Fortinet FortiGate vs Sangfor NGAF comparison

Cancel
You must select at least 2 products to compare!
Cisco Logo
99,561 views|66,518 comparisons
Fortinet Logo
164,048 views|128,346 comparisons
Sangfor Logo
5,937 views|3,364 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Fortinet FortiGate and Sangfor NGAF based on real PeerSpot user reviews.

Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Fortinet FortiGate vs. Sangfor NGAF Report (Updated: November 2022).
655,465 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The customer service/technical support is very good with this solution.""If you compare the ASA and the FirePOWER, the best feature with FirePOWER is easy to use GUI. It has most of the same functionality in the Next-Generation FirePOWER, such as IPS, IPS policies, security intelligence, and integration and identification of all the devices or hardware you have in your network. Additionally, this solution is user-friendly.""The whole firewall functionality, including firewall policies and IPS policies, is valuable. It has all kinds of functionalities. It has IPS, VPN, and other features. They are doing quite a lot of stuff with their devices.""It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS.""The solution offers very easy configurations.""Cisco ASA works very nicely from an administration perspective. The management of the device is very nice. The ASDM (Adaptive Security Device Manager) is the software that we use and it is very easy to configure using the GUI.""This solution helped us to identify the key areas where we need to focus to block traffic that is malicious to our organization.""Web filtering is a big improvement for us. The previous version we used, the AC520, did not have that feature included. It was not very easy for us, especially because the environment had to be isolated and we needed to get updates from outside, such as Windows patches. That feature has really helped us when we are going outside to pull those patches."

More Cisco Secure Firewall Pros →

"It is useful for protecting and segregating the internal networks from the internet. Most of our customers also use the FortiGate client to connect to their offices by using the VPN client, and of course, they usually activate the antivirus, deep inspection, and intrusion prevention services. They are also using it for web filtering and implementing various policies dealing with forwardings, NAT, etc.""The solution is stable.""We were looking for the VPN feature and controlling the inflow and outflow of all the traffic within the site and across the sites. We are also using it for the VPN and VLANs.""The product offers very good security.""I like Fortinet's cloud management. It allows me to manage all my devices in different branches for three cloud accounts. Even though I use on-prem devices, I can manage everything on the cloud.""The initial setup is straightforward.""It is quite easy to handle.""Good anti-malware and web filtering features."

More Fortinet FortiGate Pros →

"Sangfor has the best capabilities for securing connections, securing web browsers, securing servers, and general threat protection.""In four steps one can configure the entire firewall.""Sangfor NGAF works accordingly with our customers. The solution has good performance, easy to use, and integrates well with the endpoints.""The most valuable features are the WAN optimization, the internet access gateway (IAG), and the central console, which allows us to implement on their firewall.""While the features are not dissimilar to other brands, configuration is much more simple, which works out great for Indonesian people.""Particularly good in the DPI where we can inspect inbound and outbound traffic.""Sangfor NGAF specializes in ransomware detection and helps to protect our network from ransomware threats and malware.""We've found the technical support to be helpful."

More Sangfor NGAF Pros →

Cons
"FirePOWER does a good job when it comes to providing us with visibility into threats, but I would like to see a more proactive stance to it.""It can be improved when it comes to monitoring. Today, the logs from the firewalls could be improved a bit more without integrating with other devices.""I'm not a big fan of the FDM (Firepower Device Manager) that comes with Firepower. I found out that you need to use the Firepower Management Center, the FMC, to manage the firewalls a lot better. You can get a lot more granular with the configuration in the FMC, versus the FDM that comes out-of-the-box with it. FDM is like Firepower for dummies.""Cisco wasn't first-to-market with NGFWs... they should look at what other vendors are doing and try not only to be on the same wavelength but a little bit better.""When you make any changes, irrespective of whether they are big or small, Firepower takes too much time. It is very time-consuming. Even for small changes, you have to wait for 60 seconds or maybe more, which is not good. Similarly, when you have many IPS rules and policies, it slows down, and there is an impact on its performance.""The configuration is an area that needs improvement.""The initial setup could be simplified, as it can be complex for new users.""The one thing that the ASAs don't have is a central management point. We have a lot of our environments on FTD right now. So, we are using a Firewall Management Center (FMC) to manage all those. The ASAs don't really have that, but they are easy to use if you physically go into them and manage them."

