Try our new research platform with insights from 80,000+ expert users

Palo Alto Networks NG Firewalls vs WatchGuard XTM [EOL] comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 29, 2024
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Average Rating
8.4
Number of Reviews
316
Ranking in other categories
Firewalls (2nd), Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Palo Alto Networks NG Firew...
Average Rating
8.6
Reviews Sentiment
7.4
Number of Reviews
180
Ranking in other categories
Firewalls (7th)
WatchGuard XTM [EOL]
Average Rating
8.0
Number of Reviews
34
Ranking in other categories
No ranking in other categories
 

Featured Reviews

DineshKumar28 - PeerSpot reviewer
Sep 25, 2024
Effective threat prevention with responsive customer support
We are using Fortinet FortiGate as a firewall Fortinet FortiGate has been invaluable. It has helped save costs due to its various features, reliable performance, very good UI, low latency, and stability. The Threat Intel engine in Fortinet FortiGate is highly rated for its effectiveness in…
Simon Webster - PeerSpot reviewer
Aug 16, 2022
We get reports back from WildFire on a minute-by-minute basis
The biggest thing that needs to be improved with them is their training. I took a training class for the 8.0 build, then I took it again for the 9.0 and 10 builds. They add new features every time that they do a new major release, but the training doesn't keep up. It is the same basic training that probably was with the 3.0 build, and they just change the screenshots. I would love to see them do some more work since they have all these bells and whistles, but we don't know how to use those features on a large scale. I know this little section here about the firewall, but I know there is a huge amount that still could be done with it. I am not touching enough of it because I just don't know how. It seems like the more I learn about it, the more I learn that there is to learn
it_user233817 - PeerSpot reviewer
Apr 29, 2015
I found this device to be one of the most stable platforms that I have worked with, but paying a yearly maintenance fee for firmware updates is not worth it in my opinion.
I feel that paying a yearly maintenance fee for firmware updates is not worth it in my opinion. I would rather see the yearly fee go for updates to the add-ons and live security, but I think as time goes on firmware updates should be free since the price tag of some of these devices is difficult for some small businesses to swallow. While I hold the company in high regard the learning curve on these devices can be tough right out of the box. I've had to contact support on numerous occasions due to little quirks in the system that needed to be ironed out.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Fortinet FortiGate protects against internet-based threats, both internal and external. It is scalable, stable, easy to use, and easy to install."
"Customers are more inclined towards FortiGate because of application control, web filtering, and anti-spam features. The support from the FortiGate team is good, and price-wise, it is affordable."
"Whenever we raise a complaint with FortiGate, their response and resolution times are minimal."
"It enables our organization to become more productive. Also, it protects our NEtWare from viruses and malware."
"It is easy to use and performs very well."
"It is a one box solution, which covers most of the edge device’s requirements."
"Good anti-malware and web filtering features."
"The SD-WAN feature is the most valuable. This feature evolved from link load balancing. It has helped us in terms of our uptime and privatizing applications whenever we experience an outage. The SD-WAN feature has been a plus for us. Two-factor authentication has allowed us to add more users in terms of remote working. We have two-factor authentication for remote workers to authenticate them before they get on the network."
"Its flexibility is the most valuable."
"The application control portion of the solution is its most valuable aspect."
"The most valuable features are web filtering and application filtering."
"I like the architecture because it separates the management plan process and the data plan process."
"Some of the valuable features in this solution are traffic monitoring, GUI functionality, and it very easy to troubleshoot if there is any problem that happens."
"This solution not only provides better security than flat VLAN segments but allows easy movement through the lifecycle of the server."
"The graphical interface is easy to troubleshoot because it has a drill-down sequence. It is easy to monitor traffic."
"It's very important that Palo Alto NG Firewalls embed machine learning into the core of the firewall to provide inline, real-time attack prevention. That increases our security posture... The firewall is able to capture it and flag it and it is easy to mitigate as soon as we see something like that happening, to secure the environment more, in real time."
"There is a site-to-site VPN configuration between others people."
"I like the hostwatch because I can see what traffic uses the most bandwidth and I can block that site."
"We have used technical support for WatchGuard many times and overall, we are satisfied with it. They are always listening and there is a good reaction time to our findings. When there are issues, they really try to resolve them."
"​Monitoring of network activity is included in the box.​"
"Application Control is fantastic with over 2,500 applications and the granularity that we can either allow people to view but not be able to log on to Facebook; or view it and log onto it if they're in the marketing department, but not play Facebook games. There are all sorts of different options like that. So it's highly granular."
"After installing the product, we achieved awareness of our data protection needs and email misuse."
"WatchGuard XTM is fairly basic. We use it as the perimeter firewall. The main point is to protect from attack software and hacking."
"SNMP status monitoring and the Central Management Software."
 

