We performed a comparison between Palo Alto Networks and pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: pfSense has an edge in this comparison as it is a free, open-source solution while Palo Alto Networks is considered expensive by its users.
"SSL-VPN is very useful for us and has been very reliable."
"It's very fast and easy to configure."
"The reporting you receive out of this appliance is excellent. You will not need an external management system."
"The technical support is great."
"There are great templates, so you don't have to customize them if you don't want to. You do have the option to custom create some folders and some reports, however, with what is there, you don't really need to go through extra effort, as they already give you a lot of predefined views of reports and so forth."
"The most valuable feature is the ease of use."
"One of the valuable features is a standardized OS."
"The usage in general is pretty good."
"For everyday tasks, we just get alerts. It's anything that's suspicious, including from our Netgate. So, it's part of how we maintain cybersecurity in our school. This is working alongside our endpoint security solution."
"The solution is very robust."
"This solution has helped our organization by protecting our network from attacks."
"We can run it on any hardware."
"I use pfSense because it gives me the flexibility to greatly expand basic firewall features."
"The flexibility of adding new kinds of services without spending any money can't be beaten."
"We like the fact that the product is open-source. It's free to use. There are no costs associated with it."
"The documentation is very good."
"We utilize advanced threat prevention features like web filtering and SSL decryption, which haven't caused any issues."
"One of the most valuable features of Palo Alto Networks NG Firewalls is application symmetries."
"I like the firewall's vulnerability management features, which give you reminders to update your system and update your OS."
"We like the fact that this product can provide multiple layers of protection depending on our clients requirements, and can be configured to whatever level of protection and the specific protocols that they want."
"The most valuable feature is WildFire, which blocks sophisticated attacks and distinguishes it from other traditional firewall functions."
"The strengths of Palo Alto Networks NG Firewalls are application visibility and application awareness. Their strong point is identifying applications for traffic. So all of the policies that are configured are related to the application and not to a port."
"The sandboxing is valuable and they are frequently updating their signature database. We get new updates every five minutes. That makes it easy to detect new and unknown attacks."
"All the features are valuable, but my main one is the straightforward and well-designed GUI. I'm over 50 and have been in this business since the internet started. I'm not a GUI guy; I prefer using the command line. The product's GUI is excellent, and so is the threat intelligence. It's also straightforward to configure and flexible. The solution even has good networking, such as VLAN and subinterfaces, which is great because, in my experience, if the firewall is good, then the router usually isn't and vice-versa, but Palo Alto has both."
"Maybe they could make some features more accessible, such as a way to translate directions between two networks that share the same subnets."
"It does not have key authentication for admin access."
"Usually, we sell the bundle with the UTM or threat management piece with IPS, IDS. Other providers, such as Palo Alto, are ahead in terms of safe functionality. So, for me, delivering truly safe service is probably something that still needs to be improved."
"Fortinet FortiGate could improve by adding FortiAnalyzer to its solution, we should not have to use another solution. FortiAnalyzer can provide more detailed information."
"Its reporting capabilities can be improved. It should have some out-of-the-box reporting capabilities and some degree of customization. The basic reporting that it currently has is not sufficient to create more usable reports. It needs some sort of out-of-the-box reporting. They try to make customers purchase FortiAnalyzer for this kind of reporting, which is an additional cost. Other firewall vendors, such as SonicWall and Sophos, provide this sort of reporting without any additional cost."
"Fortinet Fortigate could benefit by simplifying some of their processes."
"Fortinet FortiGate could improve by having more storage in the hardware for log data."
"The solution could have licensing fees reduced in the future."
"It was difficult to configure our web printer through the solution. This process could be easier. Additionally, integration with SD-WAN solution."
"Netgate pfSense needs to improve the configuration for a VPN."
"We are at the moment looking to use it as a proxy service so that we can limit what websites people go and view and that sort of thing. That's an area I've struggled with a little bit at the moment and it could be a bit easier to set up."
"I would like to see multiple DNS servers running on individual interfaces."
"I would like to see pfSense integrate WireGuard. Currently, pfSense uses OpenVPN, and there's nothing wrong with it, but WireGuard is a lot leaner and meaner."
"The product must provide integration with other solutions."
"It would be great to add more to security."
"For the third-party packages, I'd rather have it built-in, like a core feature of pfSense, part of the core model."
"The areas that need to improve are network protection and user identification."
"It is a complete product, but the SSL inspection feature requires some improvements. We need to deploy certificates at each end point to completely work out the UTM solutions. If you enable SSL encryption, it is a tedious process. It takes a lot of time to deploy the certificates to all endpoints. Without SSL inspection, UTM features will not work properly. So, we are forced to enable this SSL inspection feature."
"The VPN connectors should be better. We had some challenges in terms of the VPN with Palo Alto Networks NG Firewall, and that's one of the main reasons why we moved to Sophos. Its load handling can also be improved. There were challenges when traffic was high. During peak business hours, it did not function very well. There was a lot of slowness, and the users used to complain, especially when they were connecting from outside. We even reported this to the support team. Their support should also be improved. Technical support was a bit of a concern while using this solution. We didn't get very good support from the Palo Alto team."
"It's not so easy to scale out your security capabilities."
"I would like them to bring in some features that would encourage traffic shaping or bandwidth routing, like other UTM firewalls, because the solution should be capable of limiting the bandwidth for rules."
"I would like to see better third-party orchestration so that it is easier for the team to work with different products."
"I wish that the Palos had better system logging for the hardware itself."
"The scalability compared to other products is not good. You need to change the box whenever you want your number of connection sessions to increase."
More Palo Alto Networks NG Firewalls Pricing and Cost Advice →
Netgate pfSense is ranked 1st in Firewalls with 128 reviews while Palo Alto Networks NG Firewalls is ranked 6th in Firewalls with 162 reviews. Netgate pfSense is rated 8.6, while Palo Alto Networks NG Firewalls is rated 8.6. The top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". On the other hand, the top reviewer of Palo Alto Networks NG Firewalls writes "We get reports back from WildFire on a minute-by-minute basis". Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Sophos UTM and Check Point NGFW, whereas Palo Alto Networks NG Firewalls is most compared with Check Point NGFW, Azure Firewall, Meraki MX, Sophos XG and Cisco Secure Firewall. See our Netgate pfSense vs. Palo Alto Networks NG Firewalls report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.