We performed a comparison between Palo Alto Networks and pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: pfSense has an edge in this comparison as it is a free, open-source solution while Palo Alto Networks is considered expensive by its users.
"It's an easy solution to set up."
"Centralized monitoring, policy management, and virtualized appliances allow us to take control over our public and private infrastructure."
"The most valuable features are SD-WAN, application control, IPS control, and FortiSandbox."
"We use the filtering feature the most. It has filtering and inbuilt securities. We can create customized rules to define which users can access a particular type of site. We can create policies inside the firewall."
"It is easy to manage, and it doesn't need much knowledge from the team. It is a stable device, and there are many features that are included out of the box."
"The features that we have found most valuable are the SSL VPN and the User Portal."
"Fortinet FortiGate is scalable for our users. Right now, we have almost 70 users. We do not have any plan to increase our usage of FortiGate. For maintaining the firewall solution, one staff member is enough."
"We use the FortiGate Sandbox to detect zero-day vulnerabilities, such as anomalies or malware, that are unknown and have not yet been discovered."
"Its scalability is a strong point."
"I have found the firewall portion for the blocking most valuable."
"The initial setup was simple and fast."
"It's a good solution for end-users. It's pretty easy to work with."
"The main features of this solution are customization and ease to use."
"The performance and functionality are good."
"I like the connectivity to the open VPN. It's very smooth."
"The product’s documentation is good."
"Overall, it is a good solution. It is stable. We use URL filtering, which is useful for blocking undesired URLs."
"Palo Alto NGFW provides a unified platform that natively integrates all security capabilities, which is very useful. This prevents us from having to go to a lot of different systems, and in some cases, many different systems in many different regions, because we are a global company with 60 remote offices around the world in 30 different countries. Its centralized platform is really what we look for in all services, whether it be security or otherwise."
"It's quite nice. It's very user-friendly, powerful, and there are barely any bugs."
"We have found the SSL decryption within this solution to be great; you can enable this feature and have the ability to see more of what is happening across your network."
"The trackability is most valuable. When a port is open for a protocol, such as port 443 for HTTPS, it can look inside the traffic and identify or verify the applications that are using the port, which was previously not possible with traditional firewalls."
"They are regularly releasing new versions that include more integration with third-party services."
"Palo Alto NGFW’s unified platform has helped our customers eliminate security holes. With a unified platform, customers can deploy the NG Firewall both in the data center edge, inside the data center, and in the product/public cloud environments. They have the same user interfaces and platform, so they can be maintained by a single unified platform called Panorama. Customers can use Palo Alto Network NG Firewalls in all the places where they need to protect their environments. This helps to decrease security holes."
"It has the typical features of a next-generation firewall. It can do application control, antivirus, content filtering, etc."
"I feel that the reporting needs to be improved."
"The way everything is set up could be easier. Currently, people need a lot of experience and knowledge to administer it and to link it to devices."
"When we cluster the two Fortinet FortiGate boxes together we have some issues."
"It does not have key authentication for admin access."
"As far as wanting more scalability or things in the network diagram, it's going to cost you."
"There are a lot of bugs I have found in the solution and it is difficult to upgrade. These areas need improvement."
"With the addition of some features, it is possible that FortiGate can be used in all verticals."
"Maybe they could make some features more accessible, such as a way to translate directions between two networks that share the same subnets."
"There is more demand for UTMs than a simple firewall. pfSense should support real-time features for handling the latest viruses and threats. It should support real-time checks and real-time status of threats. Some other vendors, such as Fortinet, already offer this type of capability. Such capability will be good for bringing pfSense at the same level as other solutions."
"The integration should be improved."
"The GUI. There are TONS of plugins for pfSense, as such, if a user wants to add quite a bit of functionality, the GUI will feel a little congested."
"Their support could be better in terms of the response time."
"When I checked other packages, it seems they use different tools that are installed on the PSS for functionality. They rely on third-party tools, unlike Fortinet, for example, which has its own tools. In comparison, we also use third-party tools on pfSense. For example, we had a situation where we needed a tool to identify authorized users, and when I searched for a solution, I found a third-party tool. However, using such tools may come with additional costs."
"User interface is a little clumsy."
"It was difficult to configure our web printer through the solution. This process could be easier. Additionally, integration with SD-WAN solution."
"They can improve the dynamic of the input of IPs from outside."
"Palo Alto keeps coming out with antivirus and malware updates. When we have to integrate those updates we face some problems with the cloud platform, not the on-prem setup. The device works fine, but sometimes the sync doesn't happen on time."
"It is a complete product, but the SSL inspection feature requires some improvements. We need to deploy certificates at each end point to completely work out the UTM solutions. If you enable SSL encryption, it is a tedious process. It takes a lot of time to deploy the certificates to all endpoints. Without SSL inspection, UTM features will not work properly. So, we are forced to enable this SSL inspection feature."
"I would like them to improve their GUI interface, making it more user-friendly."
"The solution is very expensive. There are cheaper options on the market."
"The biggest thing that needs to be improved with them is their training. I took a training class for the 8.0 build, then I took it again for the 9.0 and 10 builds. They add new features every time that they do a new major release, but the training doesn't keep up. It is the same basic training that probably was with the 3.0 build, and they just change the screenshots. I would love to see them do some more work since they have all these bells and whistles, but we don't know how to use those features on a large scale."
"Its software updates can be improved. It sometimes becomes very slow with the software updates for different features. It should have an External Dynamic List of data. The malicious IP is not frequently getting updated in Palo Alto, and this should be done."
"I don't deal with it from a day-to-day perspective, but I can say that the evidence that I typically need is there, but sometimes, it's a task to actually get it and pull it out. They can make it easier to gather that evidence."
"The support could be improved. Palo Alto does not have a support team located in Bangladesh, and their support team operates from another location. Therefore, when we raise a ticket, it takes some time for them to respond, which can be problematic for us."
More Palo Alto Networks NG Firewalls Pricing and Cost Advice →
Netgate pfSense is ranked 1st in Firewalls with 128 reviews while Palo Alto Networks NG Firewalls is ranked 6th in Firewalls with 161 reviews. Netgate pfSense is rated 8.6, while Palo Alto Networks NG Firewalls is rated 8.6. The top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". On the other hand, the top reviewer of Palo Alto Networks NG Firewalls writes "We get reports back from WildFire on a minute-by-minute basis". Netgate pfSense is most compared with OPNsense, Sophos XG, Sophos UTM, KerioControl and Check Point NGFW, whereas Palo Alto Networks NG Firewalls is most compared with Check Point NGFW, Azure Firewall, Meraki MX, Sophos XG and Cisco Secure Firewall. See our Netgate pfSense vs. Palo Alto Networks NG Firewalls report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.