We performed a comparison between Netgate pfSense and Palo Alto Networks PA-Series based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The virtual firewall feature is the most valuable. We have around 1,500 firewalls. We did not buy individual hardware, and the virtual firewalls made sense because we don't have to keep on buying the hardware. FortiGate is easier to use as compared to Checkpoint devices. It is user friendly and has a good UI. You don't need much expertise to work on this firewall. You don't need to worry much about DCLA, commands, and things like that."
"The response is very quick and they can visually resolve our problems in a short period."
"Web filtering and two-factor authentication are great features."
"This is a quality product with ok support, and it is better than the competition we've tried."
"The web filtering feature and the intrusion protection system are the most valuable. It is a resilient appliance. I never had an issue with it in terms of any security breaches."
"The features that I have found most valuable are the SD-WAN and their IP4 policy."
"The threat prevention is the solution's most valuable aspect."
"The signature database and zero-day detection are Fortinet FortiGate's most valuable features."
"My technicians find the pfSense's web interface very useful. It is very easy to use. pfSense is very reliable and stable. We like the OpenVPN clients that can be deployed using pfSense very much."
"Centralized administration with multiple services, which allows for execution in several important functionalities of information security."
"The solution is fairly scalable when it comes to integrating with other applications and data sets."
"The plugins or add-ons are most valuable. Sometimes, they are free of charge, and sometimes, you have to pay for them, but you can purchase or download very valuable plugins or add-ons to perform internal testing of your network and simulate a denial-of-service attack or whichever attack you want to simulate. You can also remote and monitor your network and see where the gap is. Did you forget a printer port? Most attacks at the moment are happening through printers, and they can tell you immediately that you forgot to close the port of the printer. There are more than one million printers that are in danger, and everybody knows that hackers are using them to enter the network. So, you can download plugins to protect your network."
"The firewall sensor is highly effective, and it's easy to deploy. You can deploy pfSense with limited hardware resources. It's not necessary to have an appliance with much RAM to make it work. It's cost-effective and performs well."
"Easy to deploy and easy to use."
"Super easy to manage. Anyone who has been working with firewalls can handle it."
"The scalability is very good, where you can do an HA configuration and then bring in another box, if necessary."
"A valuable feature that we can consider is the deployment time, which is significantly reduced. It is almost 90% faster compared to other solutions."
"The product's initial setup process was simple."
"The documentation is great."
"The solution is easy to manage."
"A valuable feature that we can consider is the deployment time, which is significantly reduced, almost 90% faster compared to other solutions. This leads to quicker deployment and less downtime."
"It is scalable. But that depends on what model you are using."
"The solution is robust."
"The reporting feature and application ID functionality within Palo Alto Networks PA-Series are incredibly valuable to us."
"They are doing good, but they can improve the distributor assignment. The availability of the product and the timeline of delivery are the main things. The distribution should be swift, and the distributor should not reach out to end customers directly. They should work as a distributor. There should also be one more local distributor. Currently, there is only one distributor in Pakistan, and the rest of them are in UAE. It is difficult to work with only one distributor. Sometimes, you don't get along with the same distributor, and that's why they should have one more distributor. Their licensing should also be improved. The activation or renewal of the product should be done from the date of renewal, not from the date on which the license expired."
"I would like reporting to be improved and should offer a lot more tools to monitor the products."
"The support from Fortinet FortiGate could improve. They are not easily accessible when we need them. They could improve their response time."
"The scalability could be better."
"For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial."
"I'm not sure if it's something that they already have or are developing something, however, we need some dedicated features for container security."
"The renewal price and the availability could be improved."
"I think the only issue that needs improvement is the interface."
"Other solutions provide more scope for growth. For instance, we can have only 10 to 20 employees on VPN, but other solutions can support more users. We also have more capabilities to increase the performance of the solution."
"In an upcoming release, the reporting could be more user-friendly. For example, the reporting in graphs and charts for the host can be cumbersome."
"The configuration of the solution is a bit difficult."
"The main problem with pfSense is that it lacks adequate ransomware protection."
"The GUI. There are TONS of plugins for pfSense, as such, if a user wants to add quite a bit of functionality, the GUI will feel a little congested."
"I'd like to find something in pfSense that is more specific to URL filtering. We have customers who would like to filter their web traffic. They would like to be able to say to their employees, "You can surf the web, but you cannot get access to Facebook or other social media," or "You can surf the web, but you're not allowed to gamble or watch porn on the web." My technicians say that doing this kind of stuff with pfSense nowadays is not easy. They can implement some filters using IP addresses but not by using the names of the domains and categories. So, we are not able to exclude some categories from the allowed traffic, such as porn, gambling, etc. To do that, we have to use another product and another web filter that uses DNS. I know that there are some third-party products that could work with pfSense, but I'd like the native pfSense solution to do that."
"Also, the GUI is helpful, but it's not user-friendly. It's complicated. It should be more intuitive for the average user and have an excellent graphical view. Of course, the user will typically know about network administration, but it still should be easy to understand."
"There are some bias issues and some intrusions in our network that have to be addressed. So, we're thinking of changing this firewall to something like a professional hardware-enabled firewall."
"The product must provide multiple threat detection features."
"I encountered a slight issue with the application portal, which was not functioning correctly."
"The solution’s pricing could be improved because it is an expensive solution."
"The pricing of the solution needs improvement."
"Pricing flexibility could be an aspect worth considering, as it has been a concern for some of our clients."
"The interface is complex."
"As we migrate fully into the cloud, additional features like capacity upgrading and improvements to hardware resources will be necessary, especially since our equipment consists of older-generation switches and routers."
"Currently, they are not protected with any data security when they work from home or outside the network. They surf the Internet directly and should implement a proxy or firewall to monitor the data between the endpoint and the internet."
Netgate pfSense is ranked 1st in Firewalls with 128 reviews while Palo Alto Networks PA-Series is ranked 17th in Firewalls with 28 reviews. Netgate pfSense is rated 8.6, while Palo Alto Networks PA-Series is rated 8.6. The top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". On the other hand, the top reviewer of Palo Alto Networks PA-Series writes "Offers trained customer support, stability and ease of use ". Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Sophos UTM and Cisco Secure Firewall, whereas Palo Alto Networks PA-Series is most compared with OPNsense, SonicWall NSa, Sophos XG, Juniper SRX Series Firewall and WatchGuard Firebox. See our Netgate pfSense vs. Palo Alto Networks PA-Series report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.