Palo Alto Networks NG Firewalls Reviews

We use this product as our perimeter firewall.

We have a lot of confidence in this solution.

The management options are good.

There are some options available in other firewall products that are not supported, so there is room for improvement in that regard.

Technical support could be faster.

The cost of this firewall could be cheaper.

We have been using the Palo Alto Networks NG Firewall for the past five years.

This is a stable product.

This next-generation firewall solution is scalable. We have more than 500 users and we plan to continue using it.

We have had experience with technical support and it is good, although they could be faster.

Our previous firewall did not have the next-generation capability.

The initial setup is straightforward. A typical installation takes one or two days.

We deployed this product on our own and one person is suitable for the deployment.

This is an expensive product and there is a subscription cost.

This is a good product and I recommend it.

I would rate this solution a nine out of ten.

I'm a network security engineer and we are platinum partners with Palo Alto. 

Initially, there were no application controls offered in the legacy firewall. Now you can log each and every application. It provides valuable control and is the main feature in addition to the security features they're currently offering. All the firewalls - Fortinet, Cisco, Palo Alto -  provide complete visibility and control over your network which you didn't previously have. Now you have user ID and you can implement URL filtering as well, there is control over your network. End user logging is far better with Palo Alto than Fortinet or Cisco, and it helps you to troubleshoot. I'd rate Palo Alto on top. It's comfortable and that's my experience. Cisco and Fortinet provide good services, but Palo Alto offers a very good product.

There will always be room for improvement. On a daily basis you get patches for everything. They build new features, apply new technologies and new applications which need to be integrated and with that you get bugs. There are always issues, whether it's hardware or software. 

I've been using this solution for five years. 

The product is generally stable but with each new update you need to get the OS bug fix. Any security device has a vulnerability which a hacker can exploit and you have to keep on patching.

I work on the system integrator side and work with multiple customers, and this is a scalable solution. 

The support level is good, but it depends on the region you're working from. In some countries, the support flexibility is very good. For others, you have different strategies. I'm in Pakistan and Palo Alto has a different strategy here in that they don't directly provide support. You have to add another vendor in between and open a case with them and if they can't resolve your query they activate to Palo Alto. In some countries, Palo Alto directly provides support and in others they can't be contacted directly. In a couple of scenarios, we got involved with an R&D team and told them there was a bug for our end users. Palo Alto escalated that case to an R&D team and they got it fixed in the following patches.

The initial setup is a very smooth process integrated with initial configuration. It's very easy. 

You could say that the cost is higher for Palo Alto, but they are a better product compared to the other principals. 

I work with Fortinet as well as Palo Alto. Palo Alto has very extensive logging that Fortinet doesn't offer. To get that with Fortinet you need to purchase FortiAnalyzer for reporting. The logging is so extensive in Palo Alto that you can generate a report and get an analysis on the same firewall. You don't need to procure anything else. The documentation of both Fortinet and Palo Alto is up to standard. They both have very extensive documentation for their products. Both of them offer the same level of knowledge base for their customers and are up to the mark. In terms of support, Fortinet and Cisco allow you to directly open a case and get an engineer on the line. Cisco follows the same model. I'm unable to do that with Palo Alto from Pakistan. 

I would rate this solution an eight out of 10.

We use this solution for WAN routing, NAT, VPN tunnels, granular security policies, URL filtering, antivirus, threat prevention, sandboxing, decryption, high availability, and reporting.

Palo Alto has improved traffic visibility, and the ability to manage it. With Palo Alto, we have more flexibility and our network is more secure. With our High availability pair, we have had no downtime for several years, since it was first put it in production. We have even changed boxes for new models during this time.

Palo Alto is easy to use, feature-rich, and it has good technical support. You can fetch users, so you have visibility by username, IP address, destination, application, and you can even define a custom application.

In the GUI, you can easily find blocked traffic and the reason for it.

The only thing that is a little strange is in Policy-Based Forwarding. When you delete and add a new rule, because of the one hundred rule limit, if the new rule has an ID that is greater than one hundred, even though you have fewer than that, it will not work. The same thing happens when you are renaming a rule. The new rule will have a new ID, so it is possible for it to be greater than one hundred. This can be easily fixed by using one command from CLI, but you have to be aware of it.

The technical support for this solution is good.

Our previous solution was open source, and not so easy to manage. We had a Linux Iptables firewall, Squid + DansGuardian proxy, and an OpenVPN server. We replaced all of these solutions with Palo Alto.

If you have some network experience then you can set it up on your own, with no setup costs. Don't buy a device with more power than you really need, because licensing depends on the cost of the box you have.

We evaluated Sophos, SonicWall, and Fortinet.

PA is a product that continuously improves, so, I have nothing to add in terms of features.

My advice is not to look for a cheaper solution, as the price/performance ratio on Palo Alto is great.

We primarily use the solution as security - as a next-generation firewall.

The application control portion of the solution is its most valuable aspect.

The malware protection on offer is excellent.

The initial setup is very easy.

We found the scalability to be quite good.

The stability is excellent.

Technical support is great.

The interface is very user-friendly.

Either the application or the vendor needs to provide a more updated list of internet applications.

The price of the solution is very high.

We've been dealing with the solution for about three or so years at this point. It's been a while now.

The solution has been extremely stable. There are no bugs or glitches. It doesn't crash or freeze. It's very reliable.

We tend to work with enterprise-level organizations.

The scalability is quite good. If a company needs to scale, it can do so with ease.

