IPFire vs Palo Alto Networks NG Firewalls comparison

IPFire Project and Palo Alto Networks are both solutions in the Firewalls category. IPFire Project is ranked #35 with an average rating of 8.0, while Palo Alto Networks is ranked #6 with an average rating of 8.9. IPFire Project holds a 1.1% mindshare in Firewalls, compared to Palo Alto Networks’s 5.1% mindshare. Additionally, 100% of IPFire Project users are willing to recommend the solution, compared to 96% of Palo Alto Networks users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jan 25, 2026

Palo Alto Networks NG Firewalls and IPFire compete in the network security domain. Palo Alto Networks NG Firewalls seem to have the upper hand in advanced security features and enterprise-level support, while IPFire benefits from open-source flexibility and cost-effectiveness.

Features: Palo Alto Networks NG Firewalls offer threat prevention, application control, and advanced security analytics, suitable for large enterprises. IPFire provides versatility, ease of use, and modularity, with features like intrusion detection and customizable firewalls.

Ease of Deployment and Customer Service: Palo Alto Networks NG Firewalls offer comprehensive customer support and detailed deployment guides suitable for extensive infrastructures. IPFire is praised for simplicity and easy installation, with community-driven support valuable for flexible setups.

Pricing and ROI: Palo Alto Networks NG Firewalls have higher setup costs, offering substantial ROI by improving security measures. IPFire, as an open-source solution, has lower setup costs, delivering high ROI through its cost-effective approach, ideal for small to medium-sized networks.

To learn more, read our detailed IPFire vs. Palo Alto Networks NG Firewalls Report (Updated: June 2026).

Buyer's Guide

IPFire vs. Palo Alto Networks NG Firewalls

June 2026

Download the complete report

Helped 902,417 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortinet FortiGate

Mindshare comparison

As of June 2026, in the Firewalls category, the mindshare of Fortinet FortiGate is 15.1%, down from 21.7% compared to the previous year. The mindshare of IPFire is 1.1%, down from 1.8% compared to the previous year. The mindshare of Palo Alto Networks NG Firewalls is 5.1%, up from 3.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Firewalls Mindshare Distribution
Product	Mindshare (%)
Fortinet FortiGate	15.1%
Palo Alto Networks NG Firewalls	5.1%
IPFire	1.1%
Other	78.7%

Firewalls

Featured Reviews

Joseph Koomson

IP Network Security Specialist at MTN Ghana

Process-Level CPU Visibility: Introduce detailed CPU-usage metrics per subsystem (e.g., IPS engine, logging) so administrators can quickly identify and address performance spikes.

Analytics with FortiAnalyzer. Being able to pull in logs not just from our FortiGates but from all our other firewalls and then get them in one view has been a game changer. Whether I’m building an executive dashboard or doing a deep dive forensics session, I get everything I need without navigating consoles.Straightforward Application Control. FortiGate spots and blocks unwanted apps (eq. like BitTorrent or streaming services) with accuracy. Segmentation with VDOMs. We’ve carved our data center into four logical ‘mini-firewalls’ enterprise, core, billing, and WAF—all on one box. Each has its own rules and logs, and any traffic between them still gets inspected. It’s like having multiple appliances without the extra hardware. Always-Up-to-Date Threat Feeds. Daily signature updates and AI-driven threat sensing mean we’re blocking the latest vulnerabilities almost as soon as they’re announced.

Read full review

Agharinma Ehiedu

Chief Technology Officer at Agileware Limited

Firewall deployment has secured mission-critical public apps and simplifies Linux-based management

The best features IPFire offers include its very intuitive nature because, even though it has a Linux back-end, in terms of configuration, it has a very rich GUI interface. The GUI and configuration features of IPFire have made my work easier and more efficient because their positioning and the sequence with which I follow is easy. In terms of all the processes, what you need to do at first and the next thing that you need to do is clear. The GUI is well arranged in sequential order, so you can follow that from whatever you want to do until you get the target objective. IPFire includes features with a very robust and rich community that is very much valid in terms of content. IPFire has positively impacted my organization by giving us some mileage. At least, a lot of organizations now know that we have a solution that can deliver the same value.

