IPFire vs Palo Alto Networks NG Firewalls comparison

IPFire Project and Palo Alto Networks are both solutions in the Firewalls category. IPFire Project is ranked #36 with an average rating of 8.0, while Palo Alto Networks is ranked #7 with an average rating of 8.9. IPFire Project holds a 1.5% mindshare in Firewalls, compared to Palo Alto Networks’s 5.3% mindshare. Additionally, 100% of IPFire Project users are willing to recommend the solution, compared to 96% of Palo Alto Networks users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jan 25, 2026

Palo Alto Networks NG Firewalls and IPFire compete in the network security domain. Palo Alto Networks NG Firewalls seem to have the upper hand in advanced security features and enterprise-level support, while IPFire benefits from open-source flexibility and cost-effectiveness.

Features: Palo Alto Networks NG Firewalls offer threat prevention, application control, and advanced security analytics, suitable for large enterprises. IPFire provides versatility, ease of use, and modularity, with features like intrusion detection and customizable firewalls.

Ease of Deployment and Customer Service: Palo Alto Networks NG Firewalls offer comprehensive customer support and detailed deployment guides suitable for extensive infrastructures. IPFire is praised for simplicity and easy installation, with community-driven support valuable for flexible setups.

Pricing and ROI: Palo Alto Networks NG Firewalls have higher setup costs, offering substantial ROI by improving security measures. IPFire, as an open-source solution, has lower setup costs, delivering high ROI through its cost-effective approach, ideal for small to medium-sized networks.

To learn more, read our detailed IPFire vs. Palo Alto Networks NG Firewalls Report (Updated: March 2026).

Buyer's Guide

IPFire vs. Palo Alto Networks NG Firewalls

March 2026

Download the complete report

Helped 885,264 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortinet FortiGate

Mindshare comparison

As of March 2026, in the Firewalls category, the mindshare of Fortinet FortiGate is 18.3%, down from 21.1% compared to the previous year. The mindshare of IPFire is 1.5%, up from 1.5% compared to the previous year. The mindshare of Palo Alto Networks NG Firewalls is 5.3%, up from 3.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Firewalls Mindshare Distribution
Product	Mindshare (%)
Fortinet FortiGate	18.3%
Palo Alto Networks NG Firewalls	5.3%
IPFire	1.5%
Other	74.9%

Firewalls

Featured Reviews

Vasu Gala

Manager, Information Technology Operation/Presales at TechMonarch

A stable solution with an intuitive interface and quick customer service

I have been working with Fortinet FortiGate, WatchGuard, Sophos, and SonicWall. I'm not as comfortable with SonicWall because of their UI and limitations. I prefer Fortinet above all other options. When it comes to configuration, I am confident in my ability to handle various tasks, including creating policies such as firewall rules, web policies, and application policies. Additionally, I can configure VPNs and implement load balancing, among other tasks. Overall, I feel much more comfortable working with Fortinet. Fortinet has made significant improvements by integrating AI with firewalls for threat analysis and prevention. In the past 2-3 years, they have launched FortiSASE and SIEM, and they also provide SOC services. Both Palo Alto and Fortinet FortiGate are excellent. While Fortinet FortiGate comes at higher prices, the functionality and support justify the cost. They promptly resolve firmware issues and inform all support providers about configuration changes.

Read full review

DanielS

Head Competence Team IT at Duktig Brand

Blocking access from specific countries and ensuring robust security have been effortlessly achieved

I use IPFire to protect my home The best feature of IPFire is the location block functionality. It allows me to block certain countries from accessing my site. Additionally, it is a solution that is available for free, which is perfect. The graphical interface could be much better. I have…

Read full review

Sven-Verbeke

Solution Architect // Network Consultant at Group S

Network security has improved and allows detailed user-based control over encrypted traffic

Bandwidth usage is not something we use much, but it depends on the SD-WAN plugin because the application load balancing is based on the SD-WAN product. That functionality does not work as it should, although the App-ID is working very well. SD-WAN functionality is working, but when you compare it with other products on the market, it is very limited. Palo Alto also has ION devices, and ION devices together with Prisma Access or Strata Cloud Manager now are more the way to go than using Palo Alto Networks NG Firewalls on-premises. At the moment I have some issues, but the issues are more related to the general way of working of many vendors. They implement new things very fast and it is not always bug-free. With new releases, sometimes you still have some issues. This is the main concern. If you look back five or maybe ten years ago, the products were more stable and you had more decent releases, but that is something in general for many vendors. Palo Alto is also a factor with that. They want to bring new features to the market too fast. Features are a concern because all vendors try to compete against each other. If one vendor comes out with a new feature, then other vendors do the same. Sometimes they want to be the first on the market with it, and that sometimes introduces bugs or issues with the product.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"I have found most of the features to be good with excellent functionality."

