Palo Alto Networks NG Firewalls Reviews

We use the firewall for securing the data center. We have designed it to be a two-stage firewall. We have a perimeter firewall which is not Palo Alto, and then the Palo Alto firewall which is acting as a data center firewall. We are securing our internal network, so we have created different security zones. And we assign each zone a particular task.

We have found the application control to be the most valuable feature. Also, Layer 7, because all other products are working up to the maximum capacity. But Palo Alto is benefiting us, especially in application control management. We are able to differentiate between Oracle traffic and SQL traffic.

The solution needs some management tool enhancements. It could also use more reporting tools. And if the solution could enhance the VPN capabilities, that would be good.

The solution is very stable, but I think the local providers have no sufficient products. We are looking for more support. 

The solution is very scalable. We are trying to increase usage. We are planning already to increase our internet center. We are planning to extend our users to around 1,500. Currently, we have about 700 users.

The local consultant support needs some improvement. External support is sufficient for us.

The initial setup was easy for us to implement.

We used a consultant for the deployment portion.

I would rate this solution 7 out of 10.

It is used for protection against attacks and it is very fast and reliable. We have a lot of use cases for it.

We are an implementation partner for Palo Alto. One of the companies we implemented its Next-Generation Firewalls for was previously using Barracuda. A ransomware attack happened and they lost all their backup data, and their configuration. Once we implemented Palo Alto for them, there were similar attacks but they were blocked.

Along with Prisma, it helps in preventing a lot of attacks, especially Zero-day attacks.

The sandboxing is valuable and they are frequently updating their signature database. We get new updates every five minutes. That makes it easy to detect new and unknown attacks.

The configuration part could be improved. It's very difficult to configure. It doesn't have a user-friendly interface. You have to know Palo Alto deeply to use it.

Also, it doesn't support open-source protocols like EIGRP. We had to find another solution for that.

I've been using Palo Alto Networks NG Firewalls for the last six years.

Palo Alto suggests version 9.1.7 for stability. When new features come out, things are not as stable.

It's scalable. I recommend it for its scalability.

We generally deploy these firewalls into larger environments, but the PA-400 series is affordable.

There are problems with the technical support. When we are facing an attack, it's very difficult to get a hold of people from the TAC. It's not like Cisco, especially in India. There are very few members of Palo Alto TAC in India. Sometimes we get support from people in other countries.

Neutral

The initial deployment of these firewalls is very complex. The registration is a very difficult task. You have to go to the partner portal to register and it's not user-friendly. All the other solutions are not like that. With Juniper, for example, it's very easy to handle their portal.

The deployment time depends on the customer environment but it normally takes around three weeks. Our implementation strategy is to first understand the network we are dealing with and how we can deploy Palo Alto.

The pricing for Palo Alto is very high. The price difference with other vendors is huge because Palo Alto has been the market leader for the last five or six years, and they have a reliable product. Everybody knows Palo Alto, like Cisco routing and switching. It's likely that only enterprise-level customers can afford this kind of firewall.

Palos Alto's firewalls have machine learning software and sandboxing. Everything is one step ahead of all the competitors.

Still, almost all vendors provide the same things. They call their technologies by different names, but that's the only big difference in features.

According to the industry reviews Palo Alto has been the market leader for the last five or six years. They have better technology and the hardware is also good. It's the pricing and user interface where there are issues. Apart from them, everything is fine.

It is our edge appliance. We use it for our edge security, and we also use it for our VPN termination.

We're using an old version of this solution. At this moment, I'm looking at migrating away from Palo Alto.

The ease of use and the ease of configuration of our policies are the most valuable features.

Palo Alto could do better with integrating the Palo Alto Next-Gen Firewall with SD-WAN.

The biggest issue with Palo Alto is that they are expensive. They are very expensive for what they offer. They should improve their pricing.

I have been using this solution for six or seven years.

We have about a thousand users.

We have third-party support.

I used Cisco ASA.

Its installation was pretty straightforward. There were no problems there.

Deployment duration is difficult to tell because there is a whole world of planning and other things. It probably took a couple of days. You are, of course, always tweaking these things.

I haven't installed it here, but where I was before, we had two people doing it. I and a colleague did it ourselves.

It is expensive.

There are multiple firewalls out there. I am moving away from them because they are expensive, and they don't do what I want to do with them. I have plans of getting FortiGate instead.

I would rate Palo Alto Networks NG Firewalls a six out of ten.

We're basically an MSSP service provider. We use this solution as a network firewall for URL filtering, IPS, and IDS proxy services.

The Unified Threat Management (UTM) module, which consists of the basic firewall and IPS services, is what the majority of our customers use in Palo Alto Firewall.

Its scalability for on-prem deployments can be better. For an on-prem deployment, the hardware has to be replaced if the volume goes up to a certain level.

We have been using this solution for a couple of years.

It is stable.

It is much more scalable in a cloud deployment, but for an on-prem deployment, the hardware has to be replaced if the volume goes up to a certain level.

We have very few customers of this solution. We probably have five to ten customers.

Their technical support is very good. It is more often the AMC support that we have to take. 

It is fairly easy. We're not seeing many challenges in these installations. The complete installation can take a lot of time because we have to configure all the policies and other things. After the hardware is installed and the network is connected, you need one or two people for configuring the policies for use cases.

