We performed a comparison between Palo Alto Networks K2-Series and Palo Alto Networks NG Firewalls based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."There are lots of features and most of them are deployed for internet security. Users are protected if they accidentally go to some malicious sites."
"It is quite easy to handle."
"The most valuable features of Fortinet FortiGate are the rules and quality of service."
"The user interface (UI) is very, very good."
"FortiGate's web and URL filtering are unlike any other firewall I've used. The functionality of URL filtering in those solutions is problematic because everything is encrypted, and firewalls can't break that encryption protocol. Fortinet has an SSL proxy, so the encryption is done before the packet ever leaves the FortiGate. The URL filter is definitely one of the most helpful features."
"It's a firewall that secures our internal network. I have been using it since 2013, and I find that most of the features are advanced, and very user friendly."
"The main benefit is the grouping of our security monitoring."
"Customers are more inclined towards FortiGate because of application control, web filtering, and anti-spam features. The support from the FortiGate team is good, and price-wise, it is affordable."
"The company is inventive and always adds a lot of great features."
"Palo Alto's App-ID is what differentiates it from other competitors."
"We've found the solution offers us good stability."
"It's easy to configure."
"The most valuable features are the virtualization of the firewall and the antivirus."
"As long as the solution is kept updated, it's pretty stable."
"Palo Alto has a unique solution for DNS security, which is very good."
"I have found the threat profile feature valuable."
"I love the Policy Optimizer feature. I am also completely happy with its stability."
"With App-ID, we can identify exact traffic. Even if someone tries to fool the firewall with a different port number, or with the correct port number, Palo Alto is able to identify what kind of traffic it is."
"Palo Alto Networks NG Firewalls provide a unified platform that natively integrates all security capabilities."
"The GUI is simple and the solution is straightforward."
"The scalability is very good."
"The application awareness feature that recognizes application IDs and vulnerability protection are Palo Alto Networks NG Firewalls' most valuable features."
"The most valuable features are application inspection and sandboxing. Application inspection decides where traffic is transmitted. If I have a perimeter report for a particular service, then other services or malicious services cannot use an open port. In this way, application inspection is doing a fantastic job. We also have a very good sandbox with almost no rate limit. It will inspect any file that comes in and goes out in a dedicated patch to identify malware. Therefore, these two things help me to protect our organization from any bad actors."
"The payload is a very valuable feature."
"There is room for improvement related to the logging and reporting aspect."
"It needs more available central management."
"Fortinet FortiGate is not very easy to use. The navigation could be improved to make it easier to use."
"Lacks sufficient security options."
"The improvement is related to logs. Instead of the CLI, we should be able to have more insights into the logs of the firewall in the GUI."
"I would like to see improvements with the antivirus and IPS as they are not working properly all the time."
"When we cluster the two Fortinet FortiGate boxes together we have some issues."
"It would be nice if FortiGate incorporated some built-in endpoint protection features. I would also like a built-in SOC dashboard for managing multiple Fortinet firewalls."
"Higher levels of support are excellent but new users may need additional options."
"Its networking features could be better."
"They should implement the features that the other firewalls have."
"The solution needs a series of OS changes."
"Palo Alto doesn't have extended visibility to the end point in their firewalls."
"The technical support, and how they provide it to the client, needs to be improved."
"The tool needs to improve integration with more products from other vendors. I would like the product to add threat intelligence features as well."
"I would like to see the threat intelligence capability integrated with other vendors such as Cisco and Forcepoint."
"The solution is very expensive. There are cheaper options on the market."
"It is a complete product, but the SSL inspection feature requires some improvements. We need to deploy certificates at each end point to completely work out the UTM solutions. If you enable SSL encryption, it is a tedious process. It takes a lot of time to deploy the certificates to all endpoints. Without SSL inspection, UTM features will not work properly. So, we are forced to enable this SSL inspection feature."
"Could also use better customer support."
"I am in GCC in the Middle East. The support that we are getting from Palo Alto is disastrous. The problem is that the support ticket is opened through the distributor channel. Before opening a ticket, we already do a lot of troubleshooting, and when we open a ticket, it goes to a distributor channel. They end up wasting our time again doing what we have already done. They execute the same things and waste time. The distributor channel's engineer tries to troubleshoot, and after spending hours, they forward the ticket to Palo Alto. It is a very time-consuming process. The distributor channels also do not operate 24/7, and they are very lazy in responding to the calls."
"As part of our internet filtering, we integrate heavily with Active Directory, and we use security groups to separate staff into two groups: those who should have full access to the internet and those who should have limited access. It may be just the way the topology is for our domain controllers and that infrastructure, but at peak usage, there seems to be a delay in reading back against the security group to find out what group the user is in."
"I don't deal with it from a day-to-day perspective, but I can say that the evidence that I typically need is there, but sometimes, it's a task to actually get it and pull it out. They can make it easier to gather that evidence."
"I would like the option to be able to block the traffic from a specific country in a few clicks."
"We have a lot of the older firewall models, i.e., the PA-220. It seems that with newer operating systems the PA-220 is becoming slower than when I first bought it. It is not really an issue for users who are passing traffic through the firewall, but more from the management access of it."
More Palo Alto Networks NG Firewalls Pricing and Cost Advice →
Palo Alto Networks K2-Series is ranked 28th in Firewalls with 29 reviews while Palo Alto Networks NG Firewalls is ranked 6th in Firewalls with 164 reviews. Palo Alto Networks K2-Series is rated 8.4, while Palo Alto Networks NG Firewalls is rated 8.6. The top reviewer of Palo Alto Networks K2-Series writes "Easy to implement and manage, and the documentation is good". On the other hand, the top reviewer of Palo Alto Networks NG Firewalls writes "We get reports back from WildFire on a minute-by-minute basis". Palo Alto Networks K2-Series is most compared with , whereas Palo Alto Networks NG Firewalls is most compared with Check Point NGFW, Azure Firewall, Meraki MX, Sophos XG and Netgate pfSense. See our Palo Alto Networks K2-Series vs. Palo Alto Networks NG Firewalls report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it kind of depends what you value most.
PA is good at app control, web filtering and such like, they have always been top of the pile there. The GUI is very good, and their product is very user-focused.
Fortinet is good for scalability and predictable high throughput (ASICs in the hardware), and useful things like authentication flexibility, CLI config (if you have any networking/Cisco people, they always seem to prefer CLI over GUI) and have better OT features, maybe relevant to your manufacturing use?
Fortinet seem to have a broader integration offering with their security fabric than PA do, plus they can do Fortinet-based wifi, switching, etc. Depends if you are prepared to go all-in with a single vendor.
Hi,
Both FT and PA have compelling features for large Enterprises. I would like to add a few good points about Fortinetwhich might be helpful ( from my 13 years of engagement with them as Distributor and Partner)
Fortinet:
Have higher throughput; which comes with competitive rates
Wide range of models to select to meet your requirement, without spending heavliy
Outstanding customer support and very active customer care team
Easly available skilled resources from the channel for deployment and post-implementation support
Regards
Abhilash
Hello. The question is what you are going to have as a result of application