KerioControl vs Palo Alto Networks NG Firewalls comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between KerioControl and Palo Alto Networks NG Firewalls based on real PeerSpot user reviews.

Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed KerioControl vs. Palo Alto Networks NG Firewalls Report (Updated: January 2024).
757,198 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"You can create multiple Virtual Domains (VDOMs), which are treated as separate firewall instances.""The most valuable feature is the SSL VPN, as it allows us to connect and it separates this product from other firewalls.""Good load balancing feature.""The most valuable feature of this solution is Quota.""The web filtering feature and the intrusion protection system are the most valuable. It is a resilient appliance. I never had an issue with it in terms of any security breaches.""Fortinet FortiGate has many valuable features, such as IDS, and intrusion detection. It has security features that are in part with the technologies that are available in the market.""The solution is scalable.""The most valuable feature is the bundled subscription, which is IPS, TV and web filtering."

More Fortinet FortiGate Pros →

"Kerio is a lot clearer to set up to do particular things, whereas when I do it on a Cisco or a FortiGate I have to go fight with it per week sometimes to do something I can do in 20 minutes on Kerio.""It is very comprehensive and simple. It has all the active protections. It's updated. We love that you can set how often it is updated so you can work what is right for you. A large company with a lot of bandwidth can update the virus definitions and security definitions hourly, if they want. A smaller site that's remote, where maybe updating the definitions will eat into the bandwidth, we can schedule those more to go later at night. It's very flexible and works for us in all types of situations. This is great because then we don't have to learn seven different products to be able to work with seven different scenarios.""The firewall and intrusion detection features are very useful these days because hackers have a lot of tricks that they use to get into a system. With Kerio Control you can see something that's happening. Otherwise, you have to use other tools to see what's happening on the firewalls. Having IPS in it is quite useful for us.""It has saved a lot of time and it was a secure way of doing it too. We had a whole contact center that worked from home for a period of time and that's a 21 hour a day contact center that we moved, that was spread out across the greater Brisbane region and working on home internet connections. Surprisingly, we didn't have a lot of stability issues anyway on those connections, but Kerio didn't blink, so that was good.""In terms of the comprehensiveness of the security features, it does a great job of laying out what it does. It's fairly easy to edit and research. Some of the features were turned on by our IT company and I was able to easily find other features on my own by searching for videos on the internet. I've been able to block certain websites, and content filter, as well as manage some of our bandwidth because we live stream on Sunday. I'm able to dedicate bandwidth for the encoder that goes to the internet. It always has enough bandwidth, no matter how many people are on the network. That's really helpful.""The ease of use in the GUI itself is the most valuable feature. The GUI is really the best part of it. We like the traffic rules so we can control who can get to what. It's easy to determine the flow of the traffic itself so we aren't having to guess through command lines and reading out basically command-driven output. It's just a very easy-to-use interface. The interface is the best part of the product.""The statistic feature enables us to better use bandwidth management. We monitored the use by mobile, type of application, department, and by users. The bandwidth was solid. Our internet speed is optimized for our research.""The comprehensiveness of the security features that Kerio Control provides us with is good. Before GFI had it, they would have more updates. The updates have been slower, but I like the things that they keep adding like the ability to block by country. I use pretty much every feature."

More KerioControl Pros →

"The WildFire reporting and Cortex XDR platform have huge infrastructures in the cloud that secures the network against threats. So, we have the potential on the system, specifically for users, where we take care of this since the user is the most dangerous. We get reports back from WildFire on a minute-by-minute basis, rather than a daily or weekly update like I used to with different AV vendors. These features can detect viruses and malware more quickly, which is super important.""The most valuable features of this solution are all of the services it provides.""Palo Alto Networks NG Firewalls provide a unified platform that natively integrates all security capabilities.""The application control portion of the solution is its most valuable aspect.""The first time I came across these firewalls, what surprised me the most was their web user interface. It is complete and gives you a lot of information. You can do 80% of the things related to your network and firewall through the web UI. In some of the other devices, the UI is not as complete. App-ID is also very valuable in customer networks. When you're seeing a lot of traffic in your network, you can see in your web UI which users have the applications that are consuming the most bandwidth. You have a broad context, which is very good.""They are regularly releasing new versions that include more integration with third-party services.""Its flexibility is the most valuable.""It's a next-generation firewall and it's pretty stable. You don't have to worry about if you restart it for some maintenance. It will just come back."