Read full review

Nitin Yadav

Network & Security Engineer at Arrow PC Network Pvt.Ltd.

Strong threat prevention has reduced phishing and malware while I monitor traffic in depth

Palo Alto Networks NG Firewalls offers application and user awareness, which allow me to control traffic based on threats. The product includes threat prevention, advanced threat prevention, and deep packet inspection that really helps prevent issues in our network. Deep packet inspection inspects full traffic content, even inside applications and encrypted sessions. Deep packet inspection makes a very practical difference day to day because it lets me see and control what is actually inside the traffic, not just the open port or IP. I have real visibility of which application is running instead of just seeing HTTPS. Palo Alto Networks NG Firewalls WildFire sandboxing is really good at detecting and blocking zero-day malware automatically, along with its GlobalProtect and DNS security features. Using Palo Alto Networks NG Firewalls positively impacts my organization by providing strong security, better visibility, faster response, and simplified operations. After deploying Palo Alto Networks NG Firewalls in our network, it blocks malicious traffic and prevents compromises that occurred before Palo Alto Networks NG Firewalls. I can now block outside IPs to prevent issues. After Palo Alto Networks NG Firewalls installation, I reduced 60 to 70 percent of malware and phishing attacks. Its threat prevention and DNS security features detect these attacks, block malicious domains, and reduce manual efforts for the security team.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Since deploying FortiGate 3401E clusters, we have observed: Dramatic Reduction in Risk Exposure—blocked peer-to-peer and unauthorized applications (e.g., BitTorrent) at the perimeter and east-west segments, eliminating a major source of malware and bandwidth abuse."

"What I appreciate the most about Fortinet FortiGate is that it has a very large integration using Fabric, which they call Fabric Connectors."

"We have a lot of experience with this solution and haven't had any issues; for repairs, the RMA process is also good, and we don't have any issues with the interface, customization, or integration, as this solution works well."

"The response is very quick and they can visually resolve our problems in a short period."

"The overall experience has been very good."

"The initial setup is very easy."

"The email protection and VPN features are the most valuable."

"FortiGate SWG has helped our IT security teams to be faster and more responsive."

More Fortinet FortiGate pros

"I would rate the stability as ten out of ten for IPFire."

"IPFire has prevented any kind of hacking and enables us to comply with customer requirements."

"Regarding IPFire's AI capabilities, I think they are quite focused; in all the deployments I have done, I have not had any incidents or breaches."

"I can enable the features I want and configure the policies based on the user and not all users and network traffic, making firewall management much easier."

"I would rate Palo Alto Networks NG Firewalls a nine out of ten, as it is a very good and stable solution, and I recommend it over Check Point, Fortinet, and Cisco; it stands out as the leader."

"If you are looking for a great firewall that helps you stop attacks as well as giving you visibility with the administration, this firewall is the best choice."

"In terms of application filtering and threat analysis, it's a little bit better as compared to the other UTM boxes, such as Sophos or other brands."

"In general, I appreciate the regular firewall function of Palo Alto Networks NG Firewalls."

"With Palo Alto, there isn't any problem, you can open any feature - IPS feature, data encryption feature - there isn't an issue."

"Palo Alto NGFW provides a unified platform that natively integrates all security capabilities which is really important from the end customer point of view."

"This solution not only provides better security than flat VLAN segments but allows easy movement through the lifecycle of the server."

More Palo Alto Networks NG Firewalls pros

Cons

"However, throughout this year, their support has been very poor."

"In FortiGate Next Generation Firewall (NGFW), my concern regarding improvements is the licensing model."

"I don't like that anything more than very basic reporting is not included. You have to buy their cloud module that's an add-on for getting more customized reporting."

"FortiGate is a complete solution, but it is very expensive compared with other solutions."

"We had a minor problem where there was a major system upgrade on the hardware platfrom and the Mac client was not available as soon as it might have been. The PC client was available immediately, but we had to wait a month or so, before there was a mac client. I was slightly irritated that it was not ready on time, but it was eventually resolved."

"The major problem with Fortinet is the support. We have often hardware malfunctions and software bugs and the support is slow."

"The technical support from Fortinet FortiGate is terrible. They can improve."

