We performed a comparison between Check Point NGFW and Palo Alto Networks VM-Series based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The security features that they have are quite good. On top of that, their licensing model is quite nice where they don't charge you anything for the SD-WAN functionality for the firewall."
"Unified Threat Management (UTM) features."
"Their reliability and their policy of pre-shipping replacements when a unit has failed."
"UTM/NGFW features and FortiCloud for logs and backups are awesome."
"The product offers very good security."
"It enables our organization to become more productive. Also, it protects our NEtWare from viruses and malware."
"Initial setup is straightforward. There weren't too many issues with setting it up. It takes one hour or so."
"The ability to set up remote systems is the most valuable feature."
"The central management and logging are frankly one of the top selling points."
"Check Point definitely has a great architecture, where you can just enable the software blades and deploy a secure service. Overall, it provides ease of deployment and ease of use."
"Its management web interface is very easy and user-friendly."
"I like the GUI."
"I use it as well as a VM. We use it a lot because we have all fiber optic connections, so we could use almost all of that. The federation is beautiful because I can transfer all traffic to my main site where I can use just one link to the internet, and I can use it as a proxy as well. It is good to keep control and security."
"Admins and executives are more at ease with the compliance engine within the software as it measures how many of the security requirements we're compliant with, making their work much more accessible from that standpoint."
"The Next Generation Firewalls, the 64000 and 44000 series, provide us with support for large data centers and telco environments. They're quite reliable and provide great performance."
"As with any firewall, IPSEC VPN is the critical functionality. Not every organization has the budget to implement MPLS or SD-WAN, which makes IPSEC the go-to for site-to-site connectivity."
"The most valuable feature is the Posture Assessment."
"The VM series has an advantage over the physical version because we are able to change the sources that the machine has, such as the amount of available RAM."
"With the improved visibility we now have, the traffic is being properly monitored, which means that we are better able to manage it. These are improvements that we saw very quickly."
"The interface with Panorama makes it very easy to use."
"Palo Alto Networks VM-Series's most valuable feature is the visibility of the environment."
"The initial setup was straightforward."
"In AWS, Palo Alto provides us a better view than flow logs for network traffic."
"It provides complete security posture from end-to-end. This has given us better visibility into what our security aspects are."
"Some features of Fortinet FortiGate are actually fee enabled that are inconvenient for deploying in production. Other issues relate to isolation with Cisco products and your server."
"Some of the software stability could improve."
"Fortinet FortiGate could improve by adding enhancements to FortiMail, FortiSOAR, and FortiDeceptor."
"Palo Alto has a feature called WildFire Analysis that is unavailable in FortiGate. WildFire is better than a sandbox because it can address zero-day threats and vulnerabilities. It can immediately identify zero-day threats from the cloud."
"The feedback that I have received is that the performance could be better, and the user experience is not as good compared to a previous solution we used. It could be more user-friendly. Of course, it still works fine for our operations."
"They can do more tests before they release new versions because I would like to be more assured. We had some experiences where they release something new and great, but some of the old features are disabled or they don't work well, which impacts the product satisfaction. The manufacturer should be able to prove that everything works or not only that it might work. This is applicable to most of the other services, software, and hardware companies. They all should work on this. We cannot trust every new release, such as a beta release, on the first day. We wait for some comments on the forums and from other companies that we know. We always wait a few weeks before we use the updated version. They should also extend the VPN client application, especially for Linux versions. Currently, it has an application for Linux devices, but it doesn't work the way we want to connect to the VPN. They use only the old connection, not the new one. They have VPN client applications for Windows and Mac, but they can add more useful features to better manage the devices and monitor the current health of each device. Such features would be helpful for our company."
"Quality control on their firmware versions needs improvement. When they introduce new firmware, there tend to be bugs."
"Fortinet FortiGate is a firewall solution and once it's deployed, you can rest assured that your system is secure."
"Geo-blocking would be very useful. There are too many attempts to infiltrate by non-country users. I can block access by IP address or IP network, however, a country-level blocking would be more useful and much quicker to implement."
"Pricing needs to be lowered from start, this would be more effective than lowering it during negotiations."
"The product's technical support services need improvement."
"Check Point should improve services related to the cloud-based solution."
"One area for improvement in Check Point NGFW is the support process."
"I would like to see better Data Leakage protection options and easier-to-understand deployment models for this."
"One of my issues with Check Point is the stability. There have been too many bugs, over the years, when I compare them with other vendors. Their QA team should do better work before releasing their GA versions."
"We find the GUI to be wrong and the CLI doesn't always show all of the connections."
"Just sometimes it can be a bit sluggish navigating through pages. That is just purely because of Java."
"It has to be more scalable for the deployment of VMs on the cloud."
"People are less aware of Palo Alto."
"In the next release, I would like to see better integration between the endpoints and the firewalls."
"Palo Alto should update their documentation to make it more readable and provide easier-to-follow instructions through videos."
"The utilization monitoring and GUI have room for improvement."
"The disadvantage with Palo Alto is that they don't have a cloud-based solution that includes a secure web gateway."
"Its web interface is a bit outdated, and it needs to be updated. They can also improve the NAT functionality. We have had issues with the NAT setup."
Check Point NGFW is ranked 5th in Firewalls with 277 reviews while Palo Alto Networks VM-Series is ranked 10th in Firewalls with 53 reviews. Check Point NGFW is rated 8.8, while Palo Alto Networks VM-Series is rated 8.6. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of Palo Alto Networks VM-Series writes "Many features are optimized for troubleshooting real-time scenarios, saving a lot of time". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Cisco Secure Firewall, Netgate pfSense and Azure Firewall, whereas Palo Alto Networks VM-Series is most compared with Azure Firewall, Fortinet FortiGate-VM, Cisco Secure Firewall, Palo Alto Networks NG Firewalls and Check Point CloudGuard Network Security. See our Check Point NGFW vs. Palo Alto Networks VM-Series report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.