Palo Alto Networks NG Firewalls vs WatchGuard XTM [EOL] comparison

Palo Alto Networks and WatchGuard are both solutions in the Firewalls category. Additionally, 96% of Palo Alto Networks users are willing to recommend the solution, compared to 90% of WatchGuard users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jul 13, 2025

WatchGuard XTM [EOL] and Palo Alto Networks NG Firewalls are top contenders in network security. While WatchGuard XTM [EOL] is appreciated for its affordability and support, Palo Alto Networks NG Firewalls stand out with advanced features, making them a more appealing choice.

Features: WatchGuard XTM [EOL] is popular for its easy management, robust VPN capabilities, and URL filtering. It provides comprehensive security with its user-friendly interface. Meanwhile, Palo Alto Networks NG Firewalls provide application-based policy control, integrated threat intelligence, and superior threat prevention, offering a stronger security posture.

Room for Improvement: WatchGuard XTM [EOL] could enhance its reporting features and threat intelligence integration. Its lack of advanced threat prevention may concern those seeking higher security. Improvements in application control capabilities and reduced hardware limitations are also noted. Palo Alto Networks NG Firewalls can work on reducing their complexity and setup time. The interface could be more intuitive for newcomers. Enhancing cost-effectiveness for smaller organizations and improving the clarity of documentation could also be beneficial.

Ease of Deployment and Customer Service: WatchGuard XTM [EOL] is praised for its straightforward setup and reliable support, making it suitable for organizations with limited IT resources. On the other hand, although Palo Alto Networks NG Firewalls require more deployment effort, they are backed by thorough documentation and excellent customer support, leading to better long-term management.

Pricing and ROI: Priced competitively, WatchGuard XTM [EOL] appeals to budget-conscious environments, offering good ROI with low initial costs. Palo Alto Networks NG Firewalls, though more expensive initially, deliver higher ROI through enhanced security features and fewer security breaches. Their automation capabilities help lower operational costs over time, balancing the upfront cost with long-term savings.

To learn more, read our detailed Firewalls Report (Updated: August 2025).

Buyer's Guide

Firewalls

August 2025

Download the complete report

Helped 865,384 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortinet FortiGate

Featured Reviews

Vasu Gala

Manager, Information Technology Operation/Presales at TechMonarch

A stable solution with an intuitive interface and quick customer service

I have been working with Fortinet FortiGate, WatchGuard, Sophos, and SonicWall. I'm not as comfortable with SonicWall because of their UI and limitations. I prefer Fortinet above all other options. When it comes to configuration, I am confident in my ability to handle various tasks, including creating policies such as firewall rules, web policies, and application policies. Additionally, I can configure VPNs and implement load balancing, among other tasks. Overall, I feel much more comfortable working with Fortinet. Fortinet has made significant improvements by integrating AI with firewalls for threat analysis and prevention. In the past 2-3 years, they have launched FortiSASE and SIEM, and they also provide SOC services. Both Palo Alto and Fortinet FortiGate are excellent. While Fortinet FortiGate comes at higher prices, the functionality and support justify the cost. They promptly resolve firmware issues and inform all support providers about configuration changes.

Read full review

AmjadKhan1

Head of data centers at a non-profit with 10,001+ employees

Provides inline protection with a unified view and anti-spyware capabilities

I would rate Palo Alto Networks NG Firewalls ten out of ten because it is the best. Our disaster recovery site utilizes Palo Alto Networks Next-Generation Firewalls. We are also in the process of upgrading the firewalls at our 365 sites in Pakistan to Palo Alto Networks firewalls. While budget firewalls may advertise comparable features, they often fall short of effectively detecting viruses, threats, and ransomware. In contrast, Palo Alto Networks NG Firewalls, combined with Cortex XDR, provide comprehensive threat intelligence and detection capabilities, ensuring superior security coverage. I recommend conducting a proof of concept before selecting a firewall. This will allow you to evaluate different options and determine which best suits your needs. While Palo Alto offers robust firewall solutions, it's essential to compare them with other vendors to ensure you make an informed decision.

Read full review

Generalm4545

General Manager- IT & Automation - Serum at a pharma/biotech company with 1,001-5,000 employees

Protects from attack software and hacking but it doesn't provide the reports in a readable format

In my opinion, image clarity is very important, because I don't get the proper image product on reports. This means that functionality is not there. My engineer does not know how he can replace an order. We attach a log after any kind of keys using a utility instead. For the internet policies that we are implementing, the policy should be based on proper protocols. We use the default policies and there are a number of third-party protocols that appear here. Management with WatchGuard XTM means that out of policy is the problem from our side. In this way, we can not do effective services for people with this one. The policy definition with WatchGuard XTM is not proper for all use case requirements. I've got weekly business reports that I am expecting attachments with from WatchGuard XTM that display data for all kinds of consideration which should be required. Main User Functionality Level Order must adhere to using the admin functionality on the registry, or else our users publish their own name. Maybe these recommendations are irrelevant, but I say that the issue to improve most with WatchGuard XTM is the Main User Function.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The best feature of Fortinet FortiGate is the IPS or IDS implementation."

