Fortinet FortiOS vs Sangfor NGAF comparison

Fortinet and Sangfor are both solutions in the Firewalls category. Fortinet is ranked #22 with an average rating of 8.4, while Sangfor is ranked #19 with an average rating of 7.9. Fortinet holds a 1.1% mindshare in Firewalls, compared to Sangfor’s 1.3% mindshare. Additionally, 98% of Fortinet users are willing to recommend the solution, compared to 90% of Sangfor users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Apr 6, 2025

Fortinet FortiOS and Sangfor NGAF compete in the cybersecurity product category. Sangfor appears to have the upper hand due to its affordability and user-friendly approach, especially appealing to small businesses.

Features: Fortinet FortiOS offers UTM, VPN services, FortiView for troubleshooting, intrusion prevention, antivirus, and SD-WAN that supports direct cloud access. Sangfor NGAF provides strong intrusion detection, a highly rated vulnerability assessment, and application control for precise restrictions, known for its affordability and ease of use.

Room for Improvement: Fortinet FortiOS could improve its user interface, reporting, and VPN functionality, and its pricing and licensing model are often seen as high for smaller businesses. Sangfor NGAF may focus on interface improvements and better integration with other solutions, addressing limited web filtering capabilities and user experience issues. Pricing increases could challenge Sangfor's affordability advantage.

Ease of Deployment and Customer Service: Fortinet FortiOS is mainly deployed on-premises with some hybrid cloud usage. Its support has mixed reviews, facing criticism for slow response times. Sangfor NGAF is flexible, operating both on-premises and hybrid cloud environments. It is praised for effective and responsive technical support, though documentation could be improved.

Pricing and ROI: Fortinet FortiOS is considered more costly, suitable for mid-sized to larger enterprises due to its high renewal and licensing costs, but offers strong ROI through features and scalability. Sangfor NGAF's competitive pricing offers good value, particularly for small to mid-sized businesses, though potential maintenance cost increases are a concern. Both provide measurable ROI due to their feature offerings and ease of deployment.

To learn more, read our detailed Fortinet FortiOS vs. Sangfor NGAF Report (Updated: June 2025).

Buyer's Guide

Fortinet FortiOS vs. Sangfor NGAF

June 2025

Download the complete report

Helped 856,873 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortinet FortiGate

Mindshare comparison

As of June 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 21.4%, up from 17.8% compared to the previous year. The mindshare of Fortinet FortiOS is 1.1%, up from 0.9% compared to the previous year. The mindshare of Sangfor NGAF is 1.3%, up from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Firewalls

Featured Reviews

Jorge Martínez

Presales Engineer at Sencinet

Offers good SD-WAN capabilities and integrates easily with Fortinet devices

I am not part of the initial setup or deployment process since I work in presales. The setup or deployment is quite easy, as you can do a one-touch deployment that automatically connects to the FortiManager cloud when you connect it to a broadband or dynamic IP, allowing you to start the configuration from that point. We usually sell it for on-premises setups. It's on the cloud only when the client has virtual machines or their own service. Sometimes they have a service on the cloud like AWS, but it's more difficult to sell now because AWS has an e-commerce option where you can buy FortiGate directly. The only thing you need is someone to manage and configure.

Read full review

Harshama Silva

Senior Manager at ITX360 (Pvt) Ltd

We have improved network security with user-friendly controls and high threat intelligence

FortiOS is very user-friendly and easy to configure for L1, L2, and L3 personnel. Its web filtering, application control, and IPS features are very user-friendly, easy to manage, and deploy. The threat intelligence in FortiOS is very high, and the system is scalable without additional licensing costs. FortiOS allows us to expand the number of users and devices as our network needs grow.

Read full review

Zaid Farooqui

CIO at Indus Motor Company

Enhanced threat detection with integrated security features and good support

We are using application firewalling, WAF, and SD-WAN. The capabilities are mostly within the box. For example, you will get web application firewall WAF as part and parcel of this. SD-WAN is also bundled. It integrates with their SIEM and SOAR solutions very nicely. Lastly, the pricing point is very cost-efficient as well.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Fortinet FortiGate is used to prevent security failures. Since implementing the solution, we have seen improvements in security and in the distribution of our network."

"It blocks the vulnerabilities that can negatively impact us."

"It has a good UI and overall integration, including FortiGate Manager for controlling all firewalls from a single place."

"Application control and the web filter are the best features of Fortinet FortiGate."

"It is easy to use and performs very well."

"Anti-Spam web content filterinG."

"The performance is good."

"Fortinet FortiGate provides excellent security against ransomware attacks."

More Fortinet FortiGate pros

"The fact that is it has a UTM, a Unified Threat Management feature is the most valuable aspect for us. It's an all in one product. It's like our one-stop-shop to the internet."

