IPFire vs Palo Alto Networks NG Firewalls comparison

IPFire Project and Palo Alto Networks are both solutions in the Firewalls category. IPFire Project is ranked #33 with an average rating of 8.0, while Palo Alto Networks is ranked #7 with an average rating of 8.8. IPFire Project holds a 2.1% mindshare in Firewalls, compared to Palo Alto Networks’s 3.7% mindshare. Additionally, 100% of IPFire Project users are willing to recommend the solution, compared to 96% of Palo Alto Networks users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jul 13, 2025

Palo Alto Networks NG Firewalls and IPFire are contenders in the cybersecurity field focusing on network protection. Palo Alto Networks NG Firewalls lead in performance and advanced security, while IPFire is recognized for affordability and configurability, appealing to budget-conscious organizations.

Features: Palo Alto Networks NG Firewalls provide advanced threat prevention, deep visibility into traffic, and robust application control. In contrast, IPFire offers intrusion detection and prevention as well as firewall and VPN functionalities, allowing for greater flexibility and customization due to its open-source nature.

Ease of Deployment and Customer Service: Palo Alto Networks NG Firewalls require specialized technical expertise for deployment but include strong customer support for deployment challenges. IPFire offers a flexible and easier deployment model, suitable for smaller teams or environments less complex, though its support may not match larger enterprise solutions.

Pricing and ROI: Palo Alto Networks NG Firewalls have higher setup costs reflecting their advanced technology and service offerings, delivering significant ROI for businesses needing high security. IPFire provides a cost-effective solution with low setup costs, offering good ROI for smaller organizations or those with limited budgets, attracting businesses seeking cost efficiency.

To learn more, read our detailed IPFire vs. Palo Alto Networks NG Firewalls Report (Updated: July 2025).

Buyer's Guide

IPFire vs. Palo Alto Networks NG Firewalls

July 2025

Download the complete report

Helped 861,524 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortinet FortiGate

Mindshare comparison

As of July 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 21.2%, up from 17.7% compared to the previous year. The mindshare of IPFire is 2.1%, up from 0.3% compared to the previous year. The mindshare of Palo Alto Networks NG Firewalls is 3.7%, up from 3.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Firewalls

Featured Reviews

Vasu Gala

Manager, Information Technology Operation/Presales at TechMonarch

A stable solution with an intuitive interface and quick customer service

I have been working with Fortinet FortiGate, WatchGuard, Sophos, and SonicWall. I'm not as comfortable with SonicWall because of their UI and limitations. I prefer Fortinet above all other options. When it comes to configuration, I am confident in my ability to handle various tasks, including creating policies such as firewall rules, web policies, and application policies. Additionally, I can configure VPNs and implement load balancing, among other tasks. Overall, I feel much more comfortable working with Fortinet. Fortinet has made significant improvements by integrating AI with firewalls for threat analysis and prevention. In the past 2-3 years, they have launched FortiSASE and SIEM, and they also provide SOC services. Both Palo Alto and Fortinet FortiGate are excellent. While Fortinet FortiGate comes at higher prices, the functionality and support justify the cost. They promptly resolve firmware issues and inform all support providers about configuration changes.

Read full review

Amr Fouad

Vice President of Technology Development at SCADA Innovations

Prevented any kind of hacking and enables us to comply with customer requirements

We use the solution for firewall, intrusion prevention and detection. We installed it in order to comply with customers requirements IPFire has prevented any kind of hacking and enables us to comply with customer requirements. Accessing the internet was a bit complicated. We opted for this…

Read full review

AmjadKhan1

Head of data centers at a non-profit with 10,001+ employees

Provides inline protection with a unified view and anti-spyware capabilities

I would rate Palo Alto Networks NG Firewalls ten out of ten because it is the best. Our disaster recovery site utilizes Palo Alto Networks Next-Generation Firewalls. We are also in the process of upgrading the firewalls at our 365 sites in Pakistan to Palo Alto Networks firewalls. While budget firewalls may advertise comparable features, they often fall short of effectively detecting viruses, threats, and ransomware. In contrast, Palo Alto Networks NG Firewalls, combined with Cortex XDR, provide comprehensive threat intelligence and detection capabilities, ensuring superior security coverage. I recommend conducting a proof of concept before selecting a firewall. This will allow you to evaluate different options and determine which best suits your needs. While Palo Alto offers robust firewall solutions, it's essential to compare them with other vendors to ensure you make an informed decision.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The wireless control is helpful."

