We performed a comparison between Palo Alto Networks NG Firewalls and SonicWall NSa based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The application control features, such as Facebook blocking and Spotify blocking, are the most valuable."
"The solution is extremely reliable."
"Layer-3 firewall and routing are the most valuable features."
"It does a lot for you for intrusion protection and as an antivirus. The threat management bundle is worth the money. You don't need another company to monitor your web traffic for you. You can do everything yourself on the firewall. You restrict your own black list for people on the firewall. You don't need to pay some other company for another product to do that for you. The firewall can do that for you. So, it's an easy-to-use product for people to be independent. They don't need to rely on other vendors to do what the firewall can do. They can do everything."
"The most valuable feature is the bundled subscription, which is IPS, TV and web filtering."
"It has very easy management and an amazing ETM configuration."
"The signature database and zero-day detection are Fortinet FortiGate's most valuable features."
"This solution has solid UTM features combined with a nice GUI."
"The application awareness feature that recognizes application IDs and vulnerability protection are Palo Alto Networks NG Firewalls' most valuable features."
"The most valuable features are application inspection and sandboxing. Application inspection decides where traffic is transmitted. If I have a perimeter report for a particular service, then other services or malicious services cannot use an open port. In this way, application inspection is doing a fantastic job. We also have a very good sandbox with almost no rate limit. It will inspect any file that comes in and goes out in a dedicated patch to identify malware. Therefore, these two things help me to protect our organization from any bad actors."
"The first time I came across these firewalls, what surprised me the most was their web user interface. It is complete and gives you a lot of information. You can do 80% of the things related to your network and firewall through the web UI. In some of the other devices, the UI is not as complete. App-ID is also very valuable in customer networks. When you're seeing a lot of traffic in your network, you can see in your web UI which users have the applications that are consuming the most bandwidth. You have a broad context, which is very good."
"The most valuable features include the different security zones and the ability to identify applications not only by port numbers but by the applications themselves... And with the single-pass architecture, it provides a good trade-off between security and network performance. It provides good security and good network throughput."
"One of the simple features I like about Palo Alto firewalls is that it's extremely easy to find out what's happening in the network. The reporting is phenomenal, and it's easy to find which threats have been detected and what traffic is going through the box. When a customer notices something is wrong, you can quickly check the amount of traffic going through the firewall around that time. If there is anything out of the ordinary, you can decide it needs to be investigated further."
"I typically get involved with it when it comes to audit and compliance and having to gather evidence of those firewalls, routers, and rule sets. The evidence that I typically need is there."
"From my experience, comparing it to other products, the granularity you can have in the application is very good. The application detection is excellent. It's certainly one of the best."
"I love the Policy Optimizer feature. I am also completely happy with its stability."
"The product is simple to manage."
"It allows us to block applications, i.e., websites by application type category. It is far more capable than content filtering alone."
"The features I found most valuable are email security and web filtering."
"We can do the hosting and security all under one box. The UTM is a good feature."
"The most valuable features of this solution are intrusion detection, intrusion prevention, and the advanced capture client, which provides live traffic analysis."
"SonicWall NSa has a user-friendly firmware"
"I really like the performance; there are no delays and no latency, which is a unique quality in firewalls nowadays."
"SonicWall NSa's most valuable features are the ease of configuration and the GUI."
"The solution is very expensive."
"Due to its higher cost, Fortinet FortiGate can lead to increased operational expenses."
"This product could be improved with Active directory integration and better handling in IPsec and GRE Tunnels."
"The performance could be a bit better. Right now, I find it to be lacking. Having good performance is very important for our work."
"Fortinet FortiGate can improve by integrating the web application firewall and the DDoS protection part of the solution. Having a WAF feature, web application firewall, and proxy together would be a good benefit."
"I would like to see improvements with the antivirus and IPS as they are not working properly all the time."
"Bandwidth usage in reporting could be improved for Fortinet FortiGate."
