We performed a comparison between Fortinet Fortigate vs. WatchGuard Firebox based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Fortinet FortiGate came out ahead of WatchGuard because of its stronger support and better pricing.
"Good performance, stability, and virtual domain ability."
"We purchased Fortinet because of the pricing, its functionality, because it met our requirements, and the total cost of ownership over five years was quite reasonable. In the market, Fortinet is rated quite well."
"The UTM feature is quite good. FortiAP is easy to deploy because both Fortigate and FortiAP are under the same brand. Otherwise, you need to do more work on the configuration."
"The technical support in our region is excellent."
"FortiGate firewalls are easy to manage through a user-friendly web interface. They also have advanced features like DDoS and DLP. However, I wouldn't recommend enabling all of these features on one device because it can cause performance issues."
"The most valuable features of Fortinet FortiGate are the ability to work in proxy mode, which other solutions, such as Palo Alto cannot. There are some features that are better that come at no extra license or subscriptions cost, such as basic SD-WAN. The DLT is useful, other solutions have the same feature too, such as Palo Alto."
"Reliability is the best feature. We faced some issues when we were setting it up, but the service, portal, and administration are good."
"It does a lot for you for intrusion protection and as an antivirus. The threat management bundle is worth the money. You don't need another company to monitor your web traffic for you. You can do everything yourself on the firewall. You restrict your own black list for people on the firewall. You don't need to pay some other company for another product to do that for you. The firewall can do that for you. So, it's an easy-to-use product for people to be independent. They don't need to rely on other vendors to do what the firewall can do. They can do everything."
"I have found the DNS Watch feature for intrusion and prevention response and APT Locker most valuable to me."
"The most valuable feature of WatchGuard Firebox is its ease of use."
"The features that I have found most valuable are the FireWall features. The management side of WatchGuard is quite easy because it supports two ways to manage it - by the web and the other one they call WatchGuard systems manager. I used to be familiar with WSM only, but they improved their GUI in the web browser and now it is much easier to do it within the web browser."
"It is a scalable solution."
"The most valuable features of the WatchGuard Firebox are all the security and updated features. You are able to configure the solution from the cloud platform and the application and web interface are very nice."
"Management and visibility are the most valuable features."
"Their support is excellent, and the stability is very good."
"The most valuable feature of WatchGuard Firebox is the VPN. It's easy to connect to the VPN."
"The feature which gives us a lot of pain is ASIC architecture."
"Fortinet should focus on enhancing the capabilities of FortiGate by consolidating its various products, such as FortiGate Cloud, FortiManager, and FortiAnalyzer."
"The solution's framework needs to be frequently updated in order to have a stable solution."
"Fortinet FortiGate needs to improve the protection, it did not prevent us from being attacked. Additionally, Fortinet FortiGate could provide more features for WAF devices. I should not have to purchase two solutions, it would be a benefit to combine these features into one solution."
"The logging details need to be improved."
"I would like to see better pricing in the next release, as well as a simplification of the installation."
"With the addition of some features, it is possible that FortiGate can be used in all verticals."
"Bandwidth usage in reporting could be improved for Fortinet FortiGate."
"The VPN aspect of the WatchGuard Firebox is an area that could potentially benefit from improvement. We encountered difficulties while attempting to integrate Windows 11 laptops into the system, which resulted in unreliable connections. After some research, we discovered that this was primarily due to compatibility issues with Windows 11 and required a patch. However, it was still a challenge as it seemed that even when we tried to keep the laptops on Windows 10, they still exhibited the same issues as Windows 11 machines. Despite WatchGuard attributing the problem to Microsoft, we were eventually able to find a solution and all the machines are now functioning seamlessly."
"WatchGuard Firebox could improve the speed of updates, such as new features or improvements. However, they are frequently improving the solution in many areas, such as geo-locations, definitions, and web blocking."
"The UI and web view aren't nice."
"An area for improvement is that when we use a web administration link, there is no security."
"I believe there is a need for additional measures to connect mobile devices securely to the Firebox router."
"There's always room for improvement, especially if the threats are getting more sophisticated and the IT department cannot sufficiently meet this kind of sophistication with their own knowledge and experience. Knowing that this solution can get up to the level of addressing a lot of these threats is something that everybody wishes for. If we look at the dark web and the lawful web, they are two opposites, and if these two good and bad collide in the world of the internet, you want the best possible product—especially if you cannot get to that point of knowledge. I am just an individual and end user, with limited knowledge of usage. That's why I say there's always room for improvement, from their side and also from mine, because by knowing exactly what they can achieve and the knowledge that they can get on an everyday basis, and the portion that is understandable to me, it's an improvement for them as well."
"The performance of the solution's processor needs to be faster."