"You can create multiple Virtual Domains (VDOMs), which are treated as separate firewall instances."

"Fortinet FortiGate is quite popular in my region, so we are implementing Fortinet FortiGate firewalls. Fortinet FortiGate is the best option on the market when it comes to firewalls. It's straightforward to deploy and has good stability and performance."

"Run Script is the best tool to use in Fortinet FortiGate with multiple environments."

"Overall security features and performance routing is good."

"I appreciate FortiGate's flexibility, which allows for centralized management through FortiManager."

"Good load balancing feature."

"The solution is highly scalable because they have devices that can handle a large amount of traffic."

More Fortinet FortiGate pros

"I would rate the stability as ten out of ten for IPFire."

"IPFire has prevented any kind of hacking and enables us to comply with customer requirements."

"We utilize nearly all the features of Palo Alto Networks NG Firewalls, including threat detection and anti-spyware capabilities."

"I like that it has high security."

"Security is the biggest thing nowadays, including threat response, incident response, and root cause. We found that a lot of the logging and dashboard capabilities offered by Palo Alto fill the missing skill gap that you run up against. It makes it easier for our tier-two staff to get involved in some of the deeper root cause analysis. The dashboards, logs, and reports make it easier for our staff to dive right in and not get lost in what tools they should use. It's easy because they're all right there."

"The payload is a very valuable feature."

"Palo Alto solutions are scalable and highly capable. NG firewalls offer a complete solution that's reliable, consistent, easy to manage, and full of rich security features. They're easier than other firewalls and certainly more effective."

"We have not had to replace hardware routers nor purchase additional hardware. So, that has provided a little bit of an ROI."

"Some of the valuable features in this solution are traffic monitoring, GUI functionality, and it very easy to troubleshoot if there is any problem that happens."

"I like the sandbox feature, and it's very good. It kills each malware deployment in the sense of signatures within five minutes. So, we can secure our network and infrastructure very well within the stipulated time. The WildFire functionality is very good because a few files are also getting blocked. It's critical as malware attacks are also getting ignored, and the logging is very well maintained in this firewall. The most valuable solutions in this field are application-based firewalls. That is the main criteria of the firewall and functionality. We can get all the logs related to this and each and every packet. I like that the firewall is working as an application. The application-based entity we have deployed is well maintained and working very well. We were able to find lots of vulnerabilities when we deployed it, but we could not disclose all. But there were vulnerabilities we could block by updating the firewall and taking actions on clientside machines. So, we got to know that we have lots of vulnerabilities inside the organization too, and we took lots of steps and resolved the number of vulnerabilities. Palo Alto Networks NG Firewalls is an all-in-one solution. It provides every entity log, which is a very good functionality of this firewall. It gives every packet and aspect that the firewall is performing through its logs, and it does it very well. This firewall's unified platform helped eliminate multiple network security tools. If anyone uses P2P sites, cryptocurrency websites, or any illegal sites, we can block it easily. It gives us a proper alert for these kinds of sites, and it properly secures our network. Monitoring is the best thing we are doing here, and we can block this kind of vulnerability as soon as it comes to us."

More Palo Alto Networks NG Firewalls pros

Cons

"Some features of Fortinet FortiGate are actually fee enabled that are inconvenient for deploying in production. Other issues relate to isolation with Cisco products and your server."

"We haven't tapped into most of the functionalities that Fortinet FortiGate offers because we're using it just for gateway security. One of the things that I would prefer is a more expansive use of their analyzer. They could do more work on FortiAnalyzer in terms of the data and the information coming from it."

