Palo Alto Networks NG Firewalls vs WatchGuard XTM [EOL] comparison

Palo Alto Networks and WatchGuard are both solutions in the Firewalls category. Additionally, 96% of Palo Alto Networks users are willing to recommend the solution, compared to 90% of WatchGuard users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Apr 6, 2025

WatchGuard XTM EOL and Palo Alto Networks NG Firewalls are two competing products in the network security sector. Based on extensive analysis, Palo Alto Networks NG Firewalls offer more comprehensive features, positioning it as a more robust solution despite WatchGuard XTM EOL's attractive pricing and support advantages.

Features: WatchGuard XTM EOL provides useful features such as content filtering, VPN capabilities, and straightforward device management. In contrast, Palo Alto Networks NG Firewalls offers advanced threat detection, application control, and machine learning capabilities for real-time attack prevention.

Room for Improvement: WatchGuard XTM EOL could enhance its integration capabilities, scalability, and advanced reporting features. On the other hand, Palo Alto Networks NG Firewalls may benefit from further simplifying its complex deployment process, improving its user interface, and offering better integration with third-party solutions.

Ease of Deployment and Customer Service: WatchGuard XTM EOL is known for its ease of setup and quick customer support responses, making it user-friendly for those without dedicated IT teams. Meanwhile, despite a more intricate setup, Palo Alto Networks NG Firewalls provide thorough online resources and community support to facilitate troubleshooting.

Pricing and ROI: WatchGuard XTM EOL is a cost-effective option for organizations with limited budgets, providing notable ROI through lower initial expenses. Although Palo Alto Networks NG Firewalls come at a higher cost, their extensive security features deliver significant returns on investment, deemed worthwhile for those prioritizing enhanced protection.

To learn more, read our detailed Firewalls Report (Updated: May 2025).

Buyer's Guide

Firewalls

May 2025

Download the complete report

Helped 856,873 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortinet FortiGate

Featured Reviews

Jorge Martínez

Presales Engineer at Sencinet

Offers good SD-WAN capabilities and integrates easily with Fortinet devices

I am not part of the initial setup or deployment process since I work in presales. The setup or deployment is quite easy, as you can do a one-touch deployment that automatically connects to the FortiManager cloud when you connect it to a broadband or dynamic IP, allowing you to start the configuration from that point. We usually sell it for on-premises setups. It's on the cloud only when the client has virtual machines or their own service. Sometimes they have a service on the cloud like AWS, but it's more difficult to sell now because AWS has an e-commerce option where you can buy FortiGate directly. The only thing you need is someone to manage and configure.

Read full review

AmjadKhan1

Head of data centers at a non-profit with 10,001+ employees

Provides inline protection with a unified view and anti-spyware capabilities

I would rate Palo Alto Networks NG Firewalls ten out of ten because it is the best. Our disaster recovery site utilizes Palo Alto Networks Next-Generation Firewalls. We are also in the process of upgrading the firewalls at our 365 sites in Pakistan to Palo Alto Networks firewalls. While budget firewalls may advertise comparable features, they often fall short of effectively detecting viruses, threats, and ransomware. In contrast, Palo Alto Networks NG Firewalls, combined with Cortex XDR, provide comprehensive threat intelligence and detection capabilities, ensuring superior security coverage. I recommend conducting a proof of concept before selecting a firewall. This will allow you to evaluate different options and determine which best suits your needs. While Palo Alto offers robust firewall solutions, it's essential to compare them with other vendors to ensure you make an informed decision.

Read full review

Generalm4545

General Manager- IT & Automation - Serum at a pharma/biotech company with 1,001-5,000 employees

Protects from attack software and hacking but it doesn't provide the reports in a readable format

In my opinion, image clarity is very important, because I don't get the proper image product on reports. This means that functionality is not there. My engineer does not know how he can replace an order. We attach a log after any kind of keys using a utility instead. For the internet policies that we are implementing, the policy should be based on proper protocols. We use the default policies and there are a number of third-party protocols that appear here. Management with WatchGuard XTM means that out of policy is the problem from our side. In this way, we can not do effective services for people with this one. The policy definition with WatchGuard XTM is not proper for all use case requirements. I've got weekly business reports that I am expecting attachments with from WatchGuard XTM that display data for all kinds of consideration which should be required. Main User Functionality Level Order must adhere to using the admin functionality on the registry, or else our users publish their own name. Maybe these recommendations are irrelevant, but I say that the issue to improve most with WatchGuard XTM is the Main User Function.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most valuable features of Fortinet FortiGate are remote access, web filtering, and IPS."

"One of the valuable features is a standardized OS."

"It's a firewall that secures our internal network. I have been using it since 2013, and I find that most of the features are advanced, and very user friendly."

