Palo Alto Networks NG Firewalls Reviews

We have two 3000 Series Firewalls placed in our primary location. We have two sites and the secondary site uses the primary site for internet access. All traffic to the secondary location goes through a VPN tunnel. I'm a network administrator. 

The value of this solution for me is the protection from a single packet and ease of making security rules. It also doesn't require a special dedicated network team, I'm able to do it myself. It's a time saver for me and now in this pandemic period, users have access from home.  

I'd like to see some changes to the licensing policies and, on the technical side, improvement in scalability. It's not so easy to scale out your security capabilities. With the situation in business today, everybody lacks money and if you have to increase your resources and to constantly pay more for that, it becomes a problem. 

I've been using this solution for 10 years. 

It's been 10 years and I don't remember any outages because of a hardware failure or a logical error in configuration. We had problems with servers or switches initially but it works like a charm now. 

Scalability is the main disadvantage of Palo Alto. They call themselves a firewall with router capabilities but it's not a router and it requires a good bandwidth in VPN which could become a problem because you have to scale to really big hardware. We can solve the issue with other solutions, but for me the idea is to have less devices in your environment.
It's all about the hardware.  

The support is quite good. A couple of months ago, I sent an email with an issue and we got an answer in 15-20 minutes. In my experience, Palo Alto support is one of the best, maybe the best support available.

We previously used Juniper which is currently called Net Screen. I also looked at Sonic Wall. We carried out a proof of concept five years ago and they had to decide whether to go with Palo Alto or another vendor. 

For me, the initial setup is very easy. To get the device running with some capabilities but maybe not all security rules takes about an hour and it's the same for any upgrades. We have around 900 users and one admin person from our organization who deals with any issues. 

Palo Alto is an expensive solution, we currently have a three year contract. I'm not sure what our terms are. People always want cheaper, nobody wants to pay more. In our region, I think if Palo Alto was cheaper, more companies would buy the solution. 

I would absolutely recommend this product, it's expensive but I trust it. There is always room for improvement such as with scalability capabilities in Palo Alto. I know I'm not the only one who thinks this is an issue. It's possible that next time we will try virtualized firewalls, it may be a little cheaper for us. We would consider switching to something else but it would be a big move and quite complicated. Moving to a different vendor is a whole other story.

I rate this solution a nine out of 10. 

We are working on creating security policies on the firewall. We have just put GlobalProtect VPN in our company. We also have Prisma Access.

We have on-prem and hybrid cloud deployments.

It has strengthened our security policies and made our environment more secure. It has provided us more security features. Due to the rules that we have created on Palo Alto Firewall, all the malicious things have been stopped from coming into our environment.

The App-ID feature is the coolest feature because you don't need to open a new port. Apps are directly linked to the port. It provides one of the best ways to lock down the additional port switch.

Its software updates can be improved. It sometimes becomes very slow with the software updates for different features.

It should have an External Dynamic List of data. The malicious IP is not frequently getting updated in Palo Alto, and this should be done.

I have been using this solution for six years.

Its stability is good.

Its scalability is also good.

We were using Cisco ASA previously. Palo Alto has strengthened our security policies. It has also made our environment more secure than Cisco ASA.

Its initial setup is straightforward.

I would rate Palo Alto Networks NG Firewall an eight out of ten. It has been working very well.

We primarily use the solution for traditional firewalling. We use it for VPN connections -  especially now that people are doing work from home. This solution is our VPN gateway.

The solution has a lot more features than other firewall solutions, including Cisco, which we also use. It's very rich. There's so much there and we don't use a lot of it, although it is nice to have the option.

The solution itself is very user-friendly and quite easy to use.

You just need a web browser to manage it, unlike Cisco, which requires another management system.

The solution is quite stable.

The initial setup is pretty straightforward.

The scalability is limited and depends on the size of the firewall that you will buy. 

The solution is very expensive. There are cheaper options on the market.

I've been using the solution for three years at this point. It's been a while. I have some good experience with it at this point.

The solution has proven itself to be quite stable. There are no bugs or glitches. It doesn't crash or freeze. It's reliable in terms of performance.

The solution can only scale according to the sizing that a company has purchased. It depends on the size of the firewall that you will buy. For example, right now, we have this firewall with 24, which means our scalability is limited to 24.

They do have higher-end models for companies that have planned for bigger deployments.

At this point, we have about 200 users and three admins.

We're happy to use it for our perimeter firewall and so we are not planning to change it anytime soon.

Technical support is okay. We have local vendor support. Whenever we have an issue, we contact them and they help us open a ticket with Palo Alto.

