We performed a comparison between Check Point NGFW and Fortinet Fortigate based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Fortinet’s lack of an option to deploy firewalls on multiple endpoints is a definite downside. Although Fortinet received better feedback for its support, Check Point is the winner in this comparison.
"Check Point's rule management helped us simplify access control. At one point, we had more than 1,000 access control policies, and it was challenging to manage them all. We cut it down to 300 policies using Check Point's management features, and we are still working on reducing this further to achieve the best way to manage policies. Its logging and monitoring enable us to trace and investigate suspicious traffic."
"The failover from one device to the other has been seamless and we find that we do not lose ongoing SIP calls or Teams chats."
"The central management console has helped with segregation, where planned interventions with management consoles do not have any impact on production or critical business traffic."
"It secures my organization. With the application blade, I can make security as application based and the custom application is also very useful. With identity awareness blades we get insights on our local users who are accessing/passing through the respective rule as users. We also use the DLP, IPS, and VPN features."
"The most valuable feature of the firewall is the packet inspection. That is an amazing feature from Check Point."
"Apart from it having very good features, I personally like the vulnerability assistance via report management which detects host and network vulnerability."
"We can build the new firewalls with minimum efforts."
"Management integration is holistic as centralized management has been core to the solution for decades."
"The threat prevention is the solution's most valuable aspect."
"The tool is a nice product and easy to handle. The software's user interface is also good. You can easily implement remote access in the solution."
"A strong point of FortiGate is the graphical interface is complete and easy to use."
"All of the features of Fortinet FortiGate are useful and the security protection is good."
"FortiGate firewalls are user-friendly, and I like the security profiling features."
"The most valuable features are the policies, filtering, and configuration."
"The web tutor and automatic rules by schedule are good features."
"Good anti-malware and web filtering features."
"It would be ideal to manage everything from one central place."
"Check Point is a bit difficult to use and manage so it would be nice to see some improvement in those areas."
"The current reporting capability needs to be parsed and edited to be appreciated by leadership."
"There needs to be more storage space for reporting."
"The tool’s architecture could be improved a bit."
"The area it needs improvement is the SandBlast Agent. It receives a file, or if it detects a Zero-day attack, it takes the file and analyzes it, either on-premise or in the Check Point Cloud, and then it reports back whether the file is secure or non-secure, or is unknown. That particular area definitely needs a bit more improvement, because there is a delay... where it needs improvement is where [SandBlast is] an appliance-based solution rather than a software or cloud-based solution."
"Initially, we faced a few challenges with firmware. Later this was addressed with jumbo hotfixes."
"The firewall throughput or performance reduces drastically after enabling each module/blade."
"The non-error conserve mode has room for improvement."
"Currently, without the additional reporting module, we only have access to basic reporting."
"I would like to have logs, monitoring, and reporting for a month without extra fees."
"Currently, FortiGate is providing SSL VPN. But they're missing some features that are available in Palo Alto's SSL VPN."
"They should offer special pricing to premium partners and customers."
"Maybe they could make some features more accessible, such as a way to translate directions between two networks that share the same subnets."
"Technical support needs to be improved."
"Its reporting and pricing need improvement."
Check Point NGFW is ranked 5th in Firewalls with 277 reviews while Fortinet FortiGate is ranked 2nd in Firewalls with 306 reviews. Check Point NGFW is rated 8.8, while Fortinet FortiGate is rated 8.4. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of Fortinet FortiGate writes "It's a reliable solution that's easy to install and cheaper than competitors ". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Cisco Secure Firewall, Netgate pfSense and Azure Firewall, whereas Fortinet FortiGate is most compared with Sophos XG, Cisco Secure Firewall, Netgate pfSense, Meraki MX and SonicWall TZ. See our Check Point NGFW vs. Fortinet FortiGate report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
First of all, Check Point checks the rules to be configured before installing them in the firewall and this prevents the user from making mistakes and putting the company at risk.
Check Point is no longer expensive. It has many models and competes in performance and price vs. Fortinet.
Now web interfaces, like Fortinet, may have more bugs per top 10 OWASP.
We are using both but the GUI and clustering on the FortiGate side look better/easier/more comfortable.
And I do agree with others - Check Point is expensive and Fortinet FortiGate has many models offering less expensive implementation.
I have experience on both from Disti and channel experience. Please find below my comments (nothing new as such).
-Check Point GUI is a bit complicated,
-Application and Web filtering are better than Fortigate.
-IPS and AV are more effective than Fortigate. Overall more stable than any other firewall
Support: not up to the level like Fortigate and lack of trained resources (in the gulf).
Check Point is expensive.
Fortinet has many models and is more affordable than Check Point. It also provides outstanding support. GUI is more user-friendly.
We had this same discussion recently with my organization. It came down to the security of the platform.
Fortinet has had a number of breaches over the last 2 years and this was a key factor in our decision.
The challenge with Check Point will be the transition from our existing firewall and taking advantage of the various features across our organization.