"The most valuable feature is the VDOM, which allows the customer to have multiple firewalls in a single campus."

"This is a quality product with ok support, and it is better than the competition we've tried."

"It is easy to use and update the software version. It is also useful for integration with other Fortinet products, because my office and company use Fortinet solutions."

"The solution can scale well."

"The VPN is the most valuable feature."

More Fortinet FortiGate pros

"The most valuable features of this solution are all of the services it provides."

"Palo Alto NGFW’s unified platform has helped our customers eliminate security holes. With a unified platform, customers can deploy the NG Firewall both in the data center edge, inside the data center, and in the product/public cloud environments. They have the same user interfaces and platform, so they can be maintained by a single unified platform called Panorama. Customers can use Palo Alto Network NG Firewalls in all the places where they need to protect their environments. This helps to decrease security holes."

"We have found the DPI ability to understand web applications and build access rules on web application categories first to be a great feature."

"The Palo Alto Networks NG Firewalls excel in their integration capabilities."

"The most valuable aspect of Palo Alto Networks NG Firewalls is the performance."

"The application awareness feature that recognizes application IDs and vulnerability protection are Palo Alto Networks NG Firewalls' most valuable features."

"We standardized on the product and got rid of several other types of firewalls from different vendors."

"The solution is very stable and reliable."

More Palo Alto Networks NG Firewalls pros

"Monitoring of network activity is included in the box."

"It is stable and does not require you to reboot all the time."

"Reputation Enabled Defense indicates that some websites are so infested that it's not even worth visiting them, and therefore saving the bandwidth of going through the detection process."

"We have used technical support for WatchGuard many times and overall, we are satisfied with it. They are always listening and there is a good reaction time to our findings. When there are issues, they really try to resolve them."

"Application Control is fantastic with over 2,500 applications and the granularity that we can either allow people to view but not be able to log on to Facebook; or view it and log onto it if they're in the marketing department, but not play Facebook games. There are all sorts of different options like that. So it's highly granular."

"I like the hostwatch because I can see what traffic uses the most bandwidth and I can block that site."

"WatchGuard XTM is fairly basic. We use it as the perimeter firewall. The main point is to protect from attack software and hacking."

"It configures in all-in-one place."

More WatchGuard XTM [EOL] pros

Cons

"A sandbox would be good in order to be able to inspect the emails containing spam and be able to validate the emails that contain malware, prior to delivering to the customer."

"The AI with Fortinet FortiGate is not very well integrated on their devices, and their cloud infrastructure is not as good as Cisco's."

"There are too many updates coming for VPN, and the VPN keeps disconnecting frequently, which I find problematic. It does what it's supposed to do, but I practically face reconnection issues with the VPN."

"Performance and technical support are the main issues with this solution."

"They need faster serviceability and more security features."

"The feedback that I have received is that the performance could be better, and the user experience is not as good compared to a previous solution we used. It could be more user-friendly. Of course, it still works fine for our operations."

"The solution lacks multi-language support."

"Fortinet FortiGate could improve by having a frequent ask questions(FAQ) area for people to receive quick answers to popular questions. Additionally, it would be beneficial to have an SMS notification feature. For example, if you cannot access your email you could receive an SMS message."

More Fortinet FortiGate cons

"Palo Alto could improve its machine-learning capabilities. That's all new. They integrate the telemetry data and analytics up to the cloud, where they can analyze for security policies and best practices like DNS Security. It uses AI tools to sort through all the massive logs and highlight where you can take action or be aware of what's happening. If you don't have many tools in your organization, it's nice to have one tool that does an excellent job across the board."

"When the primary Palo Alto Networks firewall fails over to the secondary, it requires manual intervention to bounce the IPsec for it to work properly. Unlike BGP peering, which automatically changes from idle to established, this process needs automation."

"There is a bit of limitation with its next-generation capabilities. They could be better. In terms of logs, I feel like I am a bit limited as an administrator. While I see a lot of logs, and that is good, it could be better."

"The solution has normal authentication, but does not have two-factor or multi-factor authentication. There is room for development there."

"In my opinion, the training provided is satisfactory, but there is certainly room for improvement. It would be great to have more comprehensive training at a lower cost, or even for free."

"Palo Alto could do better with integrating the Palo Alto Next-Gen Firewall with SD-WAN. The biggest issue with Palo Alto is that they are expensive. They are very expensive for what they offer. They should improve their pricing."

"The user interface is probably not as slick as it could be."

"It is a complete product, but the SSL inspection feature requires some improvements. We need to deploy certificates at each end point to completely work out the UTM solutions. If you enable SSL encryption, it is a tedious process. It takes a lot of time to deploy the certificates to all endpoints. Without SSL inspection, UTM features will not work properly. So, we are forced to enable this SSL inspection feature."