"The main features I find useful are intrusion prevention and web filtering. Additionally, the solution is easy to manage."

"The product is scalable and easily expands."

"Their classification inside of that database of the various threats is typically very, very good."

"The interface is good."

"The solution is very easy to configure and has a good interface, plus it offers more configuration options than other vendors."

"The technical support is very good and the assistance they gave was very good."

"I have found the most valuable feature of Fortinet FortiOS is the low maintenance."

More Fortinet FortiOS pros

"The tool's performance is good."

"The built-in features function as intended, providing exceptional value."

"The level of support provided to local companies is good. They transform their application control and other settings according to that country."

"Sangfor has the best capabilities for securing connections, securing web browsers, securing servers, and general threat protection."

"Sangfor is a good solution that provides a WAF and firewall solution. Most other vendors, like Sophos and Fortinet and Cisco, only provide one solution. That's a valuable feature of Sangfor."

"Sangfor NGAF's standout feature is its powerful application control, enabling precise restrictions on mobile user access to approved applications."

"It offers application control features."

"The product is very fast and reliable."

More Sangfor NGAF pros

Cons

"One of the most important areas for improvement for Fortinet FortiGate is the limited resources for tests."

"There were quite a few problems with the stability of the system."

"From a support perspective, I had more issues that I didn't think the person on my case handled the way I was expecting. We called them for a geolocation issue and we didn't get any proper assistance."

"Fortinet FortiGate could improve by having more capabilities for troubleshooting VPN connections. For example, I do get some feedback about the current status, but I could use some history and logging of important events. The information is logged in our Syslog server, but I could use that information from the device. If they could provide a GUI to have some more insight on what's going with my VPN would be useful."

"We had some issues in the beginning while setting it up, but after doing the firmware update, it is working fine."

"For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial."

"Fortinet FortiGate should improve the VPN tokens."

"Fortinet FortiGate is not very easy to use. The navigation could be improved to make it easier to use."

More Fortinet FortiGate cons

"The GUI could be improved to make it more usable, easier to administer, and easier to configure."

"For monitoring purposes, we don't have any option to monitor the ISP link."

"The reporting for this solution could be improved. It could also be more stable and offer better pricing."

"We had assistance from one person from our local vendor for the implementation."

"Sometimes, Fortinet FortiOS changes its CLI (command line interface) with new versions, which leads to internal incompatibility. When this happens, you need to update the configuration to match the new format, as the commands aren’t always the same. This can create some confusion and extra work because, unlike other vendors where the CLI commands remain primarily consistent with updates, Fortinet often changes the syntax between versions."

"Compared to other market leaders like Palo Alto and Check Point, FortiOS has many bugs in its initial releases."

"The support could be improved, Fortinet's response time is very slow. Setting up the VPN could be made much easier, especially when deployed with Azure."

"The solution needs improvement with DDoS protection."

More Fortinet FortiOS cons

"They need to improve their research team and they need to study their data to analyze it and build the product."

"The GUI needs to be improved, lacks logic in some areas."

"The tool's support is an area of concern where improvements are required."

"The tool is expensive."

"Sangfor NGAF could improve the policies and default criteria. They could be much better."

"I believe that IAM and NGFW need to merge into a single box, instead of there being two separate box solutions."

"Sangfor could improve by providing better real-time reporting, as the current reports don't offer the level of detail we need, especially for runtime insights."

"The setup phase is quite complex."

More Sangfor NGAF cons

Pricing and Cost Advice

"Other firewalls are more expensive than Fortinet FortiGate, such as the Azure firewall."

"When you look at these end security systems and firewalls, these firewalls even five years ago were $50,000 or perhaps $25,000 to implement in some types of customer sites. Now we're talking about tools that are $1,000. In this case, it might have been $500 or something like that."

"These boxes are not that expensive compared to what they can do, their functionality, and the reporting you receive. Fortinet licensing is straightforward and less confusing compared to Cisco."

"The main reason we chose Fortinet FortiGate was that the price was better than the competition."

"I find it quite reasonable."

"It is expensive. You need to pay for the subscription every year, which is very expensive. The subscription includes technical support and hardware exchange in case of failure."

"It is quite affordable for our customers. There is a separate cost for IPS, antivirus, web filtering, and other features. They have a great choice of licenses. You can go for the license that you want, which is quite useful."

"Go for long term pricing negotiated at the time of purchase."

More Fortinet FortiGate pricing and cost advice

"It would be better if it were cheaper. We have the firewall in our office, and the license is expiring in 20 to 25 days. We got a quote for almost 80,000 Pakistani Rupees, which is a little costly."

"The software costs roughly half what the hardware costs. Overall, the product is expensive."

