We performed a comparison between Fortinet FortiGate, Fortinet FortiGate-VM, and Palo Alto Networks VM-Series based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."FortiGate is on the cheaper end, and it offers good value."
"Its performance in fulfilling our requirements has been satisfactory."
"I like that they have given me a solution at a fair price."
"The wireless control is helpful."
"The multi-tenancy feature is most valuable. It integrates very well with FortiManager and FortiAnalyzer."
"We use a lot of function on the IPS and it works well for us."
"A strong point of FortiGate is that the graphical interface is complete and easy to use, especially if we think there is a list of operations that we are able to perform inside."
"It is easy to manage, and it doesn't need much knowledge from the team. It is a stable device, and there are many features that are included out of the box."
"It's a very simple solution to manage."
"The user interface, stability, and scalability are the most valuable features."
"Technical support has been super responsive and dedicated to getting any challenges resolved."
"It has allowed us to centralize every network service into one appliance."
"It's very easy to set up, even for more junior developers."
"Initial setup was quite straightforward, as we can simply head to the required sections to apply the planned network."
"The product is easy to implement."
"The stability of the solution is good. We haven't faced any issues at all while using the product."
"They now know the details about their network traffic that they did not know before: Applications that they are using and some application they did not know they were using."
"The most valuable features are web control and IPS/IDS."
"AWS has improved our agility to apply firewall rules. It has reduced the amount of time that it takes to apply firewall rules because everything is based in the cloud."
"With the improved visibility we now have, the traffic is being properly monitored, which means that we are better able to manage it. These are improvements that we saw very quickly."
"It provides complete security posture from end-to-end. This has given us better visibility into what our security aspects are."
"The interface with Panorama makes it very easy to use."
"The technical support for the solution is very good."
"I have not actually called their support line, because we have a direct contact to a senior engineer in the company for any issues that we handle with them. I will say they are very responsive, and they do give you the information you need when you need it."
"Its reporting can be improved. Sometimes, I don't get proper reports."
"It would be ideal if they had some sort of GUI interface for troubleshooting and diagnostics."
"The routing capability on the FortiGate devices has room for improvement."
"Currently, without the additional reporting module, we only have access to basic reporting."
"It would be a benefit if Fortinet would release a one-stop solution that is better integrated with other products and an automated emergency response system."
"Monitoring and reporting could be better."
"The UI could be improved."
"It claims it does DLP, but the degree and level of controls are very basic."
"We encountered scalability issues in IPSec Module. The tunnels freeze sometimes."
"New versions are complicated with a big configuration."
"Fortinet support needs improvement. The response times are lackluster. Fortunately, the product is stable and we seldom have issues. Also, it takes months for them to deliver hardware when we order it."
"The price model is not transparent by any means and should be made more clear. What's included in the packages is often not very obvious."
"To improve FortiGate-VM, Fortinet needs to harden it more. For example, if you are using Hyper-V, then you need guidelines for hardening FortiGate-VM that are specific to the Hyper-V environment. If it's VMware, there should be at least a guideline on how to harden the firewall."
"Fortinet devices are acknowledged as highly potent and come with a notable cost. These devices offer extensive visibility, an array of configurations, and a range of security features. However, there's room for enhancement in their routing and switching security aspects, akin to Cisco's offerings. A noteworthy aspect here is Meraki, which offers cloud controllers. If FortiGate were to introduce a similar cloud management solution, it could strongly compete with both Meraki and Cisco products. Cisco operates in two sectors: enterprise and SMB. Particularly in the SMB market, they hold sway due to their convenient cloud management features. For instance, Meraki's cameras and wireless access points can be easily controlled through their cloud management portal. If FortiGate were to provide cloud-based management solutions for SMB customers, it could cater to a significant portion of the market, considering that a substantial number of customers fall within the SMB and mid-level enterprise categories."
"VM should be more optimized."
"Improvements are needed for the responsive UI and JIT traffic reporting."
"I would like a way to do everything programmatically, or be able to copy the configs from different prices at different levels."
"In the next release, I would like to see better integration between the endpoints and the firewalls."
"It would be good if the common features work consistently in physical and virtual environments. There was an integration issue in the virtual deployment where it didn't report the interface counters, and we had to upgrade to the latest version, whereas the same thing has been working in the physical deployment for ages now. It seems that it was because of Azure. We were using VMware before, and we didn't have any such issues. We do see such small issues where we expect things to work, but they don't because of some incompatibilities. There also seems to be a limitation on how to do high availability in a virtualized environment. All features should be consistently available in physical and virtual environments. It is not always easy to integrate Palo Alto in the network management system. We would like to be able to compare two network management systems. They can maybe allow monitoring an interface through the GUI to create a reference or do a baseline check about whether your network monitoring system is actually giving you the correct traffic figures. You need traffic figures to be able to recognize the trends and plan the capacity."
"The solution needs to improve its visibility. It's not straightforward to use. Understanding the policies, authorizations, and initializing features requires careful review. The product needs to offer proper training."
"It can definitely improve on the performance."
"In the next release, I would like to see better integration of multi-factor authentication vendors."
"The product could provide protection above Layer 3, which gets into the application layer and provides better visibility into those aspects of application security."
"We have ran into issues with Palo Alto’s limitations for resolving large IP lists from DNS lookups, as well as the antivirus interfering with App-ID."
In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it kind of depends what you value most.
PA is good at app control, web filtering and such like, they have always been top of the pile there. The GUI is very good, and their product is very user-focused.
Fortinet is good for scalability and predictable high throughput (ASICs in the hardware), and useful things like authentication flexibility, CLI config (if you have any networking/Cisco people, they always seem to prefer CLI over GUI) and have better OT features, maybe relevant to your manufacturing use?
Fortinet seem to have a broader integration offering with their security fabric than PA do, plus they can do Fortinet-based wifi, switching, etc. Depends if you are prepared to go all-in with a single vendor.
Hi,
Both FT and PA have compelling features for large Enterprises. I would like to add a few good points about Fortinetwhich might be helpful ( from my 13 years of engagement with them as Distributor and Partner)
Fortinet:
Have higher throughput; which comes with competitive rates
Wide range of models to select to meet your requirement, without spending heavliy
Outstanding customer support and very active customer care team
Easly available skilled resources from the channel for deployment and post-implementation support
Regards
Abhilash
Hello. The question is what you are going to have as a result of application