Forcepoint Next Generation Firewall vs Sangfor NGAF comparison

Forcepoint and Sangfor are both solutions in the Firewalls category. Forcepoint is ranked #25 with an average rating of 7.2, while Sangfor is ranked #18 with an average rating of 7.9. Forcepoint holds a 0.4% mindshare in Firewalls, compared to Sangfor’s 1.3% mindshare. Additionally, 78% of Forcepoint users are willing to recommend the solution, compared to 90% of Sangfor users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Apr 6, 2025

Forcepoint Next Generation Firewall and Sangfor NGAF are competing in the network security field. Sangfor NGAF seems to have an edge due to its advanced features, which many find justifies its cost.

Features: Forcepoint's integrated threat intelligence, centralized management, and SD-WAN features cater to enterprises with complex setups. Sangfor NGAF provides all-in-one protection, enhanced threat detection, and features advanced AI technologies. It also offers a user-friendly interface, WAN optimization, and application control.

Room for Improvement: Forcepoint can be more user-friendly by simplifying its management console and reducing the complexity of its integrations. Improving deployment times could also help. Sangfor might enhance its reporting capabilities, provide more detailed analytics, and further develop its network scalability features to match enterprise demands.

Ease of Deployment and Customer Service: Sangfor NGAF offers straightforward deployment and proactive customer service, leading to reduced configuration and support time. Forcepoint, though robust, requires more effort due to its intricate setup and multiple solution integration, which may cause potential delays.

Pricing and ROI: Forcepoint incurs higher initial setup costs, reflective of its detailed security capabilities. Sangfor NGAF, with competitive pricing, offers a more favorable ROI due to efficient deployment and low maintenance costs, providing a compelling financial proposition for budget-conscious buyers.

To learn more, read our detailed Forcepoint Next Generation Firewall vs. Sangfor NGAF Report (Updated: April 2025).

Buyer's Guide

Forcepoint Next Generation Firewall vs. Sangfor NGAF

April 2025

Download the complete report

Helped 851,604 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortinet FortiGate

Mindshare comparison

As of May 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 21.4%, up from 17.7% compared to the previous year. The mindshare of Forcepoint Next Generation Firewall is 0.4%, up from 0.4% compared to the previous year. The mindshare of Sangfor NGAF is 1.3%, up from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Firewalls

Featured Reviews

EhabAli

Sr. Cybersecurity Solutions Architect at BMB

Efficient, user-friendly, and affordable

In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.

Read full review

OusaidAbaz

Security Network Architect at Inmac

Provides decent protection for the LAN but complicated interface

We had some licensing issues with its web filtering capabilities. That's why we migrated our web filtering to Cisco Umbrella. Moreover, the interface is complicated. It's difficult to locate all the necessary menus and functions. For example, one of the many issues is with SSH. Even now, we haven't successfully opened the port to connect using SSH mode when we want to change the configuration. It's like a black box—not very open to changes and customization. It's simply not easy to configure. There are other problems, too. For example regarding Forcepoint's Websense component. We had a lot of problems managing the web settings within Websense. That's why we migrated to Cisco Umbrella for cloud-based web filtering. It's not that Forcepoint is inherently bad. The issue is that it's not user-friendly. It is not easy to use. The developers need to redesign the interface (GUI) for better management. It is very difficult to manage. For example, simple actions require too many clicks compared to FortiGate or Palo Alto. That's the main problem.

Read full review

Zaid Farooqui

CIO at Indus Motor Company

Enhanced threat detection with integrated security features and good support

We are using application firewalling, WAF, and SD-WAN. The capabilities are mostly within the box. For example, you will get web application firewall WAF as part and parcel of this. SD-WAN is also bundled. It integrates with their SIEM and SOAR solutions very nicely. Lastly, the pricing point is very cost-efficient as well.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most valuable feature of the solution revolves around SSL VPN."

"The features that I have found most valuable are the SD-WAN and their IP4 policy."

"It's an easy solution to set up."

"Security management tool that's easy to integrate and easy to work with. No issues found with its stability and scalability."

"In terms of security, we have not experienced any security flaws or loopholes, and it has proven to be quite stable."

"The solution is very user-friendly."

"The network security and cloud security are most valuable."

"Our security improved from being able to put in rules and close off unwanted traffic."

