Palo Alto Networks K2-Series Reviews

I'm a telecom operator, so all of my IT and network management stuff is behind this firewall. 

Palo Alto K2-Series firewalls could use some technical improvements, like main and standby, as well as FTU and STU support. In addition, they should upgrade the CPU, and there are so many other things that I cannot think of off the top of my head. 

I've been using Palo Alto firewalls for two years.

Product-wise, it's stable, but it takes too long to switch between main and standby — maybe 10 to 12 seconds — and sometimes my traffic cuts out, yes. Also, the CPU processing power is not so good.

Palo Alto firewalls are scalable enough. We have about 110 employees in our company, and we are about to expand to 130.

Most firewall companies offer similar products, like Fortinet, etc., but Palo Alto support is not as good as its competitors. Palo Alto is almost zero. If we have issues, they take anywhere from two days to a week to respond. I even wrote to their CEO because there was no response. When it comes to support, this is the worst company.

We have no idea how complicated the setup is. An agent from Palo Alto did all that and then conducted some training. And if we need something, we have to call the agent.

The price is high, but we've already purchased these two boxes, so we have to continue using them for some time. Unfortunately, the salesperson we worked with isn't a Diamond-level agent, so he couldn't give us good discounts. But maybe a lower price is possible.

I rate Palo Alto K2-Series Firewall six out of 10.

We are a solution provider and the Palo Alto K2-Series is one of the products that we implement for our clients. Our clients for this work in a variety of sectors.

Palo Alto has a unique solution for DNS security, which is very good. It includes signatures for the domains and machine learning functionality. It is currently the most popular feature for our customers.

The URL Filtering module needs to have more categories added to it.

The concept of clustering would be of benefit to Palo Alto and it would make it more productive. For example, with Forcepoint, you can cluster two different products.

We have seen no issues with stability.

Scalability is good.

We are satisfied with the technical support.

I am also familiar with the next-generation firewall solution by Forcepoint.

Palo Alto is similar to other commercial firewalls but it has two unique functions. First, the engine is very sophisticated and well suited to the epicenter. It also has good performance. The second area that is unique is DNS Security.

I am familiar with Fortinet products and they are also very good, but they are cheaper than Palo Alto.

The initial setup is straightforward.

While the firewall itself is on-premises, some of the services such as DNS Security and WildFire are cloud-based options that depend on a public cloud or the Palo Alto cloud. There are also options such as Cortext XDR, which has traps that extend to the cloud.

Pricing is a sensitive issue because the cost is high in this market. If the price were reduced then it would be very good because it will be more competitive with vendors such as Fortinet. In fact, I would say that pricing is the weakest point of this solution.

I would rate this solution a nine out of ten.

Generally, the solution is used as a perimeter-based firewall with a secondary firewall covering the servers.

Benefit wise with the speed of deep packet inspection, we've found it will assist with a quicker resolution to a potential false-positive alert. You're able to drill down. It's a third to probably 75% faster than a lot of the other premier firewalls on inspections. Therefore, your root cause analysis will then come to a resolution quicker. It's all about speed.

The deep inspection functionality is great.

The solution scales well.

As long as the solution is kept updated, it's pretty stable. 

The solution provides a lot of value to the client.

The licensing cost is a typical complaint with many clients. The solution is expensive.

In terms of automation, they could get better with it, especially with third-party integration. There are not too many products that will integrate with ease to the Palo Alto product set. They keep things locked down quite hard, which technically is also a benefit. That said, third-party integration definitely would be a benefit to us, as most of our implementations are two or even three different firewalls. Having third-party tools that integrate with all three or all two other products would be a benefit.

I've used the solution since it came out, about seven years ago.

The stability of the product has to be put into a relative context. If people keep it upgraded and maintained, there are generally no issues. If they let it fall behind and we have to do a catch-up or leapfrog versions then there could be other complexities.

The solution is scalable. If a company puts in at the right requirements and they double it by 50%, which you should always do, then there is lots of headroom until the next refresh cycle.

Any type of company can leverage the solution, from smaller organizations to very large enterprises. The main difference is if there's a higher security environment, the solution requires more attention. However, it has the capability to handle any size of setup.

I've never directly spoken with technical support and therefore cannot speak to how helpful or responsive they are. 

The solution is complex due to the fact that the salespeople from Palo Alto, or even from my firm will say, oh, we can just use this import wizard. However, that works to about a 60% level, and it does not do a complete import of Fortinet to Palo Alto or Cisco to a Palo Alto or Check Point to a Palo Alto.

That's where the complexity comes in. The customer thinks it's going to be easy. The salespeople said it's going to be easy. However, it really is not.

