• Home
  • Check Point NGFW vs. Palo Alto Networks VM-Series

Check Point NGFW vs Palo Alto Networks VM-Series comparison

Cancel
You must select at least 2 products to compare!
Fortinet Logo
Fortinet FortiGate
Read 306 Fortinet FortiGate reviews
120,425 views|88,209 comparisons
90% willing to recommend
Check Point Software Technologies Logo
Check Point NGFW
Read 279 Check Point NGFW reviews
27,173 views|16,714 comparisons
96% willing to recommend
Palo Alto Networks Logo
Palo Alto Networks VM-Series
Read 53 Palo Alto Networks VM-Series reviews
7,117 views|4,612 comparisons
100% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Check Point NGFW vs. Palo Alto Networks VM-Series
May 2024
Executive Summary

We performed a comparison between Check Point NGFW and Palo Alto Networks VM-Series based on real PeerSpot user reviews.

Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Check Point NGFW vs. Palo Alto Networks VM-Series Report (Updated: May 2024).
Download the complete report
772,649 professionals have used our research since 2012.
Featured Review
Anand Navik
Researched Check Point NGFW but chose Fortinet FortiGate: Good threat prevention capabilities, good price, and very easy to deploy and manage
It enabled our clients to reach locations and access their applications easily with no latency. It provided ease of access.
Anonymous User
Safeguards networks against a wide range of cyber threats with its robust security features, advanced threat prevention and centralized management
Mitul Rajput
A stable and straightforward solution that provides valuable features and strengthens an organization’s IT posture
We need a perimeter firewall to expose anything on the internet. Our inbound and outbound traffic is controlled via Palo Alto. It has multiple... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Its administrative panel is very intuitive and simple. It is simpler than the other solutions that we had. As an administrator, we are always looking for the easiest solution to manage network policies. We are able to filter everything on our network and also use the VPN feature, which is important these days when people are working remotely during COVID.""It is a good source for firewall protection.""You can create multiple Virtual Domains (VDOMs), which are treated as separate firewall instances.""FortiGate firewalls are user-friendly, and I like the security profiling features.""The most valuable features are SD-WAN, application control, IPS control, and FortiSandbox.""It's great for capturing the traffic and troubleshooting it.""Whenever we raise a complaint with FortiGate, their response and resolution times are minimal.""The security features that they have are quite good. On top of that, their licensing model is quite nice where they don't charge you anything for the SD-WAN functionality for the firewall."

More Fortinet FortiGate Pros →

"AV, IPS, AntiSpam, Sandbox. That's gentlemen set for any basic security, and it was implemented very well. In our reports, the most exciting results belong to AV and IPS. It can be explained by using ThreatCloud - a global knowledge base, which accumulates signatures for all existing and new coming malware, and all the Check Point solutions are always up to date with potential threats.""On the firewall side, the security efficacy is good.""I rate the tool's stability a ten out of ten.""The ability to split single hardware into multiple virtuals along with support for dynamic routing using BGP is very useful for our environment.""The most valuable features are the security blades and the ease of managing the policies, searching log for events, and correlating them.""It creates granular security policies based on users or groups to identify, block or limit the usage of web applications.""The scalability is very good.""The management platform and the dashboard, the graphical user interface, is one of the best, if not the best, in the business. It's the most intuitive and it's really user-friendly in day-to-day operations."

More Check Point NGFW Pros →

"I have not actually called their support line, because we have a direct contact to a senior engineer in the company for any issues that we handle with them. I will say they are very responsive, and they do give you the information you need when you need it.​""The feature that I have found the most useful is that it meets all our requirements technically.""Centralized management is valuable because it allows us to configure settings in one location and apply them across all three locations.""A solid operating system with all the necessary data center security features.""The solution enables organizations to enforce policies.""In Palo Alto the most important feature is the App-ID.""It is very stable. It is fairly easy to use.""The most valuable feature of the solution is the zero-trust security architecture."

