We performed a comparison between Fortinet Fortigate vs. WatchGuard Firebox based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Fortinet FortiGate came out ahead of WatchGuard because of its stronger support and better pricing.
"We use a southern institution that's audited for IT security and the reporting that automatically comes off the unit makes it much easier to meet compliance standards and makes it easier as far as the amount of time that has to be spent to compile that information. If you get your reporting set up correctly when you initially set it up, you just select the one you want and hit print. The auditing trail on it is the best feature."
"What's most important is the ease of use."
"The pricing is excellent. It's much less expensive than Cisco."
"We are a visual effects company, and there have been a number of high profile security issues in our industry. This has brought us to a higher standard of security, which our clients are very keen on these days."
"The simplicity of the configuration and the stability of the product are most valuable. The VPN concentrator is very useful."
"The features that I have found most valuable are the SD-WAN and their IP4 policy."
"The most valuable features are the possibility of having one fabric for switching on security."
"The web filtering feature and the intrusion protection system are the most valuable. It is a resilient appliance. I never had an issue with it in terms of any security breaches."
"I like the High Availability features of the newest ones I'm using because they allow a firewall to fail and still be up and running."
"The firewall aspect and the branch office VPNs are the most valuable features... We don't have any issues with it. We don't have to spend a lot of time maintaining it."
"The main reason we went with it was the security protocols. They were more robust on this device."
"What I found most valuable in WatchGuard Firebox is that it's a functional platform that works, and each of its features works well. The solution also has good reporting and dashboard capabilities. I also find the overall performance of WatchGuard Firebox great."
"The tool's most valuable feature is the dashboard."
"The most valuable features of the WatchGuard Firebox are all the security and updated features. You are able to configure the solution from the cloud platform and the application and web interface are very nice."
"Among the most valuable features is the ease of use — love the interface — of both the web interface and of the WatchGuard System Manager."
"The solution has many security features. We have an intrusion provision system and filtering and block filtering."
"Compared to some other products, the DLP is not at par for the moment."
"The stability could be a bit better."
"The license renewal process, annual renewal price, and the web application firewall features should be improved."
"The logs need to be better. They need to be more visible and easier to access."
"The pricing could be reduced or include the first year warranty."
"Its filtering is sometimes too precise or strict. We sometimes have to bypass and authorize some of the sites, but they get blocked. We know that they are trusted sites, but they are blocked, and we don't know why."
"There is a lot of improvement needed with SSL-VPN."
"It could use better throughput on some of the smaller boxes for the branch offices."
"In terms of the reporting and management features — and this isn't necessarily a WatchGuard issue, this seems to be more of an industry-wide issue — you get reports, but a lot of times you don't know what you're looking at. You're so overwhelmed with the data. You're getting a lot of stuff that doesn't matter, so it takes time to parse through it, to actually get what you want to know."
"In WatchGuard Firebox, the antivirus and malware detection systems are areas with shortcomings that require improvement since they are the most important elements of a cybersecurity tool."
"I haven’t dug deeply into the reporting features yet or if they are working well. However, I have generated several reports and there was too much unnecessary information, in comparison with the reporting features in the Sophos firewall. Sophos' reporting is more readable and easier to configure."
"Due to their lack of investment in marketing, channel development, and certifications, WatchGuard faces challenges in gaining visibility and market share, especially in regions like Pakistan."
"Firebox would be improved with integration for endpoint protection solutions."
"Cloud-based central administration of all devices from one point would be nice"
"The product's technical support services need improvement."
"The UI and web view aren't nice."
Fortinet FortiGate is ranked 2nd in Firewalls with 306 reviews while WatchGuard Firebox is ranked 13th in Firewalls with 78 reviews. Fortinet FortiGate is rated 8.4, while WatchGuard Firebox is rated 8.6. The top reviewer of Fortinet FortiGate writes "It's a reliable solution that's easy to install and cheaper than competitors ". On the other hand, the top reviewer of WatchGuard Firebox writes "Offers a streamlined deployment, intuitive interface and robust security features". Fortinet FortiGate is most compared with Sophos XG, Cisco Secure Firewall, Netgate pfSense, Meraki MX and SonicWall TZ, whereas WatchGuard Firebox is most compared with Netgate pfSense, Sophos XG, OPNsense, SonicWall TZ and Meraki MX. See our Fortinet FortiGate vs. WatchGuard Firebox report.
