We performed a comparison between Azure Firewall and Palo Alto Networks NG Firewalls based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, while Azure Firewall is certainly a solid option, Palo Alto Networks NG Firewalls is equally good. Users of both products have been happy with the ROI results. What differentiates the two products is the stark difference in pricing, which may ultimately sway an organization’s purchasing decision.
"It is a safe product."
"The features that I have found most valuable are the SD-WAN and their IP4 policy."
"Their reliability and their policy of pre-shipping replacements when a unit has failed."
"The license management is very valuable. You can get a new license each year, or you can enroll every two to four years. You can get the logs, and you will get the information on the risk in your network and the entire organization. With this information, you can take action on your actives, computers, or devices. You can bring your own device as an SSE."
"The reporting and monitoring are very good."
"The IPsec tunnels are very easily created, and quite interoperable with devices from other vendors."
"The most important features of Fortinet FortiGate are the Intrusion Prevention System (IPS) and firewall control applications."
"It works very well. It has a lot of different functionalities. Its cost is also fine for our customers."
"The most valuable feature is the integration into the overall cloud platform."
"The most valuable feature is threat intelligence. It is based on filtering and can identify multiple threats."
"I like its order management feature. It doesn't have the kind of threat intelligence that Palo Alto has, but the order management makes it much simpler to know the difference."
"The solution can autoscale."
"The feature that I have found the most valuable is the control over the network permissions and the network."
"It is easy for me to protect certain ports or even the IP addresses, as well as do whitelisting, blacklisting, and the FQDN when we want virtual machines connected and to protect certain websites."
"Azure's cost-effectiveness is its major advantage."
"The firewall policy control, URL content control, and antivirus are all the most valuable aspects. Threat prevention is as well quite good."
"The key aspect of this solution that provides the most value is its next-gen capabilities, which represented a significant change for us."
"The most valuable feature is advanced URL filtering. Its prevention capabilities and DNS security are also valuable. It pinpoints any suspicious activities and also prevents the users from doing certain things."
"There are plenty of features available in this solution, such as attack blocker and spam blocker. Additionally, it is very robust and in-depth."
"I love the Policy Optimizer feature. I am also completely happy with its stability."
"The fact that the Next-Gen firewalls are integrated with identity is the best. It gives us the ability to track what an individual is doing and helps us provide access to only what they need in order to do their job."
"The most significant benefit is threat protection. Anti-malware uses signatures, so dynamic analyzers like WildFire are the best way to protect the company. It is a firewall based on application control, user ID, and security policy. We can use it based on user and application ID without a stateless firewall or TCPIP ports."
"This is arguably the best security protection that you can buy."
"We utilize advanced threat prevention features like web filtering and SSL decryption, which haven't caused any issues."
"We would like to have the ability to disable some of the security functionalities."
"Fortinet could improve the windows opener or the virtual IP solutions for opening windows. The virtual IP settings need improvement as firewalls are trending in new development directions."
"The solution needs to improve its integration with cybersecurity."
"Its filtering is sometimes too precise or strict. We sometimes have to bypass and authorize some of the sites, but they get blocked. We know that they are trusted sites, but they are blocked, and we don't know why."
"One area for improvement is the performance on the bandwidth demands for smaller devices, as well as better web filtering."
"There are some problems that support cannot give you a logical reason as to why it happened. For example, I had a case where I was dealing with a WhatsApp application that was giving issues. Technical support gave more than one reason it could be giving issues, but none of them solved the problem. Eventually I solved the problem, but it was far from the solutions that support had given."
"It would be ideal if they had some sort of GUI interface for troubleshooting and diagnostics."
"The product does need better support in the cloud environment. It's not exactly cloud-native right now."
"For large organizations, a third-party firewall would be an added advantage, because it would have more advanced features, things that are not in Azure Firewall."
"It would be nice to be able to create groupings for servers and offer groups of IP addresses."
"Azure Firewall has limited visibility for IDPS, no TLS inspection, no app ID, no user ID, no content ID, no device ID. There is no antivirus or anti-spyware. Azure Firewall doesn't scan traffic for malware unless it triggers an IDPS signature. There is no sandbox or machine learning functionality, meaning we are not protected from Zero-day threats. There is no DNS security and limited web categories."
"The development area and QA area could be improved. With those improvements, we can improve projects and take even less time to implement them."
"The product could be made more customizable."
"It has fewer features than you can get from other firewalls, like anti-spam and anti-phishing. Those kinds of things are not included. It only includes IDS and IDB."
"The threat intelligence part could be better. I don't see why our customers have to get an additional solution with Azure Firewall. It would be great if they made it on par with Palo Alto."
"The solution lacks artificial intelligence and machine learning. It might be in the roadmap. However, currently, it's not available."
"We are not happy with Palo Alto at all. It would be better if they provided more support for the firewall. We have a few pending issues with the configuration for each application. We cannot deploy them yet due to some support-related problems in the firewall. We have deployed a few policies for DNS spoofing and DNS attacks, but we could only block a few IP addresses through the policy. That's DNS security, and we have configured a few policies for DNS spoofing and more. URL categorization and URL filtering are not yet adequately maintained. For example, if you created a few rules in the rule-based configuration and made some rules downstairs, you will lose some of them if you give access upstairs. It's not giving us a proper solution for which route it is using. We need to apply the application-based policies and URL filtering-based policies. It creates more issues because we are not getting good support from the team."
"For an upcoming release, they could improve on the way to build security rules per user."
"The solution is very expensive. There are cheaper options on the market."
"It would be better to have more tools to control Palo Alto Networks NG Firewalls. We don't have too many tools to access Palo Alto. For example, the IT team doesn't have access to it. We can see it physically and see if it's running or not. We need to contact a special team to receive that information. I would also like to see more reporting in the next release."
"I would like to see better integration with IoT technologies."
"It's not so easy to scale out your security capabilities."
"I'm thinking about a new feature. They have decryption. It's a good idea to use decryption on Palo Alto. It would be good if they had offloading of the traffic, and if they could decrypt the traffic and offload it. Like, for example, ASM on our site. We have an SSL decryption to offload the traffic. We could use that on Palo Alto."
"I think visibility can be improved."
More Palo Alto Networks NG Firewalls Pricing and Cost Advice →
Azure Firewall is ranked 21st in Firewalls with 33 reviews while Palo Alto Networks NG Firewalls is ranked 6th in Firewalls with 163 reviews. Azure Firewall is rated 7.2, while Palo Alto Networks NG Firewalls is rated 8.6. The top reviewer of Azure Firewall writes "Easy to use and configure but could be more robust". On the other hand, the top reviewer of Palo Alto Networks NG Firewalls writes "We get reports back from WildFire on a minute-by-minute basis". Azure Firewall is most compared with Fortinet FortiGate-VM, Microsoft Defender for Cloud, Palo Alto Networks VM-Series, Check Point NGFW and Cisco Secure Firewall, whereas Palo Alto Networks NG Firewalls is most compared with Check Point NGFW, Meraki MX, Sophos XG, Netgate pfSense and Cisco Secure Firewall. See our Azure Firewall vs. Palo Alto Networks NG Firewalls report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.