Palo Alto Networks NG Firewalls vs WatchGuard XTM [EOL] comparison

Palo Alto Networks and WatchGuard are both solutions in the Firewalls category. Additionally, 96% of Palo Alto Networks users are willing to recommend the solution, compared to 90% of WatchGuard users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 29, 2024

Both WatchGuard XTM [EOL] and Palo Alto Networks NG Firewalls are prominent in the firewall market. Users report that while WatchGuard XTM [EOL] has competitive pricing and solid support, Palo Alto Networks NG Firewalls are viewed as superior in terms of advanced features and overall value.

Features: WatchGuard XTM [EOL] is recognized for its straightforward management, diverse security policies, and integration capabilities. Palo Alto Networks NG Firewalls receive praise for their advanced threat detection, application visibility, and comprehensive security suite.

Room for Improvement: WatchGuard XTM [EOL] users suggest enhancements in hardware performance and reporting capabilities. Palo Alto Networks NG Firewalls users point out the necessity for more intuitive configuration options and lower latency.

Ease of Deployment and Customer Service: WatchGuard XTM [EOL] is known for its simple deployment process and reliable customer support. On the other hand, Palo Alto Networks NG Firewalls, though having a steeper learning curve during deployment, offer extensive documentation and professional support services.

Pricing and ROI: WatchGuard XTM [EOL] is commended for its affordable pricing and satisfactory ROI. However, users believe that Palo Alto Networks NG Firewalls, despite higher costs, deliver superior value due to enhanced security features and better long-term returns.

To learn more, read our detailed Firewalls Report (Updated: November 2024).

Buyer's Guide

Firewalls

November 2024

Download the complete report

Helped 814,763 peers since 2012

Categories and Ranking

Fortinet FortiGate

Featured Reviews

DineshKumar28

Senior Manager at Cognizant

Sep 25, 2024

Effective threat prevention with responsive customer support

We are using Fortinet FortiGate as a firewall Fortinet FortiGate has been invaluable. It has helped save costs due to its various features, reliable performance, very good UI, low latency, and stability. The Threat Intel engine in Fortinet FortiGate is highly rated for its effectiveness in…

Read full review

Simon Webster

Security Architect at University Corporation for Atmospheric Research

Aug 16, 2022

We get reports back from WildFire on a minute-by-minute basis

The biggest thing that needs to be improved with them is their training. I took a training class for the 8.0 build, then I took it again for the 9.0 and 10 builds. They add new features every time that they do a new major release, but the training doesn't keep up. It is the same basic training that probably was with the 3.0 build, and they just change the screenshots. I would love to see them do some more work since they have all these bells and whistles, but we don't know how to use those features on a large scale. I know this little section here about the firewall, but I know there is a huge amount that still could be done with it. I am not touching enough of it because I just don't know how. It seems like the more I learn about it, the more I learn that there is to learn

Read full review

it_user233817

Sr IT Security Consultant at a healthcare company with 10,001+ employees

Apr 29, 2015

I found this device to be one of the most stable platforms that I have worked with, but paying a yearly maintenance fee for firmware updates is not worth it in my opinion.

I feel that paying a yearly maintenance fee for firmware updates is not worth it in my opinion. I would rather see the yearly fee go for updates to the add-ons and live security, but I think as time goes on firmware updates should be free since the price tag of some of these devices is difficult for some small businesses to swallow. While I hold the company in high regard the learning curve on these devices can be tough right out of the box. I've had to contact support on numerous occasions due to little quirks in the system that needed to be ironed out.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Fortinet FortiGate protects against internet-based threats, both internal and external. It is scalable, stable, easy to use, and easy to install."

"Customers are more inclined towards FortiGate because of application control, web filtering, and anti-spam features. The support from the FortiGate team is good, and price-wise, it is affordable."

"Whenever we raise a complaint with FortiGate, their response and resolution times are minimal."

"It enables our organization to become more productive. Also, it protects our NEtWare from viruses and malware."

"It is easy to use and performs very well."

"It is a one box solution, which covers most of the edge device’s requirements."

"Good anti-malware and web filtering features."