Cons

"In the balance between links feature normally you can just choose one option to balance. It would be better for the solution to have more than one option, preferably three."
"We would like to see a better training platform implemented."
"There are some license issues. Not every feature must have a separate license. There must be some of kind synergy between the license so we don't have to pay for every individual license that we would like to have."
"The cloud features can be improved."
"The solution's framework needs to be frequently updated in order to have a stable solution."
"The UI could be improved."
"I would like to see improvements in the product's application rules."
"Reporting is limited to providing an external appliance for improving the reporting capabilities of the FortiAnalyzer. It does not offer a central management and is also sold separably as an appliance."
"We're working with the entry-level appliances, so I don't know what the higher-end ones are like, however, on the entry-level models I would say commit speeds need to be improved."
"It would be better to have more tools to control Palo Alto Networks NG Firewalls. We don't have too many tools to access Palo Alto. For example, the IT team doesn't have access to it. We can see it physically and see if it's running or not. We need to contact a special team to receive that information. I would also like to see more reporting in the next release."
"Everything has been great. More machine learning would be something great to see, but I don't know if it's a priority for Palo Alto."
"The solution's VPN, called GlobalProtect, could be improved as I've had a few issues with that."
"The machine learning in Palo Alto NG Firewalls for securing networks against threats that are able to evolve and morph rapidly is good, in general. But there have been some cases where we get false positives and Palo Alto has denied traffic when there have been new updates and signature releases. Valid traffic gets blocked. We have had some bad experiences with this. If there were an ability, before it denies traffic, to get some kind of notification that some traffic is going to be blocked, that would be good."
"Its software updates can be improved. It sometimes becomes very slow with the software updates for different features. It should have an External Dynamic List of data. The malicious IP is not frequently getting updated in Palo Alto, and this should be done."
"If you enable SSL you will face a problem. The throughput of the firewall will be degraded. SSL is a big issue on all firewalls. All products suffer from issues with SSL, but Palo Alto firewalls suffer more from it."
"The first level of support will usually do nothing for you. If you're an IT company, you're not looking for level one support. You need to escalate. Other vendors have a direct support line for enterprise clients, but not Palo Alto."
"The VPN errors are not helpful when troubleshooting."
"One huge issue with WatchGuard XTM is that I'm not getting reports in a readable format. Readable means, I don't want Excel online. We repeat auditing when we trigger the report or setup calendar. That functionality is what we are looking for from WatchGuard XTM here."
"Syslog (Dimension) is focused on presentation, but needs more focus on utility like SonicWall syslog (GMS/Analyzer)."
"WatchGuard doesn't have a product that allows them to get into the data center. And that's just because there is no hardware to do the job. The software could do it, but there's no hardware that allows that to happen at the moment. So it doesn't scale as well as some other products, that's for sure."
"The initial setup is neither simple nor complex. If you know the base in networking and how the firewall works, you will be able to figure it out.​"
"Sometimes we have had issues with stability of the product."
"The setting policies need improvement. It needs an easier way to do static NAT and check on what policy is being used for that specific traffic."
"I would like them to improve the product's overall protections. This would be good for all product users."
 

Pricing and Cost Advice

"The price of FortiGate is average and I would say that based on the top five products available on the market, it is in the affordable range."
"We have the full license that included all of the features and support."
"It was worth the money overall. It's good value."
"Fortinet FortiGate is expensive."
"Before choosing a piece of equipment you have to take into account the cost-benefit offered by each one. Sometimes it is not worth paying a very cheap price to have a minimum level of security."
"We just pay a flat monthly fee to the vendor for the support."
"The price depends on the size of the company. From the beginning, you just want to know the internet bandwidths, speed, and the number of users to be able to offer the right product and model. They have a lot of products in FortiGate according to the size of the company, like 200D and 300D."
"Setup cost may be not so low, as you expect, because it depends on different factors, but TCO for 5 years may pleasantly surprise you."
"This solution is quite expensive."
"On the lower end, it's likely to cost $15,000 for renovation and support."
"It is a little bit expensive than other firewalls, but it is worth every penny. There are different licenses for the kinds of services you want to use. When we buy a new product, we go for a three-year subscription."
"It's very expensive. However, we usually use all of the subscriptions and threat alerts on any firewall that uses the internet. For each edge security endpoint, we use all subscriptions. Otherwise, we just utilize the threat alert, the antivirus, WildFire, etc."
"Active/Passive mode is very redundant, but they require you to buy all the associated licensing for both firewalls, which is kind of a waste of money because you are really only using the services on one firewall at a time."
"If the cost is your main priority, Palo Alto would be a bit high. However, if you are ready to hear about return of investment, then I would convince you to go for Palo Alto."
"Its price is higher than other vendors. They need to re-think its pricing. With Fortinet, the SD-WAN feature is totally free, whereas, with Palo Alto, I need to pay for this feature. With Fortinet, there is one licensing, and I can get many things, whereas, with Palo Alto, I need to go for individual licensing."
"Compared to other products, the pricing is flexible and reasonable."
"It costs less than the SO works and others (like SonicWall, Cisco, and Barracuda) without increasing so much CPU use."
"Get at least a maintenance contract for the updates and take a larger WatchGuard than you need. A WatchGuard creates new ways to secure your network."
"The licensing and renewal is very expensive."
"Like all other manufacturers, there are a lot of features and different pricing. The best is to talk to a representative.​"
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
814,763 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
22%
Computer Software Company
15%
Manufacturing Company
6%
Comms Service Provider
6%
Computer Software Company
16%
Financial Services Firm
9%
Manufacturing Company
8%
Government
7%
No data available
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
What is a better choice, Azure Firewall or Palo Alto Networks NG Firewalls?
Azure Firewall Vs. Palo Alto Network NG Firewalls Both solutions provide stellar stability and security. Azure Firew...
Features comparison between Palo Alto and Fortinet firewalls
In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it...
Which is better - Palo Alto Networks NG Firewalls or Sophos XG?
Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat si...
Ask a question
Earn 20 points
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
Palo Alto NGFW, Palo Alto Networks Next-Generation Firewall
No data available
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
SkiStar AB, Ada County, Global IT Services PSF, Southern Cross Hospitals, Verge Health, University of Portsmouth, Austrian Airlines, The Heinz Endowments
AVG, Cyren, Kaspersky Lab, Lastline, NCP engineering, Trend Micro, Websense
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls. Updated: November 2024.
814,763 professionals have used our research since 2012.