"The product's most valuable features are SD-WAN and the integration of WiFi and switches."

"Fortinet FortiGate provides superior protection compared to other firewalls, with high processing capabilities."

"I would recommend Fortinet FortiGate IPS as it is a core component of cybersecurity for our company."

"FortiGate Next Generation Firewall has a simple configuration."

"The overall experience has been very good."

"For the performance they provide, the price is acceptable."

"The FortiGate 60D is a fantastic piece of equipment."

More Fortinet FortiGate pros

"IPFire has prevented any kind of hacking and enables us to comply with customer requirements."

"I would rate the stability as ten out of ten for IPFire."

"This solution has really helped the technical engineers to deliver the implementation faster than before."

"I like that they are more stable than the previous ones, and they allow a lot of other features."

"Security is the biggest thing nowadays, including threat response, incident response, and root cause. We found that a lot of the logging and dashboard capabilities offered by Palo Alto fill the missing skill gap that you run up against. It makes it easier for our tier-two staff to get involved in some of the deeper root cause analysis. The dashboards, logs, and reports make it easier for our staff to dive right in and not get lost in what tools they should use. It's easy because they're all right there."

"The solution provides more security."

"Palos Alto's firewalls have machine learning software and sandboxing, and everything is one step ahead of all the competitors."

"Protection from a single packet and ease of making security rules."

"It's a flexible solution and integrates well with apps and other security tools like SIEM, web applications."

"The Unified Threat Management (UTM) module, which consists of the basic firewall and IPS services, is what the majority of our customers use in Palo Alto Firewall."

More Palo Alto Networks NG Firewalls pros

Cons

"Areas of improvement for Fortinet FortiGate include the need for more training and certification, especially when dealing with distributors globally, which presents challenges in product availability and delivery timelines."

"The solution isn't exactly scalable, especially when it comes to the public cloud environment."

"They have to just improve its performance when we enable all UTM features. When you enable all the features, the performance of FortiGate, as well as of Sophos and SonicWall, goes down."

"Fortinet FortiGate could improve by having a frequent ask questions(FAQ) area for people to receive quick answers to popular questions. Additionally, it would be beneficial to have an SMS notification feature."

"Fortinet FortiGate can improve the integration with Active Directory. Additionally, I would like to have a Cloud Controller, such as they do in the Cisco Meraki solution."

"The main aspect of FortiGate that could be improved is load balancing. Our management team does not want to buy another appliance for only load balancing."

"Fortinet could improve the windows opener or the virtual IP solutions for opening windows. The virtual IP settings need improvement as firewalls are trending in new development directions."

"The reporting was limited."

More Fortinet FortiGate cons

"The graphical interface could be much better."

"Accessing the internet was a bit complicated."

"The user interface is probably not as slick as it could be."

"The pricing could be improved upon."

"The solution doesn't support routing in virtual firewall creation, and we want that to be enabled."

"It would be better to have more tools to control Palo Alto Networks NG Firewalls. We don't have too many tools to access Palo Alto. For example, the IT team doesn't have access to it. We can see it physically and see if it's running or not. We need to contact a special team to receive that information. I would also like to see more reporting in the next release."

"We need better affiliations for profiling the user."

"Palo Alto can do a little bit better when it comes to the User-ID part. I've been facing problems related to double authentication."

"When it comes to their support, we have to select every single component that we want to include in a particular bundle; that is a very tedious process."

"The whole performance takes a long time. It takes a long time to configure."

More Palo Alto Networks NG Firewalls cons

Pricing and Cost Advice

"The tool is a bit pricey for small businesses, but it is still bearable in terms of cost."

"I had to pay for the license for the firewall, but it is guaranteed to have updates. I expect a good service for it. It was about €1000 for a year, and there was no additional cost."

"Pricing is good. They offer a lot of things, the most important is the support. Every time you upgrade your license, you also get insurance for the equipment. If you have any problem with equipment, they send in new equipment."

"If we have an older version, the support costs get quite high."

"Its price is affordable and lesser than Cisco. Cisco is expensive. In terms of licensing, there is only one issue. If a customer's license has expired a month ago and they do the renewal after one month, Fortinet renews the license from the start of the previous month. The activation of the product is done from the previous month, not from the date of renewal. The customers usually shout and complain that because they are paying today, the renewal should start from today. The support contract renewals or licensing should be renewed from the date of renewal, but Fortinet starts from the day it had expired. It is a loss for customers. They might have had some problems because of which they did not take the license one month before. Fortinet should work on this. Cisco doesn't do this. Cisco always starts from the day they apply for the license."

"This is not a cheap solution but it isn't expensive, either. It's a good solution for the right price."

"I would say that all things considered, the pricing is pretty good."

"Fortinet is competitive price-wise."

