We performed a comparison between Fortinet Fortigate and Palo Alto Networks Wildfire based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Fortinet Fortigate is the more popular solution because of its ease of deployment combined with its solid set of features, excellent service and support ratings, and the fact that it is more affordable than Palo Alto Networks Wildfire.
"The most important feature is the intensive way you can troubleshoot Cisco Firepower Firewalls. You can go to the bit level to see why traffic is not handled in the correct way, and the majority of the time it's a networking issue and not a firewall issue. You can solve any problem without Cisco TAC help, because you can go very deeply under the hood to find out how traffic is flowing and whether it is not flowing as expected. That is something I have never seen with other brands."
"You can also put everything into a nice, neat, little package, as far as configuration goes. I was formerly a command-line guy with the ASA, and I was a little nervous about dealing with a GUI interface versus a command line, but after I did my first deployment, I got a lot more comfortable with doing it GUI based."
"There are no issues that we are aware of. It does its job silently in the background."
"Another benefit has been user integration. We try to integrate our policies so that we can create policies based on active users. We can create policies based on who is accessing a resource instead of just IP addresses and ports."
"I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection."
"The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy."
"One of the most valuable features of Firepower 7.0 is the "live log" type feature called Unified Event Viewer. That view has been really good in helping me get to data faster, decreasing the amount of time it takes to find information, and allowing me to fix problems faster. I've found that to be incredibly valuable because it's a lot easier to get to some points of data now."
"The customer service/technical support is very good with this solution."
"The most valuable feature of Fortinet FortiGate is security. They are known for efficiency and are on the top of Gartner Quadrant reviews. Fortinet FortiGate has an easy-to-use platform with a good graphical interface. The configuration is simple and the solution provides an overall good layer of security."
"FortiGate has a very strong unified threat management system."
"Fortigate represents a really scalable way of delivering perimeter network security, some level of layer 7 security, WAF, and also a way to create a meshed ADVPN solution."
"It increases security posture and is helpful for firewall reporting, intrusion protection, web filtering, and SD-WAN implementation."
"It is very flexible to use."
"The next-gen features, the unified threat management capabilities are something that just about everybody is interested in at this point."
"The web tutor and automatic rules by schedule are good features."
"FortiGate Secure SD-WAN includes best-of-breed next-generation firewall (NGFW) security, SD-WAN, advanced routing, and WAN optimization capabilities, delivering a security-driven networking WAN edge transformation in a unified offering."
"WildFire's application encryption is useful."
"You have better control because you define apps. You just don't define ports. You define apps, and the apps are monitored in the traffic. It is more specific than the Cisco firewall when it comes to our needs."
"Scalable ATP solution that's quick to set up. It demonstrates good performance and stability."
"The graphic user interface of Palo Alto is good and it's easy to configure."
"Remote access is excellent."
"The most valuable feature of this solution is how it keeps up-to-date with viruses."
"The technical support is good."
"The solution is easy to use and the Panorama feature is good. The software management or the malware blocking and some authentication management system are good."
"The main problem we have is that things work okay until we upgrade the firmware, at which point, everything changes, and the net stops working."
"I think they need to review their whole UI because it feels like it was created by a whole bunch of different teams of developers who didn't fully talk to each other. The net policy screen is just a mess. It should look like the firewall policy screen, and they should both act the same, but they don't. I feel like it's two different buildings or programming, who don't talk to each other, and that really annoys me."
"The initial setup can be a bit complex for those unfamiliar with the solution."
"On the VPN side, Firepower could be better. It needs more monitoring on VPNs. Right now, it's not that good. You can set up a VPN in Firepower, but you can't monitor it."
"One issue with Firepower Management Center is deployment time. It takes seven to 10 minutes and that's a long time for deployment. In that amount of time, management or someone else can ask me to change something or to provide permissions, but during that time, doing so is not possible. It's a drawback with Cisco. Other vendors, like Palo Alto or Fortinet do not have this deployment time issue."
"The performance should be improved."
"They could improve by having more skilled, high-level engineers that are available around the clock. I know that's an easy thing to say and a hard thing to do."
"The change-deployment time can always be improved. Even at 50 seconds, it's longer than some of its competitors. I would challenge Cisco to continue to improve in that area."
"Some of the features in the graphical user interface do not work, which requires that we used the command-line-interface."
"Fortinet FortiGate could improve by adding FortiAnalyzer to its solution, we should not have to use another solution. FortiAnalyzer can provide more detailed information."
"The Wi-Fi controller needs a lot of improvement."