After the hardware and software are procured, it is the AMC support that has to be renewed yearly.

We plan to keep using this solution depending on the customers' needs. We also have a cloud-based platform on Fortinet, and we provide it as a service.

I would rate Palo Alto Networks NG Firewalls an eight out of ten.

We use it as a firewall. We have VPN, IPSec, or site-to-site VPN. We also protect our few internal web services. 

Everything is easy in Palo Alto Networks NG Firewall. It is very stable, easy to configure, and easy to upgrade. It is also very easy to create custom policies and applications. Everything can be done with the click of a button. 

It is also good for the protection of web services. Nowadays, they have a rather new DNS security feature, which is pretty good and functional. We did a one-month trial, and it is the best product for the firewall network.

Its price can be improved. It is expensive.

Other vendors have pre-configured policies for the protection of web servers. Palo Alto has an official procedure for protecting the web servers. Many people prefer pre-configured policies, but for me, it is not an issue. 

I have been using this solution for almost six years.

Our version is not scalable. The new version is scalable on the network interface. It comes with slots where you can put your SFP if you want a fiber or copper. 

We have almost 600 users who use it for accessing the internet. We have about 50 to 70 VPN connections.

I didn't contact them because I don't get any technical issues with any feature of the firewall. I didn't have the need to open a case. If I have any issue, I am able to resolve it by using my cell phone and taking help from the internet. 

I was using Check Point before Palo Alto. I am very disappointed with Check Point because I had to reboot power three to five times a week. Palo Alto Networks NG Firewall is comparatively very easy to manage and use. It has better logic for configuration than other firewalls.

The initial setup was straightforward. When I migrated from Check Point to Palo Alto Networks NG Firewall, it took about an hour and a half to reconfigure all policies and services.

I deployed it myself. The logic is very easy when you configure it. I did 90% percent of deployment on my own. For the remaining 10% deployment, I found the information on the internet. 

I am the only user working on this firewall. I am a system administrator.

It is a little bit expensive than other firewalls, but it is worth every penny. There are different licenses for the kinds of services you want to use. When we buy a new product, we go for a three-year subscription.

We have not had any issue with this solution. I really hope that we continue to use this solution. Its price is higher than other solutions, and the company might go for another firewall.

I would recommend this solution to other users. I would rate Palo Alto Networks NG Firewalls a nine out of ten.

We deploy and provide support for this solution to our customers. The use case depends on customer requirements because Palo Alto Next Generation Firewall can be used as a data center firewall, perimeter firewall or on the cloud for a perimeter firewall or used with communications. Some customers use it for global protect connectivity. I am a senior network engineer and we are partners with Palo Alto Networks. 

The best feature of this solution is the GlobalProtect, followed by the App-ID feature which is very good. I also like the VMS feature. 

They've improved a lot of things but we'd like to see more mobility between on-prem and cloud based. I'd also like to see security synchronization between the firewalls. Managing can be difficult. 

I've been providing this solution for over two years. 

There are occasionally issues with reporting, otherwise stability is fine. 

The scalability of this solution is fine. 

Technical support is fine, although sometimes there have been delays. From a technical perspective, they are knowledgeable. 

Now that I have some experience with it, the initial setup is simple. If it's being deployed on-prem, deployment takes a couple of days. But if it's a cloud deployment, we can complete deployment in a day. 

Palo Alto is more expensive in comparison to Fortinet and other firewalls. It's okay because they do provide quality. 

I would recommend this firewall still. Our system integrates well but it depends on customer requirements so we sometimes choose to go with an alternative firewall.

I would rate this solution an eight out of 10. 

We are working on creating security policies on the firewall. We have just put GlobalProtect VPN in our company. We also have Prisma Access.

We have on-prem and hybrid cloud deployments.

It has strengthened our security policies and made our environment more secure. It has provided us more security features. Due to the rules that we have created on Palo Alto Firewall, all the malicious things have been stopped from coming into our environment.

The App-ID feature is the coolest feature because you don't need to open a new port. Apps are directly linked to the port. It provides one of the best ways to lock down the additional port switch.

Its software updates can be improved. It sometimes becomes very slow with the software updates for different features.

It should have an External Dynamic List of data. The malicious IP is not frequently getting updated in Palo Alto, and this should be done.

I have been using this solution for six years.

Its stability is good.

Its scalability is also good.

We were using Cisco ASA previously. Palo Alto has strengthened our security policies. It has also made our environment more secure than Cisco ASA.

Its initial setup is straightforward.

I would rate Palo Alto Networks NG Firewall an eight out of ten. It has been working very well.

We use it to control what users may access internally and externally, which covers everything. We are using its latest version. The model that we are using is 3220.

Its flexibility is the most valuable.

Its price can be better. They should also provide some more examples of configurations online.

I have been using this solution for one and a half years.

It is very stable.

We haven't scaled it because if you want to scale it upwards, you have to change the firewall.

I have sometimes used the local support here in Norway. That has been okay. There are no problems.

I have tried Sophos, Cisco, and FortiGate. This is the best firewall.

The initial setup is easy. There is good documentation for this.

Its price can be better. Licensing is on a yearly basis.

I would rate Palo Alto Networks NG Firewalls a ten out of ten. It is the best solution I have tried. I am happy with this solution.