More Fortinet FortiGate pricing and cost advice

Information not available

"The cost of the license is platform-dependent. It would be nice if they standardized that across the board to make the license a flat fee instead of based on scale and the platform you're using. Functionality shouldn't change based on the platform or the amount of data going through it. It's the same functionality on there. That's one aspect customers often raise. The platform's price is what it is, but the ongoing cost of the annual license is hard for some customers to wrap their heads around."

"The cost is quite high."

"Palo Alto can be priced higher than some less capable firewalls. However, they are exceptional when you consider the completeness of the solution and its ability to handle threats. Palo Alto is better than other solutions, which justifies a slightly higher price point. You have other tools that are easier to deploy, reducing your total cost of ownership. The newer models are faster, making the pricing more attractive."

"The pricing for Palo Alto is very high. The price difference with other vendors is huge because Palo Alto has been the market leader for the last five or six years, and they have a reliable product."

"We are on an annual license for this solution. I am happy with the price and when comparing it to other solutions it is priced competitively."

"I don't know about the price of the platform or the license fees, as the finance department deals with that. I only bill for the materials involved in the design."

"The price of Palo Alto Networks NG Firewalls is high, but it is worth it if you have the budget for it."

"Reducing costs is important, especially since Prisma can be expensive. It would be great if it were more affordable."

More Palo Alto Networks NG Firewalls pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Firewalls solutions are best for your needs.

See recommendations

885,264 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

11%

Comms Service Provider

10%

Manufacturing Company

Financial Services Firm

Comms Service Provider

22%

Computer Software Company

Manufacturing Company

Government

Computer Software Company

10%

Manufacturing Company

Financial Services Firm

Educational Organization

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	361
Midsize Enterprise	135
Large Enterprise	190

No data available

By reviewers
Company Size	Count
Small Business	74
Midsize Enterprise	56
Large Enterprise	85

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

When you compare these firewalls you can identify them with different features, advantages, practices and usage a...

See all answers

What is the biggest difference between Sophos XG and FortiGate?

From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...

See all answers

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?

As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...

See all answers

What needs improvement with IPFire?

The graphical interface could be much better.

See all answers

What is your primary use case for IPFire?

I use IPFire ( /products/ipfire-reviews ) to protect my home.

See all answers

What advice do you have for others considering IPFire?

Sometimes configuring IPFire is challenging. Overall, I would rate this solution as eight out of ten.

See all answers

What is a better choice, Azure Firewall or Palo Alto Networks NG Firewalls?

Azure Firewall Vs. Palo Alto Network NG Firewalls Both solutions provide stellar stability and security. Azure Firew...

See all answers

Features comparison between Palo Alto and Fortinet firewalls

In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it...

See all answers

Which is better - Palo Alto Networks NG Firewalls or Sophos XG?

Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat si...

See all answers

Comparisons

Sophos Firewall vs Fortinet FortiGate

Compared 19% of the time

Cisco Secure Firewall vs Fortinet FortiGate

Compared 13% of the time

Netgate pfSense vs Fortinet FortiGate

Compared 4% of the time

OPNsense vs Fortinet FortiGate

Compared 3% of the time

Check Point Quantum Force (NGFW) vs Fortinet FortiGate

Compared 3% of the time

More Fortinet FortiGate Competitors

OPNsense vs IPFire

Compared 72% of the time

Netgate pfSense vs IPFire

Compared 5% of the time

Smoothwall Firewall vs IPFire

Compared 5% of the time

Sophos Firewall vs IPFire

Compared 4% of the time

More IPFire Competitors

Cisco Secure Firewall vs Palo Alto Networks NG Firewalls

Compared 18% of the time

Cisco Meraki MX vs Palo Alto Networks NG Firewalls

Compared 13% of the time

Check Point Quantum Force (NGFW) vs Palo Alto Networks NG Firewalls

Compared 10% of the time

Check Point CloudGuard Network Security vs Palo Alto Networks NG Firewalls

Compared 5% of the time

Azure Firewall vs Palo Alto Networks NG Firewalls

Compared 4% of the time

More Palo Alto Networks NG Firewalls Competitors

Product Reports

Buyer's Guide

Fortinet FortiGate

March 2026

Download Fortinet FortiGate product report

Buyer's Guide

Firewalls

March 2026

Download IPFire product report

Buyer's Guide

Palo Alto Networks NG Firewalls

March 2026

Download Palo Alto Networks NG Firewalls product report

Also Known As

Fortinet FortiGate Next-Generation Firewall

No data available

Palo Alto NGFW, Palo Alto Networks Next-Generation Firewall

Overview

Fortinet FortiGate is a versatile network security tool offering features like VPN, firewall, web filtering, intrusion prevention, and scalability. It is known for its performance and integration with other Fortinet products, making it a preferred choice for robust cybersecurity.