"There were quite a few problems with the stability of the system."

More Fortinet FortiGate cons

"I would rate IPFire 8 out of 10 because I do not think there is any solution anywhere in the world that is 100 percent efficient."

"Accessing the internet was a bit complicated."

"The graphical interface could be much better."

"Palo Alto has introduced new features in their next-generation firewall, such as SD-WAN. However, the technique of SD-WAN implementation is not easy to understand. It is not easy to deploy at this moment. Maybe, in the future, they can improve the process and how the administrators, partners, or support team can easily deploy this SD-WAN solution on their next-generation firewall. The SD-WAN solution from Fortinet is easy to do. It does not take more than five or 10 minutes. When we talk about Palo Alto, it takes extra effort to implement SD-WAN."

"Palo Alto keeps coming out with antivirus and malware updates. When we have to integrate those updates we face some problems with the cloud platform, not the on-prem setup. The device works fine, but sometimes the sync doesn't happen on time."

"I would like integration with Evident.io and RedLock."

"PA-220 Next-Generation Firewall would be perfect if it has spam filtering."

"This solution is definitely not scalable."

"The tool's central management system is complicated, making it challenging to manage multiple devices centrally. Individually, the firewalls are easy to use and manage. I'd like to see better central management features in the next release. They've introduced some, but I haven't tried them yet, so I can't say how effective they are. However, having a single management interface would be a big improvement."

"The level of control and granularity in terms of rule customization could be enhanced. However, compared to our previous solution, Palo Alto provides much better drill-down capabilities."

"The machine learning in Palo Alto NG Firewalls for securing networks against threats that are able to evolve and morph rapidly is good, in general. But there have been some cases where we get false positives and Palo Alto has denied traffic when there have been new updates and signature releases. Valid traffic gets blocked. We have had some bad experiences with this. If there were an ability, before it denies traffic, to get some kind of notification that some traffic is going to be blocked, that would be good."

More Palo Alto Networks NG Firewalls cons

Pricing and Cost Advice

"Fortinet is the least expensive solution."

"Currently, we are paying about $1,500 a month for three sites."

"It scales well if you know what to buy from a physical box standpoint. They seem to offer something for every level."

"It is cheaper and more competitive compared to other options. For example, when comparing Palo Alto products to others, Palo Alto tends to be more expensive. If you compare Cisco's platform, including Cisco Meraki, with Fortinet products, you'll notice that Cisco's offerings are generally higher priced than Fortinet's firewall solutions."

"The price range is quite acceptable and normal."

"Its pricing is competitive with other solutions."

"Setup cost may be not so low, as you expect, because it depends on different factors, but TCO for 5 years may pleasantly surprise you."

"It is more affordable than Check Point and Palo Alto. Another thing is that all the features and the OS remain the same irrespective of the size of the device. Pricing-wise, Fortinet typically provides one-year support with the firewall appliance. There is also an option for three years which is how their licensing works."

More Fortinet FortiGate pricing and cost advice

Information not available

"With Palo Alto, the licensing is very straightforward. For example, if you only have a requirement for a firewall, you can go with that. If you want to go with a subscription, you get all the features with it."

"Paul Alto is the most expensive solution in this category."

"Its price is higher than other vendors. They need to re-think its pricing. With Fortinet, the SD-WAN feature is totally free, whereas, with Palo Alto, I need to pay for this feature. With Fortinet, there is one licensing, and I can get many things, whereas, with Palo Alto, I need to go for individual licensing."

"Although Palo Alto is expensive, its superior security functions, application identification, and overall performance justify the cost and make it stand out from the competition."

"The price is high."

"The pricing is competitive in the market."

"While Palo Alto Networks Next-Generation Firewalls may be considered expensive, their quality justifies the cost."

"Palo Alto Networks NG Firewalls are more expensive than Cisco firewalls, but slightly less expensive than Juniper firewalls."

More Palo Alto Networks NG Firewalls pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Firewalls solutions are best for your needs.

