Palo Alto Networks NG Firewalls vs WatchGuard XTM [EOL] comparison

Palo Alto Networks and WatchGuard are both solutions in the Firewalls category. Additionally, 96% of Palo Alto Networks users are willing to recommend the solution, compared to 90% of WatchGuard users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jul 13, 2025

WatchGuard XTM [EOL] and Palo Alto Networks NG Firewalls are top contenders in network security. While WatchGuard XTM [EOL] is appreciated for its affordability and support, Palo Alto Networks NG Firewalls stand out with advanced features, making them a more appealing choice.

Features: WatchGuard XTM [EOL] is popular for its easy management, robust VPN capabilities, and URL filtering. It provides comprehensive security with its user-friendly interface. Meanwhile, Palo Alto Networks NG Firewalls provide application-based policy control, integrated threat intelligence, and superior threat prevention, offering a stronger security posture.

Room for Improvement: WatchGuard XTM [EOL] could enhance its reporting features and threat intelligence integration. Its lack of advanced threat prevention may concern those seeking higher security. Improvements in application control capabilities and reduced hardware limitations are also noted. Palo Alto Networks NG Firewalls can work on reducing their complexity and setup time. The interface could be more intuitive for newcomers. Enhancing cost-effectiveness for smaller organizations and improving the clarity of documentation could also be beneficial.

Ease of Deployment and Customer Service: WatchGuard XTM [EOL] is praised for its straightforward setup and reliable support, making it suitable for organizations with limited IT resources. On the other hand, although Palo Alto Networks NG Firewalls require more deployment effort, they are backed by thorough documentation and excellent customer support, leading to better long-term management.

Pricing and ROI: Priced competitively, WatchGuard XTM [EOL] appeals to budget-conscious environments, offering good ROI with low initial costs. Palo Alto Networks NG Firewalls, though more expensive initially, deliver higher ROI through enhanced security features and fewer security breaches. Their automation capabilities help lower operational costs over time, balancing the upfront cost with long-term savings.

To learn more, read our detailed Firewalls Report (Updated: July 2025).

Buyer's Guide

Firewalls

July 2025

Download the complete report

Helped 861,524 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortinet FortiGate

Featured Reviews

Vasu Gala

Manager, Information Technology Operation/Presales at TechMonarch

A stable solution with an intuitive interface and quick customer service

I have been working with Fortinet FortiGate, WatchGuard, Sophos, and SonicWall. I'm not as comfortable with SonicWall because of their UI and limitations. I prefer Fortinet above all other options. When it comes to configuration, I am confident in my ability to handle various tasks, including creating policies such as firewall rules, web policies, and application policies. Additionally, I can configure VPNs and implement load balancing, among other tasks. Overall, I feel much more comfortable working with Fortinet. Fortinet has made significant improvements by integrating AI with firewalls for threat analysis and prevention. In the past 2-3 years, they have launched FortiSASE and SIEM, and they also provide SOC services. Both Palo Alto and Fortinet FortiGate are excellent. While Fortinet FortiGate comes at higher prices, the functionality and support justify the cost. They promptly resolve firmware issues and inform all support providers about configuration changes.

Read full review

AmjadKhan1

Head of data centers at a non-profit with 10,001+ employees

Provides inline protection with a unified view and anti-spyware capabilities

I would rate Palo Alto Networks NG Firewalls ten out of ten because it is the best. Our disaster recovery site utilizes Palo Alto Networks Next-Generation Firewalls. We are also in the process of upgrading the firewalls at our 365 sites in Pakistan to Palo Alto Networks firewalls. While budget firewalls may advertise comparable features, they often fall short of effectively detecting viruses, threats, and ransomware. In contrast, Palo Alto Networks NG Firewalls, combined with Cortex XDR, provide comprehensive threat intelligence and detection capabilities, ensuring superior security coverage. I recommend conducting a proof of concept before selecting a firewall. This will allow you to evaluate different options and determine which best suits your needs. While Palo Alto offers robust firewall solutions, it's essential to compare them with other vendors to ensure you make an informed decision.

Read full review

Generalm4545

General Manager- IT & Automation - Serum at a pharma/biotech company with 1,001-5,000 employees

Protects from attack software and hacking but it doesn't provide the reports in a readable format

In my opinion, image clarity is very important, because I don't get the proper image product on reports. This means that functionality is not there. My engineer does not know how he can replace an order. We attach a log after any kind of keys using a utility instead. For the internet policies that we are implementing, the policy should be based on proper protocols. We use the default policies and there are a number of third-party protocols that appear here. Management with WatchGuard XTM means that out of policy is the problem from our side. In this way, we can not do effective services for people with this one. The policy definition with WatchGuard XTM is not proper for all use case requirements. I've got weekly business reports that I am expecting attachments with from WatchGuard XTM that display data for all kinds of consideration which should be required. Main User Functionality Level Order must adhere to using the admin functionality on the registry, or else our users publish their own name. Maybe these recommendations are irrelevant, but I say that the issue to improve most with WatchGuard XTM is the Main User Function.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"It's a firewall that secures our internal network. I have been using it since 2013, and I find that most of the features are advanced, and very user friendly."

