Cyber Resilience

Fortinet vs Palo Alto next generation firewalls

04 March 2022 | ITHQ Tech Team

Fortinet and Palo Alto next generation firewalls are both highly rated by analysts, users and in independent tests. But which one is right for your business?

While Palo Alto is frequently evaluated highly because of its features, Fortinet is as yet unbeatable on price / performance value.

NSS Labs rated Fortinet top value of the next generation firewalls tested, with $2 TCO per protected Mbps, while still delivering strong security and performance.

Palo Alto is far more expensive at $20 TCO, placing 10th out of the twelve solutions tested.

Fortinet users also report ease of use as one of its perks, as opposed to Palo's complexity, despite the latter's rich feature set.

Overall, both products are considered leaders by Gartner and deliver excellent results as part of an overarching cyber resilience strategy. Here's a like for like comparison to help you select the right option for your business.


Next Generation Firewalls: Key considerations

  • What is the forecast ROI based on performance, cost and scalability?
  • Does it identify users, services and validate data?
  • How well does it perform when running full threat protection?
  • Does it enable secure remote access - IPsec VPN, SSL inspection capacity etc - with minimal degradation in throughput?
  • Does it have easy, single-pane-of-glass management?
  • What do other customers say about it?


Comparison of NGFWs (NSS Labs testing results)



Fortinet logo

Fortinet FortiGate 500E v6.0.5 build 0268


Palo Alto Networks PA-5220 PAN-OS 8.1.6-h2

Business Benefits  
Exploit Block Rate
99.86% 97.9%
Evasion Techniques
100% against evasions tested
100% against evasions tested
Stability & reliability
Security effectiveness
Performance Rating

US $2 TCO / protected Mbps

5,978 Mbps ⇑

Vendor rating: 5,000 Mbps


US $20 TCO / protected Mbps

3,660 Mbps ⇓

Vendor rating: 18,500 Mbps



New call-to-action



Industry and Peer Reviews

Gartner Peer Insights


Fortinet logo PaloAltoLogoBlack
Fortigate NGFW PA-Series



Gartner Magic Quadrant for Network Firewalls





Independent Testing


Fortinet logo



High NGFW/SSL Performance


NSS labs

High NGFW/SSL Performance

High TCO




Advanced Threat Defence

IPSEC with IKEv@ Criteria 3.1



Network Intrusion Prevention Systems

Web Application Firewall


Advanced Threat Defence

Modular Firewall Criteria 4.2x

(General purpose network firewalls)

A Firmware Upgrade was required to become Certified.



New call-to-action





Fortinet logo

 Total Cost of Ownership: $2 per protected Mbps

Pricing includes FortiGuard subscription licenses and FortiCare support options

Hardware and services can be purchased as bundles or individually

Entry-Level hardware appliances
High-End hardware appliances
$525 approx
$770,000 approx

Model tested by NSS Labs: 500E

$7,000 - $23,538 depending on warranty and support level


Get detailed FortiGate pricing



 Total Cost of Ownership: $20 per protected Mbps

Price does not include support

All hardware elements and licenses purchased separately

Entry-Level hardware appliances High-End hardware appliances
$1,050 approx

Model tested by NSS Labs: PA-5220

$58,000 approx support packages billed on top