See recommendations

902,417 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Comms Service Provider

10%

Computer Software Company

Manufacturing Company

Financial Services Firm

Comms Service Provider

21%

Computer Software Company

10%

University

Government

Manufacturing Company

10%

Computer Software Company

Financial Services Firm

Comms Service Provider

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	369
Midsize Enterprise	139
Large Enterprise	195

No data available

By reviewers
Company Size	Count
Small Business	77
Midsize Enterprise	57
Large Enterprise	87

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

When you compare these firewalls you can identify them with different features, advantages, practices and usage a...

See all answers

What is the biggest difference between Sophos XG and FortiGate?

From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...

See all answers

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?

As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...

See all answers

What needs improvement with IPFire?

The graphical interface could be much better.

See all answers

What is your primary use case for IPFire?

I use IPFire ( /products/ipfire-reviews ) to protect my home.

See all answers

What advice do you have for others considering IPFire?

Sometimes configuring IPFire is challenging. Overall, I would rate this solution as eight out of ten.

See all answers

What is a better choice, Azure Firewall or Palo Alto Networks NG Firewalls?

Azure Firewall Vs. Palo Alto Network NG Firewalls Both solutions provide stellar stability and security. Azure Firew...

See all answers

Features comparison between Palo Alto and Fortinet firewalls

In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it...

See all answers

Which is better - Palo Alto Networks NG Firewalls or Sophos XG?

Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat si...

See all answers

Comparisons

Sophos Firewall vs Fortinet FortiGate

Compared 16% of the time

Cisco Secure Firewall vs Fortinet FortiGate

Compared 13% of the time

Netgate pfSense vs Fortinet FortiGate

Compared 3% of the time

Check Point Quantum Force (NGFW) vs Fortinet FortiGate

Compared 3% of the time

OPNsense vs Fortinet FortiGate

Compared 3% of the time

More Fortinet FortiGate Competitors

OPNsense vs IPFire

Compared 61% of the time

Netgate pfSense vs IPFire

Compared 8% of the time

Sophos Firewall vs IPFire

Compared 6% of the time

Untangle NG Firewall vs IPFire

Compared 4% of the time

KerioControl vs IPFire

Compared 3% of the time

More IPFire Competitors

Cisco Meraki MX vs Palo Alto Networks NG Firewalls

Compared 17% of the time

Cisco Secure Firewall vs Palo Alto Networks NG Firewalls

Compared 14% of the time

Check Point Quantum Force (NGFW) vs Palo Alto Networks NG Firewalls

Compared 9% of the time

Check Point Cloud Firewall (formerly CloudGuard Network Security) vs Palo Alto Networks NG Firewalls

Compared 5% of the time

Azure Firewall vs Palo Alto Networks NG Firewalls

Compared 4% of the time

More Palo Alto Networks NG Firewalls Competitors

Product Reports

Buyer's Guide

Fortinet FortiGate

June 2026

Download Fortinet FortiGate product report

Buyer's Guide

Firewalls

May 2026

Download IPFire product report

Buyer's Guide

Palo Alto Networks NG Firewalls

June 2026

Download Palo Alto Networks NG Firewalls product report

Also Known As

Fortinet FortiGate Next-Generation Firewall

No data available

Palo Alto NGFW, Palo Alto Networks Next-Generation Firewall

Overview

Fortinet FortiGate is a versatile network security tool offering features like VPN, firewall, web filtering, intrusion prevention, and scalability. It is known for its performance and integration with other Fortinet products, making it a preferred choice for robust cybersecurity.

Fortinet FortiGate stands out as a comprehensive cybersecurity solution with strong performance and ease of configuration. It delivers unified threat management, integrating features such as dynamic routing, SD-WAN support, and centralized management. Despite its strengths, improvements in the web interface's stability, pricing structures, and reporting capabilities are needed. Users seek better integration with third-party tools and automation advancements to enhance the experience further. These enhancements, alongside improvements in bandwidth management and the reduction of licensing costs, are points of interest for users looking to capitalize on FortiGate's extensive capabilities.

What are Fortinet FortiGate's key features?

VPN: Ensures secure remote connections.
Firewall: Protects against unauthorized access.
Web Filtering: Blocks malicious sites and content.
Application Control: Manages and controls applications.
Intrusion Prevention: Detects and prevents vulnerabilities.
SSL Inspection: Enhances security by inspecting encrypted traffic.

