Palo Alto Networks NG Firewalls Reviews

We use Palo Alto Networks NG Firewalls to manage the villains. Basically, to protect the environment. 

I like that they are more stable than the previous ones, and they allow a lot of other features.

It would be better to have more tools to control Palo Alto Networks NG Firewalls. We don't have too many tools to access Palo Alto. For example, the IT team doesn't have access to it. We can see it physically and see if it's running or not. We need to contact a special team to receive that information. I would also like to see more reporting in the next release.

I have been using Palo Alto Networks NG Firewalls for two years.

Palo Alto Networks NG Firewalls is stable.

Palo Alto Networks NG Firewalls is scalable. We have about 250 people using it at our hotel.

We use Trustwave, a company that provides the devices. We have an agreement with them, and we're satisfied with the support.

We used to use Juniper and Fortinet.

The initial setup is pretty much straightforward. It takes us about two hours to set up and deploy this solution. It takes a team of two guys to deploy and maintain this solution.

I would recommend this solution to new users.

On a scale from one to ten, I would give Palo Alto Networks NG Firewalls a nine.

We use it for security purposes.

Palo Alto Networks NG Firewalls enable efficient application search, viewing, and configuration access across various services for different user groups within our company.     

The only downside of Palo Alto Networks NG Firewalls, in my opinion, is the relatively higher price compared to Cisco FortiGate. This is especially noticeable when deploying basic configurations and considering the cost of licenses.

I have used the solution for the past few years.

In terms of stability, the user rates it a nine out of ten.

I would rate it 10 out of 10. The current user base for Palo Alto Networks NG Firewalls in the environment is one thousand users. Plans are in place to increase usage in the future, particularly with the intention to upgrade for higher speed.

The experience with tech support is positiveand they have found support helpful in addressing network issues.

Positive

Before adopting Palo Alto NG Firewalls, no other tools were used.

I cannot rate the ease of configuration on a scale from one to ten for Palo Alto Networks NG Firewalls. The configurations are diverse, and it's challenging to determine a specific rating, but I find them somewhat similar and not particularly helpful.So, the deployment process for Palo Alto NG Firewalls takes about one month. This duration is due to the various steps involved in the deployment, each of which can be completed within a business day. The complexity arises from the need to connect with numerous clients and services, considering the continuous operation of the business.

In terms of price, the user finds it expensive, rating it around nine.

The overall recommendation is positive, emphasizing ease of deployment, understanding features, and suitability for the company's needs. I give Palo Alto Networks NG Firewalls a perfect rating of ten.

We have had a couple of big projects with government companies here in Ukraine. One of those projects involved three data centers with a lot of security and network requirements, and we implemented Palo Alto as part of this project.

The use case was to build the new data centers with a firewall that would not only work on the perimeter but also for internal traffic. We deployed eight PA-5200 Series firewalls and integrated them with VMware NSX, and they're working together.

One of the points that helped us win the tender is that Palo Alto NG Firewalls embed machine learning in the core of the firewall to provide inline, real-time attack prevention. The customer's security team was asking for this feature from the firewalls because machine learning makes things much easier than manually sitting there with some kind of SIEM and searching for all kinds of attacks and critical issues. The machine learning is really helpful because it's doing the work automatically.

We had a small project with the PA-800 Series appliance where we implemented DNS Security. DNS Security is a good feature because, in the real world with web threats, you can block all web threats and bad sites. DNS Security helps to prevent those threats. It's also very helpful with Zero-day attacks because DNS Security blocks all DNS requests before any antivirus would know that such requests contain a virus or a threat to your PC or your network.

In general, Palo Alto NG Firewalls are 

• easy to manage
• good, reliable appliances
• easy to configure.
  

They also have a good balance between security and traffic. They have good hardware and, for management, they have their own data plane. If traffic is really overloading the data plane, you still have the ability to get into the management tools to see what's going on. You can reset or block some traffic. Not all firewalls have that feature.

They have really good clients, such as a VPN client. You can also enforce security standards on workers in the field. It's a really good product. And now, for endpoint security, they have Cortex XDR. You use the same client, but with additional licenses that enable more features.