More Cisco Secure Firewall Cons →

"In terms of what could be improved, the SD-WAN is quite difficult, because if you install the new box, 15 is okay, but if you change from an old configuration, if there is already configuration and a policy when you change to SD-WAN, you must change the whole policy that you see in the interface.""Its reporting and pricing need improvement.""Fortinet FortiGate needs to improve the logging and reporting. Additionally, the next-generation application's policies should be improved. When they were released they had bugs.""There are some license issues. Not every feature must have a separate license. There must be some of kind synergy between the license so we don't have to pay for every individual license that we would like to have.""It is quite new for us, and we need to go more in-depth into the monitoring tools. It provides different features that we need to do what we want. So far, it is okay for us. In terms of improvement, in the future, they can provide a faster implementation of features. Some of the features are first available in other solutions. Fortinet sometimes takes a little bit longer than other solutions, such as Check Point, to implement new features.""It should provide better visibility over the network and more information in the form of reports for the end users. Its installation should also be easier.""FortiLink is the interface on the firewall that allows you to extend switch management across all of your switches in the network. The problem with it is that you can't use multiple interfaces unless you set them up in a lag. Only then you can run them. So, it forces you to use a core type of switch to propagate that management out to the rest of the switches, and then it is running the case at 200. It leaves you with 18 ports on the firewall because it is also a layer-three router that could also be used as a switch, but as soon as you do that, you can't really use them. They could do a little bit more clean up in the way the stacking interface works. Some use cases and the documentation on the FortiLink checking interface are a little outdated. I can find stuff on version 5 or more, but it is hard to find information on some of the newer firmware. The biggest thing I would like to see is some improvement in the switch management feature. I would like to be able to relegate some of the ports, which are on the firewall itself, to act as a switch to take advantage of those ports. Some of these firewalls have clarity ports on them. If I can use those, it would mean that I need to buy two less switches, which saves time. I get why they don't, but I would still like to see it because it would save a little bit of space in the server rack.""Usually, we sell the bundle with the UTM or threat management piece with IPS, IDS. Other providers, such as Palo Alto, are ahead in terms of safe functionality. So, for me, delivering truly safe service is probably something that still needs to be improved."

More Fortinet FortiGate Cons →

"I would be happy if Sangfor developed a firewall designed specifically for home use, as well as for small businesses such as clinics and so on. A household version of the Sangfor firewall for your personal computer or laptop would be ideal, in my opinion.""Sangfor need greater exposer in the market because the market is mainly saturated by Fortinet. The user experience of Fortinet is quite different compared to NGAF. If we want to switch our users from Fortinet to NGAF, we have to convince them that the user experience will be much easier once once they start to use it.""I believe that IAM and NGFW need to merge into a single box, instead of there being two separate box solutions.""The web interface needs to be improved, making it more user-friendly.""They need to increase the number of ports in the firewall.""Sangfor could improve their interface capacity on the 5100 series model and upgrade their hardware from one gig to 10 gig. This would improve the overall throughput.""The solution has too many bugs and these slow down the implementation.""The firewall system needs gradual improvements because there are more threats and challenges every day."

More Sangfor NGAF Cons →

Pricing and Cost Advice
  • "If we compare it with FortiGate and the co-existing ASA, FortiGate is better in price."
  • "They seem to be at the top end in terms of pricing, but they are worth the price. They are probably a little bit lower than Palo Alto. If the customers are relying on Cisco products and they are thinking more in terms of scaling to another layer in a year, it is pretty much in a good price range."
  • "We're using the smart license for this firewall. The models that we have require licensing for remote access."
  • "There are licensing costs."
  • "I just bought it off the shelf, and I'm using it with my previous one, so I have not spent that much."
  • "The price is fair. It's not the cheapest, but it's not bad."
  • "For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
  • "The product is very expensive."
  • More Cisco Secure Firewall Pricing and Cost Advice →

  • "I think the price of Fortinet FortiGate is very reasonable."
  • "It's a very full-featured and it's priced well solution."
  • "The price of FortiGate is average and I would say that based on the top five products available on the market, it is in the affordable range."
  • "Fortinet bundles FortiGate with other products and because of this, the price is a little expensive to some SMB enterprises."
  • "When you look at these end security systems and firewalls, these firewalls even five years ago were $50,000 or perhaps $25,000 to implement in some types of customer sites. Now we're talking about tools that are $1,000. In this case, it might have been $500 or something like that."
  • "The price of FortiGate is good."
  • "We purchased a five-year bundle package, which worked out cheaper than competing solutions."
  • "We just pay a flat monthly fee to the vendor for the support."
  • More Fortinet FortiGate Pricing and Cost Advice →