"There are too many updates coming for VPN, and the VPN keeps disconnecting frequently, which I find problematic. It does what it's supposed to do, but I practically face reconnection issues with the VPN."

"From a support perspective, I had more issues that I didn't think the person on my case handled the way I was expecting. We called them for a geolocation issue and we didn't get any proper assistance."

"At this moment, we believe that Fortinet FortiGate should be improved by injecting more AI because the kind of threats we are seeing are more ransomware threats."

"There are some complex administration tasks in their administration portal. That needs to be improved."

"At first glance, the interface for the device is very confusing."

"Fortinet should focus on enhancing the capabilities of FortiGate by consolidating its various products, such as FortiGate Cloud, FortiManager, and FortiAnalyzer."

More Fortinet FortiGate cons

"Accessing the internet was a bit complicated."

"The graphical interface could be much better."

"Palo Alto can do a little bit better when it comes to the User-ID part. I've been facing problems related to double authentication. You have a computer user, but you also have a VPN user, and when you do a single sign-on to another page, these logs can sometimes generate a problem notification. It doesn't happen a lot, but in some networks, it could be a problem. It would be very helpful to have the ability to restrict the connections that you can have in your VPN. For example, if you have the credentials, you can connect with the same user account from different computers or devices. If you have the domain information, you can connect from different devices. That's a problem that they need to address and resolve. They should ensure that at any moment, only one person is connected through a specific user account."

"In the future, I would like to see more OTP features."

"Palo Alto Firewalls could improve by introducing more features, particularly in load balancing."

"The only area I can see for improvement is that Palo Alto should do more marketing."

"Customers don't want to buy extra things for extra capabilities"

"Palo Alto could improve its machine-learning capabilities. That's all new. They integrate the telemetry data and analytics up to the cloud, where they can analyze for security policies and best practices like DNS Security. It uses AI tools to sort through all the massive logs and highlight where you can take action or be aware of what's happening. If you don't have many tools in your organization, it's nice to have one tool that does an excellent job across the board."

"The machine learning component on the firewall level requires more computing power to perform at the full production level."

"It would be better to have more tools to control Palo Alto Networks NG Firewalls. We don't have too many tools to access Palo Alto. For example, the IT team doesn't have access to it. We can see it physically and see if it's running or not. We need to contact a special team to receive that information. I would also like to see more reporting in the next release."

More Palo Alto Networks NG Firewalls cons

Pricing and Cost Advice

"The cost of Fortinet FortiGate is competitive and not expensive compared to other enterprise- grade solutions. On average, the license cost per year is around seventy percent of the firewall's purchase price."

"In terms of the market, it's not a cheap product, but it's cost-effective."

"Its price is affordable and lesser than Cisco. Cisco is expensive. In terms of licensing, there is only one issue. If a customer's license has expired a month ago and they do the renewal after one month, Fortinet renews the license from the start of the previous month. The activation of the product is done from the previous month, not from the date of renewal. The customers usually shout and complain that because they are paying today, the renewal should start from today. The support contract renewals or licensing should be renewed from the date of renewal, but Fortinet starts from the day it had expired. It is a loss for customers. They might have had some problems because of which they did not take the license one month before. Fortinet should work on this. Cisco doesn't do this. Cisco always starts from the day they apply for the license."

"Each feature costs money, so it is important to study your needs."

"The pricing or licensing of Fortinet FortiGate is quite effective as it offers different bundles that aggregate most required features, while also allowing clients the option to select specific components alone."

"If you purchase a one-year subscription with the hardware and then you want to renew for the second year, it is very costly."

"They are very competitive, but we like to have the factory warranty taken care of."

"When I look around at other products, such as Sophos, Fortinet FortiGate is 20% to 30% more expensive with our current cost."

More Fortinet FortiGate pricing and cost advice

Information not available

"The pricing is very high."

"If someone doesn't have a security platform in their network, then the following licenses will be required: antivirus, anti-spyware, vulnerability, and Wildfire analysis. There are also licenses for GlobalProtect and support."

"The cost is quite high."

