We performed a comparison between Fortinet Fortigate and Palo Alto Networks Wildfire based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Fortinet Fortigate is the more popular solution because of its ease of deployment combined with its solid set of features, excellent service and support ratings, and the fact that it is more affordable than Palo Alto Networks Wildfire.
"Some of the key features of the solution is that it has good reporting, you can receive many details from the connection, for example, clients and website information."
"Anti-Spam web content filterinG."
"The secure web gateway module and the application control module are valuable. HA operations are very easy."
"It performs very well."
"It is simple to manage, and there are a lot of functionalities in the same box."
"The web tutor and automatic rules by schedule are good features."
"The application control features, such as Facebook blocking and Spotify blocking, are the most valuable."
"The CLI is robust and powerful, enabling rapid, consistent changes via SSH."
"The most valuable features of this solution are sandbox capabilities."
"They have many different options with Palo Alto WildFire and the set-up is quick. If you have all the details in hand, it does not take more than 15 minutes to deploy a firewall."
"The technical support is good."
"The cloud-based services are a nice feature."
"You have better control because you define apps. You just don't define ports. You define apps, and the apps are monitored in the traffic. It is more specific than the Cisco firewall when it comes to our needs."
"Stability-wise, I rate the solution a ten out of ten since we never faced any issues."
"The most valuable features of the solution are user-friendliness, price, good security, and cloud-related options."
"The solution has plenty of features."
"We would like to see better pricing."
"It is stable, but its stability can be improved."
"The non-error conserve mode has room for improvement."
"If they had better integration with security products, such as Cisco ISE or Rapid Threat Containment, then it would be an improvement."
"In terms of what could be improved, the SD-WAN is quite difficult, because if you install the new box, 15 is okay, but if you change from an old configuration, if there is already configuration and a policy when you change to SD-WAN, you must change the whole policy that you see in the interface."
"FortiLink is the interface on the firewall that allows you to extend switch management across all of your switches in the network. The problem with it is that you can't use multiple interfaces unless you set them up in a lag. Only then you can run them. So, it forces you to use a core type of switch to propagate that management out to the rest of the switches, and then it is running the case at 200. It leaves you with 18 ports on the firewall because it is also a layer-three router that could also be used as a switch, but as soon as you do that, you can't really use them. They could do a little bit more clean up in the way the stacking interface works. Some use cases and the documentation on the FortiLink checking interface are a little outdated. I can find stuff on version 5 or more, but it is hard to find information on some of the newer firmware. The biggest thing I would like to see is some improvement in the switch management feature. I would like to be able to relegate some of the ports, which are on the firewall itself, to act as a switch to take advantage of those ports. Some of these firewalls have clarity ports on them. If I can use those, it would mean that I need to buy two less switches, which saves time. I get why they don't, but I would still like to see it because it would save a little bit of space in the server rack."
"This product could be improved with Active directory integration and better handling in IPsec and GRE Tunnels."
"It should come integrated or have its own type of network monitor tool in a module. There should just be one package, and you are good to go."
"It's not really their problem, it's a problem across the board. There will always be problems with interrupted traffic. We have to set it up where we're playing a middle man game where we're stripping it out, looking at it, and then putting it back together and sending it on its way. That requires CPU cycles. And there's some overhead with that."
"The cost of the solution is excessively high."
"It would be nice if there was an easier way to install and deploy it, such as through the inclusion of wizards."
"The solution can improve its traffic management."
"Palo Alto Networks WildFire could improve by adding support for manual submission of suspicious files and URLs. Additionally, it would be an advantage to add rule-based analysis. Currently, it uses only static and AI. We need to be able to analyze archive files."
"The product's false positive logs could be more user-friendly to understand. They could provide examples of precious cases to learn."
"The deployment model could be better."
"The system performance degrades after the solution has been deployed for some time. The data that it gives us becomes a little bit slow. When you try to get some data for troubleshooting, it seems like it's working hard to extract that data."
Fortinet FortiGate is ranked 2nd in Firewalls with 306 reviews while Palo Alto Networks WildFire is ranked 3rd in Advanced Threat Protection (ATP) with 58 reviews. Fortinet FortiGate is rated 8.4, while Palo Alto Networks WildFire is rated 8.4. The top reviewer of Fortinet FortiGate writes "It's a reliable solution that's easy to install and cheaper than competitors ". On the other hand, the top reviewer of Palo Alto Networks WildFire writes "Good technical support and provides automatic analysis that saves us time in filtering email". Fortinet FortiGate is most compared with Sophos XG, Cisco Secure Firewall, Netgate pfSense and Meraki MX, whereas Palo Alto Networks WildFire is most compared with Cisco Secure Firewall, Juniper SRX Series Firewall, Proofpoint Email Protection, Fortinet FortiSandbox and Check Point SandBlast Network.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
FortiGate has a lot going for it and I consider it to be the best, most user-friendly firewall out there. What I like the most about it is that it has an attractive web dashboard with very easy navigation tabs; It can be managed and controlled using layer two wireless access points; When compared with other firewalls, building IPsec VPN and SSL VPN is much easier; I can configure virtual networks within the same firewall; And, configuration of NAT and static routes are straightforward. I would recommend it to any organization that needs to provide VPN access for their employees.
FortiGate also has many security functions, such as application control, web filtering, IPS, antivirus, etc., that help companies protect their users. The FortiGate solution also helps optimize traffic from user to application via the hybrid WAN environment. I think what I like most about this solution is that I can combine security functions and SD-WAN, which allows me to scan traffic flow but also to protect the local application server or the user.
For me, the downsides of FortiGate are that it happens to include many bugs, and sometimes it can be a challenge to block content from a website with web filtering since web pages contain websites that consume other resources. Moreover, mobile device administration is complicated, and it does not seem to adapt to smartphone or tablet screens very well.
While it isn’t my favorite, WildFire provides the ability to block threats as they travers your network infrastructure both in retro-time and real-time. WildFire also has zero-trust and actively works to inspect traffic for malicious capabilities by forwarding a file to the WildFire cloud, even in the case that it doesn’t recognize what the file is doing. The reason why WildFire is not my first choice is because I feel that it is lacking many features and that they could improve by adding more functionality. But there doesn’t seem like there is a way to either tune or tweak the solution. If implemented correctly, though, it can be a good, robust solution to achieving great endpoint security.
Conclusion:
In my opinion, FortiGate is better than Wildfire because FortiGate meets my business needs better and has more appealing feature updates and roadmaps as well as great technical support, all of which are important to me.
What type of network is? how many users?
Fortinet products are unique in that they have specific chips to work on hardware rather than overcharging a CPU to 90%, as happens with some Sophos boxes and others.
Things in the cloud... the cloud is a name, it is software running on someone else's computer system and could be only for you or multi-tenancy. Delays and other dramas may occur.
The question as I was invited to comment :| Which is better, does not tell anything, somehow.