We performed a comparison between Palo Alto Networks NG Firewalls and ShieldX based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."The most valuable feature is the policy routing and application control."
"It can expand easily."
"Web filtering and two-factor authentication are great features."
"It's super reliable. I don't think I've ever had a reliability issue with it."
"Allows for firewall rules to be programmed and named in a way that makes it “readable”"
"Fortinet FortiGate's reliability is valuable."
"The inspection and web security features are most valuable."
"Their proxy-based inspection is responsive and secure."
"The most important part of this solution is its reliability, as it just works without any fancy features."
"There are many valuable features within the solution. This includes security, a user-friendly firewall, antivirus, and global protection."
"DNS Security is a good feature because, in the real world with web threats, you can block all web threats and bad sites. DNS Security helps to prevent those threats. It's also very helpful with Zero-day attacks because DNS Security blocks all DNS requests before any antivirus would know that such requests contain a virus or a threat to your PC or your network."
"The most valuable features are the IPS/IDS subscriptions."
"It's quite nice. It's very user-friendly, powerful, and there are barely any bugs."
"It has a unique approach to packet processing. It has single-pass architecture. We can easily perform policy lookups, application decoding, and integration or merging. This can be all done with a single pass. It effectively reduces the amount of processing required to perform multiple actions. This is the main advantage of using Palo Alto."
"The application awareness feature that recognizes application IDs and vulnerability protection are Palo Alto Networks NG Firewalls' most valuable features."
"The management options are good."
"...It takes the exact same policies that you would apply to your on-premise environment and enables you to simply apply them to the cloud. It becomes one policy for both on-prem and for the cloud."
"It has helped us tighten our security posture. Now, staff can only access things that they should be accessing."
"The UI was also one of the huge selling points. My web development manager was blown away with the detail and the granularity that you can get out of the UI. It is a very strong and informative UI, with the amount of data it provides."
"We were able to see what devices are talking to each other, giving us more visibility."
"ShieldX has been designed from the very beginning to work well in cloud environments. It understands autoscaling, automation, and auto-configuration. These are the things which are important in today's operating environment."
"The most valuable feature is the automatic scaling. With its microservices, it scales both up and down, depending on traffic and throughput."
"The Adaptive Intention Engine is fantastic. It allows us to develop security policies using the language of our internal customers. It's machine-learning applied to security workflows. That allows us to much more easily construct the policies that will protect those workflows."
"When we cluster the two Fortinet FortiGate boxes together we have some issues."
"I could not configure sFlow from the FortiGate graphical user interface. I realized that the sFlow configuration is available only from the CLI, and discovered that sFlow is not supported on virtual interfaces, such as VDOM links, IPsec, or GRE."
"The pricing could always be better."
"Fortinet should focus on enhancing the capabilities of FortiGate by consolidating its various products, such as FortiGate Cloud, FortiManager, and FortiAnalyzer."
"The support system could be improved."
"While FortiGate is cheaper than most other solutions, we're seeing increased license renewal costs. Most of our clients are asking for more significant discounts because the price is going up."
"Backup can be improved."
"There are SD-WAN network monitoring, SD-WAN features, Industrial Databases, Internet of Things, Detection, etc., however, we do have not licenses for those features. We thought that if you bought a product, you should have all of the features it offers. Why should you need to make so many extra purchases to enable features? They should have one price for the entire offering."
"People sometimes find it more expensive as compared to other solutions. There are also fewer training opportunities for Palo Alto than Cisco and other vendors."
"Currently, they don't have email protection. They can maybe add it in the future. Currently, if you want to do so, you need to go with another solution."
"In the last three years at least, they have been lagging behind their competitors. The main issue is the support that we can get... You have to wait for them to get back to you and sometimes it's random. And the biggest problem I have is that you have to wait hours on the line when you're calling them to get a hold of the next available engineer."
"Need improvement with their logs, especially the command line interface."
"I would like them to improve their GUI interface, making it more user-friendly."
"In Mexico, Palo Alto's discounts are significantly lower than Cisco's. They are also more expensive – about 15% or 20% – than Cisco, but their platforms are very similar."
"It's not so easy to scale out your security capabilities."
"Palo Alto has introduced new features in their next-generation firewall, such as SD-WAN. However, the technique of SD-WAN implementation is not easy to understand. It is not easy to deploy at this moment. Maybe, in the future, they can improve the process and how the administrators, partners, or support team can easily deploy this SD-WAN solution on their next-generation firewall. The SD-WAN solution from Fortinet is easy to do. It does not take more than five or 10 minutes. When we talk about Palo Alto, it takes extra effort to implement SD-WAN."
"We are having some issues with their LDAP and integrating it with the Active Directory. We can't seem to set it up."
"They need to be consistent in performance and capabilities over time, given the fact that this is new and I want to see where this goes in the next year or so. As the vendor continues to evolve and add future functionality, we want to make sure that we are still keeping up with the integrations, etc. Time will be the key factor here. The proper support for some of the latest technologies, Docker containers, etc. They need to keep up with threat landscape, so we will see how the security get layered. This is what we are going to be keeping an eye on."
"I would like better reports and in-depth reporting."
"There should be a bit more customer care, with regular review meetings on it or regular reports. It would be nice to have a quarterly or biannual review of what ShieldX has blocked."
"With any kind of tool like ShieldX, where you're in the cloud instead of a traditional firewall, you're using CPU resources in those environments to provide the protection. So there's a cost associated with CPU resources. I'm pressing upon them to make the product much more efficient and use less CPUs to do the same thing."
More Palo Alto Networks NG Firewalls Pricing and Cost Advice →
Earn 20 points
Palo Alto Networks NG Firewalls is ranked 6th in Firewalls with 161 reviews while ShieldX is ranked 46th in Firewalls. Palo Alto Networks NG Firewalls is rated 8.6, while ShieldX is rated 9.2. The top reviewer of Palo Alto Networks NG Firewalls writes "We get reports back from WildFire on a minute-by-minute basis". On the other hand, the top reviewer of ShieldX writes "Proactively monitors, blocks, and reports what it has blocked; and self-updates meaning there is zero maintenance". Palo Alto Networks NG Firewalls is most compared with Check Point NGFW, Azure Firewall, Meraki MX, Sophos XG and Netgate pfSense, whereas ShieldX is most compared with .
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.