More Fortinet FortiGate pros

"Forcepoint Next Generation Firewall is very simple, easy to use, and flexible."

"The people we deal with is a local partner in Cambodia and we can get good support from them."

"I like the IPS. IPS is the master feature. I depend on the firewall and sandbox."

"The solution offers sandboxing, which can be integrated at any time."

"The initial setup is very easy."

"The blocking, based on the signal provided, is the solution's most valuable aspect."

"The most valuable feature is SD-WAN."

"I don't have anything bad to say about the product. I absolutely love it."

More Forcepoint Next Generation Firewall pros

"The most valuable features are the WAN optimization, the internet access gateway (IAG), and the central console, which allows us to implement on their firewall."

"Technical support is very good."

"Sangfor has the best capabilities for securing connections, securing web browsers, securing servers, and general threat protection."

"SSL VPN is the best feature."

"The price versus value is good because the solution is less expensive than Sophos, Fortinet, or SonicWall."

"It offers application control features."

"In terms of the most valuable features, the IPS report is quick and updated. Performance is also valuable."

"We can utilize our own network rather than paying for a private one."

More Sangfor NGAF pros

Cons

"Fortinet FortiGate could improve by having better visibility. Palo Alto has better visibility."

"There is a lot of improvement needed with SSL-VPN."

"Bandwidth usage in reporting could be improved for Fortinet FortiGate."

"FortiGate support could do some improvements on their IPv6 configuration. Right now it's still in the very early stage for utilizing in an enterprise level network environment."

"The solution could be more user friendly."

"We'd like more management across other integrations."

"It should have a better pricing plan. It is too expensive. It should also have a more granular view of the attack. I don't have FortiAnalyzer, and it is difficult for me to have a complete view when there is an attack on my server."

"The support is the main thing that needs to be improved."

More Fortinet FortiGate cons

"Next Generation Firewall's configuration could be improved."

"When it comes to a complex deployment, the rules, firewall features, SD-WAN core features, and auto-scaling can cause the device to be not quite stable."

"The initial setup of the Forcepoint Next Generation Firewall has areas that are difficult."

"We feel the product's technical support could be better, as this relates to the solution itself, to the installation of the product, and to having a proper understanding of the case."

"It's a complicated firewall. Until you come to know the firewall inducers, most people don't like the firewall because the components for the firewall are a little bit complex. User-friendliness is a little bit tough. It needs to be user-friendly when creating policies, and pushing policies. Committing takes more time compared to Palo Alto."

"The network interface could be better, and it could be cheaper."

"Forcepoint is a little difficult to configure compared to its competitors."

"Its management center should be easier to use. The management interface of Forcepoint is unique and a little bit different from some of the firewall solutions on which people might have worked before. Sometimes, the customers say that it is not very friendly, and we help them with how to use this management interface. It just takes a little bit of time, and after some time, it gets easy to manage or use. It is quite similar to Palo Alto, Fortinet, and legacy Juniper solutions. Their support should be faster. We have received complaints that they are not responding fast, which is not good for the vendor and us."

More Forcepoint Next Generation Firewall cons

"I feel Sangfor should follow the hierarchy and close deals via resellers instead of closing it all with their own team."

"The solution should be able to work in a hybrid setup."

"Sangfor has recently increased their prices."

"I believe that IAM and NGFW need to merge into a single box, instead of there being two separate box solutions."

"It has an issue with the Sangfor Cloud Platform rather than the firewall. When we run a virtual machine, the window tabs display Chinese characters."

"Sangfor NGAF could improve the policies and default criteria. They could be much better."

"The setup phase is quite complex."

"The tool's support is an area of concern where improvements are required."

More Sangfor NGAF cons

Pricing and Cost Advice

"It is an inexpensive solution."

"It has a competitive price."

"They are very competitive, but we like to have the factory warranty taken care of."

"We have the full license that included all of the features and support."

"The value is the capability of having multiple services with one unique license, not having the limitation per user licensing schema, like other vendors."

"In terms of the market, it's not a cheap product, but it's cost-effective."

"It's an expensive solution."

"If the customer is looking for SD-WAN, it comes free with FortiGate."

More Fortinet FortiGate pricing and cost advice

"I believe the licensing fee is for one year, three years, and five years, or something like that. If you wants to increase the support level from a simpler level to platinum, I think that there's a cost. There are differences between every kind of support, but I don't know the numbers."

