Cyber Resilience

Fortinet vs Palo Alto next generation firewalls

02 April 2021 | ITHQ Tech Team

Fortinet and Palo Alto next generation firewalls are both highly rated by analysts, users and in independent tests. But which one is right for your business?

While Palo Alto is frequently evaluated highly because of its features, Fortinet is as yet unbeatable on price / performance value.

NSS Labs rated rated Fortinet top value of the next generation firewalls tested, with $2 TCO per protected Mbps, while still delivering strong security and performance.

Palo Alto is far more expensive at $7 TCO and was placed 5th out of the ten solutions tested.

Fortinet users also report ease of use as one of its perks, as opposed to Palo's complexity, despite the latter's rich feature set.

Overall, both products are considered leaders by Gartner and deliver excellent results as part of an overarching cyber resilience strategy. Here's a like for like comparison to help you select the right option for your business.


Next Generation Firewalls: Key considerations

  • What is the forecast ROI based on performance, cost and scalability?
  • Does it identify users, services and validate data?
  • How well does it perform when running full threat protection?
  • Does it enable secure remote access - IPsec VPN, SSL inspection capacity etc - with minimal degradation in throughput?
  • Does it have easy, single-pane-of-glass management?
  • What do other customers say about it?


Comparison of NGFWs (NSS Labs testing results)


Fortinet logo

FortiGate 500E V5.6.3GA build 7858


PA-5220 PAN-OS 8.1.1

Business Benefits  
Exploit Block Rate
99.31% 98.73%
Evasion Techniques
100% against evasions tested
100% against evasions tested
Stability & reliability
Security effectiveness
Performance Rating

US $2 TCO / protected Mbps

6,753 Mbps ⇑

Vendor rating: 5,200 Mbps


US $7 TCO / protected Mbps

7,888 Mbps ⇓

Vendor rating: 9,000 Mbps



New call-to-action


Industry and Peer Reviews

Gartner Peer Insights


Fortinet logo


  FortiGate NGFW PA-Series





Gartner Magic Quadrant for Network Firewalls



The Forrester WaveTM Enterprise Firewalls 2020



Independent Testing

Fortinet logo




Above Average

NSS labs


Above Average

VB100virus Certified

Advanced Threat Defence

IPSEC with IKEv@ Criteria 3.1



Network Intrusion Prevention Systems

Web Application Firewall


Advanced Threat Defence

Modular Firewall Criteria 4.2x

(General purpose network firewalls)


New call-to-action



Fortinet logo

 Total Cost of Ownership: $2 per protected Mbps

Pricing includes FortiGuard subscription licenses and FortiCare support options

Hardware and services can be purchased as bundles or individually

Entry-Level hardware appliances
High-End hardware appliances
$500 approx

Model tested by NSS Labs: 500E

$5,000 - $22,000 depending on warranty and support level


Get detailed FortiGate pricing



 Total Cost of Ownership: $7 per protected Mbps

Price does not include support

All hardware elements and licenses purchased separately

Entry-Level hardware appliances High-End hardware appliances
$1,000 approx
$1 million plus

Model tested by NSS Labs: PA-5220

$70,000 approx support packages billed on top