Try our new research platform with insights from 80,000+ expert users

Palo Alto Networks NG Firewalls vs WatchGuard XTM [EOL] comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 19, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Average Rating
8.4
Reviews Sentiment
6.9
Number of Reviews
580
Ranking in other categories
Secure Web Gateways (SWG) (2nd), Firewalls (1st), Intrusion Detection and Prevention Software (IDPS) (1st), Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st), ZTNA (1st), Unified Threat Management (UTM) (1st)
Palo Alto Networks NG Firew...
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
196
Ranking in other categories
Firewalls (6th)
WatchGuard XTM [EOL]
Average Rating
8.0
Number of Reviews
34
Ranking in other categories
No ranking in other categories
 

Featured Reviews

Vasu Gala - PeerSpot reviewer
Manager, Information Technology Operation/Presales at TechMonarch
A stable solution with an intuitive interface and quick customer service
I have been working with Fortinet FortiGate, WatchGuard, Sophos, and SonicWall. I'm not as comfortable with SonicWall because of their UI and limitations. I prefer Fortinet above all other options. When it comes to configuration, I am confident in my ability to handle various tasks, including creating policies such as firewall rules, web policies, and application policies. Additionally, I can configure VPNs and implement load balancing, among other tasks. Overall, I feel much more comfortable working with Fortinet. Fortinet has made significant improvements by integrating AI with firewalls for threat analysis and prevention. In the past 2-3 years, they have launched FortiSASE and SIEM, and they also provide SOC services. Both Palo Alto and Fortinet FortiGate are excellent. While Fortinet FortiGate comes at higher prices, the functionality and support justify the cost. They promptly resolve firmware issues and inform all support providers about configuration changes.
VR
Director IT Infrastructure and Operations at a analyst firm with 51-200 employees
Cost-effective with operational and maintenance ease
Understanding the flow and application of securities can be complex, requiring navigation across different sections. Further integration into a unified system could improve usability. It is a bit complex to understand the flows and how the securities are applied to each of those flows. It was a little bit challenging because we had to go to two different sections to figure that out. It would be helpful if it is all unified so that we can see the way the firewall connections and security are set up and the applications that are using those connections. It could be structured differently so that it is more understandable. It has been a while, but it was a bit of a complex way. We had to hop from one area to the other and go back and forth to figure out how a specific connection and application was set up.
Generalm4545 - PeerSpot reviewer
General Manager- IT & Automation - Serum at a pharma/biotech company with 1,001-5,000 employees
Protects from attack software and hacking but it doesn't provide the reports in a readable format
In my opinion, image clarity is very important, because I don't get the proper image product on reports. This means that functionality is not there. My engineer does not know how he can replace an order. We attach a log after any kind of keys using a utility instead. For the internet policies that we are implementing, the policy should be based on proper protocols. We use the default policies and there are a number of third-party protocols that appear here. Management with WatchGuard XTM means that out of policy is the problem from our side. In this way, we can not do effective services for people with this one. The policy definition with WatchGuard XTM is not proper for all use case requirements. I've got weekly business reports that I am expecting attachments with from WatchGuard XTM that display data for all kinds of consideration which should be required. Main User Functionality Level Order must adhere to using the admin functionality on the registry, or else our users publish their own name. Maybe these recommendations are irrelevant, but I say that the issue to improve most with WatchGuard XTM is the Main User Function.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution is user-friendly and easy to operate."
"The ease of use, concise reports, and threat identification are very user-friendly and valuable."
"There are great templates, so you don't have to customize them if you don't want to. You do have the option to custom create some folders and some reports, however, with what is there, you don't really need to go through extra effort, as they already give you a lot of predefined views of reports and so forth."
"The next-generation firewall is great."
"FortiGate is a great solution, although initially, it faced challenges in the Brazilian market due to lower brand recognition than Cisco. However, explaining and demonstrating its product format and offerings has proven easy. The cost-effectiveness and better features of FortiGate have made some clients skeptical. We set up a trial period, and they eventually opted for it. Many clients were convinced it was great after experiencing the solution's capabilities firsthand."
"The multi-tenancy feature is most valuable. It integrates very well with FortiManager and FortiAnalyzer."
"Initial setup is easy to configure."
"It's very similar to a Cisco firewall, yet less expensive."
"The user experience is good and the configuration is very easy."
"The solution is scalable"
"The solution is user-friendly. It's secure and easy to understand your network visibility, control the network, and prevent attacks."
"Palo Alto Networks NG Firewalls are highly valued for their performance and parallel processing architecture."
"I like that Palo Alto does a good job of keeping the firewall updated with the latest threat signatures."
"We standardized on the product and got rid of several other types of firewalls from different vendors."
"We have found the application control to be the most valuable feature. Also, Layer 7, because all other products are working up to the maximum capacity. But Palo Alto is benefiting us, especially in application control management. We are able to differentiate between Oracle traffic and SQL traffic."
"I like that they are more stable than the previous ones, and they allow a lot of other features."
"SNMP status monitoring and the Central Management Software."
"They have a reporting system which can store data over a very long period of time. Not many other firewall vendors provide a reporting system, but if they do, like Fortinet does, then you've got buy that as an additional product and that can be more than twice as expensive as the initial investment in the firewall. And without reporting over a long-term period, you're just about wasting your time."
"There is a site-to-site VPN configuration between others people."
"​Monitoring of network activity is included in the box.​"
"It is stable and does not require you to reboot all the time.​"
"Application Control is fantastic with over 2,500 applications and the granularity that we can either allow people to view but not be able to log on to Facebook; or view it and log onto it if they're in the marketing department, but not play Facebook games. There are all sorts of different options like that. So it's highly granular."
"Reputation Enabled Defense indicates that some websites are so infested that it's not even worth visiting them, and therefore saving the bandwidth of going through the detection process."
"After installing the product, we achieved awareness of our data protection needs and email misuse."
 

