Bigleaf vs firewall: Can your firewall do this?

My firewall can do that.”

That’s a phrase we often hear from IT professionals when we talk about Bigleaf. 

If you’re referring to basic security and disaster recovery, it might be true, in part. After all, firewalls have been the first line of defense in a network for over a quarter-century. A mature network should have a built-in firewall to ensure a certain level of security and many do that also provide a level of redundant connectivity. 

Your setup may look like Stage 1 of the Internet Maturity Model: where you have a dual-wan firewall that allows you to have a second internet connection that can be activated when your primary connection goes down. When your primary connection fails, your business traffic needs to be moved, either manually or automatically, to the backup circuit. 

Seasoned IT pros can spend hours ensuring layers of redundancy are in place, as well as create Quality of Service rules that play nice with existing firewalls and add a level of application performance management. Rudimentary failover strategies, backup circuits, and QoS configurations like those are better than nothing. However, they can come with a variety of weaknesses which we’ll cover below. 

Check out this head-to-head comparison of your standard firewall vs. integrating Bigleaf into your tech stack alongside your existing firewall.

Firewall Limitations & Strengths

Your trusted firewall is important as it provides security and can provide the level of compliance you need. Some also help with connectivity. We’re not here to argue the security point. Instead, we want to make the case that Bigleaf allows organizations to achieve better connectivity and cloud application performance than firewalls.   

Your firewall – whether a Stateful Inspection, UTM, or an NGFW – or your amalgam of them needs to do more than just keep you compliant. They need to be a part of your infrastructure that keeps your business running smoothly in today’s digital landscape (where the cost of downtime & unusable uptime are rising to levels SMBs can’t afford while remaining competitive).

Round 1: Failover

Referencing Stage 1 of the Internet Maturity Model and tying into Round 1, when failover does happen, reconnecting all your business’ IP-specific internet traffic to the backup circuit is not instant. Your firewall can take seconds to minutes to failover. We’ve seen times ranging between 45 seconds to 8 minutes and some require a manual switch. However long it takes, performance is compromised, focus is lost. In the case of real-time VoIP calls, which drop the instant the connection drops, work completely stops. 

Basic Failover only provides support during outages; when the Internet is completely down. However, as seasoned IT professionals know, poor performance, brownouts, smaller outages, and more, disrupt business connectivity more often than complete outages. 

Bigleaf’s Same IP Address Failover seamlessly reroutes all traffic when there are outages and circuit disruptions, constantly keeping every business-critical application working as it should. With Bigleaf, when one of your circuits has any sort of outage, you don’t. Your IP address doesn’t change so your traffic automatically moves to your other circuit. Your VPN, VoIP call, and business-critical apps stay up! 

Yes, Bigleaf saves the call that would otherwise need to be reinitiated. 

Winner: Bigleaf Networks

Round 2: Intelligent Traffic Management

Optimized cloud application performance is traditionally achieved with policies and manual configurations for QoS, traffic flow management across circuits, and failover. While some firewall solutions have tried to make some of this easier with preset selections, there is still a requirement that each policy is manually set. 

Bigleaf’s self-driving AI automatically identifies and prioritizes your application traffic, configures itself to optimize for your circuit conditions and traffic makeup, and instantly adapts to changes in real-time, improving call & video quality and app performance. 

With only a dual-WAN firewall solution in place, even if it advertised SD-WAN capabilities, an IT Manager would need to manually create or set rules for every app they know their users are using. Let’s explain using a real-world example: 

Firewall Only Example 

Given the state of SaaS adoption and different tools that SMBs use nowadays (and because you need to create rules with every app and every user with most dual-WAN firewalls), a company with only 18 employees could need to create over 400  rules for QoS alone. In other words, the simple solution requires more from your IT resources. 

With Bigleaf, circuit monitoring, load balancing, and traffic identification and prioritization happens automatically regardless of how many or what SaaS apps are being used by your team members. 

Winner: Bigleaf Networks

Round 3: Insights 

Lack of awareness of how your internet circuits are performing is a massive threat to an SMBs bottom line. If you don’t know a problem is happening, you can’t fix it. 

We briefly covered Stage 1 of the Internet Maturity Model – where you get a second circuit, plug it into your firewall, learn that an outage has occurred, then manually failover your traffic to the second line. It may seem “good enough” at first glance – it’s simple and low cost. What if we told you the low cost comes at a high one? 

Your firewall may let you know of outages at the time they happen, requiring you to act on the issue at that moment. However, you may not be aware of circuit and traffic performance issues that are consistently happening but seem minor or insignificant in your day-to-day application and internet performance. These issues can go unnoticed and cost you losses in revenue, productivity, user experience, reputation, and more. 

Visibility of your circuit and traffic performance across each of your ISP circuits delivers the insight you need when things change and need attention, and what to do to ensure reliable performance for each of your cloud applications and technologies. When it comes to reporting, Bigleaf edges out. Our Risk Monitoring feature goes above & beyond, taking the aggregate of the health and performance metrics we track and record to isolate critical events that can threaten your business continuity. Each risk alert is designed to give you a clear explanation and path to resolution so it can be resolved.  

Winner: Bigleaf Networks

Champion: Bigleaf by Unanimous Decision

In summary, Bigleaf delivers much more than your firewall in ensuring reliable connectivity and optimal cloud application and Internet performance. We like to say that “having Bigleaf in your network is like having a Network Engineer on staff 24×7, who doesn’t take vacations, need breaks, or is subject to human error.” From Same IP Address Failover and Intelligent Load Balancing to Dynamic QoS and World-Class Support – we’ve got you covered.  

The results indicate that Bigleaf Networks beat your firewall by unanimous decision; but a knockout would be a more accurate conclusion. 

Next time you feel the urge to say, “My Firewall does that,” remember Bigleaf offers:  

  • true redundancy 
  • end-to-end network and cloud application performance optimization 
  • self-correcting network resilience 
  • insight that enables problem-solving before users are impacted 

Does your firewall do that?

*Bonus* Firewall-Friendly SD-WAN

If you’re convinced of the value that an SD-WAN solution like Bigleaf’s can bring your business, like it has 100,000 other users, you’ll be pleased to know that Bigleaf is a firewall-friendly solution. Bigleaf installs outside firewalls. So, an organization can use a firewall for the security and compliance it provides AND add on Bigleaf for the same IP-failover, intelligent and automated QoS prioritization, circuit monitoring, and load balancing that delivers above and beyond what most firewalls will ever. – it’s the easiest way to implement SD-WAN.

Wrap Up

If your business or customers use cloud-based and SaaS apps, if you can’t afford to have poor internet connectivity or downtime, have enterprise-grade goals, and you want to focus your IT efforts on strategic business initiatives, then Bigleaf Networks may be the best solution for you. 

Can your firewall really do all this? 

SMBs rely more on their Internet connectivity than ever, and while a firewall has its strengths, good enough is not good enough to improve business continuity and internet performance. If you’re curious to learn more about this topic or Bigleaf in general, request a demo, ping us at, or check out our other SD-WAN resources. 

Related Posts

Introducing Bigleaf Wireless Connect