Go Premium for a chance to win a PS4. Enter to Win


Comparing Sonicwall to Fortigate. Any have experience with both?

Posted on 2009-04-08
Medium Priority
Last Modified: 2013-11-22
I am trying to decide between the Fortigate 310b smb/enterprise UTM firewall and the the Sonicwall e4500-series firewall for our company.

We have about 250-300 users typically on the system (with a max of 400), and will need to firewall both our Internet connection and our internal LAN segments.  Because this firewall will also do routing for our network, reliability is extremely important.

Internet connection is 10mbps.  Internal LAN is 100mbps and 1000mbps.

The Sonicwall seems to be quite a bit less expensive than the Fortigate, so that is starting to weigh in its favor.  

However, support and reliability are very important.  I have heard about stability complaints in earlier Sonicwall models.  

Here are my questions:

1.  Any comments on Sonicwall support for their E-series appliances?
2.  Anything that the e-series does not do well?  For example, I read that firewall policies cannot be configured per-port, as they can on the Fortigates.
3.  Any reliability issues on the E-series?  How often do they need to be rebooted?
4.  Any particular successes with your E-series Sonicwalls?
5.  Any reason you prefer the Sonicwall over the Fortigate?

I'm trying to gather enough info to see if there is a good reason to use Sonicwall over Fortigate.  


Question by:PhireWall
  • 2
  • 2
LVL 17

Expert Comment

ID: 24105371
I can't comment on the Foritgate at all but we've been selling Sonicwalls for YEARS.

- reliability - we have had no significant issues with any Sonicwall from the basic SOHO boxes upwards. There will always be the odd one that breaks, of course, but it's a low percentage, and they're ALWAYS covered by next-day-swapout during initial warranty period OR for as long as you continue to pay the 8x5 or 24x7 support licence. That's worth remembering...

- policies per port? It's a very flexible system. You can put interfaces in zones, configure rules between zones, so yes, if you put each interface in a zone you can control to that level.  If you have a *specific* requirement i suggest you ask a specific question! :-)

- should NEVER need rebooting. If you find you want to upload new firmware that needs reboot, of course, but that's entirely under your control to schedule and perform the upgrade, nothing is done without your confirmation.


Author Comment

ID: 24113544
Thanks for the response.  Appreciate the feedback.

Here are some specific questions I'm trying to resolve. . .

Can I do the following. . .?

1.  Assign multiple/separate DHCP servers on different ports, such that one segment is say,, another is, ?  We have segmented our LAN into 3 distinct subnets, and wanted to know if I could also administer these subnets on the Sonicwall.

2.  Create "virtual domains" on the ports with different sets of firewall rules on each port, and with the ability to route or not route from one virtual domain to another.  For example, have one port just filter for IPS/IDS, then another port filter for IPS/IDS and antivirus, etc.

3.  We want to use the firewall in conjunction with a separate URL filter (Lightspeed Systems).  So, this would require us to have the 3 network segments terminate on the Sonicwall and route out of the Sonicwall to the Lightspeed server, and then back into the Sonicwall for the default route to the Internet. Possible?

4.  Is support handled in/out of the US?  I am concerned that it would be difficult to get good support when needed.

Thanks for any further input you can add.

LVL 17

Accepted Solution

ccomley earned 1000 total points
ID: 24122207
w.r.t. Sonicwall only:-

1) Nope - the Sonicwall can act as DHCP server or not (leaving it to another server or servers). The sonic CAN isolate the segments, however, so that the computers on Lan-A can onyl see the DHCP server on LAN-A, etc...

2) Yes.

3) Yes. Sonicwall use eexactly this layout for connecting their own SSL-VPN and Email Scanning appliances.

4) Support is worldwide. They're currently changing it, introducing MORE call centres. Centress are operated on "follow the sun", so who answers your query depends when you call. If you call when it's 2am where you are but 10am in EU, say, you'll probably end up speaking to someone in the EU call centre. But all calls are logged centrally, i.e. if you call back the next day and speak to someone in California, they can access all the info on the problem.


Author Closing Comment

ID: 31568319
Thanks!  Appreciate the thorough response.

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

These are on the increase and getting more common these days. Users who use the Google search engine may complain of having their search redirected to unwanted sites, regardless of what browser is used. This happens when the system is infected with…
HOW TO REMOTELY CLEAN MEROND.O WITH ESET SILENTLY PROBLEM       If you have the fortunate luck to contract the Merond.O virus on your network, it can be quite troublesome to remove as it propagates to network shares on your network. In my case, the …
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

963 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question