IPFire vs Palo Alto Networks NG Firewalls comparison

IPFire Project and Palo Alto Networks are both solutions in the Firewalls category. IPFire Project is ranked #34 with an average rating of 8.0, while Palo Alto Networks is ranked #6 with an average rating of 8.9. IPFire Project holds a 1.9% mindshare in Firewalls, compared to Palo Alto Networks’s 4.6% mindshare. Additionally, 100% of IPFire Project users are willing to recommend the solution, compared to 96% of Palo Alto Networks users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jan 25, 2026

Palo Alto Networks NG Firewalls and IPFire compete in the network security domain. Palo Alto Networks NG Firewalls seem to have the upper hand in advanced security features and enterprise-level support, while IPFire benefits from open-source flexibility and cost-effectiveness.

Features: Palo Alto Networks NG Firewalls offer threat prevention, application control, and advanced security analytics, suitable for large enterprises. IPFire provides versatility, ease of use, and modularity, with features like intrusion detection and customizable firewalls.

Ease of Deployment and Customer Service: Palo Alto Networks NG Firewalls offer comprehensive customer support and detailed deployment guides suitable for extensive infrastructures. IPFire is praised for simplicity and easy installation, with community-driven support valuable for flexible setups.

Pricing and ROI: Palo Alto Networks NG Firewalls have higher setup costs, offering substantial ROI by improving security measures. IPFire, as an open-source solution, has lower setup costs, delivering high ROI through its cost-effective approach, ideal for small to medium-sized networks.

To learn more, read our detailed IPFire vs. Palo Alto Networks NG Firewalls Report (Updated: December 2025).

Buyer's Guide

IPFire vs. Palo Alto Networks NG Firewalls

December 2025

Download the complete report

Helped 881,082 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortinet FortiGate

Mindshare comparison

As of January 2026, in the Firewalls category, the mindshare of Fortinet FortiGate is 18.8%, down from 20.7% compared to the previous year. The mindshare of IPFire is 1.9%, up from 1.2% compared to the previous year. The mindshare of Palo Alto Networks NG Firewalls is 4.6%, up from 3.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Firewalls Market Share Distribution
Product	Market Share (%)
Fortinet FortiGate	18.8%
Palo Alto Networks NG Firewalls	4.6%
IPFire	1.9%
Other	74.7%

Firewalls

Featured Reviews

Vasu Gala

Manager, Information Technology Operation/Presales at TechMonarch

A stable solution with an intuitive interface and quick customer service

I have been working with Fortinet FortiGate, WatchGuard, Sophos, and SonicWall. I'm not as comfortable with SonicWall because of their UI and limitations. I prefer Fortinet above all other options. When it comes to configuration, I am confident in my ability to handle various tasks, including creating policies such as firewall rules, web policies, and application policies. Additionally, I can configure VPNs and implement load balancing, among other tasks. Overall, I feel much more comfortable working with Fortinet. Fortinet has made significant improvements by integrating AI with firewalls for threat analysis and prevention. In the past 2-3 years, they have launched FortiSASE and SIEM, and they also provide SOC services. Both Palo Alto and Fortinet FortiGate are excellent. While Fortinet FortiGate comes at higher prices, the functionality and support justify the cost. They promptly resolve firmware issues and inform all support providers about configuration changes.

Read full review

DanielS

Head Competence Team IT at Duktig Brand

Blocking access from specific countries and ensuring robust security have been effortlessly achieved

I use IPFire to protect my home The best feature of IPFire is the location block functionality. It allows me to block certain countries from accessing my site. Additionally, it is a solution that is available for free, which is perfect. The graphical interface could be much better. I have…

Read full review

Sven-Verbeke

Solution Architect // Network Consultant at Group S

Network security has improved and allows detailed user-based control over encrypted traffic