Cons

"There are problems with the custom reporting of the unique traffic. The data is there, but it is too difficult for us to extract."
"The issue with Fortinet FortiGate is the many security CVEs around; I have read there are probably multiple critical CVEs above 9.0 in Fortinet FortiGate products."
"The inability to change passwords when using FortiGate firewall and relying on a local FortiGate database for account creation can be problematic, particularly in non-Active Directory setups."
"The customization is a little bit difficult."
"In FortiGate Next Generation Firewall (NGFW), my concern regarding improvements is the licensing model."
"Whitelisting could be better."
"The product’s price is high."
"The performance could be a bit better. Right now, I find it to be lacking. Having good performance is very important for our work."
"I would like to see better third-party orchestration so that it is easier for the team to work with different products."
"From a documentation standpoint, there is room for improvement. Even Palo Alto says that their documentation is terrible."
"The pricing could be improved upon."
"The customer-facing side needs to be improved in terms of the engagement and involvement of support staff."
"The solution could be more cost-effective."
"The initial configuration is complicated to set up."
"In the future, I would like to see more OTP features."
"They could improve their support and pricing and maybe integration. It's a little more expensive that Check Point but the quality is better. Integration with firewall endpoints could be better. Palo Alto does have very good malware or antivirus protection. I think they could improve on that front."
"WatchGuard doesn't have a product that allows them to get into the data center. And that's just because there is no hardware to do the job. The software could do it, but there's no hardware that allows that to happen at the moment. So it doesn't scale as well as some other products, that's for sure."
"I would like them to improve the product's overall protections. This would be good for all product users."
"The initial setup is neither simple nor complex. If you know the base in networking and how the firewall works, you will be able to figure it out.​"
"Syslog (Dimension) is focused on presentation, but needs more focus on utility like SonicWall syslog (GMS/Analyzer)."
"The VPN errors are not helpful when troubleshooting."
"The setting policies need improvement. It needs an easier way to do static NAT and check on what policy is being used for that specific traffic."
"Sometimes we have had issues with stability of the product."
"One huge issue with WatchGuard XTM is that I'm not getting reports in a readable format. Readable means, I don't want Excel online. We repeat auditing when we trigger the report or setup calendar. That functionality is what we are looking for from WatchGuard XTM here."
 

Pricing and Cost Advice

"The solution is cheap."
"If we have an older version, the support costs get quite high."
"It is around $50,000 per month."
"Fortinet is the least expensive solution."
"Easy to understand licensing requirements."
"Licensing is usually on a three-year period."
"The price for the device and software is high. However, the solution is of good quality and has a lot of features."
"It is affordable. Palo Alto is much more expensive than Fortinet."
"It can be quite expensive, but there's a good incentive for the three-year contracts. The part that is especially confusing is for the virtual environment. The credits or the licensing system can be very confusing."
"Palo Alto can be priced higher than some less capable firewalls. However, they are exceptional when you consider the completeness of the solution and its ability to handle threats. Palo Alto is better than other solutions, which justifies a slightly higher price point. You have other tools that are easier to deploy, reducing your total cost of ownership. The newer models are faster, making the pricing more attractive."
"Active/Passive mode is very redundant, but they require you to buy all the associated licensing for both firewalls, which is kind of a waste of money because you are really only using the services on one firewall at a time."
"We pay for the licensing annually and the price could be cheaper."
"I would assume that it's still within mid-range given its company structure and everything else. My guess is it's still okay."
"Palo Alto Networks NG Firewalls are affordable, and we get what we pay for."
"In terms of price, the user finds it expensive, rating it around nine."
"I am not involved in the commercial side, but I believe that Palo Alto is quite expensive compared to others."
"Get at least a maintenance contract for the updates and take a larger WatchGuard than you need. A WatchGuard creates new ways to secure your network."
"It costs less than the SO works and others (like SonicWall, Cisco, and Barracuda) without increasing so much CPU use."
"Like all other manufacturers, there are a lot of features and different pricing. The best is to talk to a representative.​"
"The licensing and renewal is very expensive."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
879,310 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Comms Service Provider
9%
Manufacturing Company
8%
Financial Services Firm
6%
Computer Software Company
12%
Financial Services Firm
9%
Manufacturing Company
8%
Educational Organization
6%
No data available
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business357
Midsize Enterprise132
Large Enterprise188
By reviewers
Company SizeCount
Small Business74
Midsize Enterprise56
Large Enterprise84
By reviewers
Company SizeCount
Small Business24
Midsize Enterprise7
Large Enterprise3
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
What is a better choice, Azure Firewall or Palo Alto Networks NG Firewalls?
Azure Firewall Vs. Palo Alto Network NG Firewalls Both solutions provide stellar stability and security. Azure Firew...
Features comparison between Palo Alto and Fortinet firewalls
In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it...
Which is better - Palo Alto Networks NG Firewalls or Sophos XG?
Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat si...
Ask a question
Earn 20 points
 

Also Known As

Fortinet FortiGate Next-Generation Firewall
Palo Alto NGFW, Palo Alto Networks Next-Generation Firewall
No data available
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
SkiStar AB, Ada County, Global IT Services PSF, Southern Cross Hospitals, Verge Health, University of Portsmouth, Austrian Airlines, The Heinz Endowments
AVG, Cyren, Kaspersky Lab, Lastline, NCP engineering, Trend Micro, Websense
Find out what your peers are saying about Fortinet, Netgate, OPNsense and others in Firewalls. Updated: December 2025.
879,310 professionals have used our research since 2012.