We performed a comparison between Check Point CloudGuard Network Security and Palo Alto Networks NG Firewalls based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Check Point CloudGuard Network Security provides a range of valuable features including VPN Blade, IPS Blade, URL filtering, and Applications Control Blade. Palo Alto Networks NG Firewalls excel in areas such as embedded machine learning, robust security capabilities, and a unified platform.
Check Point CloudGuard Network Security has room for improvement in its support system, cluster creation on AWS, data protection visibility, DLP feature, user interface, integration, cost reduction, documentation, and flexibility in deployment. Palo Alto Networks NG Firewalls could benefit from improvements in customization, network performance in the Middle East, advanced features, integration, usability, GUI interface, training materials, SSL inspection, and external dynamic list feature.
Service and Support: While some customers appreciate the technical support provided by Check Point, others are dissatisfied with the response time. Palo Alto Networks has customers who praise their knowledgeable support team, but there are also complaints about long wait times and issues with their support ticketing system. In summary, the customer service quality for both products differs among users.
Ease of Deployment: While some find it easy, simple, and straightforward, others mention that it may be complex and require technical expertise. Users generally consider the initial setup of Palo Alto Networks NG Firewalls to be straightforward and not complex. They find it easy and user-friendly.
Pricing: Check Point CloudGuard Network Security is known for its higher setup cost, however, it provides strong security measures and good value. Palo Alto Networks NG Firewalls may have higher pricing compared to other options, yet it is regarded as dependable and offers high-performance capabilities.
ROI: Check Point CloudGuard Network Security delivers a significant return on investment, ranging from 80-85%. Users have experienced the advantages of this solution within a short timeframe. Palo Alto NG Firewalls provide enhanced visibility, reporting capabilities, and overall security measures, leading to a robust return on investment.
Comparison Results: Check Point CloudGuard Network Security is the preferred option when comparing it to Palo Alto Networks NG Firewalls. Users appreciate its user-friendly interface, centralized management, and ability to scale. It also focuses on cloud security and offers advanced threat prevention and detection. Additionally, it provides auto-scaling, malware prevention, and exploit resistance.
"The security fabric is excellent."
"Their proxy-based inspection is responsive and secure."
"The SD-WAN function is very developed. It has SD-WAN functionality with security features in one device. We can manage from one single console SD-WAN and the security policy."
"Easy to implement, and it is also reliable."
"The signature database and zero-day detection are Fortinet FortiGate's most valuable features."
"The most valuable feature is the bundled subscription, which is IPS, TV and web filtering."
"The most valuable features are the enterprise modeling and the simple interface."
"Fortinet FortiGate has many valuable features, such as IDS, and intrusion detection. It has security features that are in part with the technologies that are available in the market."
"Additionally, the centralized reporting and management, accessible through a single pane of glass, offer consistency and efficiency across multi-cloud environments."
"It makes securing our cloud workload super easy, and we are able to push any sort of policy changes we need pretty quickly"
"All the features that we subscribe to from CloudGuard NGTP are valuable. All the threat prevention and access control features give us the network security that we expect."
"Check Point CloudGuard technical support is good."
"We primarily secure our network using CloudGuard Network Security's next-generation firewall features, including anti-spam, IPS, and URL filtering. Our chosen package for the go-to-market strategy is NGTP. For customers seeking more features, we provide options to upgrade to the tool's advanced packages."
"The comprehensiveness of the CloudGuard’s threat prevention security is great, especially once they integrate Dome9 in the whole thing. That really ties the whole thing together, so you can tie your entire cloud environment together into one central location, which is nice. Previously, we had three or four different tools that we were trying to leverage to do the same stuff that we are able to do with CloudGuard."
"The central management feature is a big plus, allowing us to manage both local and cloud gateways from one platform."
"The VPN features in CloudGuard Network Security have been the most valuable for us."
"We standardized on the product and got rid of several other types of firewalls from different vendors."
"I have found it to be reliable and very easy to use. I haven't really encountered many problems with it because its documentation is clear and readily available on their website."
"They have a good system operator in the firewalls and it provides many tools that they can use to protect their networks."
"The interface is very nice. We generally like the UI the product offers."
"GlobalProtect and App-ID features are very good."
"It's one of the best products I've worked with. It's typically a market leader on Gartner. It's a very respected brand."
"We have found the DPI ability to understand web applications and build access rules on web application categories first to be a great feature."
"Overall, it is a good solution. It is stable. We use URL filtering, which is useful for blocking undesired URLs."
