We performed a comparison between Check Point NGFW and Fortinet Fortigate based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Fortinet’s lack of an option to deploy firewalls on multiple endpoints is a definite downside. Although Fortinet received better feedback for its support, Check Point is the winner in this comparison.
"Some of the most valuable features are URL filtering, web filtering, and content filtering."
"The most valuable feature is the powerful, deep packet inspection engine."
"I like the dashboard, redundancy, log analysis, threat prevention and ISP, and VPN."
"We have all the features we want or need in this appliance. It's been good so far."
"We use Check Point to complete the network compliance rules."
"The technical services always replied in a very fast and effective way."
"Everything can be managed from a single dashboard nowadays."
"The management platform and the dashboard, the graphical user interface, is one of the best, if not the best, in the business. It's the most intuitive and it's really user-friendly in day-to-day operations."
"It's very fast and easy to configure."
"Fortinet has a very good solution for Secure SD-WAN. One very good feature is that they have robust and simple FortiOS through which they provide all solutions. That's their strength. There's not much complexity involved with the Secure SD-WAN solution of Fortinet as compared to Cisco's solution, which has a lot of flexibility but complexity also comes with that flexibility."
"The most valuable feature is the ease of use."
"The most valuable features of Fortinet FortiGate are the different types of profiling. It has been the most effective for me. The WAF and the antivirus profile are the most effective in network protection."
"The solution is very easy to understand. It's not overly complex."
"Initial setup is easy to configure."
"The most valuable features are the enterprise modeling and the simple interface."
"The web filtering facility and application control are the most valuable features from the point of view of our clients. The VPN feature is also quite popular amongst our clients. Two-factor authentication is one of the good features in Fortinet. These features are important for the current scenario of security. Security has become a necessity nowadays. With cyber-attacks becoming more common, protecting an organization's data is one of the major tasks. It is also very stable and scalable, and it is very straightforward to configure. Their technical support is also good."
"The NAT services part needs improvement. It's not sophisticated. It needs functions like range assignment for NATing. The way you assign a list of IPs for NATing is too simple. It just allows you to use pools."
"Unfortunately, as is the case with many big companies, new features seem to always be more important than fixing the last little bugs that affect only a minor customer base."
"Some features, like the VPN, antispam, data loss prevention, etc., are managed in an external console. In the future, I'd like all features in the same console, in one place, where we can see and configure all features."
"The antivirus is not as effective as it could be because updates are not that frequent."
"Check Point should quickly update and expand its application database to have what Palo Alto has."
"I still don't have access to the reporting service."
"Timely updates to security databases, firmware, and software are crucial for addressing new threats."
"There's a significant area for improvement when it comes to pricing."
"The pricing could always be better."
"I use the FortiGate 60D model and realized the 300Mbps bandwidth limitation. Because it is a product that offers many services, I think it could have greater bandwidth capacity."
"Performance and technical support are the main issues with this solution."
"They should make the rule sets more understandable for the end user. When you're trying to explain to somebody how a computer network is secured, sometimes it's difficult for an end user or customer to understand. If there was a way to make the terminology more accessible to the end user, the set up could be easier. They should translate the technical jargon to an easily relatable and understandable conversation for the end user, the customer, that would be brilliant. Particularly in an environment where the IT structure is audited regularly, there's always pressure from the auditor to up the standards and up the security and you get your USCERT's that come out and there's a warning about this and the customer will want to lock out so much and when you apply it they run into issue where they can't search the internet or print to their remote office. Of course they can't print to your remote office, they just locked it up. They should make the language more understandable for the customer. If there's a product out there that made the jargon understandable to John Q. Public, I would buy that."
"It needs more available central management."
"They need faster serviceability and more security features."
"The updates Fortinet provides are sometimes unstable."
"Usually, we sell the bundle with the UTM or threat management piece with IPS, IDS. Other providers, such as Palo Alto, are ahead in terms of safe functionality. So, for me, delivering truly safe service is probably something that still needs to be improved."
Check Point NGFW is ranked 5th in Firewalls with 275 reviews while Fortinet FortiGate is ranked 2nd in Firewalls with 306 reviews. Check Point NGFW is rated 8.8, while Fortinet FortiGate is rated 8.4. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of Fortinet FortiGate writes "It's a reliable solution that's easy to install and cheaper than competitors ". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Cisco Secure Firewall, Netgate pfSense and Azure Firewall, whereas Fortinet FortiGate is most compared with Sophos XG, Cisco Secure Firewall, Netgate pfSense, Meraki MX and SonicWall TZ. See our Check Point NGFW vs. Fortinet FortiGate report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
I have worked for several years with the Check Point platform (NGFW) and it is by far more stable in hardware and software.
It is a very friendly platform and easy to configure. It is true that it is a bit expensive according to the required blades but it is a platform that is worth having as security in a corporate.
We are using both but the GUI and clustering on the FortiGate side look better/easier/more comfortable.
And I do agree with others - Check Point is expensive and Fortinet FortiGate has many models offering less expensive implementation.
I have experience on both from Disti and channel experience. Please find below my comments (nothing new as such).
-Check Point GUI is a bit complicated,
-Application and Web filtering are better than Fortigate.
-IPS and AV are more effective than Fortigate. Overall more stable than any other firewall
Support: not up to the level like Fortigate and lack of trained resources (in the gulf).
Check Point is expensive.
Fortinet has many models and is more affordable than Check Point. It also provides outstanding support. GUI is more user-friendly.
We had this same discussion recently with my organization. It came down to the security of the platform.
Fortinet has had a number of breaches over the last 2 years and this was a key factor in our decision.
The challenge with Check Point will be the transition from our existing firewall and taking advantage of the various features across our organization.