Tuesday, November 30, 2021

NGFW solution - Palo Alto 400 series vs Fortigate F Series

We are looking for a ngfw solution for all our schools and we've tested out Palo Alto's 450 and 460 models as well as the Fortigate 100F series.

What I'm not sure of is if we are comparing apples to apples between the two. The best comparison I could come up with was as follows:

PA-460 ~ 200F

PA-450 ~ 100F

PA-440 ~ 80F

PA-410 ~ 60F

We tested a 450 and 100F at the same location and tried to make sure all the scanning settings were equivalent on both and we found the 450 to hit a peak of maybe 40% on the data plane and the Fortigate seemed to consistantly get up to 80% memory usage but the cpu numbers seemed fine.

SE for Palo Alto went through all the performance metrics and couldn't find any reason that this box wouldn't handle the load from this school with room to spare. The SE for Fortinet however said that the 100F was at about its limit and should look at possibly sizing up.

The kicker here is pricing for the Fortigates ends up being higher than Palo Alto on a 1, 3 and 5 year term.

So assuming my comparisons above are somewhat close is there any reason we shouldn't choose the Palo Alto 400's for our ngfw solution?

Thanks all!



No comments:

Post a Comment