Try our new research platform with insights from 80,000+ expert users

Fortinet FortiGate vs Sangfor NGAF comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 6, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Ranking in Firewalls
2nd
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
377
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Sangfor NGAF
Ranking in Firewalls
19th
Average Rating
8.0
Reviews Sentiment
6.5
Number of Reviews
34
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 21.2%, up from 17.7% compared to the previous year. The mindshare of Sangfor NGAF is 1.3%, up from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
 

Featured Reviews

Vasu Gala - PeerSpot reviewer
A stable solution with an intuitive interface and quick customer service
I have been working with Fortinet FortiGate, WatchGuard, Sophos, and SonicWall. I'm not as comfortable with SonicWall because of their UI and limitations. I prefer Fortinet above all other options. When it comes to configuration, I am confident in my ability to handle various tasks, including creating policies such as firewall rules, web policies, and application policies. Additionally, I can configure VPNs and implement load balancing, among other tasks. Overall, I feel much more comfortable working with Fortinet. Fortinet has made significant improvements by integrating AI with firewalls for threat analysis and prevention. In the past 2-3 years, they have launched FortiSASE and SIEM, and they also provide SOC services. Both Palo Alto and Fortinet FortiGate are excellent. While Fortinet FortiGate comes at higher prices, the functionality and support justify the cost. They promptly resolve firmware issues and inform all support providers about configuration changes.
Zaid Farooqui - PeerSpot reviewer
Enhanced threat detection with integrated security features and good support
We are using application firewalling, WAF, and SD-WAN. The capabilities are mostly within the box. For example, you will get web application firewall WAF as part and parcel of this. SD-WAN is also bundled. It integrates with their SIEM and SOAR solutions very nicely. Lastly, the pricing point is very cost-efficient as well.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The secure web gateway module and the application control module are valuable. HA operations are very easy."
"The security features are about the best that I've seen anywhere."
"The initial setup of Fortinet FortiGate was straightforward."
"FortiGate's ability to perform as expected and fulfil our needs has been the most compelling feature for network security."
"Its administrative panel is very intuitive and simple. It is simpler than the other solutions that we had. As an administrator, we are always looking for the easiest solution to manage network policies. We are able to filter everything on our network and also use the VPN feature, which is important these days when people are working remotely during COVID."
"Fortinet offers the latest versions to cater to the needs of enterprises."
"Their proxy-based inspection is responsive and secure."
"Fortinet FortiGate is pretty robust. The updates and firmware releases are pretty timely. They have a good product revision and review system, so they are constantly reviewing their configuration and the different mechanisms that are used on Fortinet FortiGate."
"The absolute best part of Sangfor NGAF is their support. It's a 24/7 support channel, and the last time I requested their assistance I got a reply within three minutes. They helped solve the problem immediately."
"It is a stable solution."
"Sangfor NGAF specializes in ransomware detection and helps to protect our network from ransomware threats and malware."
"While the features are not dissimilar to other brands, configuration is much more simple, which works out great for Indonesian people."
"We can utilize our own network rather than paying for a private one."
"The most valuable feature of Sangfor NGAF is its integration."
"We've found the technical support to be helpful."
"It enables us to not only detect but also prevent various types of incoming threats, allowing us to take appropriate corrective actions and exercise control over the network."
 

Cons

"A couple of things I've seen that need improvement, especially in terms of a hard coding. The driver-level active moment really is out-of-the-box and we have to have contact the customer support and sometimes it is difficult to resolve."
"It should provide better visibility over the network and more information in the form of reports for the end users. Its installation should also be easier."
"I find the management console not very straightforward, so that's an area where Fortinet FortiGate can improve. They should simplify it and make it more user-friendly."
"There are some tiny bugs that sometimes affect the operations. In the past revision of it, there was a bug. Because of the bug, we had to downgrade the version. It happened only with the last revision."
"Fortinet FortiGate is not a scalable solution, as they give you a number and each box comes with concurrent connections; if you need to expand, you have to change the box."
"It should have a better pricing plan. It is too expensive. It should also have a more granular view of the attack. I don't have FortiAnalyzer, and it is difficult for me to have a complete view when there is an attack on my server."
"WAN load-balancing could be a lot better at detecting when a link is poor or inconsistent, and not just flat out dead."
"Regarding challenges, customers initially faced issues like internet dropping, but after firmware upgrades, everything worked well."
"Sangfor NGAF could improve by refining its application control policies, especially in addressing challenges with certain types of applications."
"There is room for improvement in dependency on certain infrastructure, like the DNS dependency on the current DNS server that the company has. It should be standalone. It should not depend on any other DNS server."
"The solution should be able to work in a hybrid setup."
"They need to increase the number of ports in the firewall."
"The product must provide more IPS features."
"An area for improvement would be the number of ports defined on the box. In the next release, I would like them to develop their provisioning stage of enrolling end devices."
"Sangfor need greater exposer in the market because the market is mainly saturated by Fortinet. The user experience of Fortinet is quite different compared to NGAF. If we want to switch our users from Fortinet to NGAF, we have to convince them that the user experience will be much easier once once they start to use it."
"It has an issue with the Sangfor Cloud Platform rather than the firewall. When we run a virtual machine, the window tabs display Chinese characters."
 

