We performed a comparison between Palo Alto Networks NG Firewalls and SonicWall NSa based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is easy to manage, and it doesn't need much knowledge from the team. It is a stable device, and there are many features that are included out of the box."
"Secure, user-friendly, stable, and scalable network security solution. Installation is straightforward."
"The solution is highly scalable because they have devices that can handle a large amount of traffic."
"The feature I like most is the SD-WAN. It allows you to manage more than one ISP at the same time. And there is a high-availability mode, so if one of your ISPs is down, you still have a backup."
"FortiGate firewalls are easy to manage through a user-friendly web interface. They also have advanced features like DDoS and DLP. However, I wouldn't recommend enabling all of these features on one device because it can cause performance issues."
"The web filtering facility and application control are the most valuable features from the point of view of our clients. The VPN feature is also quite popular amongst our clients. Two-factor authentication is one of the good features in Fortinet. These features are important for the current scenario of security. Security has become a necessity nowadays. With cyber-attacks becoming more common, protecting an organization's data is one of the major tasks. It is also very stable and scalable, and it is very straightforward to configure. Their technical support is also good."
"The customization potential is quite impressive."
"The performance is good."
"I like the sandbox feature, and it's very good. It kills each malware deployment in the sense of signatures within five minutes. So, we can secure our network and infrastructure very well within the stipulated time. The WildFire functionality is very good because a few files are also getting blocked. It's critical as malware attacks are also getting ignored, and the logging is very well maintained in this firewall. The most valuable solutions in this field are application-based firewalls. That is the main criteria of the firewall and functionality. We can get all the logs related to this and each and every packet. I like that the firewall is working as an application. The application-based entity we have deployed is well maintained and working very well. We were able to find lots of vulnerabilities when we deployed it, but we could not disclose all. But there were vulnerabilities we could block by updating the firewall and taking actions on clientside machines. So, we got to know that we have lots of vulnerabilities inside the organization too, and we took lots of steps and resolved the number of vulnerabilities. Palo Alto Networks NG Firewalls is an all-in-one solution. It provides every entity log, which is a very good functionality of this firewall. It gives every packet and aspect that the firewall is performing through its logs, and it does it very well. This firewall's unified platform helped eliminate multiple network security tools. If anyone uses P2P sites, cryptocurrency websites, or any illegal sites, we can block it easily. It gives us a proper alert for these kinds of sites, and it properly secures our network. Monitoring is the best thing we are doing here, and we can block this kind of vulnerability as soon as it comes to us."
"I like to install Palo Alto mainly on the data center side to have visibility into all VLANs. That gives full visibility into the core."
"There are many valuable features, such as wireless cloud features."
"The application awareness feature that recognizes application IDs and vulnerability protection are Palo Alto Networks NG Firewalls' most valuable features."
"GlobalProtect and App-ID features are very good."
"The WildFire reporting and Cortex XDR platform have huge infrastructures in the cloud that secures the network against threats. So, we have the potential on the system, specifically for users, where we take care of this since the user is the most dangerous. We get reports back from WildFire on a minute-by-minute basis, rather than a daily or weekly update like I used to with different AV vendors. These features can detect viruses and malware more quickly, which is super important."
"This solution not only provides better security than flat VLAN segments but allows easy movement through the lifecycle of the server."
"The most valuable feature is advanced URL filtering. Its prevention capabilities and DNS security are also valuable. It pinpoints any suspicious activities and also prevents the users from doing certain things."
"SD-WAN is a good feature."
"Deep packet inspection and intelligent application control are the most valuable features. It is a very updated solution. It is very current as compared to other brands and vendors."
"Overall SonicWall NSa is a good solution for our use case."
"SonicWall's sales support is much better than other vendors'."
"The solution can scale."
"They offer good antivirus solutions."
"Content filtering reduces the load on the available bandwidth and restricts employees from using distracting websites on the job, which leads to more productive hours."
"It is a brilliant product. It is a Unified Threat Management (UTM) system. It has got about 11 security services that take care of your perimeter security. It takes care of any kind of cyber threats that could come in. It takes care of creating VPNs between two SonicWalls instantly and very easily. It has got spyware in it as well as a firewall. It has also got a gateway antivirus and an application firewall that can block things from outside."
"Cisco Meraki products are rising very quickly in the cloud and the connected era. Meraki products offer much better ROI, upgradability, and manageability."
"They have to just improve its performance when we enable all UTM features. When you enable all the features, the performance of FortiGate, as well as of Sophos and SonicWall, goes down."
"The graphical user interface of Fortinet's FortiGate product does not function well with text-based interfaces."
