Fortinet FortiGate vs Palo Alto Networks NG Firewalls comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary
Updated on Mar 17, 2022

We performed a comparison between Fortinet Fortigate and Palo Alto Networks NG Firewalls based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: Most users of Fortinet Fortigate feel that deploying it is relatively easy and straightforward. One reviewer noted that Fortinet Fortigate is so easy to set up that it could be deployed in just a couple of clicks. Users of Palo Alto Networks NG Firewalls feel that for the most part its deployment is straightforward as well.
  • Features: Fortinet Fortigate users find it to be reliable and point out that it has many valuable features, including its ability to be deployed either on the cloud or on-premises and its user interface. However, reviewers say that its monitoring and reporting features leave room for improvement.

    Users of Palo Alto Networks NG Firewalls note that it is a stable solution. Furthermore, they note that its ability to be centrally managed is valuable. They also note that the user interface could be improved.
  • Pricing: Users of Fortinet Fortigate feel that it is pretty affordable. Reviewers of Palo Alto Networks NG Firewalls feel that it is one of the most expensive products on the market.
  • Service and Support: Users of both solutions note that, for the most part, they are supported by excellent technological support teams. Reviewers of Palo Alto Networks NG Firewalls note that the documentation that they provide could be better.

Comparison of Results: Based on the parameters we compared, Fortinet Fortigate seems to be a slightly superior solution. All other things being more or less equal, our reviewers found Palo Alto Networks NG Firewalls to be one of the most expensive products on the market. Some also felt that the user interface and the documentation could be improved.

To learn more, read our detailed Fortinet FortiGate vs. Palo Alto Networks NG Firewalls Report (Updated: May 2023).
706,951 professionals have used our research since 2012.
Q&A Highlights
Question: Features comparison between Palo Alto and Fortinet firewalls
Answer: Hi PaloAlto is better when working on app control feature and special virtual wire links. Execpt that specific point, Fortinet is above. Best Regards, Damien
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"All the features except IPS are valuable. IPS is not a part of my job.""The deep packet inspection is useful, but the most useful feature is application awareness. You can filter on the app rather than on a static TCP port.""The return on investment is not going to be restricted to just the box... Now, these genres have been expanded to cyber, to third-party integrations, having integrated logging, having integrated micro and macro segmentations. The scope has been widened, so the ROI, eventually, has multiplied.""I love the ASDM (Adaptive Security Device Manager) which is the management suite. It's a GUI and you're able to see everything at a glance without using the command line. There are those who love the CLI, but with ASDM it is easier to see where everything is going and where the problems are.""The primary benefits of using Cisco Secure solutions are time-saving, a robust API, and convenience for the security team.""It's protecting the organization against the impact of cyber threats and cybersecurity. We run manufacturing plants that have hazardous material, and we don't want that manufacturing process to be impacted by break-in exposure, cyber threats, or any other similar thing.""I have found the most valuable feature to be the access control and IPsec VPN.""The most valuable feature for the customers is that they can control what communication is allowed and what is not allowed. That is, they can allow or deny client traffic."

More Cisco Secure Firewall Pros →

"The pricing is great and very reasonable.""The most useful functionality of Fortinet FortiGate is the user interface, multiple engines, and their cloud with the latest integrations. Additionally, the Security Fabric tool is very good.""It is useful for protecting and segregating the internal networks from the internet. Most of our customers also use the FortiGate client to connect to their offices by using the VPN client, and of course, they usually activate the antivirus, deep inspection, and intrusion prevention services. They are also using it for web filtering and implementing various policies dealing with forwardings, NAT, etc.""The most valuable feature is the interface, which is very user friendly. We are utilizing most of the features, like content filtering. The firewall is powerful.""Security, SD-WAN, and Streetscape are valuable features.""It is quite easy to handle.""The management console is pretty simple, so anyone who understands networking can initially deploy the solution.""The stability and scalability of this solution are satisfactory. Its SD-WAN, VPN, and URL filtering features are very useful."