Fortinet FortiGate stands out as a comprehensive cybersecurity solution with strong performance and ease of configuration. It delivers unified threat management, integrating features such as dynamic routing, SD-WAN support, and centralized management. Despite its strengths, improvements in the web interface's stability, pricing structures, and reporting capabilities are needed. Users seek better integration with third-party tools and automation advancements to enhance the experience further. These enhancements, alongside improvements in bandwidth management and the reduction of licensing costs, are points of interest for users looking to capitalize on FortiGate's extensive capabilities.

What are Fortinet FortiGate's key features?

VPN: Ensures secure remote connections.
Firewall: Protects against unauthorized access.
Web Filtering: Blocks malicious sites and content.
Application Control: Manages and controls applications.
Intrusion Prevention: Detects and prevents vulnerabilities.
SSL Inspection: Enhances security by inspecting encrypted traffic.

What benefits should be considered when evaluating Fortinet FortiGate?

Affordability: Offers cost-effective security solutions.
Reliability: Known for consistent and stable performance.
Integration: Seamlessly integrates with other Fortinet products.
Comprehensive Protection: Provides broad threat protection capabilities.

Fortinet FortiGate is widely implemented across industries as a primary firewall system for securing internet gateways and safeguarding data centers. It supports businesses in achieving SD-WAN integration and enhances cybersecurity by providing essential features like antivirus, web filtering, and application control. Enterprises utilize FortiGate for securing remote connections and ensuring compliance with security standards, making it adaptable for different network sizes and industries.

Fortinet

IPFire enhances network security and protects against cyber threats. It provides a secure firewall, secure remote access, and customizable options. Users praise its ease of use, flexibility, and reliability for network monitoring and traffic shaping. Its valuable features include efficient firewall capabilities, a user-friendly interface, and reliable network performance.

IPFire Project

Palo Alto Networks NG Firewalls deliver advanced threat protection with machine learning, enhancing security through real-time attack prevention. Known for application visibility and a user-friendly interface, they offer robust network protection and flexibility in rule creation.

Palo Alto Networks NG Firewalls are designed to secure environments with features like GlobalProtect VPN, WildFire malware detection, and unified platform integration. Their strong firewall capabilities and high-performance throughput make them suitable for perimeter and data center protection, VPN configurations, application control, and network segmentation. Users consistently highlight the ease of managing network security policies and integrating third-party tools, ensuring a comprehensive protection strategy. While enhancements in support, training resources, and configuration simplicity are needed, these firewalls are integral for securing both on-prem and cloud environments, aligning with platforms like Azure and AWS.

What are the key features of Palo Alto Networks NG Firewalls?

Application Visibility: Provides insight into network traffic for better control.
Threat Prevention: Uses machine learning for real-time attack prevention.
GlobalProtect VPN: Secures remote access efficiently.
WildFire Malware Detection: Detects and prevents advanced threats.
Unified Platform Integration: Enhances network security through seamless integration with other tools.

What benefits should be evaluated when considering Palo Alto Networks NG Firewalls?

Flexibility in Rule Creation: Allows customized security policies to meet specific needs.
High-Performance Throughput: Ensures efficient network operations under high load.
Comprehensive Policy Management: Simplifies overseeing and adjusting security policies.
Robust Endpoint Security: Protects endpoints against sophisticated threats.
Seamless Integration: Works well with third-party tools for a comprehensive solution.

Palo Alto Networks NG Firewalls are commonly implemented across industries for securing LAN environments, URL filtering, and ensuring Zero Trust security. They secure both on-premises and cloud infrastructures, often becoming integral parts of security frameworks within enterprises. Leveraging these firewalls in conjunction with Azure or AWS enhances the overall network protection strategies employed by organizations.

Palo Alto Networks

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya

1. Siemens 2. IBM 3. Cisco 4. Dell 5. HP 6. Intel 7. Oracle 8. Google 9. Microsoft 10. Amazon 11. Apple 12. Facebook 13. Twitter 14. Netflix 15. Adobe 16. SAP 17. VMware 18. Juniper Networks 19. Ericsson 20. Nokia 21. AT&T 22. Verizon 23. T-Mobile 24. Vodafone 25. Orange 26. Deutsche Telekom 27. British Telecom 28. Comcast 29. Time Warner 30. Sony 31. Samsung 32. LG

SkiStar AB, Ada County, Global IT Services PSF, Southern Cross Hospitals, Verge Health, University of Portsmouth, Austrian Airlines, The Heinz Endowments

Buyer's Guide

IPFire vs. Palo Alto Networks NG Firewalls

March 2026

Free Report: IPFire vs. Palo Alto Networks NG Firewalls

Find out what your peers are saying about IPFire vs. Palo Alto Networks NG Firewalls and other solutions. Updated: March 2026.

DOWNLOAD NOW

885,264 professionals have used our research since 2012.

See our IPFire vs. Palo Alto Networks NG Firewalls report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.