"SSL-VPN is very useful for us and has been very reliable."

"The most valuable features of the solution are SD-WAN, filtering testing applications, web filtering, and the new VPN."

"The feature I like most is the SD-WAN. It allows you to manage more than one ISP at the same time. And there is a high-availability mode, so if one of your ISPs is down, you still have a backup."

"Fortinet FortiGate is easy to use. Anyone can easily maintain it."

"FortiGate is on the cheaper end, and it offers good value."

"I've never had a problem with Fortinet FortiGate support, so I'd rate it ten out of ten."

"The payment function for applications is good."

More Fortinet FortiGate pros

"Palo Alto NG Firewalls offer an efficient interface that simplifies log checking, troubleshooting connection issues, and firewall policy configuration."

"I find Palo Alto Networks NG Firewalls to be a stable product and very easy to manage from layer 4 to layer 7. They are also seamless for environments with high availability."

"The tool's most valuable features are its security features, which are highly valued based on market standards and Gartner reports. We conducted a POC before procuring it, and from that perspective, it is very good. The machine learning feature helps prevent more threats, but no device or firewall can be 100 percent secure because threats evolve daily."

"The most valuable features are Wildfire, URL filtering, and IPS."

"For colleagues seeking a cost-effective firewall, I recommend Palo Alto Networks NG Firewalls."

"Ability to log each and every application."

"Palo Alto Networks NG Firewalls are very stable."

"The scalability is very good."

More Palo Alto Networks NG Firewalls pros

"It is stable and does not require you to reboot all the time."

"We have used technical support for WatchGuard many times and overall, we are satisfied with it. They are always listening and there is a good reaction time to our findings. When there are issues, they really try to resolve them."

"Monitoring of network activity is included in the box."

"WatchGuard XTM is fairly basic. We use it as the perimeter firewall. The main point is to protect from attack software and hacking."

"Application Control is fantastic with over 2,500 applications and the granularity that we can either allow people to view but not be able to log on to Facebook; or view it and log onto it if they're in the marketing department, but not play Facebook games. There are all sorts of different options like that. So it's highly granular."

"I like the hostwatch because I can see what traffic uses the most bandwidth and I can block that site."

"SNMP status monitoring and the Central Management Software."

"It configures in all-in-one place."

More WatchGuard XTM [EOL] pros

Cons

"I don't really have anything negative to say as far as Fortinet firewalls are concerned. If anything, they can support a user a little bit better. They can stop being so time-sensitive about how much time the support call has taken, and they can help you do it yourself."

"We have an issue with hotel guest vouchers."

"The biggest "gotcha" is that if the client purchases what they call the UTM shared bundle, which has unified threat management on both, it's not as easy to manage if you have more than one firewall."

"Sometimes you do need to know some CLI commands, so it's a bit harder for technicians or new people that don't know it."

"FortiGate can only retain logs for 24 hours or 7 days. I'm not sure if it holds them for a longer period, such as for a month. It will be useful for assessing our strategy and monitoring our environment without investing in FortiGate Analyzer. It would be beneficial if Fortinet could enhance the FortiGate by providing more statistical and monitoring views for a longer timeframe, rather than requiring access to FortiGate Analyzer."

"I would like to see more advanced developments of a wireless controller in the future."

"The solution could have licensing fees reduced in the future."

"I believe there is room for improvement in machine learning and AI in Fortinet FortiGate. I would like to see more automation regarding AI and machine learning in Fortinet FortiGate."

More Fortinet FortiGate cons

"When the primary Palo Alto Networks firewall fails over to the secondary, it requires manual intervention to bounce the IPsec for it to work properly. Unlike BGP peering, which automatically changes from idle to established, this process needs automation."

"Most other VPN clients include mobile VPNs but Palo Alto does not."

"It's not so easy to scale out your security capabilities."

"Palo Alto Networks NG Firewalls offer best-in-breed security but could improve by reducing their pricing."

"I would like the option to be able to block the traffic from a specific country in a few clicks."

"The level of control and granularity in terms of rule customization could be enhanced. However, compared to our previous solution, Palo Alto provides much better drill-down capabilities."

"I would like to see more integration."

"Generating reports is not so easy."

More Palo Alto Networks NG Firewalls cons

"The VPN errors are not helpful when troubleshooting."