"We have just a subscription for the cloud, and this license is great. The license is so good."

"Forcepoint Next Generation Firewall is reasonable, it is priced the same as other firewalls."

"We would love to take other solution from Forcepoint, but unfortunately the price is too high. That's why we are not considering using Forcepoing for our proxy and DLB. They have a very good DLB, but the matter in the end is the cost."

"The big advantage of this solution is that we can select the right model for our requirements, which is not too expensive."

"There is a need to make payments towards the licensing charges attached to the product. The product is not expensive."

"I consider Forcepoint Next Generation Firewall's price to be good."

"The solution is expensive."

More Forcepoint Next Generation Firewall pricing and cost advice

"Sangfor NGAF is a cheaply priced product, especially if I consider the previous product that was used in my company."

"The price is unmatcheable."

"The license of Sangfor NGAF can be purchased at different interval lengths, such as annually or three years. They offer a range of packages to choose from, such as combo or hybrid packages. We are using the complete solution package which includes IM, NGF and SSL VPN, and WAF."

"We purchased one year technical support and return to factory support, and we also purchased one-year technical support services. So those were additional."

"The solution has a TCO that is 32% to 50% less than Sophos, Fortinet, and SonicWall."

"Price-wise, I would not consider Sangfor NGAF to be a cheap product. It is an expensive firewall solution, though not as expensive as something like Palo Alto, which is costly. However, the higher price point is justifiable given the feature set the tool provides that other firewalls may not offer in a single dedicated appliance."

"Sangfor is cheaper than competing vendors."

"In my opinion, the price of the tool is good in the Pakistani market. We can easily get discounts if needed."

More Sangfor NGAF pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Firewalls solutions are best for your needs.

See recommendations

851,604 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

19%

Computer Software Company

14%

Comms Service Provider

Manufacturing Company

Computer Software Company

19%

Financial Services Firm

11%

Manufacturing Company

10%

Government

Computer Software Company

13%

Manufacturing Company

10%

Financial Services Firm

Educational Organization

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

When you compare these firewalls you can identify them with different features, advantages, practices and usage a...

See all answers

What is the biggest difference between Sophos XG and FortiGate?

From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...

See all answers

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?

As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...

See all answers

What do you like most about Forcepoint Next Generation Firewall?

The product's initial setup phase is easy.

See all answers

What is your experience regarding pricing and costs for Forcepoint Next Generation Firewall?

The licensing model is dependent on negotiation skills, but there is room for improvement. The costs can be high sinc...

See all answers

What needs improvement with Forcepoint Next Generation Firewall?

The licensing model should be more flexible. I recommend that additional features be included in a single license to ...

See all answers

What do you like most about Sangfor NGAF?

I think Sangfor NGAF is more valuable than Cisco products because of its simplicity and ease of management. If I comp...

See all answers

What is your experience regarding pricing and costs for Sangfor NGAF?

The licensing cost is quite high compared to other available firewalls in the market.

See all answers

What needs improvement with Sangfor NGAF?

The cost of licensing is very high compared to other firewalls available here. There should be improvements in hardwa...

See all answers

Comparisons

Sophos XG vs Fortinet FortiGate

Compared 21% of the time

Netgate pfSense vs Fortinet FortiGate

Compared 13% of the time

Cisco Secure Firewall vs Fortinet FortiGate

Compared 11% of the time

WatchGuard Firebox vs Fortinet FortiGate

Compared 5% of the time

More Fortinet FortiGate Competitors

Palo Alto Networks Advanced Threat Prevention vs Forcepoint Next Generation Firewall

Compared 19% of the time

Check Point NGFW vs Forcepoint Next Generation Firewall

Compared 12% of the time

Sophos XG vs Forcepoint Next Generation Firewall

Compared 6% of the time

OPNsense vs Forcepoint Next Generation Firewall

Compared 4% of the time

More Forcepoint Next Generation Firewall Competitors

Sophos XG vs Sangfor NGAF

Compared 16% of the time

Netgate pfSense vs Sangfor NGAF

Compared 4% of the time

Palo Alto Networks NG Firewalls vs Sangfor NGAF

Compared 4% of the time

Sophos XGS vs Sangfor NGAF

Compared 4% of the time

Check Point NGFW vs Sangfor NGAF

Compared 3% of the time

More Sangfor NGAF Competitors

Product Reports

Buyer's Guide

Fortinet FortiGate

May 2025

Download Fortinet FortiGate product report

Buyer's Guide

Forcepoint Next Generation Firewall

May 2025

Forcepoint Next Generation Firewall report

Download Forcepoint Next Generation Firewall product report

Buyer's Guide

Sangfor NGAF

April 2025

Download Sangfor NGAF product report

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall

Forcepoint NGFW, Stonesoft Next Generation Firewall, McAfee Network Security Platform, Intel Security Network Security Platform