We use both Palo Alto and Cisco as our firewalls. We use them both at the same time.

The initial setup has the same amount of difficulty as, for example, a Cisco setup. Regardless of if it's Cisco or Palo Alto, it will all the same level of effort. However, the use cases will be different from one another.

That said, the whole process is pretty straightforward.

We have three admins on our team that can handle setup and maintenance responsibilities. 

The price of the solution is quite high, especially if you compare it to Cisco or Juniper.

The solution is subscription-based. Users can pay monthly or yearly. We pay on a yearly basis.

We are Palo Alto customers and end-users. We don't have a business relationship with the company.

We work with the 3000-series and tend to use the latest version of the product.

I would recommend the solution to other organizations if their budget supported buying it. Cost-wise, they are on the high side. 

Overall, on a scale from one to ten, I'd rate the solution at an eight. We've largely been satisfied with its capabilities. 

It is our edge appliance. We use it for our edge security, and we also use it for our VPN termination.

We're using an old version of this solution. At this moment, I'm looking at migrating away from Palo Alto.

The ease of use and the ease of configuration of our policies are the most valuable features.

Palo Alto could do better with integrating the Palo Alto Next-Gen Firewall with SD-WAN.

The biggest issue with Palo Alto is that they are expensive. They are very expensive for what they offer. They should improve their pricing.

I have been using this solution for six or seven years.

We have about a thousand users.

We have third-party support.

I used Cisco ASA.

Its installation was pretty straightforward. There were no problems there.

Deployment duration is difficult to tell because there is a whole world of planning and other things. It probably took a couple of days. You are, of course, always tweaking these things.

I haven't installed it here, but where I was before, we had two people doing it. I and a colleague did it ourselves.

It is expensive.

There are multiple firewalls out there. I am moving away from them because they are expensive, and they don't do what I want to do with them. I have plans of getting FortiGate instead.

I would rate Palo Alto Networks NG Firewalls a six out of ten.

We primarily use the product for web browsing and in order to protect some sites that we are publishing to the web internet.

The solution is very helpful in controlling spam.

The product offers very good web content control and various aspects of security.

The stability of the product has been good over the years.

The initial setup is very easy. Compared to Cisco or other solutions, Palo Alto is very easy to implement and administer. They are both very easy.

I can't recall a feature that was missing. It's a pretty complete solution.

The cost of the device is very high.

To buy license support is very slow. For renewing devices and products, it's slow in terms of contacting and activating upgraded devices.

I've been using the solution for four years at this point. It's been a while. We've been using it over the last 12 months as well.

The stability is excellent. It's reliable. We don't deal with bugs or glitches. It doesn't crash or freeze. Overall, it's been very good in terms of performance.

We have not proven the scalability yet. We're planning to extend our office within the next year or six months to eight months. We are buying some appliances for the process of extending our office.

Currently, around 1,000 people use this solution.

We've never been in touch with technical support. Having never dealt with them, I wouldn't be able to speak to how they are in terms of services.

We also use Barracuda and Cisco for certain aspects of security.

The initial setup is pretty straightforward. It's quite easy to implement.

The deployment takes about one week, or maybe a bit less, depending on the requirements. That includes both implementing and training.

Currently, two people are required for deployment and maintenance of the product

We implement the solution with our network team. We implement the solution ourselves. We don't need the help of integrators or consultants.

The pricing is quite high on Palo Alto.

On the lower end, it's likely to cost $15,000 for renovation and support.

We evaluated Cisco, Juniper, and Dell among other solutions before ultimately choosing this solution. Cisco can be complex in terms of device management compared to other options, for example. Cisco can be cheaper than Palo Alto, but that is not always the case.

I'm not sure which version of the solution we're using. We use a physical appliance.

We're using three different models, for the most part.

My company is an outsourcing company that deploys software and testing.

The solution is very user-friendly and easy to manage and administrate. For that reason, I would rate the product at a nine out of ten.

We use it for LAN users, internet access, and more. The NG Firewall has many functions like user control, access control for servers, natural controls based on applications, schedules, ports, RTs, and IPS functionality with antivirus or security functionality. We also use it to control internet access, traffic shaping for bandwidth control, and fraud prevention.

I like all the functions and features.

I think automation and machine learning can be improved to make bulk configurations simpler, easier, and faster. Scalability can also be better.

I've been working with NG Firewalls for six years.

Palo Alto Networks NG Firewalls is a stable solution.

