We performed a comparison between KerioControl and Palo Alto Networks NG Firewalls based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The next-generation firewall is great."
"The pricing is excellent. It's much less expensive than Cisco."
"The security fabric is excellent."
"The CLI is robust and powerful, enabling rapid, consistent changes via SSH."
"The most valuable feature is the FortiManager for centralized management."
"The solution is stable."
"The virtual firewall feature is the most valuable. We have around 1,500 firewalls. We did not buy individual hardware, and the virtual firewalls made sense because we don't have to keep on buying the hardware. FortiGate is easier to use as compared to Checkpoint devices. It is user friendly and has a good UI. You don't need much expertise to work on this firewall. You don't need to worry much about DCLA, commands, and things like that."
"The wireless control is helpful."
"The top features are ones that we're not using yet but we soon will be because we've just had broadband upgraded in Australia. We've got something called the National Broadband Network, which is forced onto you, so you have to take it when it arrives. We'll be trying the high availability out soon. We tried that with some load balancing, it didn't quite work as we expected, but I think that was more of a configuration thing rather than a product thing."
"The user interface and the ease of use are pretty good. Everything fits together so nicely."
"The product is easy to use."
"One very good thing about the Kerio device is its authentication. I don't have a Windows domain for authentication. Instead, I use the Kerio product because it can separate users by Mac addresses and give them IP addresses based on their usernames, automatically logging them in. This makes for a very simple authentication system."
"The firewall and intrusion detection features are very useful these days because hackers have a lot of tricks that they use to get into a system. With Kerio Control you can see something that's happening. Otherwise, you have to use other tools to see what's happening on the firewalls. Having IPS in it is quite useful for us."
"The firewall appliance itself is the most valuable feature."
"The routing of the multiple internet physical routers I have is the most valuable feature of this solution. Instead of me physically unplugging a cable from one router to the server, if one connection goes down, it automatically switches for me. So I can have all three of them plugged in. If one goes down, it just picks up the other one automatically. There's no physical cable swapping."
"It helps us better control internal and external communications."
"I can enable the features I want and configure the policies based on the user and not all users and network traffic, making firewall management much easier."
"Palo Alto Networks NG Firewalls have a Single Pass Parallel Processing (SP3) Architecture, which has a different kind of code doing the work. It increases the packet processing rate. Whereas, without the SP3 Architecture, you are waiting for each job to complete, even if you have 100 jobs assigned."
"The solution's most valuable feature is the robust firewall, which we can also use as a UTM device."
"Most of the features in Palo Alto are very valuable."
"The scalability is very good."
"I like the remote access and URL filtering features that are available on global products."
"With its single pane of glass, it makes monitoring and troubleshooting a bit more homogeneous. We are not looking at multiple platforms and monitoring management tools. It is more efficient from that perspective. It is more of a common monitoring and control system for multiple aspects of what used to be different systems. It provides efficiency and time savings."
"Decryption is one of Palo Alto Networks NG Firewalls' best features because we can decrypt by category. For instance, we can decrypt everything except for bank traffic so that we don't interfere with the passwords and two-factor authentication of those checking their bank accounts at work. We can still monitor for malware and other threats that come through a secure channel. It's seamless for users. The URL filtering and IPS are both great as well."
"The support we receive when we need to upgrade is not satisfactory and has room for improvement."
"Sometimes you do need to know some CLI commands, so it's a bit harder for technicians or new people that don't know it."
"We would like to see better pricing."
"The solution's framework needs to be frequently updated in order to have a stable solution."
"Fortinet FortiGate could improve by adding FortiAnalyzer to its solution, we should not have to use another solution. FortiAnalyzer can provide more detailed information."
"In the balance between links feature normally you can just choose one option to balance. It would be better for the solution to have more than one option, preferably three."
"I could not configure sFlow from the FortiGate graphical user interface. I realized that the sFlow configuration is available only from the CLI, and discovered that sFlow is not supported on virtual interfaces, such as VDOM links, IPsec, or GRE."
"We were not able to build a full-mesh VPN; however, I am not sure if this was the fault of Fortinet FortiGate."
"The security part of the software, like virus scanning, website, traffic monitoring, things like that, can take a beating on the appliance. And when there's a lot of things going on, the system can get bogged down. The actual security functionality of it needs a little bit more work, which I believe they are remedying or attempting to remedy at this time, but that's the downfall at this time."
"One of the problems we do have causes problems with the VPN. The software slows the throughput down too much. You could have a one-gigabit connection from the internet, and it slows it down to the area of upload and download is extremely slow. There's too much content filtering at that point."
"The denial of service could also be improved. There recently was a big issue with denial of service attacks and it was a bit laborious."
"Improvements are needed to the Next Generation Firewall Protection, specifically with user-level protection."
"The improvement that we are looking for is for when decide to move some part of our application to the cloud."
"If I would suggest anything, it would be to expand on its multifactor authentication to be a little bit more user-friendly. They should do multifactor authentications for the client itself perhaps, rather than served on a webpage, in a page hijack, that might be more user-friendly, but I don't have a lot of complaints about it. It's doing its job. You have to have a certain amount of skills to configure these things anyway, the ones that we use on-site doing point-to-point, and we've been tricked up a few times with their interfaces."
"They should improve the remote connectivity feature for users."
"We'd like to have more integrations Kerio Operator."
"Its software updates can be improved. It sometimes becomes very slow with the software updates for different features. It should have an External Dynamic List of data. The malicious IP is not frequently getting updated in Palo Alto, and this should be done."
"In terms of what could be improved, comparatively the price is very high. That would be the one thing."
"When it comes to their support, we have to select every single component that we want to include in a particular bundle. That is a very tedious process. T"
"People sometimes find it more expensive as compared to other solutions. There are also fewer training opportunities for Palo Alto than Cisco and other vendors."
"Palo Alto is like Microsoft. It has varied features, but it's too technical. A lot of the features could be simplified. The procedure, process, features, and usability could be more simple."
"In the cloud, the HA could be a lot better. Its price could also be better. It is very expensive."
"I would like to see it provide us with intelligent information from the data that it captures, within the same cost."
"Palo Alto Networks NG Firewalls need better training modules. You have to do a lot of reading prior to watching the training videos, and it's good for people who are really into it. However, often you want to use a video for a TID. You want to see how to do something rather than spend 30 minutes reading and then another 30 minutes watching the class. As a result, I take third-party training classes rather than Palo Alto's training because they are a lot better."
More Palo Alto Networks NG Firewalls Pricing and Cost Advice →
KerioControl is ranked 29th in Firewalls with 54 reviews while Palo Alto Networks NG Firewalls is ranked 6th in Firewalls with 162 reviews. KerioControl is rated 8.0, while Palo Alto Networks NG Firewalls is rated 8.6. The top reviewer of KerioControl writes "With VPN, any of our guys can log in to the system and effectively be on board; helps with our customers all over the world". On the other hand, the top reviewer of Palo Alto Networks NG Firewalls writes "We get reports back from WildFire on a minute-by-minute basis". KerioControl is most compared with Netgate pfSense, OPNsense, Sophos UTM, Sophos XG and Cisco Secure Firewall, whereas Palo Alto Networks NG Firewalls is most compared with Check Point NGFW, Azure Firewall, Meraki MX, Sophos XG and Netgate pfSense. See our KerioControl vs. Palo Alto Networks NG Firewalls report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.