We performed a comparison between Netgate pfSense and Palo Alto Networks PA-Series based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The customization potential is quite impressive."
"The license management is very valuable. You can get a new license each year, or you can enroll every two to four years. You can get the logs, and you will get the information on the risk in your network and the entire organization. With this information, you can take action on your actives, computers, or devices. You can bring your own device as an SSE."
"The Intrusion Prevention System and the web filtering are both working well."
"Initial setup is straightforward. There weren't too many issues with setting it up. It takes one hour or so."
"Centralized monitoring, policy management, and virtualized appliances allow us to take control over our public and private infrastructure."
"The most valuable features are the possibility of having one fabric for switching on security."
"The initial installation is very straightforward."
"The security features are about the best that I've seen anywhere."
"Open source and support are valuable. I have community support."
"I have found the firewall portion for the blocking most valuable."
"The solution is fairly scalable when it comes to integrating with other applications and data sets."
"It works. I put pfSense in, and it works. I can't think of any trouble I ever had with it. It runs on heat-sensitive appliances. They don't need a fan, so they don't overheat. It is affordable, fast, and very high-speed. It is built on BSD Unix, and it pretty much runs on any Intel processor."
"A valuable feature is that the solution is open source."
"Firewall system for small, medium, and large data networks. It allows you to provide security to your environment: DMZ networks, LAN, WAN, etc."
"The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is. Did you forget a printer port? Most attacks at the moment are happening through printers, and they can tell you immediately that you forgot to close the port of the printer. There are more than one million printers that are in danger, and everybody knows that hackers are using them to enter the network. So, you can download plugins to protect your network."
"The classic features such as content inspection, content protection, and the application-level firewall, are the most important."
"A valuable feature that we can consider is the deployment time, which is significantly reduced. It is almost 90% faster compared to other solutions."
"The solution provides good customer support."
"The documentation is great."
"The direct profiles is a valuable feature."
"It has its own logging system. You can go to monitoring and check the logs to see if a connection is getting blocked. You can use multiple types of logs to check if a file or a port is getting blocked or if there are any TCP resets from the source or destination. It's easy to troubleshoot with the monitoring and logging it provides."
"The solution is robust."
"I like the tool's security and web filtering features."
"It is scalable. But that depends on what model you are using."
"The solution could be more secure and stable."
"Fortinet FortiGate needs to improve the logging and reporting. Additionally, the next-generation application's policies should be improved. When they were released they had bugs."
"The reports are very basic."
"With the reports, you can see it, and you can get good feelings so upper management can go, "Oh, wow. That looks pretty." However, it's very basic."
"It can be a little bit more user-friendly in terms of policy definition and implementation. It seems a little bit complicated, and it could be simplified."
"I would like to see a more intuitive dashboard."
"One issue that I have had is that sometimes I need to monitor the traffic, so I need to filter it according to the user and which user is using it the most. I experience a bottleneck most of the time, particularly at the peak time when the number of contracts and users are at maximum."
"The price of FortiGate should be reduced because there are some other leading products that are cheaper."
"The solution could use better reporting. They need to offer more of it in general. Right now, the graphics aren't the best. If you need to provide a report to a manager, for example, it doesn't look great. They need to make it easier to understand and give users the ability to customize them."
"They can improve the dynamic of the input of IPs from outside."
"It was difficult to configure our web printer through the solution. This process could be easier. Additionally, integration with SD-WAN solution."
"There are several levels of firewall configuration such as beginner, advanced, and expert configurations. At each level, it becomes more complex and more tricky to set up the firewall. For example, if you want to install the firewall on your computer system, it would be a lot easier if it just tells you that this is the internet NIC and this is the Wi-Fi NIC."
"It should integrate with LDAP, Active Directory, etc, to improve the way in which the traces and connections of each IP, or user connected through the firewall, are shown."
"The solution’s interface must be improved."
"As an open-source solution, there are so many loopholes happening within the product. By design, no one is taking ownership of it, and that is worrisome to me."
"I've never tried it in large environments. All my clients are small businesses with a handful of employees, so I am not sure how it works in large environments. I keep up with recent versions, and there's nothing I'm waiting for, and nothing breaks when I get a new version."
"There seem to be some issues with TAC (Technical Assistance Center) or Palo Alto support. Anytime you open a case, a level one engineer joins, and then you have to escalate it to level two or three. The support system has changed in the past few years, and that's something they need to look into."
"The SD-WAN feature of Palo Alto Networks is not good compared to FortiGate."
"The UI definitely needs work. In my opinion, the UI could be simpler and more user-friendly for the average user."
"Currently, they are not protected with any data security when they work from home or outside the network. They surf the Internet directly and should implement a proxy or firewall to monitor the data between the endpoint and the internet."
"The interface is complex."
"The web interface is slow."
"Palo Alto Networks PA-Series is expensive. We would like to see additional threat hunting features."
"Palo Alto Networks PA-Series is complicated to configure compared to one of its competitors."
Netgate pfSense is ranked 1st in Firewalls with 128 reviews while Palo Alto Networks PA-Series is ranked 16th in Firewalls with 28 reviews. Netgate pfSense is rated 8.6, while Palo Alto Networks PA-Series is rated 8.6. The top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". On the other hand, the top reviewer of Palo Alto Networks PA-Series writes "Offers trained customer support, stability and ease of use ". Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Sophos UTM and Cisco Secure Firewall, whereas Palo Alto Networks PA-Series is most compared with OPNsense, SonicWall NSa, Sophos XG, Juniper SRX Series Firewall and WatchGuard Firebox. See our Netgate pfSense vs. Palo Alto Networks PA-Series report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.