More Palo Alto Networks NG Firewalls cons

"One huge issue with WatchGuard XTM is that I'm not getting reports in a readable format. Readable means, I don't want Excel online. We repeat auditing when we trigger the report or setup calendar. That functionality is what we are looking for from WatchGuard XTM here."

"Sometimes we have had issues with stability of the product."

"Syslog (Dimension) is focused on presentation, but needs more focus on utility like SonicWall syslog (GMS/Analyzer)."

"I would like them to improve the product's overall protections. This would be good for all product users."

"The VPN errors are not helpful when troubleshooting."

"The setting policies need improvement. It needs an easier way to do static NAT and check on what policy is being used for that specific traffic."

"WatchGuard doesn't have a product that allows them to get into the data center. And that's just because there is no hardware to do the job. The software could do it, but there's no hardware that allows that to happen at the moment. So it doesn't scale as well as some other products, that's for sure."

"The initial setup is neither simple nor complex. If you know the base in networking and how the firewall works, you will be able to figure it out."

Pricing and Cost Advice

"There is a subscription-based model to use Fortinet FortiGate. We pay annually for the solution along with the support. If you want to have all the updates, and security patches you will need to renew your support."

"Fortigate's pricing is competitive."

"The price is fair for what we get with FortiGate."

"Pricing and licensing is a little bit complicated in FortiGate. They are always on the higher side. This is one issue that we always raise with the company that they should reduce the price according to Indian market requirements. There are no costs in addition to the standard licensing fees."

"The price of the license and warranty can be better because it is very expensive."

"When you look at these end security systems and firewalls, these firewalls even five years ago were $50,000 or perhaps $25,000 to implement in some types of customer sites. Now we're talking about tools that are $1,000. In this case, it might have been $500 or something like that."

"FortiGate's pricing falls within the mid-range when compared to other leading firewall solutions."

"The license for Fortinet FortiGate is affordable in my country."

More Fortinet FortiGate pricing and cost advice

"I am not from presales or sales, but as a brand, Palo Alto is more expensive than other firewalls."

"The solution is worth the price, as it can be utilized without the need for high-processing CPUs and resources, thus saving us overall."

"The licensing is annual, and there aren't any additional fees on top of that."

"This solution is quite expensive."

"Palo Alto Networks offers more cost efficiency compared to Cisco, with better operational and maintenance ease."

"It's an expensive product."

"The NG firewall is an expensive solution."

"Definitely look into a multi-year license, as opposed to a single-year. That will definitely be more beneficial in terms of cost... Palo Alto is definitely not the cheapest, but if you scale it the right way it will be very comparable to what's out there."

More Palo Alto Networks NG Firewalls pricing and cost advice

"The licensing and renewal is very expensive."

"Like all other manufacturers, there are a lot of features and different pricing. The best is to talk to a representative."

"It costs less than the SO works and others (like SonicWall, Cisco, and Barracuda) without increasing so much CPU use."

"Get at least a maintenance contract for the updates and take a larger WatchGuard than you need. A WatchGuard creates new ways to secure your network."

See which vendors are best for you

Use our free recommendation engine to learn which Firewalls solutions are best for your needs.

See recommendations

856,873 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

15%

Computer Software Company

15%

Comms Service Provider

Manufacturing Company

Computer Software Company

14%

Financial Services Firm

Manufacturing Company

Government

No data available

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

When you compare these firewalls you can identify them with different features, advantages, practices and usage a...

See all answers

What is the biggest difference between Sophos XG and FortiGate?

From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...

See all answers

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?

As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...

See all answers

What is a better choice, Azure Firewall or Palo Alto Networks NG Firewalls?

Azure Firewall Vs. Palo Alto Network NG Firewalls Both solutions provide stellar stability and security. Azure Firew...

See all answers

Features comparison between Palo Alto and Fortinet firewalls

In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it...

See all answers

Which is better - Palo Alto Networks NG Firewalls or Sophos XG?

Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat si...

