Check Point NGFW vs Check Point UTM-1 [EOL] vs Fortinet FortiGate comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Check Point NGFW, Check Point UTM-1 [EOL], and Fortinet FortiGate based on real PeerSpot user reviews.

Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls.
To learn more, read our detailed Firewalls Report (Updated: March 2024).
765,234 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"What gives me the most value is undoubtedly the security that the anti-bot and anti-virus blades provide.""The product is very user-friendly.""It is giving us a greater reach for greater prevention and is proactively protecting our employees.""The most valuable feature is the centralized management, which gives us control over all of the Check Point gateways.""The most valuable feature of the solution is the Quantum Intrusion Prevention System (IPS). I also like the solution's functionality, like autonomous threat prevention.""It is a very friendly platform and easy to configure.""With the outstanding capabilities of Check Point, we managed to have stable site-to-site VPNs with all our partners and with every other vendor's devices.""The central management console has helped with segregation, where planned interventions with management consoles do not have any impact on production or critical business traffic."

More Check Point NGFW Pros →

"It provides visibility and drives organizational security.""The most valuable feature for us was to implement negligent functionality, to direct functionality to viewer control and application control so we could disconnect, and at the same time, we installed checkpoints. We disconnected our proxy.""It safeguards against cyber attacks.""The UTM platform has been the most valuable.""Firewalls help us a lot in controlling traffic on our network and preventing unauthorized access.""The databases and its signatures are its most important features.""The most outstanding feature is being able to centralize each of the functions in a single device.""We can create a domain to separate and segregate some functions, some services."

More Check Point UTM-1 [EOL] Pros →

"The email protection and VPN features are the most valuable.""The initial installation is very straightforward.""It's great for capturing the traffic and troubleshooting it.""The reporting you receive out of this appliance is excellent. You will not need an external management system.""The solution is easy to configure and maintain remotely.""It is a good source for firewall protection.""One of the valuable features is a standardized OS.""The most valuable feature of FortiGate is FortiView which provides proactive monitoring."

More Fortinet FortiGate Pros →

Cons
"We find the GUI to be wrong and the CLI doesn't always show all of the connections.""It would be great if the access management, the user management features, were improved in terms of the number of users that can be connected, and how users can access the various resources with the help of firewall authentication.""Error logs can be more specific.""For the next release, we would like to have better ruleset cleanup tools that are already included.""Check Point can improve a little better in their technical services, especially in the Indian market.""It could be easier to manage the licenses on blades and contracts.""Internet load balancing provides either active/passive or active/active load balancing, however, I would like to see more options that provide SD-WAN capabilities while also allowing for more than two links.""The virtual environment is not stable at all. We have some customers who are using the virtual environment feature, and sometimes it crashes. We have many tickets open and the response is not as good as expected. We have to wait months for a resolution."

More Check Point NGFW Cons →

"The interface needs improvement.""What has been the issue of firewalls is they ask me for policies and content filtering application control and all these features that are now part of Harmony.""Some features that could be improved are advanced threat protection, sandboxing, and vulnerability management.""Technical support was very bad because the supplier who sold it to us, wasn't very supportive, and he wouldn't giving us direct links to the OEM.""The solution could be improved if there was a better way to report. The reporting functionality is not really good. Even though it's not the major function. Maybe adding a way to make a custom report.""As we don't have a representative of Check Point in Mozambique, this makes it very difficult when we have some issues to resolve.""The solution should be more user-friendly.""I am not able to see a demo."

More Check Point UTM-1 [EOL] Cons →

"The solution could be more evenly structured.""They should make the rule sets more understandable for the end user. When you're trying to explain to somebody how a computer network is secured, sometimes it's difficult for an end user or customer to understand. If there was a way to make the terminology more accessible to the end user, the set up could be easier. They should translate the technical jargon to an easily relatable and understandable conversation for the end user, the customer, that would be brilliant. Particularly in an environment where the IT structure is audited regularly, there's always pressure from the auditor to up the standards and up the security and you get your USCERT's that come out and there's a warning about this and the customer will want to lock out so much and when you apply it they run into issue where they can't search the internet or print to their remote office. Of course they can't print to your remote office, they just locked it up. They should make the language more understandable for the customer. If there's a product out there that made the jargon understandable to John Q. Public, I would buy that.""Fortinet FortiGate could improve the user interface. There should be more functionality and options through the GUI.""I haven't had a single issue since using Fortinet.""The updates Fortinet provides are sometimes unstable.""The setup is pretty complex and not easy to implement.""Scalability is one of the disadvantages. When it comes to scalability, you have to actually change the box. If you want to upgrade it, you need to actually change the existing box and probably you take the system off to other sites.""We would like to have the ability to disable some of the security functionalities."