Bandwidth usage is not something we use much, but it depends on the SD-WAN plugin because the application load balancing is based on the SD-WAN product. That functionality does not work as it should, although the App-ID is working very well. SD-WAN functionality is working, but when you compare it with other products on the market, it is very limited. Palo Alto also has ION devices, and ION devices together with Prisma Access or Strata Cloud Manager now are more the way to go than using Palo Alto Networks NG Firewalls on-premises. At the moment I have some issues, but the issues are more related to the general way of working of many vendors. They implement new things very fast and it is not always bug-free. With new releases, sometimes you still have some issues. This is the main concern. If you look back five or maybe ten years ago, the products were more stable and you had more decent releases, but that is something in general for many vendors. Palo Alto is also a factor with that. They want to bring new features to the market too fast. Features are a concern because all vendors try to compete against each other. If one vendor comes out with a new feature, then other vendors do the same. Sometimes they want to be the first on the market with it, and that sometimes introduces bugs or issues with the product.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"We receive substantial help from Fortinet, which is very valuable as they assist us in choosing the right solutions. If we need configuration assistance, they can send specialists who help design the solution."

"The combined license for the network, the next-generation firewall, and the integration with SD-WAN for all branches are what I consider to be the best features. It's effective for multi-branch customers."

"It is a reliable solution."

"Whenever I need something, Fortinet improves and updates the software for me."

"It is a good source for firewall protection."

"We use the FortiGate Sandbox to detect zero-day vulnerabilities, such as anomalies or malware, that are unknown and have not yet been discovered."

"Generally, every aspect of it being a next-generation firewall provides good value."

"It is easy to use. We chose this product for the possibility to have virtual domains (VDOMs). We are building another company in the group, and we would like to split the firewalling rules and policies between these two companies. Each company would be able to manage its own policies and security rules, which is an advantage of Fortinet FortiGate. We can define VDOMs, and every company can manage its own VDOM as if it has its own physical firewall, but in fact, we would be using the same physical appliance because we are also using the same internet lines. So, it allows us to reuse the existing resources without the disadvantage of having to compromise on policies and security. Each company can choose its own way of working."

More Fortinet FortiGate pros

"I would rate the stability as ten out of ten for IPFire."

"IPFire has prevented any kind of hacking and enables us to comply with customer requirements."

"I can enable the features I want and configure the policies based on the user and not all users and network traffic, making firewall management much easier."

"The trackability is most valuable. When a port is open for a protocol, such as port 443 for HTTPS, it can look inside the traffic and identify or verify the applications that are using the port, which was previously not possible with traditional firewalls."

"The most important feature is the firewall. We can make rules to filter the application layer of traffic. It's a very helpful feature."

"The most valuable features of Palo Alto Networks NG Firewalls are DNS sync calls, enabled security features, and Wildfire."

"Palo Alto NGFW provides a unified platform that natively integrates all security capabilities, which is very useful. This prevents us from having to go to a lot of different systems, and in some cases, many different systems in many different regions, because we are a global company with 60 remote offices around the world in 30 different countries. Its centralized platform is really what we look for in all services, whether it be security or otherwise."

"Security is the biggest thing nowadays, including threat response, incident response, and root cause. We found that a lot of the logging and dashboard capabilities offered by Palo Alto fill the missing skill gap that you run up against. It makes it easier for our tier-two staff to get involved in some of the deeper root cause analysis. The dashboards, logs, and reports make it easier for our staff to dive right in and not get lost in what tools they should use. It's easy because they're all right there."

"You just need a web browser to manage it, unlike Cisco, which requires another management system."

"The payload is a very valuable feature."

More Palo Alto Networks NG Firewalls pros

Cons

"One of the most important areas for improvement for Fortinet FortiGate is the limited resources for tests."

"We faced difficulties with the configuration because there are many features we could optimize using Fortinet FortiGate, but our reseller didn't have a good understanding of it. So, we just use it on a basic level, not with the best practice for using FortiGate."

"The logs need to be better. They need to be more visible and easier to access."