"Scaling-wise, there have been no problems with Fortinet FortiGate."

"Good anti-malware and web filtering features."

"It's a user-friendly firewall. Most of the tasks are very simple. It's simple to configure and troubleshoot this firewall."

"The usage in general is pretty good."

"The application control features, such as Facebook blocking and Spotify blocking, are the most valuable."

"Fortigate represents a really scalable way of delivering perimeter network security, some level of layer 7 security, WAF, and also a way to create a meshed ADVPN solution."

"The best feature of Fortinet FortiGate is value for money."

More Fortinet FortiGate pros

"The most valuable feature is WildFire, which blocks sophisticated attacks and distinguishes it from other traditional firewall functions."

"We like the fact that this product can provide multiple layers of protection depending on our clients requirements, and can be configured to whatever level of protection and the specific protocols that they want."

"The best feature is the packet inspection; compared to solutions like Cisco and FortiGate, Palo Alto's packet inspection is much less CPU intensive, allowing it to detect threats embedded within packages more quickly and efficiently."

"Palo Alto Networks NG Firewalls provide a unified platform that natively integrates all security capabilities."

"Operationally, it is easier, and the manageability and their security features are good."

"The solution does a great job of identifying malicious items and vulnerabilities with URL filtering."

"Overall, it is a good solution. It is stable. We use URL filtering, which is useful for blocking undesired URLs."

"The application awareness feature that recognizes application IDs and vulnerability protection are Palo Alto Networks NG Firewalls' most valuable features."

More Palo Alto Networks NG Firewalls pros

"I like the hostwatch because I can see what traffic uses the most bandwidth and I can block that site."

"SNMP status monitoring and the Central Management Software."

"It is stable and does not require you to reboot all the time."

"After installing the product, we achieved awareness of our data protection needs and email misuse."

"Monitoring of network activity is included in the box."

"Reputation Enabled Defense indicates that some websites are so infested that it's not even worth visiting them, and therefore saving the bandwidth of going through the detection process."

"WatchGuard XTM is fairly basic. We use it as the perimeter firewall. The main point is to protect from attack software and hacking."

"We have used technical support for WatchGuard many times and overall, we are satisfied with it. They are always listening and there is a good reaction time to our findings. When there are issues, they really try to resolve them."

More WatchGuard XTM [EOL] pros

Cons

"Fortinet technical support is lacking, as OEM support is slightly better. Improvement in their technical support could include response time as well as having more technically sound people in tech support."

"Fortinet FortiGate could improve if it had a cloud-managed solution."

"They need faster serviceability and more security features."

"Quality control on their firmware versions needs improvement. When they introduce new firmware, there tend to be bugs."

"The main aspect of FortiGate that could be improved is load balancing. Our management team does not want to buy another appliance for only load balancing."

"I would like to see improvements made to the dashboard and UI, as well as to the reporting."

"There's always something new that can be added or fixed."

"They sometimes hide some features and if you want to enable them, you have to go in the CLI, enable the feature and configure it through the CLI. Customers, typically, like everything to be done by the GUI."

More Fortinet FortiGate cons

"The price of the solution is very high."

"I would like them to bring in some features that would encourage traffic shaping or bandwidth routing, like other UTM firewalls, because the solution should be capable of limiting the bandwidth for rules."

"The technical support from Palo Alto could be better; I find that it can be improved. The issues are mainly with response time and quality, as their first level support used to be better a couple of years ago, but now you sometimes get support that isn't as good."

"Palo Alto Networks NG Firewalls work slowly for vulnerability management. Its performance could be faster."

"Lacks mobility between on-prem and cloud based."

"We are not happy with Palo Alto at all. It would be better if they provided more support for the firewall. We have a few pending issues with the configuration for each application. We cannot deploy them yet due to some support-related problems in the firewall. We have deployed a few policies for DNS spoofing and DNS attacks, but we could only block a few IP addresses through the policy. That's DNS security, and we have configured a few policies for DNS spoofing and more. URL categorization and URL filtering are not yet adequately maintained. For example, if you created a few rules in the rule-based configuration and made some rules downstairs, you will lose some of them if you give access upstairs. It's not giving us a proper solution for which route it is using. We need to apply the application-based policies and URL filtering-based policies. It creates more issues because we are not getting good support from the team."

"I would like Palo Alto Networks to provide a free virtual firewall."