"Technical support is good but the response time could be faster."
"Personally, I feel that their dashboards for reporting and things like that need some improvement."
"I wish that the Palos had better system logging for the hardware itself."
"When we looked at it originally, we needed to host the Panorama environment ourselves. I would prefer it if we could take this as a service. It might be that it is available, but for some reason we didn't choose it. The downsides of hosting are that we need to feed and water the machines. We are trying to move to a more SaaS environment where we have less things in our data centers, whether they be in our cloud data centers or physical data centers, which can reduce our physical data center footprint."
"We are not happy with Palo Alto at all. It would be better if they provided more support for the firewall. We have a few pending issues with the configuration for each application. We cannot deploy them yet due to some support-related problems in the firewall. We have deployed a few policies for DNS spoofing and DNS attacks, but we could only block a few IP addresses through the policy. That's DNS security, and we have configured a few policies for DNS spoofing and more. URL categorization and URL filtering are not yet adequately maintained. For example, if you created a few rules in the rule-based configuration and made some rules downstairs, you will lose some of them if you give access upstairs. It's not giving us a proper solution for which route it is using. We need to apply the application-based policies and URL filtering-based policies. It creates more issues because we are not getting good support from the team."
"There is a bit of limitation with its next-generation capabilities. They could be better. In terms of logs, I feel like I am a bit limited as an administrator. While I see a lot of logs, and that is good, it could be better."
"I am in GCC in the Middle East. The support that we are getting from Palo Alto is disastrous. The problem is that the support ticket is opened through the distributor channel. Before opening a ticket, we already do a lot of troubleshooting, and when we open a ticket, it goes to a distributor channel. They end up wasting our time again doing what we have already done. They execute the same things and waste time. The distributor channel's engineer tries to troubleshoot, and after spending hours, they forward the ticket to Palo Alto. It is a very time-consuming process. The distributor channels also do not operate 24/7, and they are very lazy in responding to the calls."
"The only downside of Palo Alto Networks NG Firewalls, in my opinion, is the relatively higher price compared to Cisco FortiGate. This is especially noticeable when deploying basic configurations and considering the cost of licenses."
"Unfortunately, Palo Alto Networks products aren't cheap, but you have to pay the price for good security technology. I don't know the exact price, but it's about $10,000 to $15,000 without a subscription. Cisco is priced similarly. FortiGate is inexpensive in Poland, so a lot of customers prefer that."
"The filter settings are confusing and overly complicated. The user interface can be improved."
"Having to deal with too many lower-level people in technical support means that it takes longer to resolve issues, so escalating support tickets should be faster."
"The reporting feature could be better because most of the companies want to have the analytics included, which is something that you have to buy separately."
"It would help us a lot of SonicWall sent us more information about the latest updates and things that are changing."
"The solution can be a bit expensive."
"I feel that the SSL VPN client software needs a lot of improvement."
"The anti-spam requires a specific Java version on the server side (do not update it, otherwise it will break)."
"This product is unable to secure access to endpoints for our external employees."
More Palo Alto Networks NG Firewalls Pricing and Cost Advice →
Palo Alto Networks NG Firewalls is ranked 6th in Firewalls with 161 reviews while SonicWall NSa is ranked 20th in Firewalls with 77 reviews. Palo Alto Networks NG Firewalls is rated 8.6, while SonicWall NSa is rated 7.8. The top reviewer of Palo Alto Networks NG Firewalls writes "We get reports back from WildFire on a minute-by-minute basis". On the other hand, the top reviewer of SonicWall NSa writes "Great performance and security with reasonable pricing". Palo Alto Networks NG Firewalls is most compared with Check Point NGFW, Azure Firewall, Meraki MX and Sophos XG, whereas SonicWall NSa is most compared with SonicWall TZ, Meraki MX, Sophos XG, Cisco Secure Firewall and Check Point NGFW. See our Palo Alto Networks NG Firewalls vs. SonicWall NSa report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.