More Palo Alto Networks NG Firewalls Pros →

Cons
"They've become quite expensive.""I would like to see better pricing in the next release, as well as a simplification of the installation.""The graphical user interface of Fortinet's FortiGate product does not function well with text-based interfaces.""Stability and technical support are the two major issues I have found with Fortinet.""While FortiGate is cheaper than most other solutions, we're seeing increased license renewal costs. Most of our clients are asking for more significant discounts because the price is going up.""We would like to have the ability to disable some of the security functionalities.""Compared to some other products, the DLP is not at par for the moment.""I need user-behavior analytics, to find threat scenarios from inside the organization, insider attacks. That would be very helpful for us. In addition, I would like next-generation features for small and medium businesses. These businesses require UTM, all in one product. Fortinet must include it."

More Fortinet FortiGate Cons →

"I would like for there to be a difference between international and national links.""I can no longer renew my subscription directly with GFI but we have to go through third-party resellers like CDW. The first time I did it with CDW. I went to CDW and it was almost like they didn't even know anything. They didn't know what package I was supposed to get. Then after I got it, it took almost five days to get everything working.""There's also room for improvement in the Traffic Rules. We define networks to use a specific outgoing interface, say VSAT, shore, or marine WiFi, which is okay. But then all we have is a checkbox that says "Use other internet interfaces if this one is unavailable." What we would prefer would be to have a priority list. So if VSAT is unavailable, try to use 4G, etc. We haven't really found a reliable way of doing that in the current release.""The overall speed needs improvement. Internet connectivity speed needs to be improved somehow.""My experience with the solutions technical support is fine but they could be faster in responding.""Kerio Control has just improved on their biggest problem, which was to introduce better support for high-availability requirements in production.""The solution can be improved to create the capability for larger bandwidths that support our business needs.""The solution should offer more dashboards."

More KerioControl Cons →

"In my opinion, the training provided is satisfactory, but there is certainly room for improvement. It would be great to have more comprehensive training at a lower cost, or even for free.""There has been a recent change in the graphical interface. For the monitoring part, they could have a better UI.""The price is high and has room for improvement.""We have not taken Palo Alto's firewall management solution because it's too expensive and we don't feel it delivers significant value.""I would like to see more in terms of reporting tools and the threat analysis capabilities.""I would like them to bring in some features that would encourage traffic shaping or bandwidth routing, like other UTM firewalls, because the solution should be capable of limiting the bandwidth for rules.""Surfacing actionable intelligence right away could be better. You have to dig far to get some of the information. If the solution could surface the two or three things out of the 10,000 a day that we really need to deal with, it would be helpful.""The areas that need to improve are network protection and user identification."

More Palo Alto Networks NG Firewalls Cons →

Pricing and Cost Advice
  • "Fortinet has one or two license types, and the VPN numbers are only limited by the hardware chassis make."
  • "These boxes are not that expensive compared to what they can do, their functionality, and the reporting you receive. Fortinet licensing is straightforward and less confusing compared to Cisco."
  • "Go for long term pricing negotiated at the time of purchase."
  • "Work through partners for the best pricing."
  • "The value is the capability of having multiple services with one unique license, not having the limitation per user licensing schema, like other vendors."
  • "Easy to understand licensing requirements."
  • "​We saved a bundle by not needing all the past appliances from an NGFW.​"
  • "The cost is too high... They have to focus on more features with less cost for the customer. If you see the market, where it's going, there are a lot of players offering more features for less cost."
  • More Fortinet FortiGate Pricing and Cost Advice →

  • "Search and compare."
  • "Pricing is good, but the licensing took a lot of time."
  • "The price is inexpensive."
  • "It's very affordable."
  • "The pricing is in-line with our expectations in terms of the quality that we get for it."
  • "There is a yearly upkeep fee."
  • "My advice is to use your own hardware, and do not use theirs."
  • "It is a good fit for SMBs because of its maintainability. When you want to keep your costs low, then Kerio Control is a very good solution. It's not an expensive product that is well integrated. It has a complete set of features within it that make it a very strong product."
  • More KerioControl Pricing and Cost Advice →