More Fortinet FortiGate Pros →

"The App-ID, Content-ID, User-ID, and encryption and decryption are valuable features.""The sandboxing is valuable and they are frequently updating their signature database. We get new updates every five minutes. That makes it easy to detect new and unknown attacks.""Its ease of integration is valuable because we need to get the solution out of the door quickly, so speed and ease matter.""The solution's most valuable feature is the robust firewall, which we can also use as a UTM device.""The DNS sync code in your filtering is the most valuable feature of the Palo Alto Networks NG Firewalls.""The trackability is most valuable. When a port is open for a protocol, such as port 443 for HTTPS, it can look inside the traffic and identify or verify the applications that are using the port, which was previously not possible with traditional firewalls.""Palo Alto Networks NG Firewalls have a Single Pass Parallel Processing (SP3) Architecture, which has a different kind of code doing the work. It increases the packet processing rate. Whereas, without the SP3 Architecture, you are waiting for each job to complete, even if you have 100 jobs assigned.""One of the key features for us is product stability. We are a bank, so we require 24/7 service."

More Palo Alto Networks NG Firewalls Pros →

Cons
"Licensing is complex, and I'd like it to be simplified. This is an area for improvement.""One area that could be improved is its logging functionality. Your logs are usually displayed on the screen, but if you want to go back one or two days, then you need another solution in place because those logs are overwritten within minutes.""We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve.""One big pain point I have is the ASDM interface because it's Java, and sometimes, it's a bit buggy and has low performance. That's something that probably won't be improved because of backward compatibility.""The user interface is a little clunky and difficult to work with. Some things aren't as easy as they should be.""We only have an issue with time sync with Cisco ASA and NTP. If the time is out of sync, it will be a disaster for the failover.""The application detection feature of this solution could be improved as well as its integration with other solutions.""The usability of Cisco Firepower Threat Defense is an issue. The product is still under development, and the user interface is very difficult to deal with."

More Cisco Secure Firewall Cons →

"The reporting in Fortinet FortiGate could improve. Customers are having to purchase additional reporting components. When I have used the Sophos solution it is a complete solution, in Fortinet FortiGate you have to use additional tools to have the features needed.""Fortinet FortiGate could improve the user interface. There should be more functionality and options through the GUI.""There are mainly two areas of improvement in Fortinet FortiGate— the licensing cost and the timing of upgrading licenses for boxes.""The solution's framework needs to be frequently updated in order to have a stable solution.""There are some complex administration tasks in their administration portal. That needs to be improved.""There are some tiny bugs that sometimes affect the operations. In the past revision of it, there was a bug. Because of the bug, we had to downgrade the version. It happened only with the last revision.""It would be good if they had fewer updates.""I don't really have anything negative to say as far as Fortinet firewalls are concerned. If anything, they can support a user a little bit better. They can stop being so time-sensitive about how much time the support call has taken, and they can help you do it yourself."

More Fortinet FortiGate Cons →

"When we looked at it originally, we needed to host the Panorama environment ourselves. I would prefer it if we could take this as a service. It might be that it is available, but for some reason we didn't choose it. The downsides of hosting are that we need to feed and water the machines. We are trying to move to a more SaaS environment where we have less things in our data centers, whether they be in our cloud data centers or physical data centers, which can reduce our physical data center footprint.""When there was change from IPv4 to IPv6, some of the firewalls still didn't support IPv6. In North America, we have seen most customers are using IPv6, as they are getting the IPv6 IPs from their ISPs. Sometimes, when they go through the firewall, it denies the traffic.""Palo Alto needs to improve their training. They do not invest in their partners. I have been a partner for seven years, and it is very expensive for me to certify my engineers.""I don't deal with it from a day-to-day perspective, but I can say that the evidence that I typically need is there, but sometimes, it's a task to actually get it and pull it out. They can make it easier to gather that evidence.""There are some advanced features that we aren't able to use, which include active IP authentication and app ID. We are facing challenges with implementing those two features.""The configuration part could be improved. It's very difficult to configure. It doesn't have a user-friendly interface. You have to know Palo Alto deeply to use it.""Palo Alto Networks NG Firewalls don't provide a unified platform that natively integrates all security capabilities. It's missing some features for geofencing and understanding locations.""Technical support is an area that could be improved."

