We performed a comparison between Fortinet Fortigate and Palo Alto Networks Wildfire based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Fortinet Fortigate is the more popular solution because of its ease of deployment combined with its solid set of features, excellent service and support ratings, and the fact that it is more affordable than Palo Alto Networks Wildfire.
"The security fabric is excellent."
"Fortinet FortiGate is easy to use."
"The most valuable features are the policies, filtering, and configuration."
"The features that I have found most valuable are the SD-WAN and their IP4 policy."
"The integration with Active Directory is one of the good features. Most of the customers are now looking for the Single Sign-on feature. So, being able to integrate Active Directory with the firewall is useful. It is also easy."
"Their reliability and their policy of pre-shipping replacements when a unit has failed."
"The reporting and monitoring are very good."
"It enables our organization to become more productive. Also, it protects our NEtWare from viruses and malware."
"What I like about Palo Alto is that it is a complete product, with everything in it."
"WildFire has been instrumental in blocking a number of new threats, before common desktop anti-virus tools were able to detect them."
"The most valuable features are all of the security features in terms of protection and SSL and VPN."
"They have many different options with Palo Alto WildFire and the set-up is quick. If you have all the details in hand, it does not take more than 15 minutes to deploy a firewall."
"The most valuable feature for us is the VPN."
"Their technical support is outstanding and top-notch."
"The graphic user interface of Palo Alto is good and it's easy to configure."
"High availability with active-active and active-passive modes."
"Fortinet needs more memory to save the log files. We need it to save the logs on the hardware and not in the cloud. I know this feature is available in FortiCloud, but if we need this log locally, it is not available."
"Its reporting and pricing need improvement."
"Scalability is one of the disadvantages. When it comes to scalability, you have to actually change the box. If you want to upgrade it, you need to actually change the existing box and probably you take the system off to other sites."
"They are doing good, but they can improve the distributor assignment. The availability of the product and the timeline of delivery are the main things. The distribution should be swift, and the distributor should not reach out to end customers directly. They should work as a distributor. There should also be one more local distributor. Currently, there is only one distributor in Pakistan, and the rest of them are in UAE. It is difficult to work with only one distributor. Sometimes, you don't get along with the same distributor, and that's why they should have one more distributor. Their licensing should also be improved. The activation or renewal of the product should be done from the date of renewal, not from the date on which the license expired."
"Its filtering is sometimes too precise or strict. We sometimes have to bypass and authorize some of the sites, but they get blocked. We know that they are trusted sites, but they are blocked, and we don't know why."
"In terms of what could be improved, the SD-WAN is quite difficult, because if you install the new box, 15 is okay, but if you change from an old configuration, if there is already configuration and a policy when you change to SD-WAN, you must change the whole policy that you see in the interface."
"FortiLink is the interface on the firewall that allows you to extend switch management across all of your switches in the network. The problem with it is that you can't use multiple interfaces unless you set them up in a lag. Only then you can run them. So, it forces you to use a core type of switch to propagate that management out to the rest of the switches, and then it is running the case at 200. It leaves you with 18 ports on the firewall because it is also a layer-three router that could also be used as a switch, but as soon as you do that, you can't really use them. They could do a little bit more clean up in the way the stacking interface works. Some use cases and the documentation on the FortiLink checking interface are a little outdated. I can find stuff on version 5 or more, but it is hard to find information on some of the newer firmware. The biggest thing I would like to see is some improvement in the switch management feature. I would like to be able to relegate some of the ports, which are on the firewall itself, to act as a switch to take advantage of those ports. Some of these firewalls have clarity ports on them. If I can use those, it would mean that I need to buy two less switches, which saves time. I get why they don't, but I would still like to see it because it would save a little bit of space in the server rack."
"FortiGate is really good. We have been using it for quite some time. Initially, when we started off, we had around 70 plus devices of FortiGate, but then Check Point and Palo Alto took over the place. From the product perspective, there are no issues, but from the account perspective, we have had issues. Fortinet's presence in our company is very less. I don't see any Fortinet account managers talking to us, and that presence has diluted in the last two and a half or three years. We have close to 1,500 firewalls. Out of these, 60% of firewalls are from Palo Alto, and a few firewalls are from Check Point. FortiGate firewalls are very less now. It is not because of the product; it is because of the relationship. I don't think they had a good relationship with us, and there was some kind of disconnect for a very long time. The relationship between their accounts team and my leadership team seems to be the reason for phasing out FortiGate."