"The SD-WAN feature is the most valuable. This feature evolved from link load balancing. It has helped us in terms of our uptime and privatizing applications whenever we experience an outage. The SD-WAN feature has been a plus for us. Two-factor authentication has allowed us to add more users in terms of remote working. We have two-factor authentication for remote workers to authenticate them before they get on the network."

More Fortinet FortiGate pros

"Its flexibility is the most valuable."

"The application control portion of the solution is its most valuable aspect."

"The most valuable features are web filtering and application filtering."

"I like the architecture because it separates the management plan process and the data plan process."

"Some of the valuable features in this solution are traffic monitoring, GUI functionality, and it very easy to troubleshoot if there is any problem that happens."

"This solution not only provides better security than flat VLAN segments but allows easy movement through the lifecycle of the server."

"The graphical interface is easy to troubleshoot because it has a drill-down sequence. It is easy to monitor traffic."

"It's very important that Palo Alto NG Firewalls embed machine learning into the core of the firewall to provide inline, real-time attack prevention. That increases our security posture... The firewall is able to capture it and flag it and it is easy to mitigate as soon as we see something like that happening, to secure the environment more, in real time."

More Palo Alto Networks NG Firewalls pros

"There is a site-to-site VPN configuration between others people."

"I like the hostwatch because I can see what traffic uses the most bandwidth and I can block that site."

"We have used technical support for WatchGuard many times and overall, we are satisfied with it. They are always listening and there is a good reaction time to our findings. When there are issues, they really try to resolve them."

"Monitoring of network activity is included in the box."

"Application Control is fantastic with over 2,500 applications and the granularity that we can either allow people to view but not be able to log on to Facebook; or view it and log onto it if they're in the marketing department, but not play Facebook games. There are all sorts of different options like that. So it's highly granular."

"After installing the product, we achieved awareness of our data protection needs and email misuse."

"WatchGuard XTM is fairly basic. We use it as the perimeter firewall. The main point is to protect from attack software and hacking."

"SNMP status monitoring and the Central Management Software."

More WatchGuard XTM [EOL] pros

Cons

"In the balance between links feature normally you can just choose one option to balance. It would be better for the solution to have more than one option, preferably three."

"We would like to see a better training platform implemented."

"There are some license issues. Not every feature must have a separate license. There must be some of kind synergy between the license so we don't have to pay for every individual license that we would like to have."

"The cloud features can be improved."

"The solution's framework needs to be frequently updated in order to have a stable solution."

"The UI could be improved."

"I would like to see improvements in the product's application rules."

"Reporting is limited to providing an external appliance for improving the reporting capabilities of the FortiAnalyzer. It does not offer a central management and is also sold separably as an appliance."

More Fortinet FortiGate cons

"We're working with the entry-level appliances, so I don't know what the higher-end ones are like, however, on the entry-level models I would say commit speeds need to be improved."

"It would be better to have more tools to control Palo Alto Networks NG Firewalls. We don't have too many tools to access Palo Alto. For example, the IT team doesn't have access to it. We can see it physically and see if it's running or not. We need to contact a special team to receive that information. I would also like to see more reporting in the next release."

"Everything has been great. More machine learning would be something great to see, but I don't know if it's a priority for Palo Alto."

"The solution's VPN, called GlobalProtect, could be improved as I've had a few issues with that."

"The machine learning in Palo Alto NG Firewalls for securing networks against threats that are able to evolve and morph rapidly is good, in general. But there have been some cases where we get false positives and Palo Alto has denied traffic when there have been new updates and signature releases. Valid traffic gets blocked. We have had some bad experiences with this. If there were an ability, before it denies traffic, to get some kind of notification that some traffic is going to be blocked, that would be good."

"Its software updates can be improved. It sometimes becomes very slow with the software updates for different features. It should have an External Dynamic List of data. The malicious IP is not frequently getting updated in Palo Alto, and this should be done."

"If you enable SSL you will face a problem. The throughput of the firewall will be degraded. SSL is a big issue on all firewalls. All products suffer from issues with SSL, but Palo Alto firewalls suffer more from it."

"The first level of support will usually do nothing for you. If you're an IT company, you're not looking for level one support. You need to escalate. Other vendors have a direct support line for enterprise clients, but not Palo Alto."