More Palo Alto Networks NG Firewalls Cons →

Pricing and Cost Advice
  • "This solution is expensive and other solutions, such as FortiGate, are cheaper."
  • "Its pricing is good and competitive. There is a maintenance cost. It includes SecureX that makes it cost-effective as compared to the other solutions where you have to pay for XDR and SOAR capabilities."
  • "When we are fighting against other competitors for customers, whether it is a small or big business, we feel very comfortable with the price that Firepower has today."
  • "Pricing is the same as other competitors. It is comparable. The licensing has gotten better. It has been easier with Smart Licensing."
  • "It is expensive. There is a cost for everything. There is per year license cost and support cost. There is also a cost for any training, any application, and any resource. Things are very costly to do with Cisco. Other brands are cheaper. They are also more flexible in terms of training, subscription, and licensing. They give lots and lots of years free. They provide more than Cisco."
  • "When we bought it, it was really expensive. I'm not aware of the current pricing. We had problems with licensing. After our IPS subscription ended, we couldn't renew it because Cisco was moving to the next-generation firewall platform. So, they didn't provide us with the new license."
  • "Its price is moderate. It is not too expensive."
  • "I like its licensing because you buy the license once, and it is yours. We don't have to go for a subscription. So, I liked how they licensed Cisco ASA. Our clients are also very satisfied with its licensing model."
  • More Cisco Secure Firewall Pricing and Cost Advice →

  • "Fortinet Secure SD-WAN delivered the lowest total cost of ownership (TCO) per Mbps among all other vendors."
  • "I had to pay for the license for the firewall, but it is guaranteed to have updates. I expect a good service for it. It was about €1000 for a year, and there was no additional cost."
  • "It is more expensive than Sophos. Fortinet is overall more expensive than Sophos. The small range of Fortinet, such as 60F and 80F, is more expensive than the small range of Sophos. Sophos is cheaper. In addition, if you jump from 80F Series to 100F Series, the price doubles."
  • "The license is yearly. We pay for the top end. It's called 360."
  • "Here in Brazil, we're going through difficult economic times and the tax on the dollar is high. All the solutions from minor competitors are growing in the market. The prices have come more competitive."
  • "Licensing for Fortinet FortiGate is on a yearly basis. Pricing for it is a bit high. It could be cheaper."
  • "The licensing scheme of Fortinet is better than Cisco. It is more logical."
  • "The solution requires a license annually, it is not a user license, you can have as many users as your want. I must renew the license regularly per device."
  • More Fortinet FortiGate Pricing and Cost Advice →

  • "Its price should be improved."
  • "The price of the solution is on the higher side compared to competitors."
  • "We are on an annual license for this solution. I am happy with the price and when comparing it to other solutions it is priced competitively."
  • "Definitely look into a multi-year license, as opposed to a single-year. That will definitely be more beneficial in terms of cost... Palo Alto is definitely not the cheapest, but if you scale it the right way it will be very comparable to what's out there."
  • "Cheap and faster are the opposite sides of security. Security inspections have some technical and money costs. If you just purchase some cheap, fast firewalls, then you will lose a lot of the security features and fraud protection capabilities."
  • "We were very happy when they released the PA-440s. Previously, we had been looking at the PA-820s, which were a bit of overkill for us. Price-wise and capability-wise, the PA-820s hit the nail on the head for us."
  • "Palo Alto is not a cheap solution but it is competitive when it comes to subscriptions."
  • "Active/Passive mode is very redundant, but they require you to buy all the associated licensing for both firewalls, which is kind of a waste of money because you are really only using the services on one firewall at a time."
  • More Palo Alto Networks NG Firewalls Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    706,951 professionals have used our research since 2012.
    Answers from the Community
    Donny Lee
    ABHILASH TH - PeerSpot reviewerABHILASH TH
    Reseller

    Hi,


    Both FT and PA have compelling features for large Enterprises. I would like to add a few good points about Fortinetwhich might be helpful ( from my 13 years of engagement with them as Distributor and Partner)


    Fortinet: 


    Have higher throughput; which comes with competitive rates


    Wide range of models to select to meet your requirement, without spending heavliy


    Outstanding customer support and very active customer care team


    Easly available skilled resources from the channel for deployment and post-implementation support 


    Regards


    Abhilash



    Alexander Denisenko - PeerSpot reviewerAlexander Denisenko
    User

    Hello. The question is what you are going to have as a result of application

    Questions from the Community
    Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and… more »
    Top Answer:One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet… more »
    Top Answer:It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
    Top Answer:From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know… more »
    Top Answer:As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite… more »
    Top Answer:We have Meraki Mx devices now, we are looking to replace them. But that is because the Meraki MX platform lacks SSL… more »
    Top Answer:Azure Firewall Vs. Palo Alto Network NG Firewalls Both solutions provide stellar stability and security. Azure… more »
    Top Answer:In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it… more »
    Top Answer:Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat… more »
    Comparisons
    Also Known As
    Cisco ASA Firewall, Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
    FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
    Palo Alto NGFW, Palo Alto Networks Next-Generation Firewall, Palo Alto Networks PA-Series
    Learn More
    Overview

    Cisco Secure Firewall, including Firepower, is a powerful perimeter security solution used for network security, data center protection, advanced malware protection, and site-to-site VPNs. Its most valuable features include NGIPS, application visibility and control, VLAN implementations, intrusion prevention, threat defense, and NAT. 