  • "Annually, the licensing costs are too much."
  • "Pricing is yearly, but it depends. You could pay on a yearly basis, or every three years. If you want to add a device or two, there would be an additional cost. Also, if you want to do an assessment, or other similar add-on, you have to pay accordingly for the additional service."
  • "It will be worth your time to hire a contractor to set it up and configure it for you, especially if you are not very knowledgeable with PA firewalls."
  • "Don't buy a device with more power than you really need, because licensing depends on the cost of the box you have."
  • "The licensing is annual, and there aren't any additional fees on top of that."
  • "The price of this product should be reduced."
  • "The pricing is competitive in the market."
  • "This is an expensive product, which is why some of our customers don't adopt it."
  • More Palo Alto Networks NG Firewalls Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    757,198 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and usage at… more »
    Top Answer:From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know… more »
    Top Answer:As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite… more »
    Top Answer:The solution provides feasibility regarding cyber privacy.
    Top Answer:The pricing is reasonable. We have to pay approximately EUR 175 for the product.
    Top Answer:The pricing of the product can be improved. The trial duration of the product should also be extended.
    Top Answer:Azure Firewall Vs. Palo Alto Network NG Firewalls Both solutions provide stellar stability and security. Azure… more »
    Top Answer:In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it… more »
    Top Answer:Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat… more »
    Comparisons
    Also Known As
    FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
    Palo Alto NGFW, Palo Alto Networks Next-Generation Firewall
    Learn More
    Fortinet
    Video Not Available
    GFI
    Video Not Available
    Palo Alto Networks
    Video Not Available
    Overview

    Fortinet FortiGate is an innovative line of firewalls that aim to protect organizations from all types of web-based network threats. They come in a wide variety of product types. Fortinet FortiGate’s solutions are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.

    Fortinet FortiGate provides users with next-generation firewall solutions that provide proven protection with unmatched performance across the network, from internal segments to data centers to cloud environments. You can protect every part of your network without exception. Additionally, your protections can be managed from a single central location. This ensures that the task of protecting your network is infinitely easier to accomplish.

    Benefits of Fortinet FortiGate

    Some of the benefits of using Fortinet FortiGate include:

    • The ability to manage your firewalls from a centralized automated control console. Fortinet FortiGate’s FortiManager enables administrators to exercise control of their firewalls in a streamlined manner. Administrators have full visibility and control over their system from a single location. It utilizes automation that collects information in real time, which greatly simplifies and reduces the cost of running various types of workflows. Administrators can free up resources by automating the most basic tasks.
    • The ability to produce uniform, appropriate, and coordinated responses to threats across networks. Fortinet FortiGate’s FortiGuard feature generates system protections in near real time. This allows administrators to address threats to the system with custom-made solutions that can be uniformly enforced.
    • The ability to scale up your security to fit your changing security needs. Fortinet FortiGate’s design allows users to accelerate the transfer of data between users and escalate the number of users that are covered without compromising security of performance. This means that users can grow their networks and continue to collaborate without worrying about the system slowing down or coming under attack.

    Reviews from Real Users

    Fortinet FortiGate’s firewall solutions are cutting edge. They stand out from competitors for a number of reasons. Two major ones are the robustness and power of their firewalls. Fortinet FortiGate’s firewall provides users with many valuable features that allow them to maximize what they can do with the solution. These firewalls enable users to use a single piece of software to accomplish tasks that often require the use of multiple pieces of software.

    PeerSpot user Eric S., a Solutions Engineer and Consultant at a tech-services company, notes the robustness of this solution when he writes, "One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface.”

    PeerSpot user Jim M., a network admin at Penobscot Valley Hospital, notes the power of Fortinet FortiGate’s security software when he writes, "It does a lot for you for intrusion protection and as an antivirus. The threat management bundle is worth the money. You don't need another company to monitor your web traffic for you. You can do everything yourself on the firewall. You restrict your own black list for people on the firewall.”

    Kerio Control is a popular security product for small and medium-sized businesses. It is a next-generation firewall that provides unified threat management without complexity. Kerio Control provides advanced anti-virus protection and industry-leading web and content application filtering, and has a secure VPN.

    With Kerio Control you can:

    • Preserve the integrity of your network.
    • Manage bandwidth to streamline traffic flows.
    • Improve productivity with filtering capabilities.

