Try our new research platform with insights from 80,000+ expert users

Palo Alto Networks VM-Series vs Sangfor NGAF comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 6, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
373
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Palo Alto Networks VM-Series
Ranking in Firewalls
13th
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
64
Ranking in other categories
Advanced Threat Protection (ATP) (9th)
Sangfor NGAF
Ranking in Firewalls
19th
Average Rating
8.0
Reviews Sentiment
6.5
Number of Reviews
34
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 21.2%, up from 17.7% compared to the previous year. The mindshare of Palo Alto Networks VM-Series is 0.9%, up from 0.7% compared to the previous year. The mindshare of Sangfor NGAF is 1.3%, up from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
 

Featured Reviews

Vasu Gala - PeerSpot reviewer
A stable solution with an intuitive interface and quick customer service
I have been working with Fortinet FortiGate, WatchGuard, Sophos, and SonicWall. I'm not as comfortable with SonicWall because of their UI and limitations. I prefer Fortinet above all other options. When it comes to configuration, I am confident in my ability to handle various tasks, including creating policies such as firewall rules, web policies, and application policies. Additionally, I can configure VPNs and implement load balancing, among other tasks. Overall, I feel much more comfortable working with Fortinet. Fortinet has made significant improvements by integrating AI with firewalls for threat analysis and prevention. In the past 2-3 years, they have launched FortiSASE and SIEM, and they also provide SOC services. Both Palo Alto and Fortinet FortiGate are excellent. While Fortinet FortiGate comes at higher prices, the functionality and support justify the cost. They promptly resolve firmware issues and inform all support providers about configuration changes.
RonnieYazdani - PeerSpot reviewer
User-friendly CLI and efficient dashboard streamline operations with robust security features
I find Palo Alto Networks VM-Series easy to deploy, and none of my customers have had significant complaints. My customers have high certifications provided by Palo Alto Networks. The friendly dashboard and the ability to easily command and use the CLI make Palo Alto Networks VM-Series a better product. It offers robust solutions, making it valuable to my customers.
Zaid Farooqui - PeerSpot reviewer
Enhanced threat detection with integrated security features and good support
We are using application firewalling, WAF, and SD-WAN. The capabilities are mostly within the box. For example, you will get web application firewall WAF as part and parcel of this. SD-WAN is also bundled. It integrates with their SIEM and SOAR solutions very nicely. Lastly, the pricing point is very cost-efficient as well.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It's safe and secures my network and applications in some sites."
"The notable features that I have found most valuable are that it includes the antivirus, and also IPS, and even SD-WAN."
"Fortinet has a very good solution for Secure SD-WAN. One very good feature is that they have robust and simple FortiOS through which they provide all solutions. That's their strength. There's not much complexity involved with the Secure SD-WAN solution of Fortinet as compared to Cisco's solution, which has a lot of flexibility but complexity also comes with that flexibility."
"Fortinet FortiGate is considered the best in the European market for security reasons."
"It's very easy to set up, it's very easy to make policies and, for an organization, that means you don't need IT expert in firewalls. You just need to have somebody who knows a little bit of IT, and that's it. With other products, you need someone with a "Masters" degree in firewalls."
"It is useful for protecting and segregating the internal networks from the internet. Most of our customers also use the FortiGate client to connect to their offices by using the VPN client, and of course, they usually activate the antivirus, deep inspection, and intrusion prevention services. They are also using it for web filtering and implementing various policies dealing with forwardings, NAT, etc."
"Fortinet FortiGate is among the best options in the market."
"The solution is stable."
"Palo Alto is easy to use. The UI is very easy to understand and does not require any certification or highly skilled technician to handle the firewall. It is very user-friendly and straightforward out of the box."
"The interface with Panorama makes it very easy to use."
"I like the UI. Most things are accessible from the user interface and it is quite user-friendly. With respect to both VM-based firewalls and physical firewalls, it's easy to create updates."
"Using Palo Alto Networks Panorama, we were able to deploy a single point of management and visualization of the firewall infrastructure in cloud, on-premise and integrated with Azure to automate scale up. Its security features, i.e. anti-malware, threat prevention, URL Filtering, VPN, and antivirus are the most valuable. The ID-User integrated with AD and 2FA features are also very useful to provide secure access to servers and some users in the company. "
"We now know a lot more detail about what our users are doing on the network."
"It has a good performance which helps you with the stability of your virtual environment."
"In terms of security breaches, the product aids in categorizing and monitoring traffic, allowing for the identification of potentially malicisous or incorrectly formatted applications."
"We can monitor the traffic manually and detect threats. Additionally, we can block different IP addresses and URLs."
"The price versus value is good because the solution is less expensive than Sophos, Fortinet, or SonicWall."
"The capabilities are mostly within the box."
"In four steps one can configure the entire firewall."
"It enables us to not only detect but also prevent various types of incoming threats, allowing us to take appropriate corrective actions and exercise control over the network."
"SSL VPN is the best feature."
"So far, the performance and reliability of the product have supported our company's critical network traffic."
"I think Sangfor NGAF is more valuable than Cisco products because of its simplicity and ease of management. If I compare it with Palo Alto and Cisco, both are quite complex products. And if I compare it with FortiGate firewalls from Fortinet, I have also used all these products. Fortinet and Sangfor NGAF are similar products because the applications behind the application and policy layers are almost identical."
"The most valuable feature of Sangfor NGAF is its integration."
 