See our list of best Firewalls vendors and best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Even though my experience with FortiGate products has been mostly positive, I am partial to the WatchGuard appliances. I find the FortiGate interface a bit odd. For example, some of the wizards within the interface make me feel like it is more of a consumer device, even though I know it is a very capable appliance. The WatchGuard interface is more complicated, but it is also more capable. I also find that the UTM features within the FortiGate products lack some of the granular control available with WatchGuard.
I believe WatchGuard is the better choice regarding the quality of support, available documentation, and training resources.
I see that another reviewer indicated that WatchGuard lacked application control features. That is incorrect. Although I do not use this feature in any of my environments, I assure you that the features are available, and my testing has shown it to be capable.
WatchGuard appliances also can integrate their endpoint Threat Detection and Response client to an environment for a correlated view of the environment.
WatchGuard also offers multiple methods for managing an appliance. Although the GUI is very capable, I am not a fan of live changes to an appliance. There are instances when multiple changes must be made to achieve the desired outcome. When these circumstances arise, the WatchGuard Policy Manager software allows you to deploy multiple changes at once while maintaining an OH SH!T copy that you can quickly redeploy if you happen to make a mistake.
When it hits the fan, and you must troubleshoot an appliance issue, WatchGuard is far superior to any firewall I have worked with, including Fortigate. The ability to quickly and easily adjust the policies' order of precedence is a huge advantage and can often save a great deal of time troubleshooting.
Please do not take this as a negative review of FortiGate products. I am only speaking about firewalls. I have not used any of the other FortiGate products. I am strictly speaking of my experience deploying and managing FortiGate and WatchGuard firewalls. From my experience, I find the WatchGuard a superior product.
As a Managed Service Provider, our preferred product is WatchGuard, with our second offering being the Fortigate. We managed other firewall brands, but we only sell WatchGuard and FortiGate products under normal circumstances. There are exceptions based on the client's needs. For example, CradlePoint devices are often the best solutions for a client that only has cellular connectivity as an option. I only point out this situation because FortiGate is now offering LTE/5G solutions. We have many rural clients and moving forward, this may impact what we recommend. Unfortunately, at this time, I don't have enough knowledge to offer any intelligent input on these product offerings, only that they are on our radar.
In my organization, we use Fortinet’s Fortigate. We find it to be very powerful, cost-efficient, and reliable. The user interface is friendly, and it is easy to create policies and set rules. As an NGFW, you can upgrade the firewall cluster firmware without disturbing the user. The graphic interface is very intuitive. The endpoint and email protection are on point, and you don’t have to worry about downtime.
FortiGate offers malware and spyware protection, with advanced capabilities like proxy-based antivirus. It has advanced network protection features and a powerful intrusion prevention system with anti-spam and web filtering capabilities. For all the capabilities it offers, the price is reasonable.
FortiGate has downsides though: the technical support is not great, and there is not a lot of documentation available. It is also kind of hard to configure.
We reviewed WatchGuard before choosing FortiGate. WatchGuard offers a comprehensive advanced network security platform with enterprise-grade security. The router is rich in security features like antivirus, APT blocker, and spam blocker. It is simple to use and applicable for various use cases. It offers web filtering, application control, and monitoring.
We liked that the GUI interface seemed intuitive and easy to use. It integrates with Active Directory, so it is a good fit for MS enterprise users. You can also schedule backups with ease.
WatchGuard is, however, lacking in features for application control and we found the DNS server functionality to be poor. The firewall policies don’t point to a domain, only to IP addresses. While it is excellent that it integrates with Active Directory, the single-sign-on sometimes doesn’t refresh users’ permissions when they log on and off.
Conclusion
Fortinet Fortigate is undoubtedly a powerful and established next-generation firewall, and with all the features and capabilities, it is a better and more cost-effective solution than WatchGuard. WatchGuard would be better for organizations that use MS products.