We performed a comparison between Palo Alto Networks and pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: pfSense has an edge in this comparison as it is a free, open-source solution while Palo Alto Networks is considered expensive by its users.
"Fortinet has a very good solution for Secure SD-WAN. One very good feature is that they have robust and simple FortiOS through which they provide all solutions. That's their strength. There's not much complexity involved with the Secure SD-WAN solution of Fortinet as compared to Cisco's solution, which has a lot of flexibility but complexity also comes with that flexibility."
"The stability and scalability of this solution are satisfactory. Its SD-WAN, VPN, and URL filtering features are very useful."
"I like Fortinet's cloud management. It allows me to manage all my devices in different branches for three cloud accounts. Even though I use on-prem devices, I can manage everything on the cloud."
"Security solution with a straightforward and quick setup. It's a stable and scalable product."
"FortiGate has a very strong unified threat management system."
"The UTM feature is quite good. FortiAP is easy to deploy because both Fortigate and FortiAP are under the same brand. Otherwise, you need to do more work on the configuration."
"Overall security features and performance routing is good."
"The scalability is good in Fortinet FortiGate."
"The classic features such as content inspection, content protection, and the application-level firewall, are the most important."
"The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is. Did you forget a printer port? Most attacks at the moment are happening through printers, and they can tell you immediately that you forgot to close the port of the printer. There are more than one million printers that are in danger, and everybody knows that hackers are using them to enter the network. So, you can download plugins to protect your network."
"It is much simpler than other solutions such as Fortinet."
"What I like about pfSense is that it works well and runs on an inexpensive appliance."
"The initial setup is not complex."
"It is very easy to use. The interface is quite understandable. There is a good community, and I can take over at any time I want. If there is anything wrong with it, I could just reinstall the whole thing and start all over again, and I'll be up again in less than a few minutes"
"The GUI is easy to understand."
"Technical support is perfect, excellent."
"It is critical that Palo Alto Networks NG Firewalls embeds machine learning in the core of the firewall to provide inline, real-time attack prevention. In my environments, we have an integration with a third-party vendor. As soon as there is new information about new threats and the destination that they are trying to reach on any of our network devices, that traffic will be stopped."
"Palo Alto offers better Layer 7 protection than competing solutions by Cisco and Fortinet. I also like the VPN client more. The interface is simple, so administrators can deploy and configure it much faster than other firewalls"
"The first time I came across these firewalls, what surprised me the most was their web user interface. It is complete and gives you a lot of information. You can do 80% of the things related to your network and firewall through the web UI. In some of the other devices, the UI is not as complete. App-ID is also very valuable in customer networks. When you're seeing a lot of traffic in your network, you can see in your web UI which users have the applications that are consuming the most bandwidth. You have a broad context, which is very good."
"One of the key features for us is product stability. We are a bank, so we require 24/7 service."
"I like the navigation of the general Panorama solution. I can easily navigate around and get to the thing I need. I'm not wasting time trying to find something."
"Palo Alto Networks NG Firewalls' IPS is more complete and is very good. This is a user-friendly solution that is easy to install, and it provides the best protection."
"The most important thing is that it's really user-friendly. I have almost stopped using the CLI because I like the graphical interface. You can do whatever you want on a single screen, including all the configuration and implementation, using Panorama. You don't have to switch from one place to another."
"A feature introduced by Palo Alto with the version 10-OS is embedded machine learning in the core of the firewall to provide inline, real-time attack prevention. Machine learning analyzes the network traffic and detects if there is any usual traffic coming from outside to inside. Because of Palo Alto, organizations detect around 91% of malicious attacks using machine learning. The machine learning helps customers by implementing firewalls in critical and air gap areas so there is no need to integrate with the cloud sandbox."
"Fortinet Fortigate could benefit by simplifying some of their processes."
"Fortinet FortiGate could improve by having more storage in the hardware for log data."
"The feature which gives us a lot of pain is ASIC architecture."
"The cloud management and automation capability could be improved."
"Its filtering is sometimes too precise or strict. We sometimes have to bypass and authorize some of the sites, but they get blocked. We know that they are trusted sites, but they are blocked, and we don't know why."
"Fortinet FortiGate can improve by integrating the web application firewall and the DDoS protection part of the solution. Having a WAF feature, web application firewall, and proxy together would be a good benefit."
"Bandwidth usage in reporting could be improved for Fortinet FortiGate."
"We'd like more management across other integrations."
"Ultimately, we'd like something stronger, and something that can handle threats better in real-time."
"ClamAV AntiVirus can cause some crashes. That service should be improved."
"It would be great to add more to security."
"The integration could be improved."
"The solution’s interface must be improved."
"pfSense could improve by having a sandboxing feature that I have seen in SonicWall. However, maybe it is available I am not aware of it."
"The solution could improve by having centralized management and API support online."
"The integration should be improved."
"The only problem that I see with the Palo Alto NGFW being an all-in-one appliance is that because of the different features that are being put into a single appliance, the OS tends to be beefier. Over the eight years, we have seen that the number of features or analyses being put into the appliance itself has a tendency to slow down the appliance, especially at the time of bootup. So, any time we are doing maintenance work, the time required for the appliance to boot up and be fully functional again is significantly longer than eight years ago. They could find a way to make this all-in-one appliance faster."
"If you enable SSL you will face a problem. The throughput of the firewall will be degraded. SSL is a big issue on all firewalls. All products suffer from issues with SSL, but Palo Alto firewalls suffer more from it."
"There is room for improvement in the area of customer service."
"The biggest thing that needs to be improved with them is their training. I took a training class for the 8.0 build, then I took it again for the 9.0 and 10 builds. They add new features every time that they do a new major release, but the training doesn't keep up. It is the same basic training that probably was with the 3.0 build, and they just change the screenshots. I would love to see them do some more work since they have all these bells and whistles, but we don't know how to use those features on a large scale."
"In the last three years at least, they have been lagging behind their competitors. The main issue is the support that we can get... You have to wait for them to get back to you and sometimes it's random. And the biggest problem I have is that you have to wait hours on the line when you're calling them to get a hold of the next available engineer."
"I believe it would be beneficial if the solution could integrate with Google Chrome, especially for students who use Chromebooks. However, as far as I know, the solution currently does not support Google Chrome."
"The solution's VPN, called GlobalProtect, could be improved as I've had a few issues with that."
"The bugs can be improved."
More Palo Alto Networks NG Firewalls Pricing and Cost Advice →
Netgate pfSense is ranked 2nd in Firewalls with 22 reviews while Palo Alto Networks NG Firewalls is ranked 6th in Firewalls with 79 reviews. Netgate pfSense is rated 8.6, while Palo Alto Networks NG Firewalls is rated 8.8. The top reviewer of Netgate pfSense writes "Feature-rich, well documented, and there is good support available online". On the other hand, the top reviewer of Palo Alto Networks NG Firewalls writes "Provides zero trust implementation, more visibility, and eliminated security holes". Netgate pfSense is most compared with OPNsense, Sophos XG, Untangle NG Firewall, Sophos UTM and Check Point NGFW, whereas Palo Alto Networks NG Firewalls is most compared with Azure Firewall, Check Point NGFW, Meraki MX, Sophos XG and Cisco Secure Firewall. See our Netgate pfSense vs. Palo Alto Networks NG Firewalls report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.