We performed a comparison between Check Point NGFW and Fortinet Fortigate based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Fortinet’s lack of an option to deploy firewalls on multiple endpoints is a definite downside. Although Fortinet received better feedback for its support, Check Point is the winner in this comparison.
"The security posture assessment with two-factor authentication has saved more time and commercial costs by avoiding deploying having to deploy another solution."
"Even though Check Point NGFW provides a set of security features that enforce protection on the network, the most valuable aspect is also the most used feature: the plain and simple firewall component. This is the core of the product and works to a great extent without the need for all other available bells and whistles."
"The central management makes it easier, and is a time-saver, when implementing changes."
"One of the most valuable features is performance improvement, wherewith ClusterXL and CoreXL, you can improve performance."
"It's a lightweight solution, requiring minimal storage, resources, and memory to operate effectively."
"It is a very friendly platform and easy to configure."
"The Anti-Spoofing has the ability to monitor the interfaces. Suppose any spoofed IP addresses are coming from an external interface, it won't allow them. It will drop that traffic. You have two options with the Anti-Spoofing: prevent or detect. If any kind of spoof traffic is coming through the external interface, we can prevent that."
"The Smart Dashboard allows for rule creation and administration and management and is user-friendly."
"Customers want to load balance more than eight lines or six internet lines. FortiGate is the only solution that can accomplish this."
"We were looking for the VPN feature and controlling the inflow and outflow of all the traffic within the site and across the sites. We are also using it for the VPN and VLANs."
"The solution is highly scalable because they have devices that can handle a large amount of traffic."
"Advanced routing (RIP, OSPF, BGP, PBR). It gives you a seamless and simple integration into a large network."
"The technical support is great."
"The most valuable features of Fortinet FortiGate are it is one of the most mature firewalls in the UTM bundle."
"We've found the solution to be pretty stable."
"I like that they have given me a solution at a fair price."
"The firewall should be easily deployable and scalable in any major cloud environment and enable an organization’s security team to manage all of its security settings from a single console."
"Timely updates to security databases, firmware, and software are crucial for addressing new threats."
"Debugging is very complex when compared to Fortinet, for example. That's the worst thing about Check Point. The deployment of the solution is harder than it is with the competitors. But after you've deployed it, the operation is easy."
"IoT should be considered in future development."
"It should allow more than two internet providers in its configuration of "ISP Redundancy"."
"The pricing could be better."
"Check Point's study materials should be provided by the company directly and be of very good quality. This is not provided right now and something that the company can improve."
"The routing rules and some more network settings should be listed on the Check Point Smart Console instead of GAIA Web GUI."
"I would like to see better pricing in the next release, as well as a simplification of the installation."
"They've become quite expensive."
"I would like Fortinet to add more automation to FortiGate."
"Monitoring and reporting could be better."
"The performance could be a bit better. Right now, I find it to be lacking. Having good performance is very important for our work."
"They should improve high CPU and memory usage that occurs."
"FortiOS is not simple."
"In terms of what could be improved, the SD-WAN is quite difficult, because if you install the new box, 15 is okay, but if you change from an old configuration, if there is already configuration and a policy when you change to SD-WAN, you must change the whole policy that you see in the interface."
Check Point NGFW is ranked 5th in Firewalls with 277 reviews while Fortinet FortiGate is ranked 2nd in Firewalls with 306 reviews. Check Point NGFW is rated 8.8, while Fortinet FortiGate is rated 8.4. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of Fortinet FortiGate writes "It's a reliable solution that's easy to install and cheaper than competitors ". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Cisco Secure Firewall, Netgate pfSense and Azure Firewall, whereas Fortinet FortiGate is most compared with Sophos XG, Cisco Secure Firewall, Netgate pfSense, Meraki MX and SonicWall TZ. See our Check Point NGFW vs. Fortinet FortiGate report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
First of all, Check Point checks the rules to be configured before installing them in the firewall and this prevents the user from making mistakes and putting the company at risk.
Check Point is no longer expensive. It has many models and competes in performance and price vs. Fortinet.
Now web interfaces, like Fortinet, may have more bugs per top 10 OWASP.
We are using both but the GUI and clustering on the FortiGate side look better/easier/more comfortable.
And I do agree with others - Check Point is expensive and Fortinet FortiGate has many models offering less expensive implementation.
I have experience on both from Disti and channel experience. Please find below my comments (nothing new as such).
-Check Point GUI is a bit complicated,
-Application and Web filtering are better than Fortigate.
-IPS and AV are more effective than Fortigate. Overall more stable than any other firewall
Support: not up to the level like Fortigate and lack of trained resources (in the gulf).
Check Point is expensive.
Fortinet has many models and is more affordable than Check Point. It also provides outstanding support. GUI is more user-friendly.
We had this same discussion recently with my organization. It came down to the security of the platform.
Fortinet has had a number of breaches over the last 2 years and this was a key factor in our decision.
The challenge with Check Point will be the transition from our existing firewall and taking advantage of the various features across our organization.