More Palo Alto Networks VM-Series Pros →

Cons
"The firmware needs improvement because there are bugs when a new release comes through. Sometimes, the configuration changes, and it's a bit harder to see where the fail is. The first time that you have the firmware, it tends to have some issues, and it's better to wait a bit to update the equipment.""The initial setup and configuration are not intuitive and require training.""There are some tiny bugs that sometimes affect the operations. In the past revision of it, there was a bug. Because of the bug, we had to downgrade the version. It happened only with the last revision.""The renewal price and the availability could be improved.""The customization could be improved. Cisco, for example, is much better at this. They need to work to be at least as good as they are.""The captive portal could be improved.""Reporting is limited to providing an external appliance for improving the reporting capabilities of the FortiAnalyzer. It does not offer a central management and is also sold separably as an appliance.""I would suggest that Fortinet add sandboxing to their solution."

More Fortinet FortiGate Cons →

"The biggest improvement they could make is having one software to install on all three levels of their products, so that the SMBs, the normal models, and the chassis would all run the same software. Now, while there is central management, everything that has to be configured on the gateway itself works differently on the three kinds of devices.""The VPN part was actually one of the most complex parts for us. It was not easy for us to switch from Cisco, because of one particular part of the integration: connecting the Check Point device to an Entrust server. Entrust is a solution that provides two-factor authentication. We got around it by using another server, a solution called RADIUS.""The setup is a little complex compared to its competitors.""Unfortunately, as is the case with many big companies, new features seem to always be more important than fixing the last little bugs that affect only a minor customer base.""Support cases have been generated several times, and it takes time for the case to be resolved.""We need east/west Check Point firewalls in order to do micro-segmentation.""Check Point should improve services related to the cloud-based solution.""When I was creating the VPN on it and the client side through the portal, that feature was very annoying. I could not use it. It was much more usable after downloading it to the laptop. That was very good compared to using it directly from the browser."

More Check Point NGFW Cons →

"I would like to see a more thorough QA process. We have had some difficulties from bugs in releases.""Palo Alto Networks VM-Series is a complex product to work with.""It is not very easy to scale up the solution.""The product needs improvement in their Secure Access Service Edge.""The interface is all Java-based. I would prefer an HTML5 interface.""We have run into some issues with scaling and limitations associated with some of the configurations.""The DLP functionality or data classification can be improved in the solution's basic firewalling.""Recently, they introduced their Prisma Cloud solution. Compared to the previous technologies, like Panorama, which is used for centralized firewall management, or even the individual firewalls, it's a bit challenging to integrate the traditional firewall policies into Prisma Cloud."

More Palo Alto Networks VM-Series Cons →

Pricing and Cost Advice
  • "Fortinet has one or two license types, and the VPN numbers are only limited by the hardware chassis make."
  • "These boxes are not that expensive compared to what they can do, their functionality, and the reporting you receive. Fortinet licensing is straightforward and less confusing compared to Cisco."
  • "Go for long term pricing negotiated at the time of purchase."
  • "Work through partners for the best pricing."
  • "The value is the capability of having multiple services with one unique license, not having the limitation per user licensing schema, like other vendors."
  • "Easy to understand licensing requirements."
  • "​We saved a bundle by not needing all the past appliances from an NGFW.​"
  • "The cost is too high... They have to focus on more features with less cost for the customer. If you see the market, where it's going, there are a lot of players offering more features for less cost."

    • More Fortinet FortiGate Pricing and Cost Advice →

  • "I don't think the product's pricing is a good value. I feel it's very overpriced. I feel a lot of the features for a next gen firewall are there. But I feel it's overpriced, because of the stability issues. As far as support goes, I really can't speak to direct Check Point support, but the third-party was pretty terrible... As far as the licensing goes, it's pretty complex. If anybody was to purchase the Check Point product, definitely make sure they have an account rep come on site, and explain it line by line, what each thing is. It's not straightforward. It's very convoluted. There's no way you could just figure it out by looking at it."
  • "Check Point solutions are very expensive here. They're good, but they're expensive... Check Point is only useful for customers that have a big IT budget."
  • "The price is high in comparison to other solutions."
  • "We pay $5,000-$6,000 a year."
  • "Maybe the pricing is a bit high but you get the durability and the duration."
  • "Licensing issues may be confusing at times."
  • "It is quite an expensive product, although security is a top priority."
  • "This product is not cheap and there are additional costs that depend on what model or package that you buy."