    Kerio Control Features

    Some of Kerio Control’s most valuable features include:

    High availability, deployment flexibility, deep packet inspection, advanced routing, usage reporting, quick administering, intrusion detection and prevention (IPS), gateway anti-virus, VPN, web and content application filtering, and centralized administration with MyKerio.

    Kerio Control Benefits

    • Eliminate downtime risks: Because Kerio Control offers high availability and failover protection, you can eliminate the risk and cost of connectivity or threat protection downtime.

    • Detailed reports: Kerio Control makes it easy to view individual users’ internet activity through detailed reports.

    • Traffic monitoring: Traffic monitoring allows you to manage bandwidth and makes it possible for you to control access to streaming video and peer-to-peer networks.

    • Server protection: Using Kerio Control’s advanced networking routing and deep packet inspection, you can protect servers.

    • Easily create policies: With Kerio Control, you can create both inbound and outbound traffic policies, and can also restrict communication by specific URLs, applications, traffic type, content category, or even time of day.

    • Snort-based analysis: Kerio Control gives you the ability to add a transparent layer of intrusion prevention with snort-based analysis along with a database of rule and blacklisted IP addresses that is regularly refreshed.

    • Optionally integrated anti-virus: WIth this feature, you can prevent viruses, Trojans, or spyware from entering your networks.

    Reviews from Real Users

    Here is some feedback from some of our users who are currently using the solution:

    PeerSpot user Brian C., Senior Technology Specialist, VP at Unified Technology Solutions, writes "It is very comprehensive and simple. It has all the active protections. It's updated. We love that you can set how often it is updated so you can work on what is right for you. A large company with a lot of bandwidth can update the virus definitions and security definitions hourly, if they want. A smaller site that's remote, where maybe updating the definitions will eat into the bandwidth, we can schedule those more to go later at night. It's very flexible and works for us in all types of situations. This is great because then we don't have to learn seven different products to be able to work with seven different scenarios."

    Andy D., IT Manager at Flare Technologies, praises how easy it is to use and says, "One thing we use quite a lot, as well, is the DHCP Server, because we do a lot of work where all our devices need to have static IP addresses. Rather than going around and configuring every box, we do it all through DHCP reservations. It's easier. We've got a record of it. We can manipulate it if we need to change something or change some hardware. It's all easy. Even guys who are not used to using it can pick it up quite quickly."



    Palo Alto Networks NG Firewalls are next-generation firewalls used for security to protect networks from threats and attacks. It is used for perimeter security, data center protection, and managing secure access to environments. Users highlight the NGFW's effectiveness in providing comprehensive security without impacting network performance. Users appreciate its ease of use, particularly in setup and ongoing management, making it a favored choice for businesses looking to secure their cloud environments.

    The firewall provides application control, malware protection, scalability, stability, user-friendly interface, threat hunt capabilities, application visibility and awareness, URL filtering, traffic monitoring, machine learning for attack prevention, a unified platform for all security capabilities, DNS security, VPN, and embedded machine learning. Palo Alto Networks NG Firewalls is easy to manage, reliable, and balances security and network performance well. It also provides complete visibility through logs and alerting.

    Palo Alto Networks NG Firewalls Features

    Palo Alto Networks NG Firewalls has many valuable key features. Some of the most useful ones include:

    • Secure Application Enablement (App-ID, User-ID, Content-ID)
    • Malware Detection and Prevention (threat prevention service, buffer overflows and port scans, anti-malware capabilities, command-and-control protection, and WildFire)
    • DNS Security (URL filtering, predict and block malicious domains, signature-based protection, extensible cloud-based architecture)
    • Panorama Security Management (including graphical views and analytics, manage rules and dynamic updates, customizable application command center (ACC), log collection mode, physical or virtual appliance)
    • Threat Intelligence (high-fidelity threat intelligence, priority alerts, automatic extraction and sharing of prevention indicators, native integration with Palo Alto Networks products)

    Palo Alto Networks NG Firewalls Benefits

    There are several benefits to implementing Palo Alto Networks NG Firewalls. Some of the biggest advantages the solution offers include:

    • Dedicated management interface for managing and initial configuration of the device
    • Regular threat signatures and updates
    • Import addresses and URL objects from the external server
    • Configure and manage with REST API integration
    • Great throughput and connection speed is fair even in high traffic load
    • Deep visibility into the network activity through Application and Command Control
    • Easy to manage and very user friendly

    Reviews from Real Users

    Below are some reviews and helpful feedback written by Palo Alto Networks NG Firewalls users.