  • "Sangfor is cheaper than competing vendors."
  • "The price is unmatcheable."
  • "When it comes to the price of firewall solutions, Sangfor NGAF takes the cake."
  • "Sangfor NGAF price is reasonable and there is an annual license. However, the maintenance cost can be a bit high."
  • "For four to five physical appliances for a licensed firewall, it costs approximately $4,000."
  • "The price could be more competitive."
  • "The license of Sangfor NGAF can be purchased at different interval lengths, such as annually or three years. They offer a range of packages to choose from, such as combo or hybrid packages. We are using the complete solution package which includes IM, NGF and SSL VPN, and WAF."
  • "For over 2000 users, the cost is around 5000 to 6000 USD. If you want a web application firewall, you have to purchase an additional license for it."
  • More Sangfor NGAF Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    655,465 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and… more »
    Top Answer:One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet… more »
    Top Answer:It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
    Top Answer:From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know… more »
    Top Answer:As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite… more »
    Top Answer:We have Meraki Mx devices now, we are looking to replace them. But that is because the Meraki MX platform lacks SSL… more »
    Top Answer:The absolute best part of Sangfor NGAF is their support. It's a 24/7 support channel, and the last time I requested… more »
    Top Answer:If you know you have around 200+ computer users on your network, then the Sangfor NGAF 5200-F-I model would be the… more »
    Top Answer:I would be happy if Sangfor developed a firewall designed specifically for home use, as well as for small businesses… more »
    Comparisons
    Also Known As
    Cisco ASA Firewall, Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
    FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
    Sangfor NGAF Firewall Platform
    Learn More
    Overview

    The Cisco Secure Firewall portfolio delivers greater protections for your network against an increasingly evolving and complex set of threats. With Cisco, you’re investing in a foundation for security that is both agile and integrated- leading to the strongest security posture available today and tomorrow.

      From your data center, branch offices, cloud environments, and everywhere in between, you can leverage the power of Cisco to turn your existing network infrastructure into an extension of your firewall solution, resulting in world class security controls everywhere you need them.

      Investing in a Secure Firewall appliance today gives you robust protections against even the most sophisticated threats without compromising performance when inspecting encrypted traffic. Further, integrations with other Cisco and 3rd party solutions provides you with a broad and deep portfolio of security products, all working together to correlate previously disconnected events, eliminate noise, and stop threats faster.

      Fortinet FortiGate is an innovative line of firewalls that aim to protect organizations from all types of web-based network threats. They come in a wide variety of product types. Fortinet FortiGate’s solutions are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.

      Fortinet FortiGate provides users with next-generation firewall solutions that provide proven protection with unmatched performance across the network, from internal segments to data centers to cloud environments. You can protect every part of your network without exception. Additionally, your protections can be managed from a single central location. This ensures that the task of protecting your network is infinitely easier to accomplish.

      Benefits of Fortinet FortiGate

      Some of the benefits of using Fortinet FortiGate include:

      • The ability to manage your firewalls from a centralized automated control console. Fortinet FortiGate’s FortiManager enables administrators to exercise control of their firewalls in a streamlined manner. Administrators have full visibility and control over their system from a single location. It utilizes automation that collects information in real time, which greatly simplifies and reduces the cost of running various types of workflows. Administrators can free up resources by automating the most basic tasks.
      • The ability to produce uniform, appropriate, and coordinated responses to threats across networks. Fortinet FortiGate’s FortiGuard feature generates system protections in near real time. This allows administrators to address threats to the system with custom-made solutions that can be uniformly enforced.
      • The ability to scale up your security to fit your changing security needs. Fortinet FortiGate’s design allows users to accelerate the transfer of data between users and escalate the number of users that are covered without compromising security of performance. This means that users can grow their networks and continue to collaborate without worrying about the system slowing down or coming under attack.

      Reviews from Real Users

      Fortinet FortiGate’s firewall solutions are cutting edge. They stand out from competitors for a number of reasons. Two major ones are the robustness and power of their firewalls. Fortinet FortiGate’s firewall provides users with many valuable features that allow them to maximize what they can do with the solution. These firewalls enable users to use a single piece of software to accomplish tasks that often require the use of multiple pieces of software.

      PeerSpot user Eric S., a Solutions Engineer and Consultant at a tech-services company, notes the robustness of this solution when he writes, "One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface.”

