We performed a comparison between Check Point NGFW and Palo Alto Networks NG Firewalls based on our users’ reviews in four categories. Our conclusion is presented below.
Comparison Results: Our users feel Check Point NGFW is the better choice for NG Firewalls. Users appreciate its unique multi-layer, multi-blade approach. Additionally, the central management station allows users to manage everything in one place, helping to improve overall performance. The great price, support, and performance make this a great choice.
"Their interface is very easy to use, it is without bugs."
"FortiGate has a very strong unified threat management system."
"Advanced routing (RIP, OSPF, BGP, PBR). It gives you a seamless and simple integration into a large network."
"It's very easy to configure."
"The Fortinet FortiGate local partners were good. I did not have direct contact with Fortinet support."
"Centralized monitoring, policy management, and virtualized appliances allow us to take control over our public and private infrastructure."
"The SD-WAN is the most valuable feature."
"We are very happy with the general bandwidth agility we have seen from one website to another website."
"The level of security is excellent. It protects our organization well."
"It is giving us a greater reach for greater prevention and is proactively protecting our employees."
"It's really simple to set up."
"Check Point has a lot of features. The ones I love are the antivirus, intrusion prevention, and data loss prevention. Apart from that, there is central management through which we can integrate all the firewalls and support them. It makes it easy to manage all the firewalls."
"The most valuable feature is the powerful, deep packet inspection engine."
"Only allows authorized connections and prevents vulnerabilities in a network."
"I have to say that it was Application Control and web filtering are excellent."
"The packet inspection capabilities are great."
"Comments have some delay, but overall, it's a good product."
"All the features are valuable, but my main one is the straightforward and well-designed GUI. I'm over 50 and have been in this business since the internet started. I'm not a GUI guy; I prefer using the command line. The product's GUI is excellent, and so is the threat intelligence. It's also straightforward to configure and flexible. The solution even has good networking, such as VLAN and subinterfaces, which is great because, in my experience, if the firewall is good, then the router usually isn't and vice-versa, but Palo Alto has both."
"DNS Security is a good feature because, in the real world with web threats, you can block all web threats and bad sites. DNS Security helps to prevent those threats. It's also very helpful with Zero-day attacks because DNS Security blocks all DNS requests before any antivirus would know that such requests contain a virus or a threat to your PC or your network."
"The graphical interface is easy to troubleshoot because it has a drill-down sequence. It is easy to monitor traffic."
"I can enable the features I want and configure the policies based on the user and not all users and network traffic, making firewall management much easier."
"I found Palo Alto NG firewalls more intuitive compared to other products. I value the capability to identify a cloud solution."
"I have found it to be reliable and very easy to use. I haven't really encountered many problems with it because its documentation is clear and readily available on their website."
"It's quite nice. It's very user-friendly, powerful, and there are barely any bugs."
"Pricing for it is a bit high. It could be cheaper."
"One of the features that I would like to have is to do with endpoint production, it should be integrated. For example, the firewall gets notified of any kind of forensic event that needs to be done, such as if there is a ransomware attack and how it originated, all those records have to be available from the firewall, which is not."
"We would like to see a better training platform implemented."
"It can be a little bit more user-friendly in terms of policy definition and implementation. It seems a little bit complicated, and it could be simplified."
"FortiGate is really good. We have been using it for quite some time. Initially, when we started off, we had around 70 plus devices of FortiGate, but then Check Point and Palo Alto took over the place. From the product perspective, there are no issues, but from the account perspective, we have had issues. Fortinet's presence in our company is very less. I don't see any Fortinet account managers talking to us, and that presence has diluted in the last two and a half or three years. We have close to 1,500 firewalls. Out of these, 60% of firewalls are from Palo Alto, and a few firewalls are from Check Point. FortiGate firewalls are very less now. It is not because of the product; it is because of the relationship. I don't think they had a good relationship with us, and there was some kind of disconnect for a very long time. The relationship between their accounts team and my leadership team seems to be the reason for phasing out FortiGate."
"Backup can be improved."
"Fortinet already improved FortiGate, but in the current market, many brands of security devices have improved together. Fortinet still needs to catch up with market standards. Fortinet is lacking in features in comparison to competitors."
"The debugging and troubleshooting has room for improvement."
"The network automation and security automation could be better."
"One area that they should prioritize is enhancing security gateways for protection against cyberattacks."
"This product has room for improvement in technical support for Africa."
"Management: Check Point should move away from its current architecture wherein it mandatorily requires a management server to manage the gateways. They should develop A feature in the gateway itself so that no management server is needed for policy and gateway management."
"For R80.10 and above, if you want to install a hotfix, then you can't install it through the GUI. I don't know why. In the earlier days, I was able to do the installation of hotfixes through the GUI. Now, Check Point said that you have to install hotfixes through the CLI. If that issue could be resolved, then it would be great because the GUI is more handy than the CLI."
"Geo-blocking would be very useful. There are too many attempts to infiltrate by non-country users. I can block access by IP address or IP network, however, a country-level blocking would be more useful and much quicker to implement."
"The Check Point support needs a lot of improvement."
"The support team should be faster."
"The price is high and has room for improvement."
"The user interface is probably not as slick as it could be."
"They can improve the handling and management of User-ID. They should also improve its price. Their technical support can also be improved."
"The only downside of Palo Alto Networks NG Firewalls, in my opinion, is the relatively higher price compared to Cisco FortiGate. This is especially noticeable when deploying basic configurations and considering the cost of licenses."
"Its scalability for on-prem deployments can be better. For an on-prem deployment, the hardware has to be replaced if the volume goes up to a certain level."
"The whole performance takes a long time. It takes a long time to configure."
"I like the reports, but I wish the reporting was a little better. When I set up the automatic reports to come in, they're pretty basic. I would like them to be a little more advanced at the ACC monitoring and things like that. I still enjoy all the daily alerts that I get and all the daily PDFs and reports, but I just feel that it could expand upon the visualization of the reports."
"I would like to see better third-party orchestration so that it is easier for the team to work with different products."
More Palo Alto Networks NG Firewalls Pricing and Cost Advice →
Check Point NGFW is ranked 5th in Firewalls with 275 reviews while Palo Alto Networks NG Firewalls is ranked 6th in Firewalls with 161 reviews. Check Point NGFW is rated 8.8, while Palo Alto Networks NG Firewalls is rated 8.6. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of Palo Alto Networks NG Firewalls writes "We get reports back from WildFire on a minute-by-minute basis". Check Point NGFW is most compared with Sophos XG, Cisco Secure Firewall, Netgate pfSense, Azure Firewall and OPNsense, whereas Palo Alto Networks NG Firewalls is most compared with Azure Firewall, Meraki MX, Sophos XG, Netgate pfSense and Cisco Secure Firewall. See our Check Point NGFW vs. Palo Alto Networks NG Firewalls report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Hi, I would suggest going for Checkpoint, the suitability depends on your specific security needs, budget constraints, network infrastructure, Integration capabilities, cloud integration, compliance and reporting, user-friendly interface but the support and the specific behavior for some solutions for routing, networking balance or specific connectivity is better known constraints, Checkpoint Multiplatform support (Open Servers Solutions) The advantages in Palo Alto (SSL Decryption, Wildfire SandBox Integration, Scalability)
Hi, I would suggest going for Check Point.
I'm with Check Point now, for more than 2 years. IPS, threat prevention, antibot identification, and antivirus notification are up to the mark. Moreover, it has a friendly user interface where anyone can create policies and work on it.