Cons

"The web-cache feature which was previously on the FortiGate device, but was deleted with the recent upgrade should be returned. It was a very valuable feature for us."
"We haven't tapped into most of the functionalities that Fortinet FortiGate offers because we're using it just for gateway security. One of the things that I would prefer is a more expansive use of their analyzer. They could do more work on FortiAnalyzer in terms of the data and the information coming from it."
"The solution is very expensive."
"I would like to see improvements in the product's application rules."
"In an incident, after a restart, Fortinet FortiGate did not connect to FortiGuard servers. Due to that reason, on the customer end, all websites got blocked."
"I think there could be more QoS features"
"Some features of Fortinet FortiGate are actually fee enabled that are inconvenient for deploying in production. Other issues relate to isolation with Cisco products and your server."
"Fortigate's hardware capacities could be improved."
"We don't know how it will scale once we start putting more load on it."
"When managing the firewall, it involves a Strata Cloud web browser that requires improvement to enhance deployment ease and call center efficiency."
"Its web interface is a bit outdated, and it needs to be updated. They can also improve the NAT functionality. We have had issues with the NAT setup."
"There is a need for two-factor authentication, particularly for VPN and CloudProtect."
"It would be good if the common features work consistently in physical and virtual environments. There was an integration issue in the virtual deployment where it didn't report the interface counters, and we had to upgrade to the latest version, whereas the same thing has been working in the physical deployment for ages now. It seems that it was because of Azure. We were using VMware before, and we didn't have any such issues. We do see such small issues where we expect things to work, but they don't because of some incompatibilities. There also seems to be a limitation on how to do high availability in a virtualized environment. All features should be consistently available in physical and virtual environments. It is not always easy to integrate Palo Alto in the network management system. We would like to be able to compare two network management systems. They can maybe allow monitoring an interface through the GUI to create a reference or do a baseline check about whether your network monitoring system is actually giving you the correct traffic figures. You need traffic figures to be able to recognize the trends and plan the capacity."
"The current licensing model can be a sore point as we're paying for features we're not fully utilizing."
"The solution needs to improve its visibility. It's not straightforward to use. Understanding the policies, authorizations, and initializing features requires careful review. The product needs to offer proper training."
"The scalability could be improved further."
"An area for improvement would be the number of ports defined on the box. In the next release, I would like them to develop their provisioning stage of enrolling end devices."
"Scalability for any network device is not very easy in terms of vertical scalability."
"Sangfor NGAF could improve by refining its application control policies, especially in addressing challenges with certain types of applications."
"I would be happy if Sangfor developed a firewall designed specifically for home use, as well as for small businesses such as clinics and so on. A household version of the Sangfor firewall for your personal computer or laptop would be ideal, in my opinion."
"It has an issue with the Sangfor Cloud Platform rather than the firewall. When we run a virtual machine, the window tabs display Chinese characters."
"The cost of licensing is very high compared to other firewalls available here. There should be improvements in hardware scalability, allowing for more storage and memory capacity."
"The interface and user experience are horrible."
"They need to improve their research team and they need to study their data to analyze it and build the product."
 