"I would like to see more training become available for us."
Fortinet FortiGate is ranked 1st in Firewalls with 108 reviews while WatchGuard Firebox is ranked 2nd in Unified Threat Management (UTM) with 25 reviews. Fortinet FortiGate is rated 8.4, while WatchGuard Firebox is rated 8.4. The top reviewer of Fortinet FortiGate writes "Efficient, user-friendly, and affordable". On the other hand, the top reviewer of WatchGuard Firebox writes "Easy to deploy and it provides useful data on threats ". Fortinet FortiGate is most compared with Sophos XG, Cisco Secure Firewall, Netgate pfSense, Meraki MX and Cisco SD-WAN, whereas WatchGuard Firebox is most compared with Netgate pfSense, Sophos XG, Meraki MX, OPNsense and Cisco Secure Firewall. See our Fortinet FortiGate vs. WatchGuard Firebox report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Even though my experience with FortiGate products has been mostly positive, I am partial to the WatchGuard appliances. I find the FortiGate interface a bit odd. For example, some of the wizards within the interface make me feel like it is more of a consumer device, even though I know it is a very capable appliance. The WatchGuard interface is more complicated, but it is also more capable. I also find that the UTM features within the FortiGate products lack some of the granular control available with WatchGuard.
I believe WatchGuard is the better choice regarding the quality of support, available documentation, and training resources.
I see that another reviewer indicated that WatchGuard lacked application control features. That is incorrect. Although I do not use this feature in any of my environments, I assure you that the features are available, and my testing has shown it to be capable.
WatchGuard appliances also can integrate their endpoint Threat Detection and Response client to an environment for a correlated view of the environment.
WatchGuard also offers multiple methods for managing an appliance. Although the GUI is very capable, I am not a fan of live changes to an appliance. There are instances when multiple changes must be made to achieve the desired outcome. When these circumstances arise, the WatchGuard Policy Manager software allows you to deploy multiple changes at once while maintaining an OH SH!T copy that you can quickly redeploy if you happen to make a mistake.
When it hits the fan, and you must troubleshoot an appliance issue, WatchGuard is far superior to any firewall I have worked with, including Fortigate. The ability to quickly and easily adjust the policies' order of precedence is a huge advantage and can often save a great deal of time troubleshooting.
Please do not take this as a negative review of FortiGate products. I am only speaking about firewalls. I have not used any of the other FortiGate products. I am strictly speaking of my experience deploying and managing FortiGate and WatchGuard firewalls. From my experience, I find the WatchGuard a superior product.
As a Managed Service Provider, our preferred product is WatchGuard, with our second offering being the Fortigate. We managed other firewall brands, but we only sell WatchGuard and FortiGate products under normal circumstances. There are exceptions based on the client's needs. For example, CradlePoint devices are often the best solutions for a client that only has cellular connectivity as an option. I only point out this situation because FortiGate is now offering LTE/5G solutions. We have many rural clients and moving forward, this may impact what we recommend. Unfortunately, at this time, I don't have enough knowledge to offer any intelligent input on these product offerings, only that they are on our radar.
In my organization, we use Fortinet’s Fortigate. We find it to be very powerful, cost-efficient, and reliable. The user interface is friendly, and it is easy to create policies and set rules. As an NGFW, you can upgrade the firewall cluster firmware without disturbing the user. The graphic interface is very intuitive. The endpoint and email protection are on point, and you don’t have to worry about downtime.
FortiGate offers malware and spyware protection, with advanced capabilities like proxy-based antivirus. It has advanced network protection features and a powerful intrusion prevention system with anti-spam and web filtering capabilities. For all the capabilities it offers, the price is reasonable.
FortiGate has downsides though: the technical support is not great, and there is not a lot of documentation available. It is also kind of hard to configure.
We reviewed WatchGuard before choosing FortiGate. WatchGuard offers a comprehensive advanced network security platform with enterprise-grade security. The router is rich in security features like antivirus, APT blocker, and spam blocker. It is simple to use and applicable for various use cases. It offers web filtering, application control, and monitoring.
We liked that the GUI interface seemed intuitive and easy to use. It integrates with Active Directory, so it is a good fit for MS enterprise users. You can also schedule backups with ease.
WatchGuard is, however, lacking in features for application control and we found the DNS server functionality to be poor. The firewall policies don’t point to a domain, only to IP addresses. While it is excellent that it integrates with Active Directory, the single-sign-on sometimes doesn’t refresh users’ permissions when they log on and off.
Conclusion
Fortinet Fortigate is undoubtedly a powerful and established next-generation firewall, and with all the features and capabilities, it is a better and more cost-effective solution than WatchGuard. WatchGuard would be better for organizations that use MS products.