"Syslog (Dimension) is focused on presentation, but needs more focus on utility like SonicWall syslog (GMS/Analyzer)."

"WatchGuard doesn't have a product that allows them to get into the data center. And that's just because there is no hardware to do the job. The software could do it, but there's no hardware that allows that to happen at the moment. So it doesn't scale as well as some other products, that's for sure."

"Sometimes we have had issues with stability of the product."

"One huge issue with WatchGuard XTM is that I'm not getting reports in a readable format. Readable means, I don't want Excel online. We repeat auditing when we trigger the report or setup calendar. That functionality is what we are looking for from WatchGuard XTM here."

"The initial setup is neither simple nor complex. If you know the base in networking and how the firewall works, you will be able to figure it out."

"The setting policies need improvement. It needs an easier way to do static NAT and check on what policy is being used for that specific traffic."

"I would like them to improve the product's overall protections. This would be good for all product users."

Pricing and Cost Advice

"The license for Fortinet FortiGate is affordable in my country."

"It is a good product from a price perspective versus functionality."

"Pricing is good. They offer a lot of things, the most important is the support. Every time you upgrade your license, you also get insurance for the equipment. If you have any problem with equipment, they send in new equipment."

"If the customer is looking for SD-WAN, it comes free with FortiGate."

"The price is high compared to some of the other solutions."

"Its pricing is good. It's average or normal as compared to Palo Alto and Check Point firewalls."

"Fortinet FortiGate is expensive."

"The price is highly competitive when compared to other brands that offer similar functionality."

More Fortinet FortiGate pricing and cost advice

"The price could be better. Pricing is very different compared to WatchGuard, which costs around 60 lakhs, and FortiGate, which costs approximately 40 lakhs. Palo Alto Networks costs about a crore which is very high pricing. We bought this firewall, and our organization did not want to pay so much. We spent around one crore rupees which is not within our budget at all, and we are unhappy with them."

"The solution’s cost is a little high compared to other products."

"Palo Alto Networks offers more cost efficiency compared to Cisco, with better operational and maintenance ease."

"It will be worth your time to hire a contractor to set it up and configure it for you, especially if you are not very knowledgeable with PA firewalls."

"I don't know about the price of the platform or the license fees, as the finance department deals with that. I only bill for the materials involved in the design."

"It's too expensive."

"This solution is quite expensive because along with the license there is premium partner support that has to be purchased as a default addition. There is also a specific Threat Prevention License that has to be requested and purchased separately. However, licenses can be purchased for specific periods as opposed to just an annual offering."

"Although Palo Alto is expensive, its superior security functions, application identification, and overall performance justify the cost and make it stand out from the competition."

More Palo Alto Networks NG Firewalls pricing and cost advice

"Like all other manufacturers, there are a lot of features and different pricing. The best is to talk to a representative."

"It costs less than the SO works and others (like SonicWall, Cisco, and Barracuda) without increasing so much CPU use."

"The licensing and renewal is very expensive."

"Get at least a maintenance contract for the updates and take a larger WatchGuard than you need. A WatchGuard creates new ways to secure your network."

See which vendors are best for you

Use our free recommendation engine to learn which Firewalls solutions are best for your needs.

See recommendations

861,524 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

15%

Educational Organization

Comms Service Provider

Manufacturing Company

Computer Software Company

13%

Financial Services Firm

10%

Manufacturing Company

Government

No data available

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

When you compare these firewalls you can identify them with different features, advantages, practices and usage a...

See all answers

What is the biggest difference between Sophos XG and FortiGate?

From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...

See all answers

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?

As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...

See all answers

What is a better choice, Azure Firewall or Palo Alto Networks NG Firewalls?

Azure Firewall Vs. Palo Alto Network NG Firewalls Both solutions provide stellar stability and security. Azure Firew...

See all answers

Features comparison between Palo Alto and Fortinet firewalls

In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it...

See all answers

Which is better - Palo Alto Networks NG Firewalls or Sophos XG?

Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat si...