More Fortinet FortiGate Cons →

Pricing and Cost Advice
  • "I don't think the product's pricing is a good value. I feel it's very overpriced. I feel a lot of the features for a next gen firewall are there. But I feel it's overpriced, because of the stability issues. As far as support goes, I really can't speak to direct Check Point support, but the third-party was pretty terrible... As far as the licensing goes, it's pretty complex. If anybody was to purchase the Check Point product, definitely make sure they have an account rep come on site, and explain it line by line, what each thing is. It's not straightforward. It's very convoluted. There's no way you could just figure it out by looking at it."
  • "Check Point solutions are very expensive here. They're good, but they're expensive... Check Point is only useful for customers that have a big IT budget."
  • "The price is high in comparison to other solutions."
  • "We pay $5,000-$6,000 a year."
  • "Maybe the pricing is a bit high but you get the durability and the duration."
  • "Licensing issues may be confusing at times."
  • "It is quite an expensive product, although security is a top priority."
  • "This product is not cheap and there are additional costs that depend on what model or package that you buy."
  • More Check Point NGFW Pricing and Cost Advice →

  • "The pricing is too high."
  • "This cost is between 3,000 and 5,000 euros per year, so some other solutions are cheaper and the pricing should be improved."
  • More Check Point UTM-1 [EOL] Pricing and Cost Advice →

  • "Fortinet has one or two license types, and the VPN numbers are only limited by the hardware chassis make."
  • "These boxes are not that expensive compared to what they can do, their functionality, and the reporting you receive. Fortinet licensing is straightforward and less confusing compared to Cisco."
  • "Go for long term pricing negotiated at the time of purchase."
  • "Work through partners for the best pricing."
  • "The value is the capability of having multiple services with one unique license, not having the limitation per user licensing schema, like other vendors."
  • "Easy to understand licensing requirements."
  • "​We saved a bundle by not needing all the past appliances from an NGFW.​"
  • "The cost is too high... They have to focus on more features with less cost for the customer. If you see the market, where it's going, there are a lot of players offering more features for less cost."
  • More Fortinet FortiGate Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    765,234 professionals have used our research since 2012.
    Comparison Review
    Anonymous User
    I have used both Sophos and Fortinet products in production and I have found the Sophos UTM appliances (hardware and virtual) to be a better fit most of the time -- with a few caveats which I will touch on below. In both instances, the transition from TMG will be mostly straightforward. The main hang-ups will be with the VIP/load balancing and SSL. For some reason that completely escapes me, both of these vendors make getting valid certificates onto their boxes unnecessarily difficult -- the Fortinet appliances more so than the Sophos UTM appliances. At one point a Fortinet engineer had to write an entire manual on how to get an SSL certificate uploaded successfully on the 4.x firmware Sophos: The one feature that is missing (and this makes some amount of sense) from the Sophos appliance is BITS caching for updates. Other than that, Sophos offers a full replacement for TMG on UTM9. The XG platform also offers a replacement for the TMG; however, some of the rumblings about upcoming releases suggests that Sophos is going to give XG the Apple iOS treatment and "streamline" the interface...potentially cutting out/hiding some functionality. On the effectiveness of the NGFW, Sophos is mostly good but has a few issues blocking all pieces of an application. For instance, we had to build custom blocking rules for OpenVPN (the vpn was being used to bypass the content filter) because the default Application Control wasn't effectively blocking the application. Fortinet: If it… Read more →
    Questions from the Community
    Top Answer:I have experience on both from Disti and channel experience. Please find below my comments (nothing new as such)… more »
    Top Answer:Azure Firewall is easy to use and provides excellent support. Valuable features include integration into the overall… more »
    Top Answer:Check Point NGFW provides essential security, featuring no-obligation access for secure connections, strong intrusion… more »
    Ask a question

    Earn 20 points

    Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and usage at… more »
    Top Answer:From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know… more »
    Top Answer:As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite… more »
    Ranking
    5th
    out of 59 in Firewalls
    Views
    28,743
    Comparisons
    17,898
    Reviews
    89
    Average Words per Review
    560
    Rating
    8.8
    Unranked
    In Firewalls
    2nd
    out of 59 in Firewalls
    Views
    126,666
    Comparisons
    92,626
    Reviews
    64
    Average Words per Review
    574
    Rating
    8.4
    Comparisons
    Also Known As
    Check Point NG Firewall, Check Point Next Generation Firewall
    FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
    Learn More
    Overview

    Check Point NGFW is a next generation firewall that enables safe usage of internet applications by blocking malicious applications and unblocking safe applications. Check Point NGFW, which uses deep packet inspection to identify and control applications, has features such as application and user control and integrated intrusion prevention (IPS), as well as more advanced malware prevention capabilities like sandboxing.

