KerioControl's pricing is good."

"I pay approximately $50 for the solution on an annual basis."

More KerioControl pricing and cost advice

"The solution is cheaper than others."

"You need their analyzer to properly generate reports. This is an expensive, licensed feature, with a complex application or appliance back-end."

"Licensed features provide application control, content filtering, antivirus, and anti-malware all in a single appliance."

"The pricing is lower and better than other products."

"SonicWall is not an expensive solution."

"The price is high. I would rate it four to five out of ten."

"It would be better if it has a better price, but its price is okay considering the benefits that you receive."

"The price is reasonable."

More SonicWall NSa pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Firewalls solutions are best for your needs.

See recommendations

831,158 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

22%

Computer Software Company

14%

Comms Service Provider

Manufacturing Company

Computer Software Company

23%

Financial Services Firm

Media Company

Comms Service Provider

Computer Software Company

15%

Educational Organization

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

When you compare these firewalls you can identify them with different features, advantages, practices and usage a...

See all answers

What is the biggest difference between Sophos XG and FortiGate?

From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...

See all answers

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?

As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...

See all answers

What do you like most about KerioControl?

The solution provides feasibility regarding cyber privacy.

See all answers

What is your experience regarding pricing and costs for KerioControl?

KerioControl offers good pricing as one license covers all features needed without extra payment. The price for the p...

See all answers

What needs improvement with KerioControl?

The logs could be improved for better clarity. It is difficult to understand when there is a threat attack, and handl...

See all answers

What do you like most about SonicWall NSa?

The product blocks access when I visit unrecognized websites.

See all answers

What is your experience regarding pricing and costs for SonicWall NSa?

SonicWall is much cheaper compared to Fortinet, particularly regarding renewal and licensing costs.

See all answers

What needs improvement with SonicWall NSa?

I would like more free VPN licenses. It would be beneficial if they could enhance the analytics part. It needs to be ...

See all answers

Comparisons

Sophos XG vs Fortinet FortiGate

Compared 23% of the time

Netgate pfSense vs Fortinet FortiGate

Compared 13% of the time

Cisco Secure Firewall vs Fortinet FortiGate

Compared 11% of the time

WatchGuard Firebox vs Fortinet FortiGate

Compared 5% of the time

More Fortinet FortiGate Competitors

Netgate pfSense vs KerioControl

Compared 35% of the time

OPNsense vs KerioControl

Compared 12% of the time

Sophos XG vs KerioControl

Compared 7% of the time

Sophos UTM vs KerioControl

Compared 6% of the time

Cisco Secure Firewall vs KerioControl

Compared 5% of the time

More KerioControl Competitors

Sophos XG vs SonicWall NSa

Compared 15% of the time

SonicWall TZ vs SonicWall NSa

Compared 13% of the time

Meraki MX vs SonicWall NSa

Compared 9% of the time

Cisco Secure Firewall vs SonicWall NSa

Compared 6% of the time

OPNsense vs SonicWall NSa

Compared 5% of the time

More SonicWall NSa Competitors

Product Reports

Buyer's Guide

Fortinet FortiGate

January 2025

Download Fortinet FortiGate product report

Buyer's Guide

KerioControl

January 2025

Download KerioControl product report

Buyer's Guide

SonicWall NSa

December 2024

Download SonicWall NSa product report

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall

No data available

NSA 250M, NSA 2600, NSA 3600, NSA 4600, NSA 5600, Dell SonicWALL NSA

Learn More

Fortinet

GFI

SonicWall

Overview

Fortinet FortiGate offers comprehensive network security and firewall protection across multiple locations. It effectively manages data traffic and secures environments with features like VPN, intrusion prevention, and UTM controls.

Organizations rely on Fortinet FortiGate for its robust integration with advanced security policies, ensuring significant protection for enterprises, cloud environments, and educational sectors. It facilitates network segmentation, application-level security, and authentication management, securing communication within and between locations such as branches and data centers. Its efficient SD-WAN and UTM features enable streamlined data management and enhanced threat protection capabilities. Users appreciate its centralized management, facilitating seamless operations across diverse environments.

What are the key features of Fortinet FortiGate?

VPN Capabilities: Ensure secure remote access for users and seamless site-to-site connections.
Intrusion Prevention System (IPS): Detect and prevent security threats and vulnerabilities.
Advanced Firewall: Offers robust firewalling with application control and web filtering.
SD-WAN: Optimizes application performance and enhances bandwidth management.
SSL VPN: Provides reliable and secure access for remote workers.

What benefits should users expect from Fortinet FortiGate?

High-performance Security: Delivers effective threat mitigation with high availability.
Centralized Management: Simplifies network operations with cloud-based management tools.
Detailed Analytics: Provides comprehensive insights into network activity and security threats.
Load Balancing: Ensures optimal resource distribution and traffic management.

Fortinet FortiGate is crucial in sectors like education, offering robust networks for secure data flow between campuses and facilitating remote learning. In enterprise environments, it allows efficient management of application traffic and security across multiple branches, while in the cloud, it seamlessly integrates with diverse platforms to enhance security infrastructure.

Kerio Control is a popular security product for small and medium-sized businesses. It is a next-generation firewall that provides unified threat management without complexity. Kerio Control provides advanced anti-virus protection and industry-leading web and content application filtering, and has a secure VPN.

With Kerio Control you can:

Preserve the integrity of your network.
Manage bandwidth to streamline traffic flows.
Improve productivity with filtering capabilities.

Kerio Control Features

Some of Kerio Control’s most valuable features include:

High availability, deployment flexibility, deep packet inspection, advanced routing, usage reporting, quick administering, intrusion detection and prevention (IPS), gateway anti-virus, VPN, web and content application filtering, and centralized administration with MyKerio.