The only area I can see for improvement is that Palo Alto should do more marketing.

We work with customers, but we are not using the solution ourselves.

The scalability is really good because they have a chassis version of appliances. They plan to build new chassis. But for the really big projects here in Ukraine, we can easily cover what we need with the PA-8000 Series with Palo Alto chassis appliances.

In our project with the three data centers, each data center was able to process 40 gigs.

First-level support is provided by our distributor Bakotech. They are technical guys and they really know the product. Unlike some support providers who just send you manuals to ready, they're really helpful. You can call them at any time and they get back to you shortly and help.

The initial setup is really easy. If you're working with Palo Alto Panorama, which is their management server, it's very easy to deploy a lot of appliances in a couple of days, because you're just sending out the configuration and templates on a blind device. In a couple of hours that device is working like the rest.

Another valuable aspect of Palo Alto NG Firewalls is that the appliances and software are really reliable in terms of stability and performance. Some firewall vendors don't write real information on their datasheets and, after implementing them, you see that the reality is not the way it was described. For example, when it comes to threat prevention and how much traffic appliances can handle, there was a project where we beat another vendor's firewall because Palo Alto has the real information on its datasheets.

I have some experience with Cisco, on a small project but there was a somewhat older software version, and there was a lot of lag. When changing something in the configuration, once you pushed "commit" you could go have a coffee or do other stuff for 20 minutes or more, because it took a really long time to push that configuration to the device.

If a colleague at another company said to me, "We're just looking for the cheapest and fastest firewall," I would tell them that the cheapest is not the best. If you need really reliable hardware and software, and don't want headaches after the implementation, just buy Palo Alto.

The PA-400 is really strong and not only for SOHO or SMB companies. They have a really big throughput with Threat Prevention and DNS Security enabled. It's a really good appliance in a small size. But it's not only for small companies. The PA-460 can easily handle the traffic of a midsize company, one with 100 or 200 employees, and maybe even a little more. The PA-460 can handle about 5 gigs of traffic. With Threat Prevention, they can handle 2.5 gigabytes of traffic. For a regular office, that's good. It might be a little small for big companies.

Regarding DS tunneling, it is mostly peer-type attacks. With tunneling, it depends on what type of tunneling is used. You need to look at the specific case, at things like whether it was an internal DNS tunnel or one from the outside to the inside between branches. Most of the time, you can see that kind of traffic with a firewall if you have enabled full logging and you drop the logs into a good SIEM, like ArcSight or others. You will see the anomaly traffic via tunnels. You can also switch on decryption so you can decrypt a tunnel and see what is going on inside.

We have had no issues from our customers who are working with Palo Alto NG Firewalls. They fully cover all our customers' needs.

We primarily use the product for web browsing and in order to protect some sites that we are publishing to the web internet.

The solution is very helpful in controlling spam.

The product offers very good web content control and various aspects of security.

The stability of the product has been good over the years.

The initial setup is very easy. Compared to Cisco or other solutions, Palo Alto is very easy to implement and administer. They are both very easy.

I can't recall a feature that was missing. It's a pretty complete solution.

The cost of the device is very high.

To buy license support is very slow. For renewing devices and products, it's slow in terms of contacting and activating upgraded devices.

I've been using the solution for four years at this point. It's been a while. We've been using it over the last 12 months as well.

The stability is excellent. It's reliable. We don't deal with bugs or glitches. It doesn't crash or freeze. Overall, it's been very good in terms of performance.

We have not proven the scalability yet. We're planning to extend our office within the next year or six months to eight months. We are buying some appliances for the process of extending our office.

Currently, around 1,000 people use this solution.

We've never been in touch with technical support. Having never dealt with them, I wouldn't be able to speak to how they are in terms of services.

We also use Barracuda and Cisco for certain aspects of security.

The initial setup is pretty straightforward. It's quite easy to implement.

The deployment takes about one week, or maybe a bit less, depending on the requirements. That includes both implementing and training.