"A yearly subscription might be around $20,000 to $30,000."

"I am on a two-year contract and I pay annually for Fortinet FortiOS."

"The scalability of Fortinet FortiOS is good. However, central management is intuitive for the end-users. We had a lot of questions about central management, and sometimes they didn't use it and did their firewall management directly on FortiGate instead of using Fortinet FortiOS."

"The solution is quite affordable and I rate the cost a four out of ten."

"Pricing for the tool can vary. Sometimes, aggressive pricing is offered at the start, but later, as subscriptions and expansions are needed, the costs can increase, and customers may have to pay whatever is required."

"Regarding the cost, the initial purchase is relatively cheap because it comes bundled. However, the subscription renewals can be quite expensive. The renewal costs are high, even though the initial purchase might include discounts."

More Fortinet FortiOS pricing and cost advice

"The price could be more competitive."

"When it comes to the price of firewall solutions, Sangfor NGAF takes the cake."

"The license of Sangfor NGAF can be purchased at different interval lengths, such as annually or three years. They offer a range of packages to choose from, such as combo or hybrid packages. We are using the complete solution package which includes IM, NGF and SSL VPN, and WAF."

"Price-wise, I would not consider Sangfor NGAF to be a cheap product. It is an expensive firewall solution, though not as expensive as something like Palo Alto, which is costly. However, the higher price point is justifiable given the feature set the tool provides that other firewalls may not offer in a single dedicated appliance."

"We purchased one year technical support and return to factory support, and we also purchased one-year technical support services. So those were additional."

"Sangfor NGAF is a cheaply priced product, especially if I consider the previous product that was used in my company."

"The price is unmatcheable."

"For over 2000 users, the cost is around 5000 to 6000 USD. If you want a web application firewall, you have to purchase an additional license for it."

More Sangfor NGAF pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Firewalls solutions are best for your needs.

See recommendations

856,873 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

15%

Computer Software Company

15%

Comms Service Provider

Manufacturing Company

Computer Software Company

14%

Financial Services Firm

10%

Government

Manufacturing Company

Computer Software Company

12%

Manufacturing Company

10%

Financial Services Firm

Educational Organization

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

When you compare these firewalls you can identify them with different features, advantages, practices and usage a...

See all answers

What is the biggest difference between Sophos XG and FortiGate?

From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...

See all answers

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?

As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...

See all answers

Features comparison between Palo Alto and Fortinet firewalls

In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it...

See all answers

What do you like most about Fortinet FortiOS?

The SSL VPN is fee for use is most attractive.

See all answers

What is your experience regarding pricing and costs for Fortinet FortiOS?

I rate the pricing for FortiOS as eight or nine out of ten. It is an affordable solution for us.

See all answers

What do you like most about Sangfor NGAF?

I think Sangfor NGAF is more valuable than Cisco products because of its simplicity and ease of management. If I comp...

See all answers

What is your experience regarding pricing and costs for Sangfor NGAF?

The licensing cost is quite high compared to other available firewalls in the market.

See all answers

What needs improvement with Sangfor NGAF?

The cost of licensing is very high compared to other firewalls available here. There should be improvements in hardwa...

See all answers

Comparisons

Sophos XG vs Fortinet FortiGate

Compared 21% of the time

Netgate pfSense vs Fortinet FortiGate

Compared 12% of the time

Cisco Secure Firewall vs Fortinet FortiGate

Compared 11% of the time

SonicWall TZ vs Fortinet FortiGate

Compared 5% of the time

More Fortinet FortiGate Competitors

Fortinet FortiManager vs Fortinet FortiOS

Compared 11% of the time

Cisco Secure Firewall vs Fortinet FortiOS

Compared 8% of the time

Fortinet FortiWeb vs Fortinet FortiOS

Compared 8% of the time

Fortinet FortiGate-VM vs Fortinet FortiOS

Compared 4% of the time

Cato SASE Cloud Platform vs Fortinet FortiOS

Compared 1% of the time

More Fortinet FortiOS Competitors

Sophos XG vs Sangfor NGAF

Compared 16% of the time

Palo Alto Networks NG Firewalls vs Sangfor NGAF

Compared 4% of the time

Sophos XGS vs Sangfor NGAF

Compared 4% of the time

Netgate pfSense vs Sangfor NGAF

Compared 4% of the time

Hillstone X-Series Data Center Firewalls vs Sangfor NGAF

Compared 2% of the time

More Sangfor NGAF Competitors

Product Reports

Buyer's Guide

Fortinet FortiGate

June 2025

Download Fortinet FortiGate product report

Buyer's Guide

Fortinet FortiOS

June 2025

Download Fortinet FortiOS product report

Buyer's Guide

Sangfor NGAF

May 2025

Download Sangfor NGAF product report

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall

No data available

Sangfor NGAF Firewall Platform

Overview

Fortinet FortiGate offers comprehensive network security and firewall protection across multiple locations. It effectively manages data traffic and secures environments with features like VPN, intrusion prevention, and UTM controls.