      PeerSpot user Jim M., a network admin at Penobscot Valley Hospital, notes the power of Fortinet FortiGate’s security software when he writes, "It does a lot for you for intrusion protection and as an antivirus. The threat management bundle is worth the money. You don't need another company to monitor your web traffic for you. You can do everything yourself on the firewall. You restrict your own black list for people on the firewall.”

      Sangfor Next Generation Firewall (also known as NGAF) is a converged security solution providing protection against advanced threat, malware, viruses, ransomware and web-based attacks using integrated security features like firewall, IPS, anti-virus, anti-malware, APT, URL filtering, Cloud Sandbox, and WAF. As the world's first AI-enabled and fully integrated Next Generation Firewall & Web Application Firewall (WAF), NGAF offering the security visibility, real-time detection and response, simplified operation and maintenance and high-performance application layer security needed to operate an enterprise network in total security. Tested and proven to provide cutting-edge network security by ICSA Labs and endorsed by Gartner Inc., NGAF harnesses the power of Sangfor’s Neural-X threat intelligence and analytics platform and Engine Zero’s innovative malware detection to provide next-generation protection for today’s enterprise.

      Offer
      Learn more about Cisco Secure Firewall
      Learn more about Fortinet FortiGate
      Learn more about Sangfor NGAF
      Sample Customers
      There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
      Pittsburgh Steelers, LUSH Cosmetics, NASDAQ, Verizon, Arizona State University, Levi Strauss & Co. Whitepaper and case studies here
      The Ministry of Science, Technology, and Innovation (Indonesia), Lawson, Inc. (Philippines), Universiti Sultan Zainal Abidin (Indonesia), TEK Automotive (Italy), etc.
      Top Industries
      REVIEWERS
      Financial Services Firm16%
      Comms Service Provider13%
      Computer Software Company9%
      Government8%
      VISITORS READING REVIEWS
      Comms Service Provider20%
      Computer Software Company19%
      Government7%
      Educational Organization5%
      REVIEWERS
      Comms Service Provider16%
      Financial Services Firm10%
      Computer Software Company9%
      Manufacturing Company7%
      VISITORS READING REVIEWS
      Comms Service Provider23%
      Computer Software Company19%
      Government6%
      Educational Organization5%
      REVIEWERS
      Healthcare Company25%
      Manufacturing Company25%
      Comms Service Provider13%
      Computer Software Company13%
      VISITORS READING REVIEWS
      Comms Service Provider25%
      Computer Software Company18%
      Media Company7%
      Government7%
      Company Size
      REVIEWERS
      Small Business36%
      Midsize Enterprise24%
      Large Enterprise40%
      VISITORS READING REVIEWS
      Small Business28%
      Midsize Enterprise19%
      Large Enterprise53%
      REVIEWERS
      Small Business46%
      Midsize Enterprise24%
      Large Enterprise30%
      VISITORS READING REVIEWS
      Small Business30%
      Midsize Enterprise20%
      Large Enterprise50%
      REVIEWERS
      Small Business50%
      Midsize Enterprise31%
      Large Enterprise19%
      VISITORS READING REVIEWS
      Small Business25%
      Midsize Enterprise22%
      Large Enterprise53%
      Buyer's Guide
      Fortinet FortiGate vs. Sangfor NGAF
      November 2022
      Find out what your peers are saying about Fortinet FortiGate vs. Sangfor NGAF and other solutions. Updated: November 2022.
      655,465 professionals have used our research since 2012.

      Fortinet FortiGate is ranked 1st in Firewalls with 141 reviews while Sangfor NGAF is ranked 16th in Firewalls with 13 reviews. Fortinet FortiGate is rated 8.4, while Sangfor NGAF is rated 8.2. The top reviewer of Fortinet FortiGate writes "A reliable and consistent solution that allows us to manage the entire network from one interface and supports on-premises and cloud deployments". On the other hand, the top reviewer of Sangfor NGAF writes "A scalable and comprehensive solution that specializes in ransomware detection". Fortinet FortiGate is most compared with pfSense, Sophos XG, Check Point NGFW, Meraki MX and WatchGuard Firebox, whereas Sangfor NGAF is most compared with Sophos XG, Fortinet FortiOS, Sophos UTM, Palo Alto Networks NG Firewalls and pfSense. See our Fortinet FortiGate vs. Sangfor NGAF report.

      See our list of best Firewalls vendors.

      We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.