Currently, two people are required for deployment and maintenance of the product

We implement the solution with our network team. We implement the solution ourselves. We don't need the help of integrators or consultants.

The pricing is quite high on Palo Alto.

On the lower end, it's likely to cost $15,000 for renovation and support.

We evaluated Cisco, Juniper, and Dell among other solutions before ultimately choosing this solution. Cisco can be complex in terms of device management compared to other options, for example. Cisco can be cheaper than Palo Alto, but that is not always the case.

I'm not sure which version of the solution we're using. We use a physical appliance.

We're using three different models, for the most part.

My company is an outsourcing company that deploys software and testing.

The solution is very user-friendly and easy to manage and administrate. For that reason, I would rate the product at a nine out of ten.

Normally, we use our firewall at the perimeter level. We are using Palo Alto Networks NG Firewalls as a firewall as well as using a few of their functionalities like the Vulnerability Protection, its IPS module. Additionally, we have remote VPN's on those firewalls, like GlobalProtect. So we are using all the features which are provided by Palo Alto.

The feature that I like the most is its IPS model, the WildFire model. I really like how the whole threat protection model functions, including the vulnerability and anti-spyware aspects. That is really awesome.

In terms of what could be improved, comparatively the price is very high. That would be the one thing. But technically-speaking, it's perfect.

I have been working with Palo Alto Networks NG Firewalls for around five years.

In terms of scalability, normally, we procure the devices based on the future perspective, so there should be a lot of scalability. We never face scalability issues with Next Generation Palo Alto Firewall - it comes with the scalability.

We have around 11,000 to 12,000 users across the globe.

Technical support is pretty good. We get a timely response. There will be plus/minus where we do not getting a response, but not regularly, just one or two cases among, let's say, 20 or 30. As far as my experiences with the tech support go, it's pretty good, very straightforward support. It's not like they're playing on the call and taking their time. It is really straightforward.

The initial setup depends on the office locations of the data center. If that particular firewall is part of the data center, then yes, it is a complex design as well as a complex traffic flow. But for normal office locations, it is pretty straightforward. So it is a mix depending on the location of where the particular firewall is going to be put.

I would recommend Palo Alto Networks NG Firewalls. If a company has the budget and wants to have the next generation of firewalls then they should go for the Palo Alto, because whatever state of features they provide, it's pretty awesome. But if there is a budget constraint there are several other products which give you similar kinds of features but with less cost.

On a scale of one to ten, I would give Palo Alto Networks NG Firewalls an 8.

Nothing is perfect. There are features that they should add. One of the features that I'm looking at is when it comes to the Vulnerability Protection. We are blocking the threats which are, by default, updated by the Palo Alto Threat Engine. Currently, there is no scope of manually adding the external database to the firewall so the firewall will convert that database to their own. This is currently not functional with the current version. There are a few functions that they could add that are available with other vendors. That's why I am giving the 8.

The most valuable features of this solution are all of the services it provides. 

The application layer to the hardware Layer is good, as are all layers it offers.

It's a very comprehensive solution.

The features should be built into the system. For example, it generates many logs with a lot of information that can be converted into security and business information and shown to the user. This is a time-consuming job.

I would like to see it provide us with intelligent information from the data that it captures, within the same cost.

I have been using this solution for two years.

It's a very stable product, so far.

It's very scalable. We have 300 users in our company.

Technical support is very good.

We have worked with various firewalls such as Check Point, Sophos, Cisco, and some unknown product names as well.

There are several things to consider before recommending a solution. It depends on the business requirements, the budget, and the complexity of the security needs.

I believe that Palo Alto is the best one, then Check Point and Sophos. Those are my three preferences.

Palo Alto and Check Point would be rated an eight out of ten and the others would be a seven out of ten.

The initial setup is complex, but it can be done.

The rollout takes a couple of weeks but you have to keep improving it every day.

Part of the setup was completed by me, with some help externally.

We have a subcontractor for maintenance.

This is an expensive product, as are the others of this type.

Know your business requirements, the features, the ease of use, and know what type of budget you have. These are the types of requirements to know before you use this product.

I would rate this solution an eight out of ten.