"The stability could be a bit better."
"Some features of Fortinet FortiGate are actually fee enabled that are inconvenient for deploying in production. Other issues relate to isolation with Cisco products and your server."
"FortiOS is not simple."
"There are some cloud-based features that could be much more flexible than they currently are."
"The support team for Fortinet FortiGate needs to be more customer friendly."
"Lacks training for new features."
"Fortinet FortiGate can improve the integration with Active Directory. Additionally, I would like to have a Cloud Controller, such as they do in the Cisco Meraki solution."
"This product needs to have an analysis feature, rather than having the analysis done through the integration of a different product."
"Documentation might become too complex or too spread out, especially for newcomers."
"The product needs to improve technical support."
"The challenge mainly revolves around the slower functionality of virtual IP switching in Azure Virtual Network compared to on-premise solutions. On-premise, switching between clusters is faster, taking only a few seconds, while in Azure, it can extend up to five minutes. The downtime is a concern for us."
"Micro-Segmentation functionality for EAST-WEST traffic is not native and requires integration with a third-party OEM."
"Some more built-in marketplace templates would be nice. It would be nice to see more vendor assistance in deployments and backup of recoveries versus having customers rely upon that themselves. That would make it a lot more seamless and aligned with the standard on-premise model that is there. Check Point can extend the same posture that they have to CloudGuard and make that transition very seamless."
"The solution lacks the capability to scale effectively."
"The convergence time between cluster members is still not perfect. It's far away from what we get in traditional appliances. If a company wants to move mission-critical applications for an environment to the cloud, it somehow has to accept that it could have downtime of up to 40 seconds, until cluster members switch virtual IP addresses between themselves and start accepting the traffic. That is a little bit too high in my opinion. It's not fully Check Point's fault, because it's a hybrid mechanism with AWS. The blame is 50/50."
"Having a web UI in the VSX (or something similar) would be nice."
"I would like a collaboration system and reporting ASA policy needs to be smarter."
"Currently, they don't have email protection. They can maybe add it in the future. Currently, if you want to do so, you need to go with another solution."
"The pricing of the solution is quite high. It's one of the most expensive firewall solutions on the market."
"It would be better to have more tools to control Palo Alto Networks NG Firewalls. We don't have too many tools to access Palo Alto. For example, the IT team doesn't have access to it. We can see it physically and see if it's running or not. We need to contact a special team to receive that information. I would also like to see more reporting in the next release."
"Based on the features that I have seen so far, I do not see any room for improvement, but they can improve their CLI documentation. I haven't really seen much when it comes to CLI documentation."
"We have not taken Palo Alto's firewall management solution because it's too expensive and we don't feel it delivers significant value."
"Palo Alto has introduced new features in their next-generation firewall, such as SD-WAN. However, the technique of SD-WAN implementation is not easy to understand. It is not easy to deploy at this moment. Maybe, in the future, they can improve the process and how the administrators, partners, or support team can easily deploy this SD-WAN solution on their next-generation firewall. The SD-WAN solution from Fortinet is easy to do. It does not take more than five or 10 minutes. When we talk about Palo Alto, it takes extra effort to implement SD-WAN."
"I don't deal with it from a day-to-day perspective, but I can say that the evidence that I typically need is there, but sometimes, it's a task to actually get it and pull it out. They can make it easier to gather that evidence."
More Check Point CloudGuard Network Security Pricing and Cost Advice →
More Palo Alto Networks NG Firewalls Pricing and Cost Advice →
Check Point CloudGuard Network Security is ranked 8th in Firewalls with 119 reviews while Palo Alto Networks NG Firewalls is ranked 6th in Firewalls with 161 reviews. Check Point CloudGuard Network Security is rated 8.6, while Palo Alto Networks NG Firewalls is rated 8.6. The top reviewer of Check Point CloudGuard Network Security writes "The solution has good threat emulation, threat extraction, and reporting features". On the other hand, the top reviewer of Palo Alto Networks NG Firewalls writes "We get reports back from WildFire on a minute-by-minute basis". Check Point CloudGuard Network Security is most compared with Azure Firewall, VMware NSX, Cisco Secure Firewall, Akamai Guardicore Segmentation and Trend Micro Deep Security, whereas Palo Alto Networks NG Firewalls is most compared with Check Point NGFW, Azure Firewall, Meraki MX, Sophos XG and Netgate pfSense. See our Check Point CloudGuard Network Security vs. Palo Alto Networks NG Firewalls report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