More Palo Alto Networks NG Firewalls cons

"The VPN errors are not helpful when troubleshooting."

"One huge issue with WatchGuard XTM is that I'm not getting reports in a readable format. Readable means, I don't want Excel online. We repeat auditing when we trigger the report or setup calendar. That functionality is what we are looking for from WatchGuard XTM here."

"Syslog (Dimension) is focused on presentation, but needs more focus on utility like SonicWall syslog (GMS/Analyzer)."

"WatchGuard doesn't have a product that allows them to get into the data center. And that's just because there is no hardware to do the job. The software could do it, but there's no hardware that allows that to happen at the moment. So it doesn't scale as well as some other products, that's for sure."

"The initial setup is neither simple nor complex. If you know the base in networking and how the firewall works, you will be able to figure it out."

"Sometimes we have had issues with stability of the product."

"The setting policies need improvement. It needs an easier way to do static NAT and check on what policy is being used for that specific traffic."

"I would like them to improve the product's overall protections. This would be good for all product users."

Pricing and Cost Advice

"The price of FortiGate is average and I would say that based on the top five products available on the market, it is in the affordable range."

"We have the full license that included all of the features and support."

"It was worth the money overall. It's good value."

"Fortinet FortiGate is expensive."

"Before choosing a piece of equipment you have to take into account the cost-benefit offered by each one. Sometimes it is not worth paying a very cheap price to have a minimum level of security."

"We just pay a flat monthly fee to the vendor for the support."

"The price depends on the size of the company. From the beginning, you just want to know the internet bandwidths, speed, and the number of users to be able to offer the right product and model. They have a lot of products in FortiGate according to the size of the company, like 200D and 300D."

"Setup cost may be not so low, as you expect, because it depends on different factors, but TCO for 5 years may pleasantly surprise you."

More Fortinet FortiGate pricing and cost advice

"This solution is quite expensive."

"On the lower end, it's likely to cost $15,000 for renovation and support."

"It is a little bit expensive than other firewalls, but it is worth every penny. There are different licenses for the kinds of services you want to use. When we buy a new product, we go for a three-year subscription."

"It's very expensive. However, we usually use all of the subscriptions and threat alerts on any firewall that uses the internet. For each edge security endpoint, we use all subscriptions. Otherwise, we just utilize the threat alert, the antivirus, WildFire, etc."

"Active/Passive mode is very redundant, but they require you to buy all the associated licensing for both firewalls, which is kind of a waste of money because you are really only using the services on one firewall at a time."

"If the cost is your main priority, Palo Alto would be a bit high. However, if you are ready to hear about return of investment, then I would convince you to go for Palo Alto."

"Its price is higher than other vendors. They need to re-think its pricing. With Fortinet, the SD-WAN feature is totally free, whereas, with Palo Alto, I need to pay for this feature. With Fortinet, there is one licensing, and I can get many things, whereas, with Palo Alto, I need to go for individual licensing."

"Compared to other products, the pricing is flexible and reasonable."

More Palo Alto Networks NG Firewalls pricing and cost advice

"It costs less than the SO works and others (like SonicWall, Cisco, and Barracuda) without increasing so much CPU use."

"Get at least a maintenance contract for the updates and take a larger WatchGuard than you need. A WatchGuard creates new ways to secure your network."

"The licensing and renewal is very expensive."

"Like all other manufacturers, there are a lot of features and different pricing. The best is to talk to a representative."

See which vendors are best for you

Use our free recommendation engine to learn which Firewalls solutions are best for your needs.

See recommendations

814,763 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

22%

Computer Software Company

15%

Manufacturing Company

Comms Service Provider

Computer Software Company

16%

Financial Services Firm

Manufacturing Company

Government

No data available

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

When you compare these firewalls you can identify them with different features, advantages, practices and usage a...

See all answers

What is the biggest difference between Sophos XG and FortiGate?

From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...

See all answers

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?

As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...

See all answers

What is a better choice, Azure Firewall or Palo Alto Networks NG Firewalls?

Azure Firewall Vs. Palo Alto Network NG Firewalls Both solutions provide stellar stability and security. Azure Firew...

See all answers

Features comparison between Palo Alto and Fortinet firewalls

In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it...

