We performed a comparison between Azure Firewall and Zscaler Internet Access based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."This is an easy solution to deploy."
"It performs very well."
"Security management tool that's easy to integrate and easy to work with. No issues found with its stability and scalability."
"FortiGate is flexible and easy to use."
"Initial setup is straightforward. There weren't too many issues with setting it up. It takes one hour or so."
"We can use our devices to check all of the perimeters. It secures email websites."
"The solution is extremely reliable."
"The security features are about the best that I've seen anywhere."
"The solution can autoscale."
"The most valuable feature is threat intelligence. It is based on filtering and can identify multiple threats."
"Azure Firewall's feature that I have found most valuable is its scalability."
"We use the solution for application and server deployment."
"The feature that I have found the most valuable is the control over the network permissions and the network."
"It is easy for me to protect certain ports or even the IP addresses, as well as do whitelisting, blacklisting, and the FQDN when we want virtual machines connected and to protect certain websites."
"The initial setup is straightforward; Azure Firewall does not have a complex implementation process. It is very simple; you just need to enable the service within Azure. It does not require any maintenance because it is managed by Microsoft, that is, it is a fully managed service."
"The most valuable feature is the integration into the overall cloud platform."
"The scanning feature is impressive, because they do not introduce a big latency to the traffic."
"The security is excellent."
"We use ZIA for outbound internet connectivity. The internet traffic of on-prem users will be directed to the ZIA cloud for security checks and web filtering."
"The cloud proxy and integration are some of the key features. Since there is cloud waste, we can quickly provision it and start working on the configuration. On top of that, they have added a few more features. They have integrated CASB, and file sandboxing is part of it."
"We enjoy all of the proxy capabilities and the capability to integrate into the SIEM/SOC solution."
"The solution offers a distributed organization to master and to control all of the endpoints."
"The solution is stable and reliable."
"The solution has reduced cyberattacks."
"The inability to scale the FortiAnalyzer to match our growth necessitates the purchase of new hardware."
"I use the FortiGate 60D model and realized the 300Mbps bandwidth limitation. Because it is a product that offers many services, I think it could have greater bandwidth capacity."
"I would like to see improvements in the support from Fortinet. Here in the Philippines, whenever we have problems with a Fortinet product, we mostly ask for support from distributors and resellers and not directly from Fortinet."
"FortiGate is really good. We have been using it for quite some time. Initially, when we started off, we had around 70 plus devices of FortiGate, but then Check Point and Palo Alto took over the place. From the product perspective, there are no issues, but from the account perspective, we have had issues. Fortinet's presence in our company is very less. I don't see any Fortinet account managers talking to us, and that presence has diluted in the last two and a half or three years. We have close to 1,500 firewalls. Out of these, 60% of firewalls are from Palo Alto, and a few firewalls are from Check Point. FortiGate firewalls are very less now. It is not because of the product; it is because of the relationship. I don't think they had a good relationship with us, and there was some kind of disconnect for a very long time. The relationship between their accounts team and my leadership team seems to be the reason for phasing out FortiGate."
"There are a lot of bugs I have found in the solution and it is difficult to upgrade. These areas need improvement."
"The biggest "gotcha" is that if the client purchases what they call the UTM shared bundle, which has unified threat management on both, it's not as easy to manage if you have more than one firewall."
"FortiOS is not simple."
"There is room for improvement related to the logging and reporting aspect."
"The interface could be improved, it's not very user friendly."
"Right now, with Azure Firewall, we cannot have a normal inbound traffic flow. For inbound, Microsoft suggests using application gateways, so the options are very limited. I cannot use this firewall as an intermediate firewall because of the limitations, and I cannot point routing to another firewall. So if I want to use back-to-back firewall architecture in my environment, I cannot use Azure Firewall for that type of configuration either."
"Azure should be able to work better as a balancer also, instead of just being a firewall. It should have a wider mandate."
"The solution doesn't offer the same capabilities of Fortinet. It should offer intrusion prevention and advance filtering. These are two very useful features offered on Fortinet that Azure lacks."
"Azure Firewall has limited visibility for IDPS, no TLS inspection, no app ID, no user ID, no content ID, no device ID. There is no antivirus or anti-spyware. Azure Firewall doesn't scan traffic for malware unless it triggers an IDPS signature. There is no sandbox or machine learning functionality, meaning we are not protected from Zero-day threats. There is no DNS security and limited web categories."
"They can improve the pricing of Azure Firewall."
"The threat intelligence aspect of this particular firewall is not at par with other providers."
"The solution should incorporate features similar to competitors like split tunneling."
"The price of the solution could be improved."
"I would like to see more training and video documentation."
"One thing that they could improve is the ability to import rules from other platforms."
"In every cloud service in the world, you have multiple upstream internet providers to create diversity so that if one of your providers fails, your network just continues. In South Africa, there is only one upstream provider, and that's not right. That that's a problem."
"Do not expect to pay for the service and start using it, like Gmail. Zscaler requires a proper implementation to be done to make it successful."
"It needs better integration with other applications. It takes a fair amount of regular activity to apply the by-passes because it is very strict in its restrictions and frequently you have to go in and open things up to allow the workforce to work."
"What could be improved in Zscaler Internet Access is its price. It could be cheaper."
"An improvement would be if they could provide an out-of-the-box experience, like 20 to 30 features all ready to go. In comparison, LogRhythm offers out-of-the-box features. With Zscaler Internet Access, there is firewall IPS, multiple security services, filtering, DLP, and CASB browser isolation. These are things that all users are going to be using. However, when an administrator or architect would start building this, I would definitely need to engage professional services to help clients do it."
Azure Firewall is ranked 21st in Firewalls with 33 reviews while Zscaler Internet Access is ranked 2nd in Secure Web Gateways (SWG) with 46 reviews. Azure Firewall is rated 7.2, while Zscaler Internet Access is rated 8.2. The top reviewer of Azure Firewall writes "Easy to use and configure but could be more robust". On the other hand, the top reviewer of Zscaler Internet Access writes "Provides integrated CASB and file sandboxing but could be less expensive ". Azure Firewall is most compared with Fortinet FortiGate-VM, Palo Alto Networks NG Firewalls, Microsoft Defender for Cloud, Palo Alto Networks VM-Series and Check Point NGFW, whereas Zscaler Internet Access is most compared with Cisco Umbrella, Microsoft Defender for Cloud Apps, Netskope , Prisma Access by Palo Alto Networks and Appgate SDP.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.