We performed a comparison between Netgate pfSense and Palo Alto Networks PA-Series based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."This is a quality product with ok support, and it is better than the competition we've tried."
"The most valuable features of the solution are SD-WAN, filtering testing applications, web filtering, and the new VPN."
"Whenever we raise a complaint with FortiGate, their response and resolution times are minimal."
"The product is easy to use and is stable. The SV1 functionality is a benefit."
"The user interface (UI) is very, very good."
"The most valuable features of Fortinet FortiGate are the ability to work in proxy mode, which other solutions, such as Palo Alto cannot. There are some features that are better that come at no extra license or subscriptions cost, such as basic SD-WAN. The DLT is useful, other solutions have the same feature too, such as Palo Alto."
"Fortinet FortiGate has many valuable features, such as IDS, and intrusion detection. It has security features that are in part with the technologies that are available in the market."
"The reporting you receive out of this appliance is excellent. You will not need an external management system."
"Easy to deploy and easy to use."
"The most valuable features are the VPN and the capture photo."
"Easy to deploy and easy to use."
"The VPN is my favorite feature."
"I have found pfSense to be stable."
"The interface is straightforward and easy to use."
"I have found the firewall portion for the blocking most valuable."
"Content protection, content inspection, and the application level firewall."
"I like the tool's security and web filtering features."
"It offers a seamless transition from one option to another, making it exceptionally versatile and user-friendly in an enterprise setting."
"The product's initial setup process was simple."
"The solution provides good customer support."
"Palo Alto Networks firewalls offer single-mode panel processing with live scanning."
"The solution has a three-layer architecture, and it helps customers to deploy the solution quickly."
"It is stable when you set up something and put it into production. Once it works, you don't have other tasks or actions to perform."
"A valuable feature that we can consider is the deployment time, which is significantly reduced, almost 90% faster compared to other solutions. This leads to quicker deployment and less downtime."
"I would prefer to have more detailed logs within the FortiGate products themselves rather than relying on a separate tool."
"Fortinet FortiGate is a stable solution. However, my issue is the performance only. When I use all the profiles, this affects the performance. From the beginning, I should have had a better sizing of the box."
"I would suggest that Fortinet add sandboxing to their solution."
"The solution lacks sufficient filtering."
"FortiGate is really good. We have been using it for quite some time. Initially, when we started off, we had around 70 plus devices of FortiGate, but then Check Point and Palo Alto took over the place. From the product perspective, there are no issues, but from the account perspective, we have had issues. Fortinet's presence in our company is very less. I don't see any Fortinet account managers talking to us, and that presence has diluted in the last two and a half or three years. We have close to 1,500 firewalls. Out of these, 60% of firewalls are from Palo Alto, and a few firewalls are from Check Point. FortiGate firewalls are very less now. It is not because of the product; it is because of the relationship. I don't think they had a good relationship with us, and there was some kind of disconnect for a very long time. The relationship between their accounts team and my leadership team seems to be the reason for phasing out FortiGate."
"Its filtering is sometimes too precise or strict. We sometimes have to bypass and authorize some of the sites, but they get blocked. We know that they are trusted sites, but they are blocked, and we don't know why."
"FortiLink is the interface on the firewall that allows you to extend switch management across all of your switches in the network. The problem with it is that you can't use multiple interfaces unless you set them up in a lag. Only then you can run them. So, it forces you to use a core type of switch to propagate that management out to the rest of the switches, and then it is running the case at 200. It leaves you with 18 ports on the firewall because it is also a layer-three router that could also be used as a switch, but as soon as you do that, you can't really use them. They could do a little bit more clean up in the way the stacking interface works. Some use cases and the documentation on the FortiLink checking interface are a little outdated. I can find stuff on version 5 or more, but it is hard to find information on some of the newer firmware. The biggest thing I would like to see is some improvement in the switch management feature. I would like to be able to relegate some of the ports, which are on the firewall itself, to act as a switch to take advantage of those ports. Some of these firewalls have clarity ports on them. If I can use those, it would mean that I need to buy two less switches, which saves time. I get why they don't, but I would still like to see it because it would save a little bit of space in the server rack."
"Some features of Fortinet FortiGate are actually fee enabled that are inconvenient for deploying in production. Other issues relate to isolation with Cisco products and your server."
"I've never tried it in large environments. All my clients are small businesses with a handful of employees, so I am not sure how it works in large environments. I keep up with recent versions, and there's nothing I'm waiting for, and nothing breaks when I get a new version."
"There's a bit of a learning curve during the initial implementation."
"The router monitoring needs improvement when compared with Sonicwall."
"The stability could be improved."
"They can improve the dynamic of the input of IPs from outside."
"If a user doesn't have a large amount of experience in Linux systems, they will have problems using this solution. Users need to be highly skilled in troubleshooting competency. Users who do not have such skills will find the product difficult to use."
"The integration of pfSense with EPS and EDS could be better. Also, it should be easier to get reports on how many users are connecting simultaneously and how sections connect in real-time."
"The hotspot and the portal feature in this solution are not stable for WiFi access. We use it at least once or twice every day and it crashes. Some modules can be better by improving detection and having new updates. Additionally, we have some issues with clustering and load balancing that could improve."
"There is room for improvement in streamlining this process for smoother transitions."
"As we migrate fully into the cloud, additional features like capacity upgrading and improvements to hardware resources will be necessary, especially since our equipment consists of older-generation switches and routers."
"There are constant updates for the operating system. It is a nice thing also, but it has its own disadvantages. Continuous updates are there. The users face issues like, how often do I need to update that? Within a period of five months, I'm updating it two or three times. It gives them a feeling that they are not confident about their product and have to update it so frequently."
"The SD-WAN feature of Palo Alto Networks is not good compared to FortiGate."
"Palo Alto Networks PA-Series should improve its price. It should also include a feature similar to Sophos' Security Heartbeat."
"Palo Alto Networks PA-Series is complicated to configure compared to one of its competitors."
"In future releases, maybe Palo Alto can enhance and enlarge their portfolio with SIEM solutions. They already have an endpoint protection solution, SOAR solution, that's fine. But when it comes to standalone IDS/IPS solution or email security solution, for example, we don't have any product in that category for Palo Alto."
"The product's gateway services can be improved."
Netgate pfSense is ranked 1st in Firewalls with 128 reviews while Palo Alto Networks PA-Series is ranked 16th in Firewalls with 28 reviews. Netgate pfSense is rated 8.6, while Palo Alto Networks PA-Series is rated 8.6. The top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". On the other hand, the top reviewer of Palo Alto Networks PA-Series writes "Offers trained customer support, stability and ease of use ". Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Sophos UTM and Cisco Secure Firewall, whereas Palo Alto Networks PA-Series is most compared with OPNsense, SonicWall NSa, Juniper SRX Series Firewall, Sophos XG and WatchGuard Firebox. See our Netgate pfSense vs. Palo Alto Networks PA-Series report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.