See all answers

Ask a question

Earn 20 points

Comparisons

Sophos XG vs Fortinet FortiGate

Compared 20% of the time

Netgate pfSense vs Fortinet FortiGate

Compared 12% of the time

Cisco Secure Firewall vs Fortinet FortiGate

Compared 11% of the time

SonicWall TZ vs Fortinet FortiGate

Compared 5% of the time

Fortinet FortiGate-VM vs Fortinet FortiGate

Compared 2% of the time

More Fortinet FortiGate Competitors

Azure Firewall vs Palo Alto Networks NG Firewalls

Compared 11% of the time

Cisco Secure Firewall vs Palo Alto Networks NG Firewalls

Compared 10% of the time

Sophos XG vs Palo Alto Networks NG Firewalls

Compared 10% of the time

Check Point NGFW vs Palo Alto Networks NG Firewalls

Compared 10% of the time

Meraki MX vs Palo Alto Networks NG Firewalls

Compared 9% of the time

More Palo Alto Networks NG Firewalls Competitors

No data available

Product Reports

Buyer's Guide

Fortinet FortiGate

June 2025

Download Fortinet FortiGate product report

Buyer's Guide

Palo Alto Networks NG Firewalls

May 2025

Download Palo Alto Networks NG Firewalls product report

Buyer's Guide

WatchGuard XTM [EOL]

May 2025

Download WatchGuard XTM [EOL] product report

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall

Palo Alto NGFW, Palo Alto Networks Next-Generation Firewall

No data available

Overview

Fortinet FortiGate offers comprehensive network security and firewall protection across multiple locations. It effectively manages data traffic and secures environments with features like VPN, intrusion prevention, and UTM controls.

Organizations rely on Fortinet FortiGate for its robust integration with advanced security policies, ensuring significant protection for enterprises, cloud environments, and educational sectors. It facilitates network segmentation, application-level security, and authentication management, securing communication within and between locations such as branches and data centers. Its efficient SD-WAN and UTM features enable streamlined data management and enhanced threat protection capabilities. Users appreciate its centralized management, facilitating seamless operations across diverse environments.

What are the key features of Fortinet FortiGate?

VPN Capabilities: Ensure secure remote access for users and seamless site-to-site connections.
Intrusion Prevention System (IPS): Detect and prevent security threats and vulnerabilities.
Advanced Firewall: Offers robust firewalling with application control and web filtering.
SD-WAN: Optimizes application performance and enhances bandwidth management.
SSL VPN: Provides reliable and secure access for remote workers.

What benefits should users expect from Fortinet FortiGate?

High-performance Security: Delivers effective threat mitigation with high availability.
Centralized Management: Simplifies network operations with cloud-based management tools.
Detailed Analytics: Provides comprehensive insights into network activity and security threats.
Load Balancing: Ensures optimal resource distribution and traffic management.

Fortinet FortiGate is crucial in sectors like education, offering robust networks for secure data flow between campuses and facilitating remote learning. In enterprise environments, it allows efficient management of application traffic and security across multiple branches, while in the cloud, it seamlessly integrates with diverse platforms to enhance security infrastructure.

Fortinet

Palo Alto Networks NG Firewalls offer comprehensive security, including application control, traffic shaping, threat prevention, and load balancing, designed to secure internal networks, perimeter protection, VPN services, and cloud environments.

Palo Alto Networks NG Firewalls are a key choice for managing and protecting data centers, securing remote access, network segmentation, malware prevention, and ensuring high availability and performance for business-critical applications. Known for stability and strong security, these firewalls use application-aware identifiers and IPS/IDS subscriptions to offer advanced threat protection. The unified platform facilitates seamless integration, while GlobalProtect and centralized management via Panorama enhance ease of use. However, there are areas for improvement, including pricing strategies, training, user support, and integration with third-party applications.

What are the essential features?

Stability: Reliable performance in different environments.
Application Control: Identifies applications to manage traffic.
Advanced Threat Protection: Includes DNS security, WildFire, and machine learning.
GlobalProtect: Secure remote access for users.
Centralized Management: Managed via the Panorama platform.

What benefits or ROI should users expect?

Security: Protects against threats with robust features.
User-Friendly: Simplified interface and easy configuration.
High Availability: Ensures performance for critical applications.
Integration: Seamless with existing systems and applications.
Support: Reliable technical support and resources.

In industries like finance, healthcare, and retail, Palo Alto Networks NG Firewalls secure sensitive data and meet regulatory requirements. These firewalls help manage large-scale networks in these sectors, providing essential security features and maintaining high-performance standards. They are implemented to ensure compliance, protect patient information, secure financial transactions, and safeguard customer data.

Palo Alto Networks

Small businesses need big security, too, and the WatchGuard XTM Series firewall/VPN appliances deliver that strong protection, but without the hefty price tag. Enterprise-grade security includes full HTTPS content inspection, VoIP support, and optional security subscriptions like Application Control and Intrusion Prevention Service.

WatchGuard

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya

SkiStar AB, Ada County, Global IT Services PSF, Southern Cross Hospitals, Verge Health, University of Portsmouth, Austrian Airlines, The Heinz Endowments

AVG, Cyren, Kaspersky Lab, Lastline, NCP engineering, Trend Micro, Websense

Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls. Updated: May 2025.

DOWNLOAD NOW

856,873 professionals have used our research since 2012.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.