We performed a comparison between Palo Alto Networks and pfSense based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: pfSense has an edge in this comparison as it is a free, open-source solution while Palo Alto Networks is considered expensive by its users.
"Its stability is the most valuable."
"The Intrusion Prevention System and the web filtering are both working well."
"Fortigate represents a really scalable way of delivering perimeter network security, some level of layer 7 security, WAF, and also a way to create a meshed ADVPN solution."
"The most valuable features of Fortinet FortiGate are the APIs. They are the most widely known."
"The VPN is the most valuable feature."
"It's an easy solution to set up."
"Centralized monitoring, policy management, and virtualized appliances allow us to take control over our public and private infrastructure."
"Fortigate is very scalable to serve our customers' needs. We have scaled already from fifty to more than a hundred instances of Fortinet FortiGate. Around 20 staff are required for deployment and maintenance, mostly engineers."
"I especially like the VPN part. It works like a charm."
"Open source and support are valuable. I have community support."
"It is effective. We have not had any problems."
"Content protection, content inspection, and the application level firewall."
"Easy to deploy and easy to use."
"I like the connectivity to the open VPN. It's very smooth."
"The documentation is very good."
"I like pfSense's security features."
"Compared to other firewalls from Check Point, Fortinet, and Cisco, for example, Palo Alto Networks NG Firewalls use the most advanced techniques. They have sandbox integration and others in the orchestrator. Palo Alto's security features are at a higher level than those of the competitors at the moment."
"The user experience is good and the configuration is very easy."
"It helps the organization function better by virtue of cleaner and more predictive Internet access and usage being conducted by the employees and constituents of the company. It helps ensure that they have a stronger security posture. It is preventive medicine If you have DNS Security in place. You will be happy you had it. If you don't have it, you may never need it. However, if you did need it, and didn't have it, you will wish that you did. It is one of those things, like insurance."
"You just need a web browser to manage it, unlike Cisco, which requires another management system."
"The solution's most valuable feature is the robust firewall, which we can also use as a UTM device."
"We utilize advanced threat prevention features like web filtering and SSL decryption, which haven't caused any issues."
"DNS Security is a good feature because, in the real world with web threats, you can block all web threats and bad sites. DNS Security helps to prevent those threats. It's also very helpful with Zero-day attacks because DNS Security blocks all DNS requests before any antivirus would know that such requests contain a virus or a threat to your PC or your network."
"I like that Palo Alto does a good job of keeping the firewall updated with the latest threat signatures."
"Fortigate's hardware capacities could be improved."
"I think there could be more QoS features"
"The user interface could be improved to make it less confusing and easier to set up."
"The biggest "gotcha" is that if the client purchases what they call the UTM shared bundle, which has unified threat management on both, it's not as easy to manage if you have more than one firewall."
"With the reports, you can see it, and you can get good feelings so upper management can go, "Oh, wow. That looks pretty." However, it's very basic."
"There are some license issues. Not every feature must have a separate license. There must be some of kind synergy between the license so we don't have to pay for every individual license that we would like to have."
"The solution could be more user friendly."
"The cloud features and integration could be improved."
"If you want to take advantage of all of the solution's options, you need to have a bit of a technical background. It's not for a layperson."
"The solution could be more user-friendly, and the graphical interface needs some work so that someone without an IT background can use the application. I would like the ability to manage the on-premise appliance from the cloud. When I'm not in the office, it would be great to connect to the pfSense server and administer the network remotely."
"The solution could use better reporting. They need to offer more of it in general. Right now, the graphics aren't the best. If you need to provide a report to a manager, for example, it doesn't look great. They need to make it easier to understand and give users the ability to customize them."
"Many people have problems setting up the web cache for the web system."
"I have been using WireGuard VPN because it is a lot faster and more secure than an open VPN. However, in the latest version of pfSense, they have removed this feature, which is one of the main features that I need. They should include this feature."
"There are several levels of firewall configuration such as beginner, advanced, and expert configurations. At each level, it becomes more complex and more tricky to set up the firewall. For example, if you want to install the firewall on your computer system, it would be a lot easier if it just tells you that this is the internet NIC and this is the Wi-Fi NIC."
"The GUI could use improvements, though it is manageable."
"I expect a better interface with more log analysis because I create my own interface."
"I believe it would be beneficial if the solution could integrate with Google Chrome, especially for students who use Chromebooks. However, as far as I know, the solution currently does not support Google Chrome."
"Based on the features that I have seen so far, I do not see any room for improvement, but they can improve their CLI documentation. I haven't really seen much when it comes to CLI documentation."
"In the last three years at least, they have been lagging behind their competitors. The main issue is the support that we can get... You have to wait for them to get back to you and sometimes it's random. And the biggest problem I have is that you have to wait hours on the line when you're calling them to get a hold of the next available engineer."
"The tech support was once great, but now it is poor. The tech support has gone south. It is really difficult. I had a Priority 1 case last a week in their queue, and after multiple complaints, I finally got somebody to take the case. These are things that are unacceptable in the business world. They could train their employees better."
"Unfortunately, Palo Alto Networks products aren't cheap, but you have to pay the price for good security technology. I don't know the exact price, but it's about $10,000 to $15,000 without a subscription. Cisco is priced similarly. FortiGate is inexpensive in Poland, so a lot of customers prefer that."
"There is a web-based GUI to do management, but you need to know how the machine or firewall operates. There are hundreds of different menus and options. I have used other firewalls before. Just implementing or designing a policy with Palo Alto, if you want a certain port to be open to different IP addresses, then that could take 20 to 25 clicks. That is just testing it out. It is quite complex to do. Whereas, with other places, you tell it, "Okay, I want this specific port open and this IP address to have access to it." That was it. However, not with Palo Alto, which is definitely more complex."
"I would like to see more in terms of reporting tools and the threat analysis capabilities."
"The configuration part could be improved. It's very difficult to configure. It doesn't have a user-friendly interface. You have to know Palo Alto deeply to use it."
More Palo Alto Networks NG Firewalls Pricing and Cost Advice →
Netgate pfSense is ranked 1st in Firewalls with 128 reviews while Palo Alto Networks NG Firewalls is ranked 6th in Firewalls with 162 reviews. Netgate pfSense is rated 8.6, while Palo Alto Networks NG Firewalls is rated 8.6. The top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". On the other hand, the top reviewer of Palo Alto Networks NG Firewalls writes "We get reports back from WildFire on a minute-by-minute basis". Netgate pfSense is most compared with OPNsense, Sophos XG, KerioControl, Sophos UTM and Check Point NGFW, whereas Palo Alto Networks NG Firewalls is most compared with Check Point NGFW, Azure Firewall, Meraki MX, Sophos XG and Cisco Secure Firewall. See our Netgate pfSense vs. Palo Alto Networks NG Firewalls report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.