---
title: DiscrimiNAT Firewall Reviews
meta_title: 'DiscrimiNAT Firewall Reviews 2026: Details, Pricing, & Features | G2'
meta_description: Filter reviews by the users' company size, role or industry to find
  out how DiscrimiNAT Firewall works for a business like yours.
aggregate_rating:
  rating_value: 4.8
  review_count: 3
  scale: '5'
date_modified: '2026-07-13'
parent_category:
  name: Network Security
  url: https://www.g2.com/categories/network-security
---

# DiscrimiNAT Firewall Reviews
**Vendor:** Chaser Systems  
**Category:** [Network Traffic Analysis (NTA) Software](https://www.g2.com/categories/network-traffic-analysis-nta)  
**Average Rating:** 4.8/5.0  
**Total Reviews:** 3
## About DiscrimiNAT Firewall
The DiscrimiNAT Firewall is a transparent, proxy-less Managed NAT alternative to discover &amp; filter egress traffic by FQDNs in a Shared VPC. It&#39;s built upon our cutting-edge technology, Wormhole DNS, that handles highly variable, low TTL and load-balanced domain name resolution results perfectly well to give your applications uninterrupted access to allowed destinations. CONSOLE INTEGRATION There are no new UIs to learn – the configuration is stored in cloud resources directly, and the flow &amp; audit logs go to the native logging service. GitOps FTW because only cloud&#39;s APIs are used for interfacing, you will never have to leave the cloud console. SPOOFING PREVENTION Unlike SNI only or Suricata based, DiscrimiNAT does conduct out-of-band DNS lookups, so TLS SNI spoofing by supply-chain malware will be logged &amp; stopped. It even supports allowing SSH by FQDNs. The next Log4J won&#39;t slip through! SAFE WILDCARDS Public Suffix List safeguard in place, by default, to reject wildcard patterns matching all tenants on a CSP or a CDN (aka Effective TLDs); precise patterns can also be configured with use of glob characters (\*, ?). TRANSPARENT OPERATION No need to set http\_proxy like environment variables or change any code. Everything in the VPC, from VMs to k8s and Serverless, will have its egress traffic routed through DiscrimiNAT. Swapping to (and from) Managed NAT is just changing a route table entry. FQDN DISCOVERY Don&#39;t know what needs allowing? With the ‘see-thru’ monitor mode, egress traffic can be logged without blocking; then a CLI command extracts FQDNs accessed. We have a 3½ min video on how easy it is! LEAST PRIVILEGE EGRESS You no longer need to apply the entire allowlist to large CIDR ranges hosting multiple applications. The policies are as granular as native firewall rules/security groups, so each application gets access to only what it needs. This translates to micro-segmentation in Zero Trust architectures. DEVELOPER GUARD RAILS With bidirectional enforcement of TLS 1.2+ and SSH v2, automated expiry of exemptions, dropping unencrypted Internet-bound traffic, etc., each feature has been carefully designed to avoid footguns. REFINED OPERABILITY DiscrimiNAT integrates with cloud&#39;s native load balancers and runs with high-availability, load-balancing &amp; auto-scaling within your VPC. It&#39;s also completely maintenance-free! ENTERPRISE READY Whether you seek compliance with PCI DSS v4.0 or NIST SP 800-53 AC-4 , SC-7 and SC-8, we&#39;ve got it covered. Also, DiscrimiNAT is hardened to CIS Ubuntu Linux 20.04 LTS Benchmark v1.1.0 Level 2 - Server. Besides the quarterly updates, critical OS updates are released in less than 10 days and rolling updates apply seamlessly.



## DiscrimiNAT Firewall Pros & Cons
**What users like:**

- Users appreciate the **affordability** of DiscrimiNAT Firewall, enjoying its performance and seamless integration with existing systems. (1 reviews)
- Users appreciate the **responsive customer support** of DiscrimiNAT Firewall, ensuring quick assistance when needed. (1 reviews)
- Users appreciate the **fast and efficient performance** of DiscrimiNAT Firewall, enhancing security without compromising speed. (1 reviews)
- Users appreciate the **seamless integrations** of DiscrimiNAT Firewall, enhancing performance and simplifying deployment with excellent support. (1 reviews)
- Users appreciate the **network security** provided by DiscrimiNAT Firewall, valuing its performance and seamless integration with GCP. (1 reviews)
- Performance Efficiency (1 reviews)
- Performance Speed (1 reviews)
- Reliability (1 reviews)

**What users dislike:**

- Users noted a previous **lack of features** , specifically wildcards, although this issue has since been resolved. (1 reviews)
- Users note a **lack of mobile support** , which limits the flexibility and usability of DiscrimiNAT Firewall on the go. (1 reviews)

## DiscrimiNAT Firewall Reviews
  ### 1. Straightforward AWS NAT Gateway for egress filtering that doesn't have an SNI spoofing vulnerability

**Rating:** 5.0/5.0 stars

**Reviewed by:** Matt C. | Group Head of Engineering, Mid-Market (51-1000 emp.)

**Reviewed Date:** March 05, 2026

**What do you like best about DiscrimiNAT Firewall?**

DiscrimiNAT mitigates the SNI spoofing vulnerabilities present in solutions like Squid and AWS Network Firewall by enforcing strict FQDN checks. Its transparent operation requires no client-side configuration. The allow list rules are easy to configure. The “see-thru” operating mode helps with deployment to production networks by identifying overlooked egress traffic requirements before they get blocked. Additionally, because DiscrimiNAT functions as an inline appliance rather than a NAT gateway server, security assessors and pen testers with authenticated access cannot raise an “unrestricted outbound access” finding for that host during security audits.

