We performed a comparison between Check Point NGFW and Fortinet Fortigate based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Fortinet’s lack of an option to deploy firewalls on multiple endpoints is a definite downside. Although Fortinet received better feedback for its support, Check Point is the winner in this comparison.
"It's enabled us to move away from basic LAN to LAN segmentation to a more powerful user separation approach."
"Check Point has strong security features as well as some decent monitoring and management capabilities."
"It filters unwanted traffic."
"Even though Check Point NGFW provides a set of security features that enforce protection on the network, the most valuable aspect is also the most used feature: the plain and simple firewall component. This is the core of the product and works to a great extent without the need for all other available bells and whistles."
"Check Point is awesome from a security standpoint. Based on our experience and also the experience of the other customers, it is a very stable appliance."
"It gives us centralized management for multiple firewalls. For example, if I want to push the same configuration in 10 firewalls, I can push it all at once with the help of the centralized management system."
"The logging and central policy management are the most valuable aspects for us as we were not having success earlier with the ASA in terms of upgrading/managing."
"I think the VSX has been the most valuable feature for us."
"It enables our organization to become more productive. Also, it protects our NEtWare from viruses and malware."
"Good load balancing feature."
"It can expand easily."
"It is useful for protecting and segregating the internal networks from the internet. Most of our customers also use the FortiGate client to connect to their offices by using the VPN client, and of course, they usually activate the antivirus, deep inspection, and intrusion prevention services. They are also using it for web filtering and implementing various policies dealing with forwardings, NAT, etc."
"It is a safe product."
"One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface. I don't have to log into one interface for the firewall, another one for the access points, and another one for the switches. These firewalls have access point controller functionality built right into the system, so I don't even have to purchase additional devices to manage them."
"Allows for firewall rules to be programmed and named in a way that makes it “readable”"
"The most valuable features of Fortinet FortiGate are the rules and quality of service."
"There is a huge amount of revenue lost in the financial/banking sector due to cyber attacks, so we need to have something that can highly concentrate on future cyber attacks."
"It could greatly improve our customer experience by centralizing management."
"Log queries are slow and take time to load."
"It should be user-friendly from an implementation point of view. Its setup is a little bit difficult."
"The policy installation length is still too long. It was promised that the time would be severely reduced in newer versions, but it is still too long."
"The predefined reports are limited and should provide more information. Check Point should provide a greater number of defined reports and produce reports for each division of the organization."
"While the logs are very good and easy to understand, when you want to download these customized logs, they don't have as many features compared to competitive firewalls."
"It would help if they were easier to deploy, without needing more technical people. It would be nice if we could just give basic information, how to connect, and that would be all, while the rest of the setup could be done remotely."
"They've become quite expensive."
"Fortinet FortiGate could improve by adding FortiAnalyzer to its solution, we should not have to use another solution. FortiAnalyzer can provide more detailed information."
"We have an issue with hotel guest vouchers."
"The ease of use could be improved."
"Fortinet needs more memory to save the log files. We need it to save the logs on the hardware and not in the cloud. I know this feature is available in FortiCloud, but if we need this log locally, it is not available."
"There are some license issues. Not every feature must have a separate license. There must be some of kind synergy between the license so we don't have to pay for every individual license that we would like to have."
"There are a lot of bugs I have found in the solution and it is difficult to upgrade. These areas need improvement."
"Security is a continuous process. In every product, there is a requirement for improvement. Its pricing should also be improved according to Indian market requirements. They must also improve on the reporting part. Its reporting can be more precise. If we can get a real-time report in a specific format, it will be helpful for customers to know about the current status of their security."
Check Point NGFW is ranked 5th in Firewalls with 275 reviews while Fortinet FortiGate is ranked 2nd in Firewalls with 306 reviews. Check Point NGFW is rated 8.8, while Fortinet FortiGate is rated 8.4. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of Fortinet FortiGate writes "It's a reliable solution that's easy to install and cheaper than competitors ". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Cisco Secure Firewall, Netgate pfSense and Azure Firewall, whereas Fortinet FortiGate is most compared with Sophos XG, Cisco Secure Firewall, Netgate pfSense, Meraki MX and SonicWall TZ. See our Check Point NGFW vs. Fortinet FortiGate report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
First of all, Check Point checks the rules to be configured before installing them in the firewall and this prevents the user from making mistakes and putting the company at risk.
Check Point is no longer expensive. It has many models and competes in performance and price vs. Fortinet.
Now web interfaces, like Fortinet, may have more bugs per top 10 OWASP.
We are using both but the GUI and clustering on the FortiGate side look better/easier/more comfortable.
And I do agree with others - Check Point is expensive and Fortinet FortiGate has many models offering less expensive implementation.
I have experience on both from Disti and channel experience. Please find below my comments (nothing new as such).
-Check Point GUI is a bit complicated,
-Application and Web filtering are better than Fortigate.
-IPS and AV are more effective than Fortigate. Overall more stable than any other firewall
Support: not up to the level like Fortigate and lack of trained resources (in the gulf).
Check Point is expensive.
Fortinet has many models and is more affordable than Check Point. It also provides outstanding support. GUI is more user-friendly.
We had this same discussion recently with my organization. It came down to the security of the platform.
Fortinet has had a number of breaches over the last 2 years and this was a key factor in our decision.
The challenge with Check Point will be the transition from our existing firewall and taking advantage of the various features across our organization.