"With Palo Alto, the licensing is very straightforward. For example, if you only have a requirement for a firewall, you can go with that. If you want to go with a subscription, you get all the features with it."

"Reducing costs is important, especially since Prisma can be expensive. It would be great if it were more affordable."

"Its price can be better. Licensing is on a yearly basis."

"The product is expensive. With one being the cheapest and ten being the most expensive, I give it an eight."

"It's pretty good."

More Palo Alto Networks NG Firewalls pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Firewalls solutions are best for your needs.

See recommendations

861,524 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

15%

Educational Organization

Comms Service Provider

Manufacturing Company

Comms Service Provider

21%

Computer Software Company

14%

Government

Educational Organization

Computer Software Company

13%

Financial Services Firm

10%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

When you compare these firewalls you can identify them with different features, advantages, practices and usage a...

See all answers

What is the biggest difference between Sophos XG and FortiGate?

From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...

See all answers

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?

As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...

See all answers

What needs improvement with IPFire?

The graphical interface could be much better.

See all answers

What is your primary use case for IPFire?

I use IPFire ( /products/ipfire-reviews ) to protect my home.

See all answers

What advice do you have for others considering IPFire?

Sometimes configuring IPFire is challenging. Overall, I would rate this solution as eight out of ten.

See all answers

What is a better choice, Azure Firewall or Palo Alto Networks NG Firewalls?

Azure Firewall Vs. Palo Alto Network NG Firewalls Both solutions provide stellar stability and security. Azure Firew...

See all answers

Features comparison between Palo Alto and Fortinet firewalls

In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it...

See all answers

Which is better - Palo Alto Networks NG Firewalls or Sophos XG?

Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat si...

See all answers

Comparisons

Sophos XG vs Fortinet FortiGate

Compared 20% of the time

Netgate pfSense vs Fortinet FortiGate

Compared 12% of the time

Cisco Secure Firewall vs Fortinet FortiGate

Compared 11% of the time

WatchGuard Firebox vs Fortinet FortiGate

Compared 5% of the time

Fortinet FortiOS vs Fortinet FortiGate

Compared 2% of the time

More Fortinet FortiGate Competitors

OPNsense vs IPFire

Compared 83% of the time

Netgate pfSense vs IPFire

Compared 7% of the time

Smoothwall Firewall vs IPFire

Compared 3% of the time

Untangle NG Firewall vs IPFire

Compared 3% of the time

Sophos XGS vs IPFire

Compared 1% of the time

More IPFire Competitors

Cisco Secure Firewall vs Palo Alto Networks NG Firewalls

Compared 11% of the time

Azure Firewall vs Palo Alto Networks NG Firewalls

Compared 11% of the time

Sophos XG vs Palo Alto Networks NG Firewalls

Compared 10% of the time

Meraki MX vs Palo Alto Networks NG Firewalls

Compared 9% of the time

Check Point NGFW vs Palo Alto Networks NG Firewalls

Compared 9% of the time

More Palo Alto Networks NG Firewalls Competitors

Product Reports

Buyer's Guide

Fortinet FortiGate

July 2025

Download Fortinet FortiGate product report

Buyer's Guide

Firewalls

July 2025

Download IPFire product report

Buyer's Guide

Palo Alto Networks NG Firewalls

June 2025

Download Palo Alto Networks NG Firewalls product report

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall

No data available

Palo Alto NGFW, Palo Alto Networks Next-Generation Firewall

Overview

Fortinet FortiGate offers comprehensive network security and firewall protection across multiple locations. It effectively manages data traffic and secures environments with features like VPN, intrusion prevention, and UTM controls.

Organizations rely on Fortinet FortiGate for its robust integration with advanced security policies, ensuring significant protection for enterprises, cloud environments, and educational sectors. It facilitates network segmentation, application-level security, and authentication management, securing communication within and between locations such as branches and data centers. Its efficient SD-WAN and UTM features enable streamlined data management and enhanced threat protection capabilities. Users appreciate its centralized management, facilitating seamless operations across diverse environments.

What are the key features of Fortinet FortiGate?

