We performed a comparison between Palo Alto Networks NG Firewalls and Zscaler Internet Access based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The features that I have found most valuable are the SD-WAN and their IP4 policy."
"Reliability is the best feature. We faced some issues when we were setting it up, but the service, portal, and administration are good."
"The interface is very user-friendly and I like it very much."
"Some of the valuable features are the firewall, IPS, web filter, and gateway capabilities. Additionally, it is easy to use and flexible."
"The solution can scale well."
"You can purchase switches and you don't need to do anything with them. You just put in the firewall and the switches get all the policies and rules that you already have in the firewall. With Fortinet, you just connect the FortiSwitch to the Fortinet and that's it."
"The initial setup is straightforward."
"A strong point of FortiGate is the graphical interface is complete and easy to use."
"DNS Security is a good feature because, in the real world with web threats, you can block all web threats and bad sites. DNS Security helps to prevent those threats. It's also very helpful with Zero-day attacks because DNS Security blocks all DNS requests before any antivirus would know that such requests contain a virus or a threat to your PC or your network."
"The App-ID, Content-ID, User-ID, and encryption and decryption are valuable features."
"When we put it on the border, it was blocking everything that we were getting ahead of time, and we weren't getting any hits. This includes URL filtering, spam prevention, and anti-virus."
"The ease of use and the ease of configuration of our policies are the most valuable features."
"GlobalProtect and App-ID features are very good."
"The management options are good."
"Good functionality and features."
"I typically get involved with it when it comes to audit and compliance and having to gather evidence of those firewalls, routers, and rule sets. The evidence that I typically need is there."
"Overall, we're very happy with our product."
"The best thing about Zscaler Internet Access is the website filtering. In the UAE it's quite an important feature because most of the malware comes through the SQL injection and through downloads from websites. Zscaler helps protect against that."
"The solution offers a distributed organization to master and to control all of the endpoints."
"One on the main benefits is protection all time from anywhere."
"I like the granularity of the control of all the traffic, including SSL inspection. I also like the fact that the user interface is intuitive. The latencies with Zscaler are minimal compared to those of any other competitor. Other competitors do not really have the global scale that Zscaler has and cannot promise low latencies."
"There is no lag in service when accessing the internet."
"Zscaler Internet Access has helped us reduce the time that we spend managing security policies by about four hours a week. We can use this time to focus on other things, especially the IT team."
"The most valuable feature of Zscaler Internet Access is that it is a consolidated solution, it comes with many features, such as DLP."
"Palo Alto has a feature called WildFire Analysis that is unavailable in FortiGate. WildFire is better than a sandbox because it can address zero-day threats and vulnerabilities. It can immediately identify zero-day threats from the cloud."
"Some features of Fortinet FortiGate are actually fee enabled that are inconvenient for deploying in production. Other issues relate to isolation with Cisco products and your server."
"Fortinet could improve the windows opener or the virtual IP solutions for opening windows. The virtual IP settings need improvement as firewalls are trending in new development directions."
"They should offer special pricing to premium partners and customers."
"It could use more templates for third-party site-to-site VPN setups other than FortiGate and Cisco."
"Scalability for Fortinet FortiGate needs to be improved. SD-WAN security for this solution also needs some improvement."
"We have an issue with hotel guest vouchers."
"Its customer service could be better."
"I would like the option to be able to block the traffic from a specific country in a few clicks."
"The solution has normal authentication, but does not have two-factor or multi-factor authentication. There is room for development there."
"The only problem that I see with the Palo Alto NGFW being an all-in-one appliance is that because of the different features that are being put into a single appliance, the OS tends to be beefier. Over the eight years, we have seen that the number of features or analyses being put into the appliance itself has a tendency to slow down the appliance, especially at the time of bootup. So, any time we are doing maintenance work, the time required for the appliance to boot up and be fully functional again is significantly longer than eight years ago. They could find a way to make this all-in-one appliance faster."
"The machine learning in Palo Alto NG Firewalls for securing networks against threats that are able to evolve and morph rapidly is good, in general. But there have been some cases where we get false positives and Palo Alto has denied traffic when there have been new updates and signature releases. Valid traffic gets blocked. We have had some bad experiences with this. If there were an ability, before it denies traffic, to get some kind of notification that some traffic is going to be blocked, that would be good."
"I'm thinking about a new feature. They have decryption. It's a good idea to use decryption on Palo Alto. It would be good if they had offloading of the traffic, and if they could decrypt the traffic and offload it. Like, for example, ASM on our site. We have an SSL decryption to offload the traffic. We could use that on Palo Alto."
"Palo Alto Networks NG Firewalls work slowly for vulnerability management. Its performance could be faster."
"Its scalability for on-prem deployments can be better. For an on-prem deployment, the hardware has to be replaced if the volume goes up to a certain level."
"There is a tradeoff between security and network performance, as security is always top-notch, but performance can sometimes lag and has room for improvement."
"I don't know whether it's Zscaler or not, however, sometimes I can't access my time management. I need to wait and try again a few hours later. Typically, if I let some time pass, I can access it again."
"In terms of usage, here in the GCC, it's still growing a growing market, so the combination of DLP, data leak prevention, to a certain extent is fine. But what it requires is user-based access or role-based access. The solution needs to grow into that, which definitely takes time. There's not an easy way to integrate it, when you have a cloud-based solution."
"One thing that they could improve is the ability to import rules from other platforms."
"Zscaler should continue to make the user interface better. They should also improve the backup network and continue to expand it so that it can handle larger numbers of customers."
"Currently, the solution's interface is not that user-friendly."
"They block Zscaler IPs when the traffic origin is from Zscaler IPs. They've been blocked by certain government organizations so the end users are not able to visit those websites unless we ask them to unblock those IP. This is a bit problematic."
"We'd like for them to include some sort of antivirus tool."
"Do not expect to pay for the service and start using it, like Gmail. Zscaler requires a proper implementation to be done to make it successful."
More Palo Alto Networks NG Firewalls Pricing and Cost Advice →
Palo Alto Networks NG Firewalls is ranked 6th in Firewalls with 162 reviews while Zscaler Internet Access is ranked 2nd in Secure Web Gateways (SWG) with 46 reviews. Palo Alto Networks NG Firewalls is rated 8.6, while Zscaler Internet Access is rated 8.2. The top reviewer of Palo Alto Networks NG Firewalls writes "We get reports back from WildFire on a minute-by-minute basis". On the other hand, the top reviewer of Zscaler Internet Access writes "Provides integrated CASB and file sandboxing but could be less expensive ". Palo Alto Networks NG Firewalls is most compared with Check Point NGFW, Azure Firewall, Meraki MX, Sophos XG and Netgate pfSense, whereas Zscaler Internet Access is most compared with Cisco Umbrella, Microsoft Defender for Cloud Apps, Netskope , Prisma Access by Palo Alto Networks and Appgate SDP. See our Palo Alto Networks NG Firewalls vs. Zscaler Internet Access report.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.