We performed a comparison between Check Point NGFW and Fortinet Fortigate based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Fortinet’s lack of an option to deploy firewalls on multiple endpoints is a definite downside. Although Fortinet received better feedback for its support, Check Point is the winner in this comparison.
"The dashboard is the most important thing. It provides good visibility and makes management easy. Firepower also provides us with good application visibility and control."
"The Packet Tracer is a really good tool. If someone calls because they're having problems, you can easily create fake traffic without having to do an extended packet capture. You can see, straight away, if there's a firewall rule allowing that traffic in the direction you're trying to troubleshoot."
"It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS."
"It's very scalable. You can go to different models of the ASAs and they scale up to as big as you want to go."
"I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection."
"The content filtering is good."
"So far, it has been very stable."
"The CLI is the most valuable feature. This solution is very flexible and offers different functionality including firewalls and VPN connectivity."
"From the logs, you can trace back to the rule with a click, which makes it easy to investigate cases."
"While not being cheap, their pricing models are competitive."
"Check Point's most useful feature is threat prevention and extraction. It was tough to manage seven firewalls and a perimeter solution for IPS, anti-malware, anti-bot, and sandboxing."
"One ability that Check Point has is that it is the first to provide us with the ability to use identities instead of using the traditional IP-based format, which allows way more flexibility in what we can do with the rule base."
"The security posture assessment with two-factor authentication has saved more time and commercial costs by avoiding deploying having to deploy another solution."
"Objects search and tracker logs are useful."
"Check Point has strong security features as well as some decent monitoring and management capabilities."
"The initial setup is straightforward."
"FortiGate is very simple to manage and easy to use."
"The dashboard I have found the most valuable in Fortinet FortiGate."
"FortiGate has a strong security topic which allows all of the Fortinet devices to communicate and share information which makes their security more powerful."
"Overall security features and performance routing is good."
"Initial setup is straightforward. There weren't too many issues with setting it up. It takes one hour or so."
"It's very easy to configure."
"The base firewall features are quite valuable to us."
"The simplicity of the configuration and the stability of the product are most valuable. The VPN concentrator is very useful."
"The change-deployment time can always be improved. Even at 50 seconds, it's longer than some of its competitors. I would challenge Cisco to continue to improve in that area."
"We are replacing ASA with FTD which offers many new features not available using ASA."
"It would be good if Cisco made sure that the solution supports all routing protocols. Sometimes it doesn't."
"The application detection feature of this solution could be improved as well as its integration with other solutions."
"The user interface is a little clunky and difficult to work with. Some things aren't as easy as they should be."
"The solution is overcomplicated in some senses. Simplifying it would be an improvement."
"The initial setup was a bit complex. It wasn't a major challenge, but due to our requirements and network, it was not very straightforward but still easy enough."
"The configuration in Firepower Management Center is very slow. Deployment takes two to three minutes. You spend a lot of time on modifications. Whereas, in FortiGate, you press a button, and it takes one second."
"The predefined reports are few and it would be nice to increase them since the logs are excellent."
"The only reasons we are looking at other solutions are price and integration."
"The client for the central tools is very big - maybe using web access in future releases, similar to other vendors should be possible."
"In the future, some of the features that I would like to see would be the ability to integrate environmental solutions such as the metaverse or blockchain so that we can see them also in applications directly and on mobile devices or natively."
"They have few predefined reports and it would be nice to increase them since the logs are excellent."
"The anti-spam needs improvement."
"The pricing could always be more competitive."
"Internet load balancing provides either active/passive or active/active load balancing, however, I would like to see more options that provide SD-WAN capabilities while also allowing for more than two links."
"The support system could be improved."
"The stability of Fortinet FortiGate could improve."
"The scalability could be better."
"When we cluster the two Fortinet FortiGate boxes together we have some issues."
"I'm not sure if it's something that they already have or are developing something, however, we need some dedicated features for container security."
"This product needs to have an analysis feature, rather than having the analysis done through the integration of a different product."
"The initial setup and configuration are not intuitive and require training."
"It would be ideal if they had some sort of GUI interface for troubleshooting and diagnostics."
The Cisco Secure Firewall portfolio delivers greater protections for your network against an increasingly evolving and complex set of threats. With Cisco, you’re investing in a foundation for security that is both agile and integrated- leading to the strongest security posture available today and tomorrow.