    The solution has helped organizations discover their environment, improve security, implement dynamic policies, reduce operational costs, and protect against threats from outside and within the data center. Overall, Cisco Secure Firewall is a valuable tool for securing organizations and providing visibility into threats.

    Fortinet FortiGate is an innovative line of firewalls that aim to protect organizations from all types of web-based network threats. They come in a wide variety of product types. Fortinet FortiGate’s solutions are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.

    Fortinet FortiGate provides users with next-generation firewall solutions that provide proven protection with unmatched performance across the network, from internal segments to data centers to cloud environments. You can protect every part of your network without exception. Additionally, your protections can be managed from a single central location. This ensures that the task of protecting your network is infinitely easier to accomplish.

    Benefits of Fortinet FortiGate

    Some of the benefits of using Fortinet FortiGate include:

    • The ability to manage your firewalls from a centralized automated control console. Fortinet FortiGate’s FortiManager enables administrators to exercise control of their firewalls in a streamlined manner. Administrators have full visibility and control over their system from a single location. It utilizes automation that collects information in real time, which greatly simplifies and reduces the cost of running various types of workflows. Administrators can free up resources by automating the most basic tasks.
    • The ability to produce uniform, appropriate, and coordinated responses to threats across networks. Fortinet FortiGate’s FortiGuard feature generates system protections in near real time. This allows administrators to address threats to the system with custom-made solutions that can be uniformly enforced.
    • The ability to scale up your security to fit your changing security needs. Fortinet FortiGate’s design allows users to accelerate the transfer of data between users and escalate the number of users that are covered without compromising security of performance. This means that users can grow their networks and continue to collaborate without worrying about the system slowing down or coming under attack.

    Reviews from Real Users

    Fortinet FortiGate’s firewall solutions are cutting edge. They stand out from competitors for a number of reasons. Two major ones are the robustness and power of their firewalls. Fortinet FortiGate’s firewall provides users with many valuable features that allow them to maximize what they can do with the solution. These firewalls enable users to use a single piece of software to accomplish tasks that often require the use of multiple pieces of software.

    PeerSpot user Eric S., a Solutions Engineer and Consultant at a tech-services company, notes the robustness of this solution when he writes, "One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface.”

    PeerSpot user Jim M., a network admin at Penobscot Valley Hospital, notes the power of Fortinet FortiGate’s security software when he writes, "It does a lot for you for intrusion protection and as an antivirus. The threat management bundle is worth the money. You don't need another company to monitor your web traffic for you. You can do everything yourself on the firewall. You restrict your own black list for people on the firewall.”

    Palo Alto Networks NG Firewalls are next-generation firewalls used for security to protect networks from threats and attacks. It is used for perimeter security, data center protection, and managing secure access to environments. 

    The firewall provides application control, malware protection, scalability, stability, user-friendly interface, threat hunt capabilities, application visibility and awareness, URL filtering, traffic monitoring, machine learning for attack prevention, a unified platform for all security capabilities, DNS security, VPN, and embedded machine learning. Palo Alto Networks NG Firewalls is easy to manage, reliable, and balances security and network performance well. It also provides complete visibility through logs and alerting.

    Palo Alto Networks NG Firewalls Features

    Palo Alto Networks NG Firewalls has many valuable key features. Some of the most useful ones include:

    • Secure Application Enablement (App-ID, User-ID, Content-ID)
    • Malware Detection and Prevention (threat prevention service, buffer overflows and port scans, anti-malware capabilities, command-and-control protection, and WildFire)
    • DNS Security (URL filtering, predict and block malicious domains, signature-based protection, extensible cloud-based architecture)
    • Panorama Security Management (including graphical views and analytics, manage rules and dynamic updates, customizable application command center (ACC), log collection mode, physical or virtual appliance)
    • Threat Intelligence (high-fidelity threat intelligence, priority alerts, automatic extraction and sharing of prevention indicators, native integration with Palo Alto Networks products)

    Palo Alto Networks NG Firewalls Benefits

    There are several benefits to implementing Palo Alto Networks NG Firewalls. Some of the biggest advantages the solution offers include:

    • Dedicated management interface for managing and initial configuration of the device
    • Regular threat signatures and updates
    • Import addresses and URL objects from the external server
    • Configure and manage with REST API integration
    • Great throughput and connection speed is fair even in high traffic load
    • Deep visibility into the network activity through Application and Command Control
    • Easy to manage and very user friendly

    Reviews from Real Users

    Below are some reviews and helpful feedback written by Palo Alto Networks NG Firewalls users.