What benefits should be considered when evaluating Fortinet FortiGate?

Affordability: Offers cost-effective security solutions.
Reliability: Known for consistent and stable performance.
Integration: Seamlessly integrates with other Fortinet products.
Comprehensive Protection: Provides broad threat protection capabilities.

Fortinet FortiGate is widely implemented across industries as a primary firewall system for securing internet gateways and safeguarding data centers. It supports businesses in achieving SD-WAN integration and enhances cybersecurity by providing essential features like antivirus, web filtering, and application control. Enterprises utilize FortiGate for securing remote connections and ensuring compliance with security standards, making it adaptable for different network sizes and industries.

Fortinet

IPFire enhances network security and protects against cyber threats. It provides a secure firewall, secure remote access, and customizable options. Users praise its ease of use, flexibility, and reliability for network monitoring and traffic shaping. Its valuable features include efficient firewall capabilities, a user-friendly interface, and reliable network performance.

IPFire Project

Palo Alto Networks NG Firewalls deliver advanced threat protection with machine learning, enhancing security through real-time attack prevention. Known for application visibility and a user-friendly interface, they offer robust network protection and flexibility in rule creation.

Palo Alto Networks NG Firewalls are designed to secure environments with features like GlobalProtect VPN, WildFire malware detection, and unified platform integration. Their strong firewall capabilities and high-performance throughput make them suitable for perimeter and data center protection, VPN configurations, application control, and network segmentation. Users consistently highlight the ease of managing network security policies and integrating third-party tools, ensuring a comprehensive protection strategy. While enhancements in support, training resources, and configuration simplicity are needed, these firewalls are integral for securing both on-prem and cloud environments, aligning with platforms like Azure and AWS.

What are the key features of Palo Alto Networks NG Firewalls?

Application Visibility: Provides insight into network traffic for better control.
Threat Prevention: Uses machine learning for real-time attack prevention.
GlobalProtect VPN: Secures remote access efficiently.
WildFire Malware Detection: Detects and prevents advanced threats.
Unified Platform Integration: Enhances network security through seamless integration with other tools.

What benefits should be evaluated when considering Palo Alto Networks NG Firewalls?

Flexibility in Rule Creation: Allows customized security policies to meet specific needs.
High-Performance Throughput: Ensures efficient network operations under high load.
Comprehensive Policy Management: Simplifies overseeing and adjusting security policies.
Robust Endpoint Security: Protects endpoints against sophisticated threats.
Seamless Integration: Works well with third-party tools for a comprehensive solution.

Palo Alto Networks NG Firewalls are commonly implemented across industries for securing LAN environments, URL filtering, and ensuring Zero Trust security. They secure both on-premises and cloud infrastructures, often becoming integral parts of security frameworks within enterprises. Leveraging these firewalls in conjunction with Azure or AWS enhances the overall network protection strategies employed by organizations.

Palo Alto Networks

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya

1. Siemens 2. IBM 3. Cisco 4. Dell 5. HP 6. Intel 7. Oracle 8. Google 9. Microsoft 10. Amazon 11. Apple 12. Facebook 13. Twitter 14. Netflix 15. Adobe 16. SAP 17. VMware 18. Juniper Networks 19. Ericsson 20. Nokia 21. AT&T 22. Verizon 23. T-Mobile 24. Vodafone 25. Orange 26. Deutsche Telekom 27. British Telecom 28. Comcast 29. Time Warner 30. Sony 31. Samsung 32. LG

SkiStar AB, Ada County, Global IT Services PSF, Southern Cross Hospitals, Verge Health, University of Portsmouth, Austrian Airlines, The Heinz Endowments

Buyer's Guide

IPFire vs. Palo Alto Networks NG Firewalls

June 2026

Free Report: IPFire vs. Palo Alto Networks NG Firewalls

Find out what your peers are saying about IPFire vs. Palo Alto Networks NG Firewalls and other solutions. Updated: June 2026.

DOWNLOAD NOW

902,417 professionals have used our research since 2012.

See our IPFire vs. Palo Alto Networks NG Firewalls report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.