    • More Check Point NGFW Pricing and Cost Advice →

  • "For what you get, it does do what it says. It is a good value for an enterprise firewall.​"
  • "​The licensing is pretty much like everyone else."
  • "When you have a client compare box against box, a lot of times Palo Alto is a bit more expensive, but its network firewalls have a very rich ratio."
  • "Do not buy larges box if you do not need them. Rightsizing is a great task to do before​hand."
  • "I know Palo Alto is not cheap. They have been telling me, the members of the finance team, it is not a cheap solution. It is a solution whose target is that no matter how big your organization is, small, medium, or large, it is about the maturity of your security team or infrastructure team whom you want to work with."
  • "It is a little bit of crazy if you compare it to Vanguard, Sophos, or even Cisco. The newest version of Cisco, the Next-Generation Firewall of Cisco, is less expensive than Palo Alto. It is more comparable to Check Point."
  • "For licensing, It depends how they want to use the firewall. The firewall can be used only for IPS purposes. If you only want that firewall IPSs, you will only need a license that is called threat prevention. That license, threat prevention, includes vulnerabilities, antivirus signatures and one additional measure (that I can't remember), but it includes three measures and security updates."
  • "The box, if you do not want to buy the threat prevention license in the box, you can buy it only with the support license. It is for the support of the hardware. It works like a simple firewall. It integrates what it calls user IDs and application IDs. If you do not buy any other license, only the firewall, Palo Alto will also help you improve a lot of your security."

    • More Palo Alto Networks VM-Series Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    See Recommendations
    772,649 professionals have used our research since 2012.
    Questions from the Community
    Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
    Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and usage at… more »
    Read all 3 answers   →
    What is the biggest difference between Sophos XG and FortiGate?
    Top Answer:From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know… more »
    Read all 13 answers   →
    What are the biggest technical differences between Sophos UTM and Fortine...
    Top Answer:As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite… more »
    Read all 11 answers   →
    How does Check Point NGFW compare with Fortinet Fortigate?
    Top Answer:I have experience on both from Disti and channel experience. Please find below my comments (nothing new as such)… more »
    Read all 5 answers   →
    Which would you recommend - Azure Firewall or Check Point NGFW?
    Top Answer:Azure Firewall is easy to use and provides excellent support. Valuable features include integration into the overall… more »
    Read all 2 answers   →
    What do you like most about Check Point NGFW?
    Top Answer:Check Point NGFW provides essential security, featuring no-obligation access for secure connections, strong intrusion… more »
    Read all 165 answers   →
    Features comparison between Palo Alto and Fortinet firewalls
    Top Answer:In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it… more »
    Read all 4 answers   →
    How does Azure Firewall compare with Palo Alto Networks VM Series?
    Top Answer:Both products are very stable and easily scalable The setup of Azure Firewall is easy and very user-friendly and the… more »
    What do you like most about Palo Alto Networks VM-Series?
    Top Answer:The filtering feature is good.
    Read all 44 answers   →
    Comparisons
    Also Known As
    FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
    Check Point NG Firewall, Check Point Next Generation Firewall
    Learn More
    Fortinet
    Check Point Software Technologies
    Palo Alto Networks
    Overview

    Fortinet FortiGate enhances network security, prevents unauthorized access, and offers robust firewall protection. Valued features include advanced threat protection, reliable performance, and a user-friendly interface. It improves efficiency, streamlines processes, and boosts collaboration, providing valuable insights for informed decision-making and growth.

    Check Point NGFW is a next generation firewall that enables safe usage of internet applications by blocking malicious applications and unblocking safe applications. Check Point NGFW, which uses deep packet inspection to identify and control applications, has features such as application and user control and integrated intrusion prevention (IPS), as well as more advanced malware prevention capabilities like sandboxing.

    Check Point NGFW includes 23 firewall models optimized for running all threat prevention technologies simultaneously, including full SSL traffic inspection, without compromising on security or performance.