"There is a bit of limitation with its next-generation capabilities. They could be better. In terms of logs, I feel like I am a bit limited as an administrator. While I see a lot of logs, and that is good, it could be better."

More Palo Alto Networks NG Firewalls cons

"One huge issue with WatchGuard XTM is that I'm not getting reports in a readable format. Readable means, I don't want Excel online. We repeat auditing when we trigger the report or setup calendar. That functionality is what we are looking for from WatchGuard XTM here."

"Syslog (Dimension) is focused on presentation, but needs more focus on utility like SonicWall syslog (GMS/Analyzer)."

"The VPN errors are not helpful when troubleshooting."

"Sometimes we have had issues with stability of the product."

"The initial setup is neither simple nor complex. If you know the base in networking and how the firewall works, you will be able to figure it out."

"The setting policies need improvement. It needs an easier way to do static NAT and check on what policy is being used for that specific traffic."

"I would like them to improve the product's overall protections. This would be good for all product users."

"WatchGuard doesn't have a product that allows them to get into the data center. And that's just because there is no hardware to do the job. The software could do it, but there's no hardware that allows that to happen at the moment. So it doesn't scale as well as some other products, that's for sure."

Pricing and Cost Advice

"The pricing or licensing of Fortinet FortiGate is quite effective as it offers different bundles that aggregate most required features, while also allowing clients the option to select specific components alone."

"At the time we bought them, I was satisfied with their pricing; I don't know how the new pricing will be."

"Setup costs and pricing depends on many variables, but it's mostly affordable."

"Fortinet is the least expensive solution."

"By default, they give SD-WAN along with the firewall. They don't have separate licensing for the SD-WAN functionality. However, they have security licenses that are sold separately on a subscription basis. Customers can consume these security features to protect their users from internet traffic."

"The pricing of the solution is very competitive."

"Work through partners for the best pricing."

"Licensing is usually on a three-year period."

More Fortinet FortiGate pricing and cost advice

"Palo Alto Networks NG Firewalls are more expensive than Cisco firewalls, but slightly less expensive than Juniper firewalls."

"Overall, it is commercially competitive compared to Cisco and Fortinet."

"The pricing is competitive."

"Active/Passive mode is very redundant, but they require you to buy all the associated licensing for both firewalls, which is kind of a waste of money because you are really only using the services on one firewall at a time."

"It is not that expensive. I would rate it an eight out of ten in terms of pricing. Other than the licensing, there are no additional costs."

"It can be quite expensive, but there's a good incentive for the three-year contracts. The part that is especially confusing is for the virtual environment. The credits or the licensing system can be very confusing."

"Reducing costs is important, especially since Prisma can be expensive. It would be great if it were more affordable."

"The pricing is straightforward with no hidden costs."

More Palo Alto Networks NG Firewalls pricing and cost advice

"It costs less than the SO works and others (like SonicWall, Cisco, and Barracuda) without increasing so much CPU use."

"The licensing and renewal is very expensive."

"Like all other manufacturers, there are a lot of features and different pricing. The best is to talk to a representative."

"Get at least a maintenance contract for the updates and take a larger WatchGuard than you need. A WatchGuard creates new ways to secure your network."

See which vendors are best for you

Use our free recommendation engine to learn which Firewalls solutions are best for your needs.

See recommendations

865,384 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

16%

Comms Service Provider

Manufacturing Company

Financial Services Firm

Computer Software Company

13%

Financial Services Firm

Manufacturing Company

Government

No data available

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

When you compare these firewalls you can identify them with different features, advantages, practices and usage a...

See all answers

What is the biggest difference between Sophos XG and FortiGate?

From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...

See all answers

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?

As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...

See all answers

What is a better choice, Azure Firewall or Palo Alto Networks NG Firewalls?

Azure Firewall Vs. Palo Alto Network NG Firewalls Both solutions provide stellar stability and security. Azure Firew...

See all answers

Features comparison between Palo Alto and Fortinet firewalls

In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it...

See all answers

Which is better - Palo Alto Networks NG Firewalls or Sophos XG?

Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat si...