    A Solutions Architect at a communications service provider says, “The product stability and level of security are second to none in the industry. We value the security of our client's infrastructure so these features are valuable to us. An example of a very valuable feature behind Palo Alto is the application-aware identifiers that help the firewall know what its users are trying to do. It can block specific activities instead of just blocking categories. For example, you can block an application, or all unknown applications.”

    PeerSpot user Gerry H., CyberSecurity Network Engineer at a university, mentions that the solution has a “Nice user interface, good support, is stable, and has extensive logging capabilities.” He also adds, “Wildfire has been a very good feature. This solution provides a unified platform that natively integrates all security capabilities, which is 100% important to us. This is a great feature.”

    Eric S., Network Analyst at a recreational facilities/services company, states, "With its single pane of glass, it makes monitoring and troubleshooting a bit more homogeneous. We are not looking at multiple platforms and monitoring management tools. It is more efficient from that perspective. It is more of a common monitoring and control system for multiple aspects of what used to be different systems. It provides efficiency and time savings."

    Sample Customers
    Pittsburgh Steelers, LUSH Cosmetics, NASDAQ, Verizon, Arizona State University, Levi Strauss & Co. Whitepaper and case studies here
    Triton Technical, McDonald's
    SkiStar AB, Ada County, Global IT Services PSF, Southern Cross Hospitals, Verge Health, University of Portsmouth, Austrian Airlines, The Heinz Endowments
    Top Industries
    REVIEWERS
    Comms Service Provider16%
    Computer Software Company9%
    Financial Services Firm8%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Educational Organization20%
    Computer Software Company15%
    Comms Service Provider8%
    Manufacturing Company5%
    REVIEWERS
    Computer Software Company15%
    Comms Service Provider12%
    Manufacturing Company12%
    Financial Services Firm12%
    VISITORS READING REVIEWS
    Computer Software Company22%
    Comms Service Provider13%
    Media Company7%
    Financial Services Firm6%
    REVIEWERS
    Comms Service Provider15%
    Financial Services Firm14%
    Computer Software Company13%
    Educational Organization9%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm8%
    Government7%
    Manufacturing Company7%
    Company Size
    REVIEWERS
    Small Business48%
    Midsize Enterprise22%
    Large Enterprise30%
    VISITORS READING REVIEWS
    Small Business27%
    Midsize Enterprise32%
    Large Enterprise41%
    REVIEWERS
    Small Business79%
    Midsize Enterprise17%
    Large Enterprise4%
    VISITORS READING REVIEWS
    Small Business38%
    Midsize Enterprise17%
    Large Enterprise45%
    REVIEWERS
    Small Business35%
    Midsize Enterprise27%
    Large Enterprise38%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise17%
    Large Enterprise58%
    Buyer's Guide
    KerioControl vs. Palo Alto Networks NG Firewalls
    January 2024
    Find out what your peers are saying about KerioControl vs. Palo Alto Networks NG Firewalls and other solutions. Updated: January 2024.
    757,198 professionals have used our research since 2012.

    KerioControl is ranked 28th in Firewalls with 9 reviews while Palo Alto Networks NG Firewalls is ranked 6th in Firewalls with 69 reviews. KerioControl is rated 8.0, while Palo Alto Networks NG Firewalls is rated 8.6. The top reviewer of KerioControl writes "Has good accounting and live monitoring features". On the other hand, the top reviewer of Palo Alto Networks NG Firewalls writes "Provides zero trust implementation, more visibility, and eliminated security holes". KerioControl is most compared with Netgate pfSense, OPNsense, Sophos XG, Sophos UTM and Cisco Secure Firewall, whereas Palo Alto Networks NG Firewalls is most compared with Check Point NGFW, Azure Firewall, Meraki MX, Sophos XG and Netgate pfSense. See our KerioControl vs. Palo Alto Networks NG Firewalls report.

    See our list of best Firewalls vendors.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.