"The technical support response needs improvement."
"Many years back an update caused an issue with the firewall. However, Palo Alto not only informed us of said issue, they also sent an update that fixed the issue before I even had time to log in to determine if the issue affected our services."
"There are some formats that the solution cannot support ."
"I think it would be nice for Palo Alto to work without the connection to the cloud. It is 100% powerful when connected to the cloud. But, if you disconnect from the cloud, you only get 40-50% power."
"The system performance degrades after the solution has been deployed for some time. The data that it gives us becomes a little bit slow. When you try to get some data for troubleshooting, it seems like it's working hard to extract that data."
"It would be nice if there was an easier way to install and deploy it, such as through the inclusion of wizards."
"The VPN and decryption need improvement."
"The initial setup was a little bit complex, mainly due to the GUI console and management challenges."
Fortinet FortiGate is ranked 2nd in Firewalls with 306 reviews while Palo Alto Networks WildFire is ranked 3rd in Advanced Threat Protection (ATP) with 58 reviews. Fortinet FortiGate is rated 8.4, while Palo Alto Networks WildFire is rated 8.4. The top reviewer of Fortinet FortiGate writes "It's a reliable solution that's easy to install and cheaper than competitors ". On the other hand, the top reviewer of Palo Alto Networks WildFire writes "Good technical support and provides automatic analysis that saves us time in filtering email". Fortinet FortiGate is most compared with Sophos XG, Cisco Secure Firewall, Netgate pfSense, Meraki MX and Check Point NGFW, whereas Palo Alto Networks WildFire is most compared with Cisco Secure Firewall, Proofpoint Email Protection, Juniper SRX Series Firewall, Fortinet FortiSandbox and Check Point SandBlast Network.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
FortiGate has a lot going for it and I consider it to be the best, most user-friendly firewall out there. What I like the most about it is that it has an attractive web dashboard with very easy navigation tabs; It can be managed and controlled using layer two wireless access points; When compared with other firewalls, building IPsec VPN and SSL VPN is much easier; I can configure virtual networks within the same firewall; And, configuration of NAT and static routes are straightforward. I would recommend it to any organization that needs to provide VPN access for their employees.
FortiGate also has many security functions, such as application control, web filtering, IPS, antivirus, etc., that help companies protect their users. The FortiGate solution also helps optimize traffic from user to application via the hybrid WAN environment. I think what I like most about this solution is that I can combine security functions and SD-WAN, which allows me to scan traffic flow but also to protect the local application server or the user.
For me, the downsides of FortiGate are that it happens to include many bugs, and sometimes it can be a challenge to block content from a website with web filtering since web pages contain websites that consume other resources. Moreover, mobile device administration is complicated, and it does not seem to adapt to smartphone or tablet screens very well.
While it isn’t my favorite, WildFire provides the ability to block threats as they travers your network infrastructure both in retro-time and real-time. WildFire also has zero-trust and actively works to inspect traffic for malicious capabilities by forwarding a file to the WildFire cloud, even in the case that it doesn’t recognize what the file is doing. The reason why WildFire is not my first choice is because I feel that it is lacking many features and that they could improve by adding more functionality. But there doesn’t seem like there is a way to either tune or tweak the solution. If implemented correctly, though, it can be a good, robust solution to achieving great endpoint security.
Conclusion:
In my opinion, FortiGate is better than Wildfire because FortiGate meets my business needs better and has more appealing feature updates and roadmaps as well as great technical support, all of which are important to me.
What type of network is? how many users?
Fortinet products are unique in that they have specific chips to work on hardware rather than overcharging a CPU to 90%, as happens with some Sophos boxes and others.
Things in the cloud... the cloud is a name, it is software running on someone else's computer system and could be only for you or multi-tenancy. Delays and other dramas may occur.
The question as I was invited to comment :| Which is better, does not tell anything, somehow.