    Benefits of Check Point's Next Generation Firewall

    • Robust security: Check Point NGFW delivers the best possible threat prevention with SandBlast Zero Day protection. The SandBlast protection agent constantly inspects passing network traffic for exploits and vulnerabilities. Suspicious files are then emulated in a virtual sandbox in order to detect and report malicious behavior.

    • Security at hyperscale: On-demand hyperscale threat prevention performance provides cloud level expansion and resiliency on premises.

    • Unified management: Check Point's SmartConsole makes it easy to manage and configure network security environments and policies. With the SmartConsole, users can manage all the firewall gateways and access logs and install databases from one location. Unified management control across the network increases the efficiency of security operations and reduces IT costs.
    • Continuous logging: Check Point NGFW’s Threat Management feature detects vulnerabilities and logs them. Using the logged data, users can easily create and implement efficient security policies.

    • Remote access: The remote access VPN provides a seamless connection for remote users.

    Check Point NGFW is suitable for organizations of all sizes, from small businesses to larger enterprises.

    Reviews from Real Users

    Check Point NGFW stands out among its competitors for a number of reasons. Two major ones are its intrusion prevention feature as well as its centralized management, which makes it very easy to deploy firewall policies to many firewalls with one click.

    Shivani J., a network security administrator, writes, "Check Point has a lot of features. The ones I love are the antivirus, intrusion prevention, and data loss prevention."

    G., a network administrator at Secretaría de Finanzas de Aguascalientes, writes, “Within the organization, the inspection of packages has given us great help in detecting traffic that may be a threat to the institution. The configuration of policies has allowed us to maintain control of access and users for each institution that is incorporated into our headquarters.”

    Arun J., a senior network engineer, notes, “The nicest feature is the centralized management of multiple firewalls. With the centralized management, we can easily use and operate multiple firewalls as well as create a diagram of them.”

    Palo Alto Networks VM-Series is a highly effective advanced threat protection (ATP) solution and firewall that can be hosted on cloud computing technologies designed by many different companies. It decreases the amount of time that it will take administrators to respond to threats. Users that deploy VM-series have 70% less downtime than those who use similar firewalls. Neither protection nor efficiency are concerns when this next-generation firewall is in play.

    VM-Series is being deployed to protect both public and private cloud environments. This level of flexibility empowers organizations to run the environment or environments that best meet their needs without worrying that they are going to be exposed to digital threats due to the environment that they choose.

    In the public cloud, users of Palo Alto Networks VM-Series can automate their deployment and dynamically scale up their environment while experiencing a consistent level of protection. This dynamic scalability means that they also integrate their security into their DevOps workflows so that their security can keep up with their activities and requirements. Users of private cloud environments can set up security policies that can be automated to be provisioned as the need arises. Organizations don’t need to slow down when they deploy VM-Series because it makes the task of defending them so simple that they can set their defenses and forget that they are even there.

    Users gain a deep level of visibility when they deploy Palo Alto Networks VM-Series. App-ID technology enables organizations to see their network traffic on the application level and spot threats that might be trying to sneak in through vulnerable points in their defenses. It also leverages Palo Alto Networks WildFire and advanced threat protection to block the threats before they can escalate.

      Palo Alto Networks VM-Series Features:

      • Central management system - It has a central management system that enables users to set up and control their security operations from one location. Users don’t need to search for the tools that they need. This system allows for security consistency and complete control without requiring businesses to spend large periods of time to do so.
      • Blacklisting and whitelisting - Organizations can utilize blacklisting and whitelisting tools to ensure that their network traffic only contains the type of traffic that they want to be present. These tools make it possible for them to set specific web traffic sources as being either undesirable and thus blocked from entering their network or desirable and thus allowed to enter. 
      • Automation feature - The product’s automation feature can automate many critical functions that users would otherwise have to handle manually. Security policy updates are an example of a function that users can automate.

      Reviews from Real Users:

      Palo Alto Networks VM-Series is a solution that stands out when compared to other similar solutions. Two major advantages that it offers are its ability to protect users without degrading the efficiency with which their networks perform and its centralized management system. 