VPN Capabilities: Ensure secure remote access for users and seamless site-to-site connections.
Intrusion Prevention System (IPS): Detect and prevent security threats and vulnerabilities.
Advanced Firewall: Offers robust firewalling with application control and web filtering.
SD-WAN: Optimizes application performance and enhances bandwidth management.
SSL VPN: Provides reliable and secure access for remote workers.

What benefits should users expect from Fortinet FortiGate?

High-performance Security: Delivers effective threat mitigation with high availability.
Centralized Management: Simplifies network operations with cloud-based management tools.
Detailed Analytics: Provides comprehensive insights into network activity and security threats.
Load Balancing: Ensures optimal resource distribution and traffic management.

Fortinet FortiGate is crucial in sectors like education, offering robust networks for secure data flow between campuses and facilitating remote learning. In enterprise environments, it allows efficient management of application traffic and security across multiple branches, while in the cloud, it seamlessly integrates with diverse platforms to enhance security infrastructure.

Fortinet

IPFire enhances network security and protects against cyber threats. It provides a secure firewall, secure remote access, and customizable options. Users praise its ease of use, flexibility, and reliability for network monitoring and traffic shaping. Its valuable features include efficient firewall capabilities, a user-friendly interface, and reliable network performance.

IPFire Project

Palo Alto Networks NG Firewalls offer comprehensive security, including application control, traffic shaping, threat prevention, and load balancing, designed to secure internal networks, perimeter protection, VPN services, and cloud environments.

Palo Alto Networks NG Firewalls are a key choice for managing and protecting data centers, securing remote access, network segmentation, malware prevention, and ensuring high availability and performance for business-critical applications. Known for stability and strong security, these firewalls use application-aware identifiers and IPS/IDS subscriptions to offer advanced threat protection. The unified platform facilitates seamless integration, while GlobalProtect and centralized management via Panorama enhance ease of use. However, there are areas for improvement, including pricing strategies, training, user support, and integration with third-party applications.

What are the essential features?

Stability: Reliable performance in different environments.
Application Control: Identifies applications to manage traffic.
Advanced Threat Protection: Includes DNS security, WildFire, and machine learning.
GlobalProtect: Secure remote access for users.
Centralized Management: Managed via the Panorama platform.

What benefits or ROI should users expect?

Security: Protects against threats with robust features.
User-Friendly: Simplified interface and easy configuration.
High Availability: Ensures performance for critical applications.
Integration: Seamless with existing systems and applications.
Support: Reliable technical support and resources.

In industries like finance, healthcare, and retail, Palo Alto Networks NG Firewalls secure sensitive data and meet regulatory requirements. These firewalls help manage large-scale networks in these sectors, providing essential security features and maintaining high-performance standards. They are implemented to ensure compliance, protect patient information, secure financial transactions, and safeguard customer data.

Palo Alto Networks

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya

1. Siemens 2. IBM 3. Cisco 4. Dell 5. HP 6. Intel 7. Oracle 8. Google 9. Microsoft 10. Amazon 11. Apple 12. Facebook 13. Twitter 14. Netflix 15. Adobe 16. SAP 17. VMware 18. Juniper Networks 19. Ericsson 20. Nokia 21. AT&T 22. Verizon 23. T-Mobile 24. Vodafone 25. Orange 26. Deutsche Telekom 27. British Telecom 28. Comcast 29. Time Warner 30. Sony 31. Samsung 32. LG

SkiStar AB, Ada County, Global IT Services PSF, Southern Cross Hospitals, Verge Health, University of Portsmouth, Austrian Airlines, The Heinz Endowments

Buyer's Guide

IPFire vs. Palo Alto Networks NG Firewalls

July 2025

Free Report: IPFire vs. Palo Alto Networks NG Firewalls

Find out what your peers are saying about IPFire vs. Palo Alto Networks NG Firewalls and other solutions. Updated: July 2025.

DOWNLOAD NOW

861,524 professionals have used our research since 2012.

See our IPFire vs. Palo Alto Networks NG Firewalls report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.