See all answers

Ask a question

Earn 20 points

Comparisons

Sophos XG vs Fortinet FortiGate

Compared 20% of the time

Netgate pfSense vs Fortinet FortiGate

Compared 12% of the time

Cisco Secure Firewall vs Fortinet FortiGate

Compared 11% of the time

WatchGuard Firebox vs Fortinet FortiGate

Compared 5% of the time

Fortinet FortiOS vs Fortinet FortiGate

Compared 2% of the time

More Fortinet FortiGate Competitors

Cisco Secure Firewall vs Palo Alto Networks NG Firewalls

Compared 11% of the time

Azure Firewall vs Palo Alto Networks NG Firewalls

Compared 11% of the time

Sophos XG vs Palo Alto Networks NG Firewalls

Compared 10% of the time

Meraki MX vs Palo Alto Networks NG Firewalls

Compared 9% of the time

Check Point NGFW vs Palo Alto Networks NG Firewalls

Compared 9% of the time

More Palo Alto Networks NG Firewalls Competitors

No data available

Product Reports

Buyer's Guide

Fortinet FortiGate

July 2025

Download Fortinet FortiGate product report

Buyer's Guide

Palo Alto Networks NG Firewalls

June 2025

Download Palo Alto Networks NG Firewalls product report

Buyer's Guide

WatchGuard XTM [EOL]

June 2025

Download WatchGuard XTM [EOL] product report

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall

Palo Alto NGFW, Palo Alto Networks Next-Generation Firewall

No data available

Overview

Fortinet FortiGate offers comprehensive network security and firewall protection across multiple locations. It effectively manages data traffic and secures environments with features like VPN, intrusion prevention, and UTM controls.

Organizations rely on Fortinet FortiGate for its robust integration with advanced security policies, ensuring significant protection for enterprises, cloud environments, and educational sectors. It facilitates network segmentation, application-level security, and authentication management, securing communication within and between locations such as branches and data centers. Its efficient SD-WAN and UTM features enable streamlined data management and enhanced threat protection capabilities. Users appreciate its centralized management, facilitating seamless operations across diverse environments.

What are the key features of Fortinet FortiGate?

VPN Capabilities: Ensure secure remote access for users and seamless site-to-site connections.
Intrusion Prevention System (IPS): Detect and prevent security threats and vulnerabilities.
Advanced Firewall: Offers robust firewalling with application control and web filtering.
SD-WAN: Optimizes application performance and enhances bandwidth management.
SSL VPN: Provides reliable and secure access for remote workers.

What benefits should users expect from Fortinet FortiGate?

High-performance Security: Delivers effective threat mitigation with high availability.
Centralized Management: Simplifies network operations with cloud-based management tools.
Detailed Analytics: Provides comprehensive insights into network activity and security threats.
Load Balancing: Ensures optimal resource distribution and traffic management.

Fortinet FortiGate is crucial in sectors like education, offering robust networks for secure data flow between campuses and facilitating remote learning. In enterprise environments, it allows efficient management of application traffic and security across multiple branches, while in the cloud, it seamlessly integrates with diverse platforms to enhance security infrastructure.

Fortinet

Palo Alto Networks NG Firewalls offer comprehensive security, including application control, traffic shaping, threat prevention, and load balancing, designed to secure internal networks, perimeter protection, VPN services, and cloud environments.

Palo Alto Networks NG Firewalls are a key choice for managing and protecting data centers, securing remote access, network segmentation, malware prevention, and ensuring high availability and performance for business-critical applications. Known for stability and strong security, these firewalls use application-aware identifiers and IPS/IDS subscriptions to offer advanced threat protection. The unified platform facilitates seamless integration, while GlobalProtect and centralized management via Panorama enhance ease of use. However, there are areas for improvement, including pricing strategies, training, user support, and integration with third-party applications.

What are the essential features?

Stability: Reliable performance in different environments.
Application Control: Identifies applications to manage traffic.
Advanced Threat Protection: Includes DNS security, WildFire, and machine learning.
GlobalProtect: Secure remote access for users.
Centralized Management: Managed via the Panorama platform.

What benefits or ROI should users expect?

Security: Protects against threats with robust features.
User-Friendly: Simplified interface and easy configuration.
High Availability: Ensures performance for critical applications.
Integration: Seamless with existing systems and applications.
Support: Reliable technical support and resources.

In industries like finance, healthcare, and retail, Palo Alto Networks NG Firewalls secure sensitive data and meet regulatory requirements. These firewalls help manage large-scale networks in these sectors, providing essential security features and maintaining high-performance standards. They are implemented to ensure compliance, protect patient information, secure financial transactions, and safeguard customer data.

Palo Alto Networks

Small businesses need big security, too, and the WatchGuard XTM Series firewall/VPN appliances deliver that strong protection, but without the hefty price tag. Enterprise-grade security includes full HTTPS content inspection, VoIP support, and optional security subscriptions like Application Control and Intrusion Prevention Service.

WatchGuard

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya

SkiStar AB, Ada County, Global IT Services PSF, Southern Cross Hospitals, Verge Health, University of Portsmouth, Austrian Airlines, The Heinz Endowments

AVG, Cyren, Kaspersky Lab, Lastline, NCP engineering, Trend Micro, Websense

Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls. Updated: July 2025.

DOWNLOAD NOW

861,524 professionals have used our research since 2012.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.