We performed a comparison between Check Point NGFW and Fortinet Fortigate based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Fortinet’s lack of an option to deploy firewalls on multiple endpoints is a definite downside. Although Fortinet received better feedback for its support, Check Point is the winner in this comparison.
"Check Point has given us the ability to comply with regulations and with capacities in a way that we never could before."
"The tool has solid firmware with very few vulnerabilities."
"The most valuable feature is the IPsec VPN."
"The most valuable feature is that we are protected against zero-day threats."
"Check Point offers excellent security."
"The sales, pre-sales, professional services, and tech support are all very nice."
"After introducing this NGFW, we have improved our security posture, and now, have peace of mind."
"Check Point NGFW has helped us to significantly reduce our risk of cyberattacks by providing comprehensive protection against a wide range of threats, including malware, viruses, ransomware, phishing attacks, and zero-day threats."
"It's very easy to configure."
"Allows for firewall rules to be programmed and named in a way that makes it “readable”"
"The most valuable feature is the web filter."
"A strong point of FortiGate is that the graphical interface is complete and easy to use, especially if we think there is a list of operations that we are able to perform inside."
"The most valuable features of Fortinet FortiGate are it is one of the most mature firewalls in the UTM bundle."
"I only deal with it from a security analyst's point of view. I don't really get into the features of the actual FortiGate. From the security point of view, it works, and it does its job."
"I like Fortinet's cloud management. It allows me to manage all my devices in different branches for three cloud accounts. Even though I use on-prem devices, I can manage everything on the cloud."
"Its administrative panel is very intuitive and simple. It is simpler than the other solutions that we had. As an administrator, we are always looking for the easiest solution to manage network policies. We are able to filter everything on our network and also use the VPN feature, which is important these days when people are working remotely during COVID."
"Although Check Point provides annual updates to the Gaia platform, integration with other OEMs is difficult."
"You need to merge all the old consoles into one new one and make the interface more convenient for the novice administrator."
"Some features, like the VPN, antispam, data loss prevention, etc., are managed in an external console. In the future, I'd like all features in the same console, in one place, where we can see and configure all features."
"In our particular case, we have different web applications developed by the same organization, however, that requires a specialized protection element such as a WAF. Having this service or feature within the same solution would be very valuable."
"With the increase of volume of traffic, the required resource/hardware to properly run goes up. Therefore, the hardware engineering to architecture flow has to be more efficient."
"This solution requires management software that is sold separately; it's actually a different appliance altogether."
"Check Point NGFW could improve by introducing machine learning and more modeling dividing the way they manage the ports. However, they have evolved over the last year."
"Check Point could do better to include acceleration technologies like SD-WAN in an integrated or embedded way to provide these new features that Check Point never had and is of great importance in the market."
"The renewal price and the availability could be improved."
"The stability of Fortinet FortiGate could improve."
"A lack of integration between our data centers."
"I have to say that the initial setup was complex. The deployment took a few days to get set up. Initially, we were using an IPVanish. We switched to this tool since we thought it would be easier. But it turns out it wasn't easier to set up and run."
"There is one big configuration file with no separations for the unique VDOMs. Maybe they could separate individual VDOM configuration files with the root VDOM configuration file referencing the individual VDOM config files."
"Technical support needs to be improved."
"It should come integrated or have its own type of network monitor tool in a module. There should just be one package, and you are good to go."
"I don't like that anything more than very basic reporting is not included."
Check Point NGFW is ranked 5th in Firewalls with 275 reviews while Fortinet FortiGate is ranked 2nd in Firewalls with 306 reviews. Check Point NGFW is rated 8.8, while Fortinet FortiGate is rated 8.4. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of Fortinet FortiGate writes "It's a reliable solution that's easy to install and cheaper than competitors ". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Cisco Secure Firewall, Netgate pfSense and Azure Firewall, whereas Fortinet FortiGate is most compared with Sophos XG, Cisco Secure Firewall, Netgate pfSense, Meraki MX and SonicWall TZ. See our Check Point NGFW vs. Fortinet FortiGate report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
I have worked for several years with the Check Point platform (NGFW) and it is by far more stable in hardware and software.
It is a very friendly platform and easy to configure. It is true that it is a bit expensive according to the required blades but it is a platform that is worth having as security in a corporate.
We are using both but the GUI and clustering on the FortiGate side look better/easier/more comfortable.
And I do agree with others - Check Point is expensive and Fortinet FortiGate has many models offering less expensive implementation.
I have experience on both from Disti and channel experience. Please find below my comments (nothing new as such).
-Check Point GUI is a bit complicated,
-Application and Web filtering are better than Fortigate.
-IPS and AV are more effective than Fortigate. Overall more stable than any other firewall
Support: not up to the level like Fortigate and lack of trained resources (in the gulf).
Check Point is expensive.
Fortinet has many models and is more affordable than Check Point. It also provides outstanding support. GUI is more user-friendly.
We had this same discussion recently with my organization. It came down to the security of the platform.
Fortinet has had a number of breaches over the last 2 years and this was a key factor in our decision.
The challenge with Check Point will be the transition from our existing firewall and taking advantage of the various features across our organization.