We found the technical support to be quite good. They are helpful, knowledgeable, and responsive. We have no complaints. We are very satisfied with the service they provide to us.

We also work with Fortinet.

I'd likely recommend Palo Alto over Fortinet as I find Palo Alto to be more user-friendly. The performance is also very good.

We found the initial setup to be very simple and straightforward. It was not overly complex or difficult. A company shouldn't have any trouble implementing the solution.

The deployment is also very quick. It only takes about ten to 15 minutes or so.

The cost, overall, is pretty expensive.

We are a Palo Alto partner. We are a systems integrator.

I'd recommend the solution. If a company has the budget, I would suggest the product to them. If a customer has a more limited budget, however, I would highly recommend Fortinet as an option.

I'd rate the solution at an eight out of ten.

We are a system and development company, and we sell this solution and many other solutions to our customers. 

We work on all the models, not a specific one. The model depends on the sizing. We also consider future expansion of a customer's environment for deploying a model.

In general, its performance and ease of use are the most valuable. Its performance is good, stable, and reliable. The user interface is friendly and easy to use. Customers find it easy to work with and easy to learn.

They can work on the price. They are a little bit expensive, and not all customers are able to afford this solution. Taking into consideration that there is huge competition in the market and there are multiple firewall companies that are much cheaper than them and offer almost the same features, it would be good to improve the price.

I have been using this solution for three to four years.

It is stable.

It is scalable. They offer multiple platforms, such as hardware appliances as well as virtual appliances. You can deploy as many virtual appliances as you want. Palo Alto supports the latest technologies, such as micro-segmentation, and NSX integration with Nutanix Acropolis Hypervisor. They offer multiple options to cover almost every deployment scenario and architecture for most of the customers.

I don't deal with the technical support team because I am a presales person. Our technical support team handles the tickets and open tickets for support.

The initial setup is not that easy. Deployment duration depends on the complexity of the solution, that is, how many firewalls will be installed, and are there any sorts of integrations or any other solution. It also depends if it is just a single box deployment or there is an extra box or two boxes. It might take one week to two weeks depending on the environment, the complexity of the data center, and the complexity of the integration with other technologies. It may take one month or more if the implementation is huge, and there are multiple boxes to be implemented and to be integrated with other solutions.

It is a little bit expensive.

I would recommend this solution based on a customer's requirements. I sell solutions from a lot of firewall vendors. I have the flexibility to recommend based on the budget of a project. I would recommend Palo Alto or any other vendor if the environment and all the conditions are available and suitable for that deployment. A lot of times, we make POC or proof of concepts to show the customer the value of the products and how to deal with them to convince them to buy it.

I would rate Palo Alto Networks NG Firewalls an eight out of ten.

I am using the solution for protecting the network organization from threats.

The best features of this solution are URL filtering and traffic visibility.

The areas that need to improve are network protection and user identification.

In the next release of the solution the VPN could improve because it is not as good as competitors.

I have been using this solution within the past 12 months.

This solution is stable and reliable.

We have 10 employees using this solution in my organization. We are in the beginning phases of testing and will increase usage if the test phase results are favorable.

The technical support is responsive.

The initial setup was easy.

We are on an annual license for this solution. I am happy with the price and when comparing it to other solutions it is priced competitively.

I have evaluated Sophos firewalls and I found Palo Alto solutions better because of the protection and web filters.

I would recommend this solution to others.

I rate Palo Alto Networks NG Firewalls a seven out of ten.

We are a solution provider and one of the Palo Alto products that we implement for our clients is the Next-Generation Firewall. It is used to protect your workflows in cloud environments, be it Azure, AWS, or Google. It can also protect your applications' databases that are on-premises.

This firewall will scan the network for vulnerabilities and malware.

It can prevent unauthorized access to the network.

This solution has a DLP function.

They are regularly releasing new versions that include more integration with third-party services. Examples of services that have already been integrated are Splunk and two-factor authentication.

Having a better pricing model would make this product more competitive, and more affordable for our customers.

We have been dealing with next-generation firewalls from Palo Alto for more than five years.

So far, this solution has been stable.

The product is scalable and it can be integrated with third-party solutions.

We have many clients who are using this firewall.

The technical support from Palo Alto is good.

In terms of firewalls, we use Palo Alto, Cisco, and Fortinet FortiGate. 

The next-generation firewall can be installed either on-premises or in a cloud-based deployment.

The NG firewall is an expensive solution.

I would rate this solution a ten out of ten.

We use it for perimeter security.

Overall, it is a good solution. It is stable. We use URL filtering, which is useful for blocking undesired URLs.

Currently, they don't have email protection. They can maybe add it in the future. Currently, if you want to do so, you need to go with another solution.

I have been using this solution for two years.

Its stability is perfect. It has excellent stability.

With this kind of solution, you need to be careful in terms of planning because once you have the appliance, it is very difficult to scale too much. You need to carefully select the right appliances because if you need to run more services and traffic beyond the ones you have selected, you would have to replace the appliance. You would have to upgrade it. We currently have 100 users in our organization who use this solution.

We never had the need to open a support case. It never happened that something that was supposed to work was not working. If required, we can find the answers in the product documentation.

If you have the right experience, it is okay. It is not very easy, but if you know how to manage it and configure it, it is okay. It takes maybe 5 to 10 hours or a day.

I would advise others to go for it. They will not get disappointed. It is complex at the beginning because it has a lot of features, but this is something that you overcome with training. With training and experience, you can manage it.

I would rate Palo Alto Networks NG Firewall a nine out of ten.