    Check Point NGFW includes 23 firewall models optimized for running all threat prevention technologies simultaneously, including full SSL traffic inspection, without compromising on security or performance.

    Benefits of Check Point's Next Generation Firewall

    • Robust security: Check Point NGFW delivers the best possible threat prevention with SandBlast Zero Day protection. The SandBlast protection agent constantly inspects passing network traffic for exploits and vulnerabilities. Suspicious files are then emulated in a virtual sandbox in order to detect and report malicious behavior.

    • Security at hyperscale: On-demand hyperscale threat prevention performance provides cloud level expansion and resiliency on premises.

    • Unified management: Check Point's SmartConsole makes it easy to manage and configure network security environments and policies. With the SmartConsole, users can manage all the firewall gateways and access logs and install databases from one location. Unified management control across the network increases the efficiency of security operations and reduces IT costs.
    • Continuous logging: Check Point NGFW’s Threat Management feature detects vulnerabilities and logs them. Using the logged data, users can easily create and implement efficient security policies.

    • Remote access: The remote access VPN provides a seamless connection for remote users.

    Check Point NGFW is suitable for organizations of all sizes, from small businesses to larger enterprises.

    Reviews from Real Users

    Check Point NGFW stands out among its competitors for a number of reasons. Two major ones are its intrusion prevention feature as well as its centralized management, which makes it very easy to deploy firewall policies to many firewalls with one click.

    Shivani J., a network security administrator, writes, "Check Point has a lot of features. The ones I love are the antivirus, intrusion prevention, and data loss prevention."

    G., a network administrator at Secretaría de Finanzas de Aguascalientes, writes, “Within the organization, the inspection of packages has given us great help in detecting traffic that may be a threat to the institution. The configuration of policies has allowed us to maintain control of access and users for each institution that is incorporated into our headquarters.”

    Arun J., a senior network engineer, notes, “The nicest feature is the centralized management of multiple firewalls. With the centralized management, we can easily use and operate multiple firewalls as well as create a diagram of them.”

    Check Point UTM-1 delivers proven, best-in-class security ideal for use in industrial Ethernet and SCADA environments. Robust performance and central management provide unmatched value in a simple, all-in-one solution.

    Fortinet FortiGate enhances network security, prevents unauthorized access, and offers robust firewall protection. Valued features include advanced threat protection, reliable performance, and a user-friendly interface. It improves efficiency, streamlines processes, and boosts collaboration, providing valuable insights for informed decision-making and growth.

    Sample Customers
    Control Southern, Optimal Media
    AccessIT Group Inc., Accuvant, Cadre Computer Resources Inc., Compuquip Technologies Inc, Dimension Data North America Inc., Forsythe Solutions Group, Gotham Technology Group LLC, GuidePoint Security LLC, Iovations, IPS
    1. Amazon Web Services 2. Microsoft 3. IBM 4. Cisco 5. Dell 6. HP 7. Oracle 8. Verizon 9. AT&T 10. T-Mobile 11. Sprint 12. Vodafone 13. Orange 14. BT Group 15. Telstra 16. Deutsche Telekom 17. Comcast 18. Time Warner Cable 19. CenturyLink 20. NTT Communications 21. Tata Communications 22. SoftBank 23. China Mobile 24. Singtel 25. Telus 26. Rogers Communications 27. Bell Canada 28. Telkom Indonesia 29. Telkom South Africa 30. Telmex 31. Telia Company 32. Telkom Kenya
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company15%
    Comms Service Provider7%
    Manufacturing Company6%
    VISITORS READING REVIEWS
    Educational Organization49%
    Computer Software Company8%
    Financial Services Firm5%
    Comms Service Provider5%
    REVIEWERS
    Security Firm23%
    Energy/Utilities Company8%
    Healthcare Company8%
    Financial Services Firm8%
    REVIEWERS
    Comms Service Provider16%
    Computer Software Company9%
    Financial Services Firm8%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Educational Organization20%
    Computer Software Company15%
    Comms Service Provider8%
    Manufacturing Company6%
    Company Size
    REVIEWERS
    Small Business32%
    Midsize Enterprise19%
    Large Enterprise49%
    VISITORS READING REVIEWS
    Small Business14%
    Midsize Enterprise57%
    Large Enterprise28%
    REVIEWERS
    Small Business45%
    Midsize Enterprise27%
    Large Enterprise27%
    REVIEWERS
    Small Business48%
    Midsize Enterprise23%
    Large Enterprise30%
    VISITORS READING REVIEWS
    Small Business27%
    Midsize Enterprise32%
    Large Enterprise41%
    Buyer's Guide
    Firewalls
    March 2024
    Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls. Updated: March 2024.
    765,234 professionals have used our research since 2012.