"The ease of use could be improved."
"Lacks training for new features."
"The customization could be improved. Cisco, for example, is much better at this. They need to work to be at least as good as they are."
"I don't really have anything negative to say as far as Fortinet firewalls are concerned. If anything, they can support a user a little bit better. They can stop being so time-sensitive about how much time the support call has taken, and they can help you do it yourself."
"Fortinet FortiGate could improve by having better visibility. Palo Alto has better visibility."
"When comparing this solution to others it is not as good overall."
"The threat intelligence that we receiving in the reporting was not as expected. We were expecting more. Additionally, we should be able to whitelist a specific file based on a variety of attributes."
"The configuration should be made a little bit easier. I understand why it is as it is, but there should be a way to make it easier from the user side."
"They can keep on doing more updates. As new malware and viruses are coming out, they can make sure that WildFire is up to date."
"The cost of this solution could still be improved, in particular, giving product discounts for charitable causes."
"In terms of what I'd like to see in the next release of Palo Alto Networks WildFire, each release is based on malware that has been identified. The key problem is an average of six months from the time malware is written to the time it's discovered and a signature is created for it. The only advice that I can give is for them to shorten that timeframe. I don't know how they would do it, but if they shorten that, for example, cut it in half, they'll make themselves more famous."
"Our main concern is that everything has to be synced with the WildFire Cloud and has to be checked through the subscription."
"The price of WildFire should be reduced in order to make it more affordable for our customers."
More Cisco Firepower NGFW Firewall Pricing and Cost Advice →
Fortinet FortiGate is ranked 1st in Firewalls with 166 reviews while Palo Alto Networks WildFire is ranked 1st in ATP (Advanced Threat Protection) with 21 reviews. Fortinet FortiGate is rated 8.4, while Palo Alto Networks WildFire is rated 8.2. The top reviewer of Fortinet FortiGate writes "Stable, easy to set up, and offers good ROI". On the other hand, the top reviewer of Palo Alto Networks WildFire writes "Intuitive, stable, and scalable zero-day threat prevention solution with a machine learning feature". Fortinet FortiGate is most compared with pfSense, Cisco ASA Firewall, Sophos XG, Check Point NGFW and SonicWall NSa, whereas Palo Alto Networks WildFire is most compared with Cisco ASA Firewall, Proofpoint Email Protection, Juniper SRX, Zscaler Internet Access and Cloudflare.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
FortiGate has a lot going for it and I consider it to be the best, most user-friendly firewall out there. What I like the most about it is that it has an attractive web dashboard with very easy navigation tabs; It can be managed and controlled using layer two wireless access points; When compared with other firewalls, building IPsec VPN and SSL VPN is much easier; I can configure virtual networks within the same firewall; And, configuration of NAT and static routes are straightforward. I would recommend it to any organization that needs to provide VPN access for their employees.
FortiGate also has many security functions, such as application control, web filtering, IPS, antivirus, etc., that help companies protect their users. The FortiGate solution also helps optimize traffic from user to application via the hybrid WAN environment. I think what I like most about this solution is that I can combine security functions and SD-WAN, which allows me to scan traffic flow but also to protect the local application server or the user.
For me, the downsides of FortiGate are that it happens to include many bugs, and sometimes it can be a challenge to block content from a website with web filtering since web pages contain websites that consume other resources. Moreover, mobile device administration is complicated, and it does not seem to adapt to smartphone or tablet screens very well.
While it isn’t my favorite, WildFire provides the ability to block threats as they travers your network infrastructure both in retro-time and real-time. WildFire also has zero-trust and actively works to inspect traffic for malicious capabilities by forwarding a file to the WildFire cloud, even in the case that it doesn’t recognize what the file is doing. The reason why WildFire is not my first choice is because I feel that it is lacking many features and that they could improve by adding more functionality. But there doesn’t seem like there is a way to either tune or tweak the solution. If implemented correctly, though, it can be a good, robust solution to achieving great endpoint security.
Conclusion:
In my opinion, FortiGate is better than Wildfire because FortiGate meets my business needs better and has more appealing feature updates and roadmaps as well as great technical support, all of which are important to me.
What type of network is? how many users?
Fortinet products are unique in that they have specific chips to work on hardware rather than overcharging a CPU to 90%, as happens with some Sophos boxes and others.
Things in the cloud... the cloud is a name, it is software running on someone else's computer system and could be only for you or multi-tenancy. Delays and other dramas may occur.
The question as I was invited to comment :| Which is better, does not tell anything, somehow.