    A Solutions Architect at a communications service provider says, “The product stability and level of security are second to none in the industry. We value the security of our client's infrastructure so these features are valuable to us. An example of a very valuable feature behind Palo Alto is the application-aware identifiers that help the firewall know what its users are trying to do. It can block specific activities instead of just blocking categories. For example, you can block an application, or all unknown applications.”

    PeerSpot user Gerry H., CyberSecurity Network Engineer at a university, mentions that the solution has a “Nice user interface, good support, is stable, and has extensive logging capabilities.” He also adds, “Wildfire has been a very good feature. This solution provides a unified platform that natively integrates all security capabilities, which is 100% important to us. This is a great feature.”

    Eric S., Network Analyst at a recreational facilities/services company, states, "With its single pane of glass, it makes monitoring and troubleshooting a bit more homogeneous. We are not looking at multiple platforms and monitoring management tools. It is more efficient from that perspective. It is more of a common monitoring and control system for multiple aspects of what used to be different systems. It provides efficiency and time savings."

    Offer
    Learn more about Cisco Secure Firewall
    Learn more about Fortinet FortiGate
    Learn more about Palo Alto Networks NG Firewalls
    Sample Customers
    There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
    Pittsburgh Steelers, LUSH Cosmetics, NASDAQ, Verizon, Arizona State University, Levi Strauss & Co. Whitepaper and case studies here
    SkiStar AB, Ada County, Global IT Services PSF, Southern Cross Hospitals, Verge Health, University of Portsmouth, Austrian Airlines, The Heinz Endowments
    Top Industries
    REVIEWERS
    Financial Services Firm15%
    Comms Service Provider13%
    Computer Software Company12%
    Manufacturing Company8%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Comms Service Provider11%
    Educational Organization10%
    Government8%
    REVIEWERS
    Comms Service Provider16%
    Computer Software Company10%
    Financial Services Firm9%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Comms Service Provider12%
    Educational Organization12%
    Government6%
    REVIEWERS
    Comms Service Provider14%
    Computer Software Company13%
    Financial Services Firm13%
    Educational Organization9%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Comms Service Provider7%
    Government7%
    Financial Services Firm7%
    Company Size
    REVIEWERS
    Small Business35%
    Midsize Enterprise24%
    Large Enterprise41%
    VISITORS READING REVIEWS
    Small Business28%
    Midsize Enterprise21%
    Large Enterprise51%
    REVIEWERS
    Small Business48%
    Midsize Enterprise23%
    Large Enterprise29%
    VISITORS READING REVIEWS
    Small Business29%
    Midsize Enterprise24%
    Large Enterprise47%
    REVIEWERS
    Small Business33%
    Midsize Enterprise28%
    Large Enterprise39%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise17%
    Large Enterprise58%
    Buyer's Guide
    Fortinet FortiGate vs. Palo Alto Networks NG Firewalls
    May 2023
    Find out what your peers are saying about Fortinet FortiGate vs. Palo Alto Networks NG Firewalls and other solutions. Updated: May 2023.
    706,951 professionals have used our research since 2012.

    Fortinet FortiGate is ranked 1st in Firewalls with 99 reviews while Palo Alto Networks NG Firewalls is ranked 5th in Firewalls with 87 reviews. Fortinet FortiGate is rated 8.4, while Palo Alto Networks NG Firewalls is rated 8.6. The top reviewer of Fortinet FortiGate writes "Efficient, user-friendly, and affordable". On the other hand, the top reviewer of Palo Alto Networks NG Firewalls writes "Provides zero trust implementation, more visibility, and eliminated security holes". Fortinet FortiGate is most compared with pfSense, Sophos XG, Meraki MX, Check Point NGFW and Fortinet FortiOS, whereas Palo Alto Networks NG Firewalls is most compared with Azure Firewall, Check Point NGFW, Meraki MX, Sophos XG and Sophos UTM. See our Fortinet FortiGate vs. Palo Alto Networks NG Firewalls report.

    See our list of best Firewalls vendors.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.