Sangfor NGAF Firewall Platform

Overview

Fortinet FortiGate offers comprehensive network security and firewall protection across multiple locations. It effectively manages data traffic and secures environments with features like VPN, intrusion prevention, and UTM controls.

Organizations rely on Fortinet FortiGate for its robust integration with advanced security policies, ensuring significant protection for enterprises, cloud environments, and educational sectors. It facilitates network segmentation, application-level security, and authentication management, securing communication within and between locations such as branches and data centers. Its efficient SD-WAN and UTM features enable streamlined data management and enhanced threat protection capabilities. Users appreciate its centralized management, facilitating seamless operations across diverse environments.

What are the key features of Fortinet FortiGate?

VPN Capabilities: Ensure secure remote access for users and seamless site-to-site connections.
Intrusion Prevention System (IPS): Detect and prevent security threats and vulnerabilities.
Advanced Firewall: Offers robust firewalling with application control and web filtering.
SD-WAN: Optimizes application performance and enhances bandwidth management.
SSL VPN: Provides reliable and secure access for remote workers.

What benefits should users expect from Fortinet FortiGate?

High-performance Security: Delivers effective threat mitigation with high availability.
Centralized Management: Simplifies network operations with cloud-based management tools.
Detailed Analytics: Provides comprehensive insights into network activity and security threats.
Load Balancing: Ensures optimal resource distribution and traffic management.

Fortinet FortiGate is crucial in sectors like education, offering robust networks for secure data flow between campuses and facilitating remote learning. In enterprise environments, it allows efficient management of application traffic and security across multiple branches, while in the cloud, it seamlessly integrates with diverse platforms to enhance security infrastructure.

Fortinet

Forcepoint Next Generation Firewall is a versatile and comprehensive solution for perimeter security, offering features such as SD-WAN, IPS, VPN, and cloud or on-premises subscription keys. It is preferred by many clients over Cisco and is used for obligation redundancy, VPN access, and as the main point of security in infrastructure.

The product is praised for its simplicity, flexibility, complete feature set, scalability, and central management capabilities. Other valuable features include IPS, firewall, sandbox, application control, filtering, security management center, connectivity, and integration capabilities.

Forcepoint

Sangfor Next Generation Firewall (also known as NGAF) is a converged security solution providing protection against advanced threat, malware, viruses, ransomware and web-based attacks using integrated security features like firewall, IPS, anti-virus, anti-malware, APT, URL filtering, Cloud Sandbox, and WAF. As the world's first AI-enabled and fully integrated Next Generation Firewall & Web Application Firewall (WAF), NGAF offering the security visibility, real-time detection and response, simplified operation and maintenance and high-performance application layer security needed to operate an enterprise network in total security. Tested and proven to provide cutting-edge network security by ICSA Labs and endorsed by Gartner Inc., NGAF harnesses the power of Sangfor’s Neural-X threat intelligence and analytics platform and Engine Zero’s innovative malware detection to provide next-generation protection for today’s enterprise.

Sangfor

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya

California Department of Corrections and Rehabilitation (CDCR)

The Ministry of Science, Technology, and Innovation (Indonesia), Lawson, Inc. (Philippines), Universiti Sultan Zainal Abidin (Indonesia), TEK Automotive (Italy), etc.

Buyer's Guide

Forcepoint Next Generation Firewall vs. Sangfor NGAF

April 2025

Free Report: Forcepoint Next Generation Firewall vs. Sangfor NGAF

Find out what your peers are saying about Forcepoint Next Generation Firewall vs. Sangfor NGAF and other solutions. Updated: April 2025.

DOWNLOAD NOW

851,604 professionals have used our research since 2012.

See our Forcepoint Next Generation Firewall vs. Sangfor NGAF report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.