See all answers

Which is better - Palo Alto Networks NG Firewalls or Sophos XG?

Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat si...

See all answers

Ask a question

Earn 20 points

Comparisons

Sophos XG vs Fortinet FortiGate

Compared 22% of the time

Netgate pfSense vs Fortinet FortiGate

Compared 13% of the time

Cisco Secure Firewall vs Fortinet FortiGate

Compared 12% of the time

WatchGuard Firebox vs Fortinet FortiGate

Compared 5% of the time

Meraki MX vs Fortinet FortiGate

Compared 5% of the time

More Fortinet FortiGate Competitors

Check Point NGFW vs Palo Alto Networks NG Firewalls

Compared 15% of the time

Azure Firewall vs Palo Alto Networks NG Firewalls

Compared 13% of the time

Meraki MX vs Palo Alto Networks NG Firewalls

Compared 10% of the time

Netgate pfSense vs Palo Alto Networks NG Firewalls

Compared 9% of the time

Sophos XG vs Palo Alto Networks NG Firewalls

Compared 9% of the time

More Palo Alto Networks NG Firewalls Competitors

No data available

Product Reports

Buyer's Guide

Fortinet FortiGate

November 2024

Download Fortinet FortiGate product report

Buyer's Guide

Palo Alto Networks NG Firewalls

October 2024

Download Palo Alto Networks NG Firewalls product report

Buyer's Guide

WatchGuard XTM [EOL]

October 2024

Download WatchGuard XTM [EOL] product report

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate

Palo Alto NGFW, Palo Alto Networks Next-Generation Firewall

No data available

Learn More

Fortinet

Palo Alto Networks

WatchGuard

Overview

Fortinet FortiGate enhances network security, prevents unauthorized access, and offers robust firewall protection. Valued features include advanced threat protection, reliable performance, and a user-friendly interface. It improves efficiency, streamlines processes, and boosts collaboration, providing valuable insights for informed decision-making and growth.

Palo Alto Networks NG Firewalls offer comprehensive security, including application control, traffic shaping, threat prevention, and load balancing, designed to secure internal networks, perimeter protection, VPN services, and cloud environments.

Palo Alto Networks NG Firewalls are a key choice for managing and protecting data centers, securing remote access, network segmentation, malware prevention, and ensuring high availability and performance for business-critical applications. Known for stability and strong security, these firewalls use application-aware identifiers and IPS/IDS subscriptions to offer advanced threat protection. The unified platform facilitates seamless integration, while GlobalProtect and centralized management via Panorama enhance ease of use. However, there are areas for improvement, including pricing strategies, training, user support, and integration with third-party applications.

What are the essential features?

Stability: Reliable performance in different environments.
Application Control: Identifies applications to manage traffic.
Advanced Threat Protection: Includes DNS security, WildFire, and machine learning.
GlobalProtect: Secure remote access for users.
Centralized Management: Managed via the Panorama platform.

What benefits or ROI should users expect?

Security: Protects against threats with robust features.
User-Friendly: Simplified interface and easy configuration.
High Availability: Ensures performance for critical applications.
Integration: Seamless with existing systems and applications.
Support: Reliable technical support and resources.

In industries like finance, healthcare, and retail, Palo Alto Networks NG Firewalls secure sensitive data and meet regulatory requirements. These firewalls help manage large-scale networks in these sectors, providing essential security features and maintaining high-performance standards. They are implemented to ensure compliance, protect patient information, secure financial transactions, and safeguard customer data.

Small businesses need big security, too, and the WatchGuard XTM Series firewall/VPN appliances deliver that strong protection, but without the hefty price tag. Enterprise-grade security includes full HTTPS content inspection, VoIP support, and optional security subscriptions like Application Control and Intrusion Prevention Service.

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya

SkiStar AB, Ada County, Global IT Services PSF, Southern Cross Hospitals, Verge Health, University of Portsmouth, Austrian Airlines, The Heinz Endowments

AVG, Cyren, Kaspersky Lab, Lastline, NCP engineering, Trend Micro, Websense

Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls. Updated: November 2024.

DOWNLOAD NOW

814,763 professionals have used our research since 2012.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.