The time it takes to implement the solution is a hundred percent dependent upon the requirements of the solution. I've had firewalls taking six months to implement in a large retail environment and I've had also firewalls where you walk in and they give you just outbound requirements, and boom, it's up and out in two hours. That's why it really depends upon the complexity of the requirements.

The cost of the product is quite high.

I deal in list price. I don't get into discounting due to the fact that I do everything on a solution based on the list price. I have seen super heavy discounts from Palo Alto, however.

The licensing for Palo Alto is very straightforward. They include a lot in their base license. However, there may be features in there that are included and are buried in the base licensing cost that the customer will never use.

We're partners with Palo Alto. 

I'm dealing with all different versions of the solution and not necessarily just the most recent version. While most of what we work with is on-prem, many people are now moving to the cloud.

I would advise those considering the solution to ensure that they have a knowledgeable installer. That is critical. Most of ours that we take over are watched installs.

I rate the product at a nine out of ten. From a security/cost-benefit perspective, it's one of the best.

The most valuable feature is availability.

There are a lot of bugs in this solution.

We have been using this solution for three years.

We have approximately 3,000 users and we have no plans to increase our usage at this time.

I am satisfied with the technical support.

We are also using Cisco Firewall products.

We have installed many firewalls and continue to do so on an ongoing basis. The biggest one took perhaps three months.

The price of this solution is too high.

This is a product that I would recommend. My advice to anybody who is implementing it is to make sure that you have full control over all of the features that you are using.

Overall, the features are very good but the price is too high.

I would rate this solution a seven out of ten.

Palo Alto has an approach that makes the configuration easier not only for the customers but also for the IT help for the customers. 

In terms of what needs improvement, Palo Alto is lacking abilities that other firewalls can do. They disable the current sessions when you think the hardest part is done. They have a workaround for authentication, but then our clients just use the local database of the device itself.

Some of the small to medium businesses are using these features and it would be easier for us to upsell the product up to other networks. Palo Alto Networks is quite a bit higher when it comes to prices. They should implement the features that the other firewalls have.

In the next release, I would like for them to include a checkbox where the user could disable concurrent users of the portal.

I have been using Palo Alto Networks K2-Series for six months. 

When it comes to bug fixes, bugs will be fixed through a software upgrade or another fix.

Scalability is easy to do because we just have to know the number of users.

If I'm going to rate the support of Palo Alto, I would give it an 8 out of ten because they have good engineers, but sometimes I think that they take too long to respond to my queries. But most of them are very good.

The initial setup is easy. I have very little knowledge really in procedures, but I could connect to the internet and it was easy to follow when initially configuring the firewall.

The time to configure will depend on the client. If the client is just a small to medium business it will only take a day or two to configure it.

My advice to someone considering this solution would be that it's okay to spend a bit higher on your security products because Palo Alto is a bit more expensive than other products, but it is definitely worth it. The granularity of Palo Alto gives you more control over the security of your network.

I would rate this solution an eight out of ten. 

We use the solution to protect our network perimeter because we have some software products that have internet connectivity.

The most valuable features are the intuitive user interface, ease of use, and reporting.

They could improve by providing more features in the solution.

I have been using this solution for approximately one year.

The solution is stable. I have never had an issue using this solution since I started using it. I have not had any restarts or other troubles.

The solution is scalable but it depends on the hardware being used.

I have not needed to use the technical support since we have not had an issue.

The initial setup is easy.

I did the implementation myself.

The price of the solution is expensive. They should provide more features to match the high price of the solution.

I have evaluated Cisco and Fortinet firewalls solutions.

I would recommend this solution.

I rate Palo Alto Networks K2-Series a seven out of ten.

K2-Series' best features include its scalability, which is the best on the market, and its continuous development of new technologies and features.

Palo Alto releases a lot of bug fixes for their firewalls, which means it's necessary to do frequent upgrades. They should work on decreasing their bugs so that upgrades aren't needed so often. They also don't always ensure that their upgrades are available for older firewalls.

I've been using K2-Series for two to three years.

Palo Alto's firewalls are the most stable on the market.

K2-Series is scalable.

Palo Alto offers two different types of support - partner-enabled and direct. The direct support is a bit expensive because it allows customers to open cases directly with Palo Alto techs. In contrast, the partner-enabled support goes to the ticket distributor, which can be time-consuming. In general, it can be hard to get answers from Palo Alto's support.

The initial setup of the firewall was easy and took between five and ten minutes. However, implementing DNS or IoT security or packing working features requires assistance from an integrator or professional service.

If you compare K2-Series' quality with its price, I think it is reasonable.

I would rate K2-Series nine out of ten.