**What do you dislike about DiscrimiNAT Firewall?**

We have not encountered any drawbacks that prevented deployment. It functions as expected without adding overhead to our infrastructure. Egress traffic must be HTTPS. FQDN wildcard support is available within the inherent limits of the solution.

**What problems is DiscrimiNAT Firewall solving and how is that benefiting you?**

We needed to restrict outbound AWS cloud traffic to prevent data exfiltration. Previously we used a Squid web proxy and Linux firewall as the NAT gateway to do this. We replaced it with DiscrimiNAT to prevent our egress rules from being bypassed via SNI spoofing, to address a potential security vulnerability. This provides verifiable egress control, which satisfies our security and compliance requirements.

  ### 2. Good forward proxy for our egress security on Google Cloud

**Rating:** 4.5/5.0 stars

**Reviewed by:** Verified User in Manufacturing | Enterprise (> 1000 emp.)

**Reviewed Date:** February 20, 2025

**What do you like best about DiscrimiNAT Firewall?**

We like the fact that DiscrimiNAT is doing FQDN filtering on SNI while being a transparent proxy, that it integrates with native firewall rules on GCP and that it's really fast and performant. We deploy it with the Terraform module and it's maintenance-free for us. In addition, we always had really fast feedback and help from the Team anytime we reached out for advice / feedback. Price is also good.

**What do you dislike about DiscrimiNAT Firewall?**

We don't have any issues as of now. In the past, the lack of wildcards was a downside, but it's now fully supported.

**What problems is DiscrimiNAT Firewall solving and how is that benefiting you?**

We have a security requirement to filter egress traffic from our Cloud infrastructure. DiscrimiNAT makes that easy and integrates well.

  ### 3. Secure egress solution with very straightforward rule configuration

**Rating:** 5.0/5.0 stars

**Reviewed by:** Paul S. | Cloud Security Engineer, Enterprise (> 1000 emp.)

**Reviewed Date:** November 18, 2021

**What do you like best about DiscrimiNAT Firewall?**

We really like the speed and simplicity of deployment using Terraform with the vendor-supplied modules, no need for console access, and authorization determined by security group rule descriptions. We initially used the "see-thru" mode to determine existing outbound traffic without enforcement.

We simply replaced our existing NAT Gateways with DiscrimiNAT, added the rules to our security groups, then checked traffic details in CloudWatch logs (AWS) or Cloud Logging (GCP).

It's particularly well suited to our organization with a large number of autonomous teams who want a simple, secure egress solution that's easy to configure, no change to application code, and no need for explicit proxy settings.

DiscrimiNAT is available via AWS and GCP Marketplaces, so it's easy to procure - as the cost is simply included in the monthly cloud provider bill.

There's a high standard of documentation with example Terraform code, and we received a prompt response to a minor technical query.

**What do you dislike about DiscrimiNAT Firewall?**

One downside of DiscrimiNAT is that it can't filter on URL path - for example, you can't block all of github.com except for github.com/mycompany. However, implementing that level of control would require an SSL interception solution which isn't suitable for us, due to the need to install the proxy certificate chain as trusted in our server operating systems and applications.

**What problems is DiscrimiNAT Firewall solving and how is that benefiting you?**

DiscrimiNAT provides controlled egress to authorized domains from cloud computing environments in AWS and GCP, using TLS and SSH. It significantly reduces the risk of data exfiltration, malware, and command and control using reverse shell attacks.


## DiscrimiNAT Firewall Discussions
  - [What is discrimiNAT Firewall used for?](https://www.g2.com/discussions/what-is-discriminat-firewall-used-for)

- [View DiscrimiNAT Firewall pricing details and edition comparison](https://www.g2.com/products/discriminat-firewall/reviews?section=pricing&secure%5Bexpires_at%5D=2026-07-15+18%3A56%3A46+-0500&secure%5Bsession_id%5D=9b080f95-ff03-4a78-8267-b36c6985d2a4&secure%5Btoken%5D=86d6850045a65b109a8a67f488559f54b0329bf469d2633f0a0f02bc518a137b&format=llm_user)

## DiscrimiNAT Firewall Features
**Administration**
- Policy Management
- Logging and Reporting
- Concurrent Sessions

**Automation**
- Metadata Management
- Response Automation
- Continuous Analysis

**Agentic AI - Firewall Software**
- Autonomous Task Execution
- Adaptive Learning

**Functionality**
- URL Filtering
- Availability

**Functionality**
- Multi-Network Capability
- Anomaly Detection
- Network Visibility
- Scalability

**Monitoring**
- Load Balancing
- Continuous Analysis
- Intrusion Prevention
- Intrusion Detection

**Incident Management**
- Incident Logs
- Incident Alerts
- Incident Reporting

**Generative AI**
- AI Text Summarization

**Artificial Intelligence - Firewall**
- AI Firewall

## Top DiscrimiNAT Firewall Alternatives
  - [Check Point Next Generation Firewalls (NGFWs)](https://www.g2.com/products/check-point-next-generation-firewalls-ngfws/reviews) - 4.5/5.0 (511 reviews)
  - [SolarWinds Observability](https://www.g2.com/products/solarwinds-worldwide-llc-solarwinds-observability/reviews) - 4.3/5.0 (817 reviews)
  - [Sophos Firewall](https://www.g2.com/products/sophos-firewall/reviews) - 4.7/5.0 (804 reviews)