Solutions like firewalls and routers improve any company. If you don't have them, then I wouldn't be doing business with you. 

Palo Alto has embedded machine learning in the core of the firewall to provide inline, real-time attack prevention. That's big. We're embedding that type of security and information into every part of our corporate network as well as our products.

It has helped to reduce downtime in our organization. The savings are probably in single digits.

I typically get involved with it when it comes to audit and compliance and having to gather evidence of those firewalls, routers, and rule sets. The evidence that I typically need is there.

We got a lot of integrations into it, but I don't know if it integrates with all.

I don't deal with it from a day-to-day perspective, but I can say that the evidence that I typically need is there, but sometimes, it's a task to actually get it and pull it out. They can make it easier to gather that evidence. From our NetOps team's perspective also, they can make it easier to manage and constantly update those rule sets.

I don't know for how long exactly we have been using this solution, but I've been aware that we've had them probably since about 2016 or 2017.

It's very stable. They are highly ranked within their space.

It's a good product for securing all types of workplaces. It's specifically good for data centers, which are all brick-and-mortar houses. Small businesses must also have it because they don't have the ability to have everything in a cloud or virtualized firewalls and other things like that.

I haven't dealt with their support team.

I was not involved in its initial deployment.

I am able to gather some of the evidence and things that I need. Our NetOps team uses it heavily, and they love it.

I would assume that it's still within mid-range given its company structure and everything else. My guess is it's still okay.

To someone at another company who says, “We are just looking for the cheapest and fastest firewall,” I would say that you just lost the customer because I'm not going to do business with somebody who is going for the cheapest. I'm always looking for a vendor or customer that has more input and cares about the security of their systems.

The value received from attending an RSA Conference includes prizes and other things, but on a personal level, I love the tech talks, knowing about a lot of industry changes, and different product solutions being showcased.

RSAC definitely has an impact on our organization’s cybersecurity purchases made throughout the year. One of my main roles is vendor due diligence, so I come to RSA quite often, and I have conversations with many different sales engineers who can explain the security of their products because that's what I focus on during our onboarding process. 

Overall, I would rate this solution a seven out of ten.

We use Palo Alto Networks NG Firewalls with Prisma and cloud environments.

As a firewall, it effectively protects our environment from threats.

In general, I appreciate the regular firewall function of the Palo Alto Networks NG Firewall.

Overall, it is a good networking device product.

From my perspective, having machine learning integrated into the core of the Palo Alto NG Firewalls is very important for enabling real-time attack prevention.

As far as I know, the use of Palo Alto Networks NG Firewalls has resulted in reduced downtime, but I am not directly involved with that department.

One main issue I've encountered is customer service. Occasionally, when I open a request, it gets closed automatically, without any explanation, leaving me unsure of what happened to it. However, overall, the product itself works well. As for Prisma Cloud, it could benefit from some additional functionality, but the main issue is the lack of communication regarding closed requests.

There is room for improvement in the area of customer service.

I have had experience working with Palo Alto Networks NG Firewalls for three or more years.

The stability of Palo Alto Networks NG Firewalls is good.

Technical support is lacking. I would rate the technical support a seven out of ten.

Neutral

Previously, we worked with Cisco Secure Firewall.

We switched to Palo Alto Networks NG Firewalls because it was a good deal for the company.

I was not involved in the deployment.

Another team was responsible for running the proof of concept.

I don't have any knowledge or experience regarding the unified platform and native integration of all security capabilities provided by Palo Alto Networks NG Firewalls.

Based on my experience, evaluating the security solution for all workplaces from the smallest office to the largest data centers cannot be assessed by a single path. However, in general, the solution is performing its intended job well.

I would rate Palo Alto Networks NG Firewalls an eight out of ten.

Attending the RSA conference provided me with an enormous amount of knowledge on various topics such as new technologies, and threats in different environments, including cloud and on-premises. Which impacts my purchase throughout the year afterward.

One of our objectives is to search for new solutions, whether to replace current ones with more modern options or to explore new sandboxes, technologies, and vulnerabilities.