"Some features of Fortinet FortiGate are actually fee enabled that are inconvenient for deploying in production. Other issues relate to isolation with Cisco products and your server."
"Its reporting capabilities can be improved. It should have some out-of-the-box reporting capabilities and some degree of customization. The basic reporting that it currently has is not sufficient to create more usable reports. It needs some sort of out-of-the-box reporting. They try to make customers purchase FortiAnalyzer for this kind of reporting, which is an additional cost. Other firewall vendors, such as SonicWall and Sophos, provide this sort of reporting without any additional cost."
"Fortinet FortiGate could improve by having more capabilities for troubleshooting VPN connections. For example, I do get some feedback about the current status, but I could use some history and logging of important events. The information is logged in our Syslog server, but I could use that information from the device. If they could provide a GUI to have some more insight on what's going with my VPN would be useful."
"Bandwidth usage in reporting could be improved for Fortinet FortiGate."
"The command line is complicated, and the interface could be better."
"The machine learning in Palo Alto NG Firewalls for securing networks against threats that are able to evolve and morph rapidly is good, in general. But there have been some cases where we get false positives and Palo Alto has denied traffic when there have been new updates and signature releases. Valid traffic gets blocked. We have had some bad experiences with this. If there were an ability, before it denies traffic, to get some kind of notification that some traffic is going to be blocked, that would be good."
"Palo Alto keeps coming out with antivirus and malware updates. When we have to integrate those updates we face some problems with the cloud platform, not the on-prem setup. The device works fine, but sometimes the sync doesn't happen on time."
"The built-in machine learning features provide some automation, but I think there should be an option for manual review because nothing replaces the human eye."
"I would like integration with Evident.io and RedLock."
"Generating reports is not so easy."
"As part of our internet filtering, we integrate heavily with Active Directory, and we use security groups to separate staff into two groups: those who should have full access to the internet and those who should have limited access. It may be just the way the topology is for our domain controllers and that infrastructure, but at peak usage, there seems to be a delay in reading back against the security group to find out what group the user is in."
"Palo Alto can do a little bit better when it comes to the User-ID part. I've been facing problems related to double authentication. You have a computer user, but you also have a VPN user, and when you do a single sign-on to another page, these logs can sometimes generate a problem notification. It doesn't happen a lot, but in some networks, it could be a problem. It would be very helpful to have the ability to restrict the connections that you can have in your VPN. For example, if you have the credentials, you can connect with the same user account from different computers or devices. If you have the domain information, you can connect from different devices. That's a problem that they need to address and resolve. They should ensure that at any moment, only one person is connected through a specific user account."
"I wish that the Palos had better system logging for the hardware itself."
"I would like to have a built-in vulnerability scanner in the firewall. It would be great to have such functionality. Its price could also be better. It would also be good to have a local warehouse. It doesn't get damaged a lot, but if a customer needs a replacement, currently, it has to come from Miami or Mexico, which can take a few days. It would be better if they have a local warehouse from where we can just pick replacements and quickly solve a client's needs in terms of replacing equipment. It would be great to have it locally instead of waiting for it from Mexico or the USA."
"The user interface could be better."
"Overall, Im satisfied with SonicWall NSa, but it would be better if they could add a small terminal to each device. This would help me deal with certain issues by running a small bot onto any PC."
"They are not ready for managed security services. Their Cloud GMS product is weak, barely out of beta (buggy)."
"The cost could be lower. There could also be more flexibility for smaller companies."
"The reporting feature could be better because most of the companies want to have the analytics included, which is something that you have to buy separately."
"You can do zero-trust networking with them, but it's not easy."
"The dynamics needs to be improved. The solution is not very compatible compared to the market products."
More Palo Alto Networks NG Firewalls Pricing and Cost Advice →
Palo Alto Networks NG Firewalls is ranked 6th in Firewalls with 162 reviews while SonicWall NSa is ranked 19th in Firewalls with 80 reviews. Palo Alto Networks NG Firewalls is rated 8.6, while SonicWall NSa is rated 7.8. The top reviewer of Palo Alto Networks NG Firewalls writes "We get reports back from WildFire on a minute-by-minute basis". On the other hand, the top reviewer of SonicWall NSa writes "Great performance and security with reasonable pricing". Palo Alto Networks NG Firewalls is most compared with Check Point NGFW, Azure Firewall, Meraki MX, Sophos XG and Netgate pfSense, whereas SonicWall NSa is most compared with SonicWall TZ, Meraki MX, Sophos XG, Cisco Secure Firewall and Juniper SRX Series Firewall. See our Palo Alto Networks NG Firewalls vs. SonicWall NSa report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.