Kerio Control Benefits

Eliminate downtime risks: Because Kerio Control offers high availability and failover protection, you can eliminate the risk and cost of connectivity or threat protection downtime.
Detailed reports: Kerio Control makes it easy to view individual users’ internet activity through detailed reports.
Traffic monitoring: Traffic monitoring allows you to manage bandwidth and makes it possible for you to control access to streaming video and peer-to-peer networks.
Server protection: Using Kerio Control’s advanced networking routing and deep packet inspection, you can protect servers.
Easily create policies: With Kerio Control, you can create both inbound and outbound traffic policies, and can also restrict communication by specific URLs, applications, traffic type, content category, or even time of day.
Snort-based analysis: Kerio Control gives you the ability to add a transparent layer of intrusion prevention with snort-based analysis along with a database of rule and blacklisted IP addresses that is regularly refreshed.
Optionally integrated anti-virus: WIth this feature, you can prevent viruses, Trojans, or spyware from entering your networks.

Reviews from Real Users

Here is some feedback from some of our users who are currently using the solution:

PeerSpot user Brian C., Senior Technology Specialist, VP at Unified Technology Solutions, writes "It is very comprehensive and simple. It has all the active protections. It's updated. We love that you can set how often it is updated so you can work on what is right for you. A large company with a lot of bandwidth can update the virus definitions and security definitions hourly, if they want. A smaller site that's remote, where maybe updating the definitions will eat into the bandwidth, we can schedule those more to go later at night. It's very flexible and works for us in all types of situations. This is great because then we don't have to learn seven different products to be able to work with seven different scenarios."

Andy D., IT Manager at Flare Technologies, praises how easy it is to use and says, "One thing we use quite a lot, as well, is the DHCP Server, because we do a lot of work where all our devices need to have static IP addresses. Rather than going around and configuring every box, we do it all through DHCP reservations. It's easier. We've got a record of it. We can manipulate it if we need to change something or change some hardware. It's all easy. Even guys who are not used to using it can pick it up quite quickly."

SonicWall NSa dispenses advanced threat protection using a high-performance security platform. The NSa series implements intuitive deep learning technologies in the SonicWall Capture Cloud Platform to dispatch the automated real-time threat detection and deterrence enterprise organizations need today. SonicWall Network Security appliance (NSa) series is best for mid-sized organizations to distributed enterprises and data centers.

SonicWall NSa series next-generation firewalls (NFGWS) combine two very robust security ideologies to deliver advanced threat protection to keep users’ networks safe. Boosting SonicWall’s multi-engine advanced threat protection (ATP) is their Real-time Deep Memory Inspection (RTDMI™). The RTDMI intuitively identifies and stops aggressive zero-day threats and vicious malware by investigating memory directly. This real-time process allows SonicWall RTDMI to be accurate, lessen false positives and discover and alleviate malicious threats and attacks. SonicWall’s single-pass Reassembly-Free Deep Packet Inspection (RFDPI) will audit every byte of each and every packet by investigating both outbound and inbound traffic on the firewall. By combining the SonicWall Capture Cloud Platform along with on-box offerings such as intrusion prevention, web/URL filtering, and anti-malware, the NSa series is able to block the most malicious and dangerous threats at the gateway.

Additionally, SonicWall firewalls supply absolute protection by executing complete inspection and decryption of SSH and TLS/SSL encryption connections - no matter the port or protocol. The firewall takes a deep dive into each and every packet (the header and data) routing out any anomalies, zero-day intrusions, threats, and protocol non-compliance. Users can also define unique criteria specific to their organization to ensure their networks remain safe. This aggressive deep packet inspection is able to identify and block malicious attacks, stop dangerous malware downloads, prevent the spread of infections, and defeat command and control (C&C) communications and data exfiltration. Protocols involving inclusion and exclusion allow users complete control to decide, based on specific governance policies, organizational policies, or government or legal compliance, which traffic is to be investigated for decryption or inspection.

SonicWall Nsa offers enterprise organizations the network control and fluid flexibility they desire using an intrusion prevention system (IPS), VPN, real-time visualization, and other advanced powerful security features, making it a popular firewall solution in today's marketplace.

Reviews from Real Users

“The features that I have found most valuable are the firewalling, which is very good, and the GUI which is very intuitive. It is easy to use and provides great security.” - Network Engineer at a maritime company

“What's valuable in SonicWall NSa is the ATP (advanced threat protection). It can protect users from malicious links. SonicWall NSa also has a Sandboxing service that is very helpful for us, especially when end users accidentally click on malicious links. Another valuable feature of this solution is that it is very useful for site-to-site VPN connectivity issues. SonicWall NSa has very good hardware. I also love that SonicWall has very good technical support, who are very knowledgeable, provide good suggestions, and they're easy to reach.” - Mohammed M., Network Administrator at Transgulf Readymix

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya

Triton Technical, McDonald's

Orange County Rescue Mission, First Source, Michaels & Taylor, Green Clinic Health System, Aspire Chiltern Skills and Enterprise Centre, UnitedStack, Faith Lutheran College Redlands, Celtic Manor Resort, Star Kay White, Air Works, Unimat Life, NHS Yorkshire and Humber Commissioning Support (YHCS), Hutt City Council, Mato Grosso do Sul, Nspyre

Buyer's Guide

KerioControl vs. SonicWall NSa

January 2025

Free Report: KerioControl vs. SonicWall NSa

Find out what your peers are saying about KerioControl vs. SonicWall NSa and other solutions. Updated: January 2025.

DOWNLOAD NOW

831,158 professionals have used our research since 2012.

See our KerioControl vs. SonicWall NSa report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.