"When considering the policy of the vendors, they do not offer much of a discount policy, making the licensing model an area that needs improvement."

"I would rate the technical support of Fortinet a six or seven out of ten. It is not very helpful. I would like to see improvements in their support."

"There can be more security in hybrid implementations. When a customer has a hybrid environment where some parts are in the cloud, we need a consistent security solution for such scenarios."

"Integrating OpenVPN with FortiGate would provide a powerful combination of secure remote access and comprehensive network security."

"There's always something new that can be added or fixed."

More Fortinet FortiGate cons

"The graphical interface could be much better."

"Accessing the internet was a bit complicated."

"I don't deal with it from a day-to-day perspective, but I can say that the evidence that I typically need is there, but sometimes, it's a task to actually get it and pull it out. They can make it easier to gather that evidence."

"Its stability can be better. Their technical response from the support side can also be better."

"It is a good product, but they can add some functions for port scanning and network scanning."

"Palo Alto Networks NG Firewalls don't provide a unified platform that natively integrates all security capabilities. It's missing some features for geofencing and understanding locations."

"There are some advanced features that we aren't able to use, which include active IP authentication and app ID. We are facing challenges with implementing those two features."

"Its price can be better. They should also provide some more examples of configurations online."

"Based on the features that I have seen so far, I do not see any room for improvement, but they can improve their CLI documentation. I haven't really seen much when it comes to CLI documentation."

"The solution has normal authentication, but does not have two-factor or multi-factor authentication. There is room for development there."

More Palo Alto Networks NG Firewalls cons

Pricing and Cost Advice

"Fortinet bundles FortiGate with other products and because of this, the price is a little expensive to some SMB enterprises."

"Setup costs and pricing depends on many variables, but it's mostly affordable."

"The license of Fortinet FortiGate should be reduced."

"We pay for the solution annually."

"The price of Fortinet FortiGate is reasonable."

"Fortinet FortiGate SWG is an affordable solution."

"The price is okay."

"The price is really low. It's cheap in comparison to the cost of Cisco or CheckPoint, for example."

More Fortinet FortiGate pricing and cost advice

Information not available

"We would advise that this solution has a higher price point than other comparable products, however, the license fee covers all the features that the solution can provide and there are not extra costs involved."

"The product is expensive compared to competing products but uses a similar type of pricing model based on hardware, software and maintenance."

"The price is expensive, especially in Turkey, where I am located... Palo Alto is very expensive compared to other vendors, like Fortinet."

"The price of Palo Alto Networks NG Firewalls is high, but it is worth it if you have the budget for it."

"The pricing is competitive in the market."

"Licensing is a big issue for us because of the complexity and the lack of engagement from Palo Alto. It has been hard to talk with them as we don't get the best answers."

"It's cheaper to replace the equipment every three years than to upgrade. We have done two refreshes of their appliances. What I have seen is that the initial hardware cost is low, but you need a subscription and you need maintenance plans. After every three years, if you're trying to renew your maintenance or subscription, that can be very costly. It's cheaper to just get a newer solution with a three-year subscription and maintenance. It's cheaper to replace your hardware completely with a new subscription plan and a new maintenance plan than to renew the maintenance subscription on existing hardware."

"This is an expensive product, which is why some of our customers don't adopt it."

More Palo Alto Networks NG Firewalls pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Firewalls solutions are best for your needs.

See recommendations

881,082 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

12%

Comms Service Provider

Manufacturing Company

Financial Services Firm

Comms Service Provider

21%

Computer Software Company

Government

University

Computer Software Company

10%

Financial Services Firm

Manufacturing Company

Educational Organization

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	357
Midsize Enterprise	133
Large Enterprise	188

No data available

By reviewers
Company Size	Count
Small Business	74
Midsize Enterprise	56
Large Enterprise	85

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

When you compare these firewalls you can identify them with different features, advantages, practices and usage a...