See all answers

Ask a question

Earn 20 points

Comparisons

Sophos XG vs Fortinet FortiGate

Compared 20% of the time

Cisco Secure Firewall vs Fortinet FortiGate

Compared 12% of the time

Netgate pfSense vs Fortinet FortiGate

Compared 11% of the time

Cisco Meraki MX vs Fortinet FortiGate

Compared 5% of the time

Palo Alto Networks WildFire vs Fortinet FortiGate

Compared 2% of the time

More Fortinet FortiGate Competitors

Cisco Secure Firewall vs Palo Alto Networks NG Firewalls

Compared 12% of the time

Azure Firewall vs Palo Alto Networks NG Firewalls

Compared 11% of the time

Sophos XG vs Palo Alto Networks NG Firewalls

Compared 10% of the time

Cisco Meraki MX vs Palo Alto Networks NG Firewalls

Compared 10% of the time

Check Point Quantum Force (NGFW) vs Palo Alto Networks NG Firewalls

Compared 8% of the time

More Palo Alto Networks NG Firewalls Competitors

No data available

Product Reports

Buyer's Guide

Fortinet FortiGate

August 2025

Download Fortinet FortiGate product report

Buyer's Guide

Palo Alto Networks NG Firewalls

August 2025

Download Palo Alto Networks NG Firewalls product report

Buyer's Guide

WatchGuard XTM [EOL]

July 2025

Download WatchGuard XTM [EOL] product report

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall

Palo Alto NGFW, Palo Alto Networks Next-Generation Firewall

No data available

Overview

Fortinet FortiGate offers comprehensive network security and firewall protection across multiple locations. It effectively manages data traffic and secures environments with features like VPN, intrusion prevention, and UTM controls.

Organizations rely on Fortinet FortiGate for its robust integration with advanced security policies, ensuring significant protection for enterprises, cloud environments, and educational sectors. It facilitates network segmentation, application-level security, and authentication management, securing communication within and between locations such as branches and data centers. Its efficient SD-WAN and UTM features enable streamlined data management and enhanced threat protection capabilities. Users appreciate its centralized management, facilitating seamless operations across diverse environments.

What are the key features of Fortinet FortiGate?

VPN Capabilities: Ensure secure remote access for users and seamless site-to-site connections.
Intrusion Prevention System (IPS): Detect and prevent security threats and vulnerabilities.
Advanced Firewall: Offers robust firewalling with application control and web filtering.
SD-WAN: Optimizes application performance and enhances bandwidth management.
SSL VPN: Provides reliable and secure access for remote workers.

What benefits should users expect from Fortinet FortiGate?

High-performance Security: Delivers effective threat mitigation with high availability.
Centralized Management: Simplifies network operations with cloud-based management tools.
Detailed Analytics: Provides comprehensive insights into network activity and security threats.
Load Balancing: Ensures optimal resource distribution and traffic management.

Fortinet FortiGate is crucial in sectors like education, offering robust networks for secure data flow between campuses and facilitating remote learning. In enterprise environments, it allows efficient management of application traffic and security across multiple branches, while in the cloud, it seamlessly integrates with diverse platforms to enhance security infrastructure.

Fortinet

Palo Alto Networks NG Firewalls offer comprehensive security, including application control, traffic shaping, threat prevention, and load balancing, designed to secure internal networks, perimeter protection, VPN services, and cloud environments.

Palo Alto Networks NG Firewalls are a key choice for managing and protecting data centers, securing remote access, network segmentation, malware prevention, and ensuring high availability and performance for business-critical applications. Known for stability and strong security, these firewalls use application-aware identifiers and IPS/IDS subscriptions to offer advanced threat protection. The unified platform facilitates seamless integration, while GlobalProtect and centralized management via Panorama enhance ease of use. However, there are areas for improvement, including pricing strategies, training, user support, and integration with third-party applications.

What are the essential features?

Stability: Reliable performance in different environments.
Application Control: Identifies applications to manage traffic.
Advanced Threat Protection: Includes DNS security, WildFire, and machine learning.
GlobalProtect: Secure remote access for users.
Centralized Management: Managed via the Panorama platform.

What benefits or ROI should users expect?

Security: Protects against threats with robust features.
User-Friendly: Simplified interface and easy configuration.
High Availability: Ensures performance for critical applications.
Integration: Seamless with existing systems and applications.
Support: Reliable technical support and resources.

In industries like finance, healthcare, and retail, Palo Alto Networks NG Firewalls secure sensitive data and meet regulatory requirements. These firewalls help manage large-scale networks in these sectors, providing essential security features and maintaining high-performance standards. They are implemented to ensure compliance, protect patient information, secure financial transactions, and safeguard customer data.

Palo Alto Networks

Small businesses need big security, too, and the WatchGuard XTM Series firewall/VPN appliances deliver that strong protection, but without the hefty price tag. Enterprise-grade security includes full HTTPS content inspection, VoIP support, and optional security subscriptions like Application Control and Intrusion Prevention Service.

WatchGuard

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya

SkiStar AB, Ada County, Global IT Services PSF, Southern Cross Hospitals, Verge Health, University of Portsmouth, Austrian Airlines, The Heinz Endowments

AVG, Cyren, Kaspersky Lab, Lastline, NCP engineering, Trend Micro, Websense

Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls. Updated: August 2025.

DOWNLOAD NOW

865,384 professionals have used our research since 2012.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.