We performed a comparison between Palo Alto Networks NG Firewalls and WatchGuard Firebox based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The Intrusion Prevention System and the web filtering are both working well."
"The most valuable feature is the ease of use."
"One of the valuable features is a standardized OS."
"This solution has helped our organization by having strong functions and a reliable firewall."
"It's a firewall that secures our internal network. I have been using it since 2013, and I find that most of the features are advanced, and very user friendly."
"The most valuable feature is the ease of configuration."
"The product is easy to use and is stable. The SV1 functionality is a benefit."
"All of the features of Fortinet FortiGate are useful and the security protection is good."
"The ease of use and the ease of configuration of our policies are the most valuable features."
"A feature introduced by Palo Alto with the version 10-OS is embedded machine learning in the core of the firewall to provide inline, real-time attack prevention. Machine learning analyzes the network traffic and detects if there is any usual traffic coming from outside to inside. Because of Palo Alto, organizations detect around 91% of malicious attacks using machine learning. The machine learning helps customers by implementing firewalls in critical and air gap areas so there is no need to integrate with the cloud sandbox."
"It has a solid network security with some robust tools. We can block unexpected attacks, especially zero-day attacks. Since they use the Pan-OS engine, they can collect attacks from all over the world and analyze them. They can then protect against zero-day attacks and unexpected attacks."
"The structure is much faster and more sophisticated than Cisco."
"The most important feature is the firewall. We can make rules to filter the application layer of traffic. It's a very helpful feature."
"The most valuable feature of the solution is the network protection."
"Decryption is one of Palo Alto Networks NG Firewalls' best features because we can decrypt by category. For instance, we can decrypt everything except for bank traffic so that we don't interfere with the passwords and two-factor authentication of those checking their bank accounts at work. We can still monitor for malware and other threats that come through a secure channel. It's seamless for users. The URL filtering and IPS are both great as well."
"Some of the valuable features in this solution are traffic monitoring, GUI functionality, and it very easy to troubleshoot if there is any problem that happens."
"The ports that I have assigned appear to be unattainable to outside 'mal-actors,' unless they have an address registered on the internet that this thing is expecting. That's a layer of security."
"As a whole, it has a very low requirement for ongoing interaction. It's very self-sufficient. If properly patched, it has very high reliability. The total cost of ownership once deployed is very low."
"It protects me against malicious websites, as well as malicious downloads, as a perimeter anti-virus. I've also seen it blocking a lot of pings and different probes."
"The set up of the VPN is pretty straightforward. Being able to build VPNs on the fly for certain users, if need be, is also valuable."
"It's hard to pick one feature over another. But if I had to pick one, the UTM would be the most valuable because of the notification. I get notified via email if there is any type of threat detection or alert, telling me something is wrong."
"The most valuables feature of WatchGuard Firebox are the VPNs, and web filtering where we can stop users from going to malicious sites."
"The most valuable features are the VPN and web blocker security."
"The most valuable features of this solution are live logging, rule setup and maintenance, and VPN creation."
"In some cases, its initial setup could be hard for customers."
"It is quite new for us, and we need to go more in-depth into the monitoring tools. It provides different features that we need to do what we want. So far, it is okay for us. In terms of improvement, in the future, they can provide a faster implementation of features. Some of the features are first available in other solutions. Fortinet sometimes takes a little bit longer than other solutions, such as Check Point, to implement new features."
"The stability of Fortinet FortiGate could improve."
"The performance could be a bit better. Right now, I find it to be lacking. Having good performance is very important for our work."
"My only complaint about FortiGate is a lack of QinQ VLAN tunneling. I haven't found this feature in any Fortinet product. You can do this on all Cisco routers, including the smaller models. However, QinQ isn't available on the biggest, most expensive Fortinet units. They still don't have that. I think now we're on software version 6.0, and they still haven't found a solution for QinQ. It isn't a dealbreaker, but that's my main complaint."
"Fortinet needs to overhaul its documentation."
"With the reports, you can see it, and you can get good feelings so upper management can go, "Oh, wow. That looks pretty." However, it's very basic."
"NGN, reporting and controls."
"Technical support can be faster at responding."
"Overall it is good. It is reliable and easy to understand. However, the monitoring feature could be improved."
"We would like to see the external dynamic list for this solution improved. The current version does not automatically block malicious IP addresses, which would be very useful."
"Its scalability for on-prem deployments can be better. For an on-prem deployment, the hardware has to be replaced if the volume goes up to a certain level."
"Need improvement with their logs, especially the command line interface."
"The stability, scalability for enterprise-level organizations, and technical documentation have room for improvement."
"Personally, I feel that their dashboards for reporting and things like that need some improvement."
"The areas that need to improve are network protection and user identification."
"Sometimes, the writing rules are a little confusing in how am I doing them."
"I haven’t dug deeply into the reporting features yet or if they are working well. However, I have generated several reports and there was too much unnecessary information, in comparison with the reporting features in the Sophos firewall. Sophos' reporting is more readable and easier to configure."
"If they could make the traffic monitoring easier that would be great. I don't use it that frequently, but I would like to see some improvements in the ease of use of that component, so it makes more sense. I know it's a technical component so there's going to be some difficulty trying to make that easier."
"There's always room for improvement, especially if the threats are getting more sophisticated and the IT department cannot sufficiently meet this kind of sophistication with their own knowledge and experience. Knowing that this solution can get up to the level of addressing a lot of these threats is something that everybody wishes for. If we look at the dark web and the lawful web, they are two opposites, and if these two good and bad collide in the world of the internet, you want the best possible product—especially if you cannot get to that point of knowledge. I am just an individual and end user, with limited knowledge of usage. That's why I say there's always room for improvement, from their side and also from mine, because by knowing exactly what they can achieve and the knowledge that they can get on an everyday basis, and the portion that is understandable to me, it's an improvement for them as well."
"The scalability of the solution needs improvement."
"In terms of the reporting and management features — and this isn't necessarily a WatchGuard issue, this seems to be more of an industry-wide issue — you get reports, but a lot of times you don't know what you're looking at. You're so overwhelmed with the data. You're getting a lot of stuff that doesn't matter, so it takes time to parse through it, to actually get what you want to know."
"What could use some significant improvement in WatchGuard Firebox would be its interface and policy management. An additional feature I'd like to see in the next release of WatchGuard Firebox is the ability to modify an existing policy instead of having to recreate a policy when changes are necessary. At the moment, there's no possibility to modify the policy. You have to delete the policy and recreate it."
"Last year, I had an issue with one of the Fireboxes going down. It was overheated, because my server room became overheated and this fried it."
More Palo Alto Networks NG Firewalls Pricing and Cost Advice →
Palo Alto Networks NG Firewalls is ranked 6th in Firewalls with 162 reviews while WatchGuard Firebox is ranked 13th in Firewalls with 79 reviews. Palo Alto Networks NG Firewalls is rated 8.6, while WatchGuard Firebox is rated 8.4. The top reviewer of Palo Alto Networks NG Firewalls writes "We get reports back from WildFire on a minute-by-minute basis". On the other hand, the top reviewer of WatchGuard Firebox writes "Offers a streamlined deployment, intuitive interface and robust security features". Palo Alto Networks NG Firewalls is most compared with Check Point NGFW, Azure Firewall, Meraki MX, Sophos XG and Palo Alto Networks VM-Series, whereas WatchGuard Firebox is most compared with Netgate pfSense, Sophos XG, OPNsense and SonicWall TZ. See our Palo Alto Networks NG Firewalls vs. WatchGuard Firebox report.
See our list of best Firewalls vendors and best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.