See all answers

What is the biggest difference between Sophos XG and FortiGate?

From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...

See all answers

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?

As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...

See all answers

What needs improvement with IPFire?

The graphical interface could be much better.

See all answers

What is your primary use case for IPFire?

I use IPFire ( /products/ipfire-reviews ) to protect my home.

See all answers

What advice do you have for others considering IPFire?

Sometimes configuring IPFire is challenging. Overall, I would rate this solution as eight out of ten.

See all answers

What is a better choice, Azure Firewall or Palo Alto Networks NG Firewalls?

Azure Firewall Vs. Palo Alto Network NG Firewalls Both solutions provide stellar stability and security. Azure Firew...

See all answers

Features comparison between Palo Alto and Fortinet firewalls

In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it...

See all answers

Which is better - Palo Alto Networks NG Firewalls or Sophos XG?

Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat si...

See all answers

Comparisons

Sophos Firewall vs Fortinet FortiGate

Compared 20% of the time

Cisco Secure Firewall vs Fortinet FortiGate

Compared 13% of the time

Netgate pfSense vs Fortinet FortiGate

Compared 6% of the time

OPNsense vs Fortinet FortiGate

Compared 3% of the time

SonicWall TZ vs Fortinet FortiGate

Compared 3% of the time

More Fortinet FortiGate Competitors

OPNsense vs IPFire

Compared 77% of the time

Smoothwall Firewall vs IPFire

Compared 5% of the time

Netgate pfSense vs IPFire

Compared 4% of the time

Untangle NG Firewall vs IPFire

Compared 3% of the time

More IPFire Competitors

Cisco Secure Firewall vs Palo Alto Networks NG Firewalls

Compared 18% of the time

Cisco Meraki MX vs Palo Alto Networks NG Firewalls

Compared 12% of the time

Check Point Quantum Force (NGFW) vs Palo Alto Networks NG Firewalls

Compared 10% of the time

Sophos Firewall vs Palo Alto Networks NG Firewalls

Compared 7% of the time

Azure Firewall vs Palo Alto Networks NG Firewalls

Compared 7% of the time

More Palo Alto Networks NG Firewalls Competitors

Product Reports

Buyer's Guide

Fortinet FortiGate

January 2026

Download Fortinet FortiGate product report

Buyer's Guide

Firewalls

January 2026

Download IPFire product report

Buyer's Guide

Palo Alto Networks NG Firewalls

January 2026

Download Palo Alto Networks NG Firewalls product report

Also Known As

Fortinet FortiGate Next-Generation Firewall

No data available

Palo Alto NGFW, Palo Alto Networks Next-Generation Firewall

Overview

Fortinet FortiGate is a versatile network security tool offering features like VPN, firewall, web filtering, intrusion prevention, and scalability. It is known for its performance and integration with other Fortinet products, making it a preferred choice for robust cybersecurity.

Fortinet FortiGate stands out as a comprehensive cybersecurity solution with strong performance and ease of configuration. It delivers unified threat management, integrating features such as dynamic routing, SD-WAN support, and centralized management. Despite its strengths, improvements in the web interface's stability, pricing structures, and reporting capabilities are needed. Users seek better integration with third-party tools and automation advancements to enhance the experience further. These enhancements, alongside improvements in bandwidth management and the reduction of licensing costs, are points of interest for users looking to capitalize on FortiGate's extensive capabilities.

What are Fortinet FortiGate's key features?

VPN: Ensures secure remote connections.
Firewall: Protects against unauthorized access.
Web Filtering: Blocks malicious sites and content.
Application Control: Manages and controls applications.
Intrusion Prevention: Detects and prevents vulnerabilities.
SSL Inspection: Enhances security by inspecting encrypted traffic.

What benefits should be considered when evaluating Fortinet FortiGate?

Affordability: Offers cost-effective security solutions.
Reliability: Known for consistent and stable performance.
Integration: Seamlessly integrates with other Fortinet products.
Comprehensive Protection: Provides broad threat protection capabilities.