Pricing and Cost Advice

"Fortinet is the least expensive solution."
"The price for the device and software is high. However, the solution is of good quality and has a lot of features."
"On a scale of one being cheap and ten being expensive, I rate the tool's price as an eight."
"We just pay a flat monthly fee to the vendor for the support."
"If you compare Fortinet FortiGate with Sophos and other firewall products available in the market, this solution is affordable."
"The setup cost was good. The Egyptian pound is declining, and upgrading Fortinet FortiGate yearly costs about $2000 USD, which equals one hundred Egyptian pounds. I maintain a business relationship with the vendor and receive support from them."
"Its price is affordable and lesser than Cisco. Cisco is expensive. In terms of licensing, there is only one issue. If a customer's license has expired a month ago and they do the renewal after one month, Fortinet renews the license from the start of the previous month. The activation of the product is done from the previous month, not from the date of renewal. The customers usually shout and complain that because they are paying today, the renewal should start from today. The support contract renewals or licensing should be renewed from the date of renewal, but Fortinet starts from the day it had expired. It is a loss for customers. They might have had some problems because of which they did not take the license one month before. Fortinet should work on this. Cisco doesn't do this. Cisco always starts from the day they apply for the license."
"It has been two years. I don't remember the actual price, but it was affordable. We buy the boxes and then use the license for three years."
"The product is very cost-effective compared to other brands or vendors."
"Sangfor NGAF is a cheaply priced product, especially if I consider the previous product that was used in my company."
"If one is very cheap and ten is very expensive, I rate the tool's price as three out of ten."
"Price-wise, I would not consider Sangfor NGAF to be a cheap product. It is an expensive firewall solution, though not as expensive as something like Palo Alto, which is costly. However, the higher price point is justifiable given the feature set the tool provides that other firewalls may not offer in a single dedicated appliance."
"In my opinion, the price of the tool is good in the Pakistani market. We can easily get discounts if needed."
"For four to five physical appliances for a licensed firewall, it costs approximately $4,000."
"It costs about 8 to 10 thousand dollars per year for 500 users, standard licensing fees included."
"Sangfor NGAF price is reasonable and there is an annual license. However, the maintenance cost can be a bit high."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
861,170 professionals have used our research since 2012.
 

Comparison Review

it_user216600 - PeerSpot reviewer
Jan 3, 2016
Sophos UTM vs. Fortinet FortiGate
I have used both Sophos and Fortinet products in production and I have found the Sophos UTM appliances (hardware and virtual) to be a better fit most of the time -- with a few caveats which I will touch on below. In both instances, the transition from TMG will be mostly straightforward. The main…
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Educational Organization
10%
Comms Service Provider
8%
Manufacturing Company
7%
Computer Software Company
12%
Manufacturing Company
11%
Financial Services Firm
9%
University
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage at large. In my opinion, Fortinet would be the best option and l use Fortinet too...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know the firewalls change every 5 to 7 years as stated but you really do need to upg...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite good. The most valuable features for me are their web and email filtering. I wou...
What do you like most about Sangfor NGAF?
I think Sangfor NGAF is more valuable than Cisco products because of its simplicity and ease of management. If I compare it with Palo Alto and Cisco, both are quite complex products. And if I compa...
What is your experience regarding pricing and costs for Sangfor NGAF?
The licensing cost is quite high compared to other available firewalls in the market.
What needs improvement with Sangfor NGAF?
The cost of licensing is very high compared to other firewalls available here. There should be improvements in hardware scalability, allowing for more storage and memory capacity. Making the soluti...
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
Sangfor NGAF Firewall Platform
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
The Ministry of Science, Technology, and Innovation (Indonesia), Lawson, Inc. (Philippines), Universiti Sultan Zainal Abidin (Indonesia), TEK Automotive (Italy), etc.
Find out what your peers are saying about Fortinet FortiGate vs. Sangfor NGAF and other solutions. Updated: July 2025.
861,170 professionals have used our research since 2012.