From your data center, branch offices, cloud environments, and everywhere in between, you can leverage the power of Cisco to turn your existing network infrastructure into an extension of your firewall solution, resulting in world class security controls everywhere you need them.
Investing in a Secure Firewall appliance today gives you robust protections against even the most sophisticated threats without compromising performance when inspecting encrypted traffic. Further, integrations with other Cisco and 3rd party solutions provides you with a broad and deep portfolio of security products, all working together to correlate previously disconnected events, eliminate noise, and stop threats faster.
Check Point NGFW is a next generation firewall that enables safe usage of internet applications by blocking malicious applications and unblocking safe applications. Check Point NGFW, which uses deep packet inspection to identify and control applications, has features such as application and user control and integrated intrusion prevention (IPS), as well as more advanced malware prevention capabilities like sandboxing.
Check Point NGFW includes 23 firewall models optimized for running all threat prevention technologies simultaneously, including full SSL traffic inspection, without compromising on security or performance.
Benefits of Check Point's Next Generation Firewall
Check Point NGFW is suitable for organizations of all sizes, from small businesses to larger enterprises.
Reviews from Real Users
Check Point NGFW stands out among its competitors for a number of reasons. Two major ones are its intrusion prevention feature as well as its centralized management, which makes it very easy to deploy firewall policies to many firewalls with one click.
Shivani J., a network security administrator, writes, "Check Point has a lot of features. The ones I love are the antivirus, intrusion prevention, and data loss prevention."
G., a network administrator at Secretaría de Finanzas de Aguascalientes, writes, “Within the organization, the inspection of packages has given us great help in detecting traffic that may be a threat to the institution. The configuration of policies has allowed us to maintain control of access and users for each institution that is incorporated into our headquarters.”
Arun J., a senior network engineer, notes, “The nicest feature is the centralized management of multiple firewalls. With the centralized management, we can easily use and operate multiple firewalls as well as create a diagram of them.”
Fortinet FortiGate is an innovative line of firewalls that aim to protect organizations from all types of web-based network threats. They come in a wide variety of product types. Fortinet FortiGate’s solutions are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.
Fortinet FortiGate provides users with next-generation firewall solutions that provide proven protection with unmatched performance across the network, from internal segments to data centers to cloud environments. You can protect every part of your network without exception. Additionally, your protections can be managed from a single central location. This ensures that the task of protecting your network is infinitely easier to accomplish.
Benefits of Fortinet FortiGate
Some of the benefits of using Fortinet FortiGate include:
Reviews from Real Users
Fortinet FortiGate’s firewall solutions are cutting edge. They stand out from competitors for a number of reasons. Two major ones are the robustness and power of their firewalls. Fortinet FortiGate’s firewall provides users with many valuable features that allow them to maximize what they can do with the solution. These firewalls enable users to use a single piece of software to accomplish tasks that often require the use of multiple pieces of software.
PeerSpot user Eric S., a Solutions Engineer and Consultant at a tech-services company, notes the robustness of this solution when he writes, "One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface.”
PeerSpot user Jim M., a network admin at Penobscot Valley Hospital, notes the power of Fortinet FortiGate’s security software when he writes, "It does a lot for you for intrusion protection and as an antivirus. The threat management bundle is worth the money. You don't need another company to monitor your web traffic for you. You can do everything yourself on the firewall. You restrict your own black list for people on the firewall.”
Check Point NGFW is ranked 4th in Firewalls with 161 reviews while Fortinet FortiGate is ranked 1st in Firewalls with 92 reviews. Check Point NGFW is rated 9.0, while Fortinet FortiGate is rated 8.4. The top reviewer of Check Point NGFW writes "Centrally managed, good antivirus and attack prevention capabilities, knowledgeable support". On the other hand, the top reviewer of Fortinet FortiGate writes "SSL proxy makes URL filtering easier because the encryption is done before the packet ever leaves ". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Azure Firewall, pfSense, OPNsense and Juniper SRX, whereas Fortinet FortiGate is most compared with pfSense, Sophos XG, Meraki MX, WatchGuard Firebox and SonicWall TZ. See our Check Point NGFW vs. Fortinet FortiGate report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.