Fortinet FortiGate is widely implemented across industries as a primary firewall system for securing internet gateways and safeguarding data centers. It supports businesses in achieving SD-WAN integration and enhances cybersecurity by providing essential features like antivirus, web filtering, and application control. Enterprises utilize FortiGate for securing remote connections and ensuring compliance with security standards, making it adaptable for different network sizes and industries.

Fortinet

IPFire enhances network security and protects against cyber threats. It provides a secure firewall, secure remote access, and customizable options. Users praise its ease of use, flexibility, and reliability for network monitoring and traffic shaping. Its valuable features include efficient firewall capabilities, a user-friendly interface, and reliable network performance.

IPFire Project

Palo Alto Networks NG Firewalls deliver advanced threat protection with machine learning, enhancing security through real-time attack prevention. Known for application visibility and a user-friendly interface, they offer robust network protection and flexibility in rule creation.

Palo Alto Networks NG Firewalls are designed to secure environments with features like GlobalProtect VPN, WildFire malware detection, and unified platform integration. Their strong firewall capabilities and high-performance throughput make them suitable for perimeter and data center protection, VPN configurations, application control, and network segmentation. Users consistently highlight the ease of managing network security policies and integrating third-party tools, ensuring a comprehensive protection strategy. While enhancements in support, training resources, and configuration simplicity are needed, these firewalls are integral for securing both on-prem and cloud environments, aligning with platforms like Azure and AWS.

What are the key features of Palo Alto Networks NG Firewalls?

Application Visibility: Provides insight into network traffic for better control.
Threat Prevention: Uses machine learning for real-time attack prevention.
GlobalProtect VPN: Secures remote access efficiently.
WildFire Malware Detection: Detects and prevents advanced threats.
Unified Platform Integration: Enhances network security through seamless integration with other tools.

What benefits should be evaluated when considering Palo Alto Networks NG Firewalls?

Flexibility in Rule Creation: Allows customized security policies to meet specific needs.
High-Performance Throughput: Ensures efficient network operations under high load.
Comprehensive Policy Management: Simplifies overseeing and adjusting security policies.
Robust Endpoint Security: Protects endpoints against sophisticated threats.
Seamless Integration: Works well with third-party tools for a comprehensive solution.

Palo Alto Networks NG Firewalls are commonly implemented across industries for securing LAN environments, URL filtering, and ensuring Zero Trust security. They secure both on-premises and cloud infrastructures, often becoming integral parts of security frameworks within enterprises. Leveraging these firewalls in conjunction with Azure or AWS enhances the overall network protection strategies employed by organizations.

Palo Alto Networks

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya

1. Siemens 2. IBM 3. Cisco 4. Dell 5. HP 6. Intel 7. Oracle 8. Google 9. Microsoft 10. Amazon 11. Apple 12. Facebook 13. Twitter 14. Netflix 15. Adobe 16. SAP 17. VMware 18. Juniper Networks 19. Ericsson 20. Nokia 21. AT&T 22. Verizon 23. T-Mobile 24. Vodafone 25. Orange 26. Deutsche Telekom 27. British Telecom 28. Comcast 29. Time Warner 30. Sony 31. Samsung 32. LG

SkiStar AB, Ada County, Global IT Services PSF, Southern Cross Hospitals, Verge Health, University of Portsmouth, Austrian Airlines, The Heinz Endowments

Buyer's Guide

IPFire vs. Palo Alto Networks NG Firewalls

December 2025

Free Report: IPFire vs. Palo Alto Networks NG Firewalls

Find out what your peers are saying about IPFire vs. Palo Alto Networks NG Firewalls and other solutions. Updated: December 2025.

DOWNLOAD NOW

881,082 professionals have used our research since 2012.

See our IPFire vs. Palo Alto Networks NG Firewalls report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.