Organizations rely on Fortinet FortiGate for its robust integration with advanced security policies, ensuring significant protection for enterprises, cloud environments, and educational sectors. It facilitates network segmentation, application-level security, and authentication management, securing communication within and between locations such as branches and data centers. Its efficient SD-WAN and UTM features enable streamlined data management and enhanced threat protection capabilities. Users appreciate its centralized management, facilitating seamless operations across diverse environments.

What are the key features of Fortinet FortiGate?

VPN Capabilities: Ensure secure remote access for users and seamless site-to-site connections.
Intrusion Prevention System (IPS): Detect and prevent security threats and vulnerabilities.
Advanced Firewall: Offers robust firewalling with application control and web filtering.
SD-WAN: Optimizes application performance and enhances bandwidth management.
SSL VPN: Provides reliable and secure access for remote workers.

What benefits should users expect from Fortinet FortiGate?

High-performance Security: Delivers effective threat mitigation with high availability.
Centralized Management: Simplifies network operations with cloud-based management tools.
Detailed Analytics: Provides comprehensive insights into network activity and security threats.
Load Balancing: Ensures optimal resource distribution and traffic management.

Fortinet FortiGate is crucial in sectors like education, offering robust networks for secure data flow between campuses and facilitating remote learning. In enterprise environments, it allows efficient management of application traffic and security across multiple branches, while in the cloud, it seamlessly integrates with diverse platforms to enhance security infrastructure.

Fortinet

Fortinet FortiOS is a comprehensive security operating system that powers Fortinet's network security solutions. It provides advanced threat protection, network visibility, and centralized management for organizations of all sizes. With its robust features and intuitive interface, FortiOS enables businesses to secure their networks, applications, and data from cyber threats.

One of the key features of FortiOS is its advanced threat protection capabilities. It incorporates multiple security technologies, including firewall, antivirus, intrusion prevention system (IPS), and web filtering, to detect and block a wide range of threats. This ensures that organizations are protected against malware, ransomware, and other malicious activities. FortiOS also offers extensive network visibility, allowing organizations to monitor and analyze network traffic in real-time. This visibility enables businesses to identify potential security risks, detect anomalies, and take proactive measures to mitigate threats.

Additionally, FortiOS provides detailed reports and analytics, helping organizations gain insights into their network security posture. Centralized management is another crucial aspect of FortiOS. It allows businesses to manage and configure their security policies, devices, and users from a single console. This simplifies the management process and ensures consistent security across the entire network infrastructure.

Moreover, FortiOS supports integration with other Fortinet products, enabling seamless security orchestration and automation. FortiOS is designed to be scalable and flexible, making it suitable for organizations of all sizes. It offers a range of deployment options, including physical appliances, virtual machines, and cloud-based solutions. This flexibility allows businesses to choose the deployment model that best fits their requirements and easily scale their security infrastructure as their needs evolve.

Fortinet

Sangfor Next Generation Firewall (also known as NGAF) is a converged security solution providing protection against advanced threat, malware, viruses, ransomware and web-based attacks using integrated security features like firewall, IPS, anti-virus, anti-malware, APT, URL filtering, Cloud Sandbox, and WAF. As the world's first AI-enabled and fully integrated Next Generation Firewall & Web Application Firewall (WAF), NGAF offering the security visibility, real-time detection and response, simplified operation and maintenance and high-performance application layer security needed to operate an enterprise network in total security. Tested and proven to provide cutting-edge network security by ICSA Labs and endorsed by Gartner Inc., NGAF harnesses the power of Sangfor’s Neural-X threat intelligence and analytics platform and Engine Zero’s innovative malware detection to provide next-generation protection for today’s enterprise.

Sangfor

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya

Black Gold Regional Schools, Amadeus Hospitality, Jefferson County, Chunghwa Telecom, City of Boroondara, Dimension Data

The Ministry of Science, Technology, and Innovation (Indonesia), Lawson, Inc. (Philippines), Universiti Sultan Zainal Abidin (Indonesia), TEK Automotive (Italy), etc.

Buyer's Guide

Fortinet FortiOS vs. Sangfor NGAF

June 2025

Free Report: Fortinet FortiOS vs. Sangfor NGAF

Find out what your peers are saying about Fortinet FortiOS vs. Sangfor NGAF and other solutions. Updated: June 2025.

DOWNLOAD NOW

856,873 professionals have used our research since 2012.

See our Fortinet FortiOS vs. Sangfor NGAF report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.