Pricing and Cost Advice

"We find the most valuable aspect of this solution is the price. It is affordable, and cheaper than other firewalls."
"Its price is normal. If I compare it with other vendors, such as Palo Alto, it's normal. Palo Alto is expensive."
"The price of Fortinet FortiGate is reasonable."
"The price is really low. It's cheap in comparison to the cost of Cisco or CheckPoint, for example."
"I find it quite reasonable."
"For the price, I'd rate it a ten because it's very cost-effective."
"The price of Fortinet FortiGate is better than Cisco, Check Point, and Palo Alto. In terms of pricing, it's probably a better-priced firewall solution overall."
"Before choosing a piece of equipment you have to take into account the cost-benefit offered by each one. Sometimes it is not worth paying a very cheap price to have a minimum level of security."
"The pricing for Palo Alto is quite high compared to FortiGate, which is more affordable. I don't have the exact figures as my manager handles that, but from my research, Palo Alto's licensing costs are significantly higher."
"The product's most valuable feature is pricing."
"It is a little bit of crazy if you compare it to Vanguard, Sophos, or even Cisco. The newest version of Cisco, the Next-Generation Firewall of Cisco, is less expensive than Palo Alto. It is more comparable to Check Point."
"Sometimes, it's cheaper to buy a new firewall with licensing instead of renewing the licenses of an old firewall."
"It is not the cheapest on the market. The total cost for two firewall instances is $75,000. This includes licenses, deployment fees, and support for two years."
"Palo Alto Networks VM-Series is notably cheaper than other firewall vendors, except Fortigate."
"​The licensing is pretty much like everyone else."
"Palo Alto is more expensive than other products."
"If one is very cheap and ten is very expensive, I rate the tool's price as three out of ten."
"We purchased one year technical support and return to factory support, and we also purchased one-year technical support services. So those were additional."
"It is one of the cheapest tools in the market."
"When it comes to the price of firewall solutions, Sangfor NGAF takes the cake."
"Sangfor NGAF price is reasonable and there is an annual license. However, the maintenance cost can be a bit high."
"The pricing is reasonable."
"The solution has a TCO that is 32% to 50% less than Sophos, Fortinet, and SonicWall."
"For four to five physical appliances for a licensed firewall, it costs approximately $4,000."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
860,168 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Educational Organization
12%
Comms Service Provider
8%
Manufacturing Company
7%
Computer Software Company
16%
Financial Services Firm
14%
Manufacturing Company
9%
Government
6%
Computer Software Company
12%
Manufacturing Company
10%
Financial Services Firm
9%
University
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
Features comparison between Palo Alto and Fortinet firewalls
In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it...
How does Azure Firewall compare with Palo Alto Networks VM Series?
Both products are very stable and easily scalable. The setup of Azure Firewall is easy and very user-friendly and the...
What do you like most about Sangfor NGAF?
I think Sangfor NGAF is more valuable than Cisco products because of its simplicity and ease of management. If I comp...
What is your experience regarding pricing and costs for Sangfor NGAF?
The licensing cost is quite high compared to other available firewalls in the market.
What needs improvement with Sangfor NGAF?
The cost of licensing is very high compared to other firewalls available here. There should be improvements in hardwa...
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
No data available
Sangfor NGAF Firewall Platform
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
Warren Rogers Associates
The Ministry of Science, Technology, and Innovation (Indonesia), Lawson, Inc. (Philippines), Universiti Sultan Zainal Abidin (Indonesia), TEK Automotive (Italy), etc.
Find out what your peers are saying about Palo Alto Networks VM-Series vs. Sangfor NGAF and other solutions. Updated: June 2025.
860,168 professionals have used our research since 2012.