      Jason H., the director of information technology at Tavoca Inc, writes, “There is no noticeable trade-off between security and network performance. In fact, so far, we've not seen any negative network performance with it. We're very impressed in that regard.”

      An information technology manager at a tech services company says, “We use Palo Alto’s Panorama centralized management system. We have an on-prem firewall where Panorama is very good for pulling logs in from the cloud so we can see what is going on. It gives us visibility into that as well as shows us what attacks are coming in. Palo Alto’s Panorama centralized management system simplifies our security posture based on our requirements. Instead of manually pulling logs, then generating them into readable formats, it gives us the console in a readable format to view.”

      Sample Customers
      1. Amazon Web Services 2. Microsoft 3. IBM 4. Cisco 5. Dell 6. HP 7. Oracle 8. Verizon 9. AT&T 10. T-Mobile 11. Sprint 12. Vodafone 13. Orange 14. BT Group 15. Telstra 16. Deutsche Telekom 17. Comcast 18. Time Warner Cable 19. CenturyLink 20. NTT Communications 21. Tata Communications 22. SoftBank 23. China Mobile 24. Singtel 25. Telus 26. Rogers Communications 27. Bell Canada 28. Telkom Indonesia 29. Telkom South Africa 30. Telmex 31. Telia Company 32. Telkom Kenya
      Control Southern, Optimal Media
      Warren Rogers Associates
      Top Industries
      REVIEWERS
      Comms Service Provider16%
      Computer Software Company9%
      Financial Services Firm8%
      Manufacturing Company7%
      VISITORS READING REVIEWS
      Educational Organization20%
      Computer Software Company15%
      Comms Service Provider7%
      Manufacturing Company6%
      REVIEWERS
      Financial Services Firm22%
      Computer Software Company15%
      Comms Service Provider7%
      Manufacturing Company6%
      VISITORS READING REVIEWS
      Educational Organization51%
      Computer Software Company7%
      Financial Services Firm5%
      Government4%
      REVIEWERS
      Computer Software Company26%
      Manufacturing Company16%
      Financial Services Firm13%
      Government10%
      VISITORS READING REVIEWS
      Computer Software Company16%
      Financial Services Firm11%
      Manufacturing Company7%
      Government6%
      Company Size
      REVIEWERS
      Small Business48%
      Midsize Enterprise23%
      Large Enterprise30%
      VISITORS READING REVIEWS
      Small Business28%
      Midsize Enterprise32%
      Large Enterprise40%
      REVIEWERS
      Small Business32%
      Midsize Enterprise18%
      Large Enterprise49%
      VISITORS READING REVIEWS
      Small Business14%
      Midsize Enterprise59%
      Large Enterprise27%
      REVIEWERS
      Small Business41%
      Midsize Enterprise26%
      Large Enterprise33%
      VISITORS READING REVIEWS
      Small Business23%
      Midsize Enterprise16%
      Large Enterprise61%
      Buyer's Guide
      Check Point NGFW vs. Palo Alto Networks VM-Series
      May 2024
      Free Report: Check Point NGFW vs. Palo Alto Networks VM-Series
      Find out what your peers are saying about Check Point NGFW vs. Palo Alto Networks VM-Series and other solutions. Updated: May 2024.
      DOWNLOAD NOW
      772,649 professionals have used our research since 2012.

      Check Point NGFW is ranked 5th in Firewalls with 279 reviews while Palo Alto Networks VM-Series is ranked 10th in Firewalls with 53 reviews. Check Point NGFW is rated 8.8, while Palo Alto Networks VM-Series is rated 8.6. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of Palo Alto Networks VM-Series writes "Many features are optimized for troubleshooting real-time scenarios, saving a lot of time". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Cisco Secure Firewall, Netgate pfSense and Azure Firewall, whereas Palo Alto Networks VM-Series is most compared with Azure Firewall, Fortinet FortiGate-VM, Cisco Secure Firewall, Palo Alto Networks NG Firewalls and Check Point CloudGuard Network Security. See our Check Point NGFW vs. Palo Alto Networks VM-Series report.

      See our list of best Firewalls vendors.

      We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.