I don't think Palo Alto and Fortinet firewalls are scalable. Only Cisco is scalable. For clustering, Cisco activity models like the 4000 model are better. For example, if the firewall is undersized due to expansion, you can cluster and add more appliances to the system.

I think Palo Alto has good support. Technical support helped me solve most of my issues very quickly. 

The initial setup depends on the client's infrastructure and the project's scope. 

If it's migration, Palo Alto has a great tool called the Expedition tool. It helps to migrate any firewall to the Palo Alto firewall. This process takes about a day, and it's very simple.

If it's a fresh installation, it depends on the number of policies you need to apply and the number of metrics. You can do it using the command line. You can do it easily and quickly, but it depends on how much the customers prepare. Sometimes the customer has no information to provide, and you struggle to get this information. Sometimes this process can take two to five days or take weeks. 

We implement and maintain Palo Alto Networks NG Firewalls for our customers.

Paul Alto is the most expensive solution in this category. The subscriptions and support are also expensive, but everything is included in the hardware, including the subscriptions.

If a customer is price-sensitive, I will go for Fortinet without a second thought. If customers are willing to invest in their data centers, I might go with Palo Alto and Cisco.

On a scale from one to ten, I would give Palo Alto Networks NG Firewalls a ten.

Normally, we use our firewall at the perimeter level. We are using Palo Alto Networks NG Firewalls as a firewall as well as using a few of their functionalities like the Vulnerability Protection, its IPS module. Additionally, we have remote VPN's on those firewalls, like GlobalProtect. So we are using all the features which are provided by Palo Alto.

The feature that I like the most is its IPS model, the WildFire model. I really like how the whole threat protection model functions, including the vulnerability and anti-spyware aspects. That is really awesome.

In terms of what could be improved, comparatively the price is very high. That would be the one thing. But technically-speaking, it's perfect.

I have been working with Palo Alto Networks NG Firewalls for around five years.

In terms of scalability, normally, we procure the devices based on the future perspective, so there should be a lot of scalability. We never face scalability issues with Next Generation Palo Alto Firewall - it comes with the scalability.

We have around 11,000 to 12,000 users across the globe.

Technical support is pretty good. We get a timely response. There will be plus/minus where we do not getting a response, but not regularly, just one or two cases among, let's say, 20 or 30. As far as my experiences with the tech support go, it's pretty good, very straightforward support. It's not like they're playing on the call and taking their time. It is really straightforward.

The initial setup depends on the office locations of the data center. If that particular firewall is part of the data center, then yes, it is a complex design as well as a complex traffic flow. But for normal office locations, it is pretty straightforward. So it is a mix depending on the location of where the particular firewall is going to be put.

I would recommend Palo Alto Networks NG Firewalls. If a company has the budget and wants to have the next generation of firewalls then they should go for the Palo Alto, because whatever state of features they provide, it's pretty awesome. But if there is a budget constraint there are several other products which give you similar kinds of features but with less cost.

On a scale of one to ten, I would give Palo Alto Networks NG Firewalls an 8.

Nothing is perfect. There are features that they should add. One of the features that I'm looking at is when it comes to the Vulnerability Protection. We are blocking the threats which are, by default, updated by the Palo Alto Threat Engine. Currently, there is no scope of manually adding the external database to the firewall so the firewall will convert that database to their own. This is currently not functional with the current version. There are a few functions that they could add that are available with other vendors. That's why I am giving the 8.

The most valuable features of this solution are all of the services it provides. 

The application layer to the hardware Layer is good, as are all layers it offers.

It's a very comprehensive solution.

The features should be built into the system. For example, it generates many logs with a lot of information that can be converted into security and business information and shown to the user. This is a time-consuming job.

I would like to see it provide us with intelligent information from the data that it captures, within the same cost.

I have been using this solution for two years.

It's a very stable product, so far.

It's very scalable. We have 300 users in our company.

Technical support is very good.

We have worked with various firewalls such as Check Point, Sophos, Cisco, and some unknown product names as well.

There are several things to consider before recommending a solution. It depends on the business requirements, the budget, and the complexity of the security needs.

I believe that Palo Alto is the best one, then Check Point and Sophos. Those are my three preferences.

Palo Alto and Check Point would be rated an eight out of ten and the others would be a seven out of ten.

The initial setup is complex, but it can be done.

The rollout takes a couple of weeks but you have to keep improving it every day.

Part of the setup was completed by me, with some help externally.

We have a subcontractor for maintenance.

This is an expensive product, as are the others of this type.

Know your business requirements, the features, the ease of use, and know what type of budget you have. These are the types of requirements to know before you use this product.

I would rate this solution an eight out of ten.