Palo Alto Networks NG Firewalls Reviews

Our primary use case is protecting our clients from remote threats on the internet. These firewalls are very powerful and important for our business.

With single-pass architecture, there isn't a trade-off between security and network performance. The device functions well in terms of both security and network performance together.

One of the most valuable features of Palo Alto Networks NG Firewalls is application symmetries. I like this feature.

Also, the embedded machine learning in the core of the firewall means the device learns about threat types. The machine learning also enables the solution to secure networks against threats that evolve rapidly.

The solution also provides a unified platform that integrates all security capabilities, which helps prevent external attacks, and eliminates the need for multiple network security tools and the effort needed to make them work together.

I have been using Palo Alto Networks NG Firewalls for about six years.

The stability is good. It's a very stable device. That is the biggest lesson I have learned from using them.

The scalability is very good. If our customer has distributed networks, Palo Alto is a good solution.

In general, the solution is good for midsize companies, between 100 and 2,000 users.

We plan to increase our usage of Palo Alto Networks NG Firewalls in the future.

I rate the technical support highly. Palo Alto's technical team is very helpful and provides fast solutions.

We previously used Palo Alto Cortex. We switched because the NG Firewalls are very stable, flexible, and more powerful.

The initial setup is easy. The initial config takes one or two hours. After that, the time needed depends on the customer's requirements.

For mid-sized networks, the solution requires two to three people for deployment and maintenance. But in our company, we manage with one person for everything.

My responsibilities are on the technical side, but the price is expensive, especially in Turkey, where I am located. The exchange rate of the dollar against the Turkish lira is very high, making Palo Alto very expensive in our country.

Palo Alto is very expensive compared to other vendors, like Fortinet.

In addition to the standard fees, there is an extra cost for a GlobalProtect License, and that is something we generally need.

If a colleague were to say they are just looking for the cheapest and fastest firewall, I don't know what I would say if they don't have the budget. But if they have a budget, I would recommend Palo Alto because, while another solution may be cheaper, it could be more expensive in total if you consider the potential loss of business continuity and reputation.

And while I don't use the PA-400 series, I know it sells well because the higher series are very expensive, and the 200 series is very slow and less powerful. The PA-400 series is good.

Our primary use case is to provide our clients with an internet gateway. 

The best feature is the packet inspection; compared to solutions like Cisco and FortiGate, Palo Alto's packet inspection is much less CPU intensive, allowing it to detect threats embedded within packages more quickly and efficiently. 

Palo Alto Networks NGFW provides a unified platform that natively integrates all security capabilities; it's easy to integrate with other platforms, and we never faced any issues doing so.  

Using Palo Alto Networks NGFW's unified platform, our clients have eliminated multiple network security tools and the effort needed to get them to work together.

The solution doesn't support routing in virtual firewall creation, and we want that to be enabled. 

We've been involved with Palo Alto Networks since 2008 and are a reseller, so we implement the solutions for our clients.

The solution is very stable; we don't have any problems with the stability. 

The product is very scalable. Most of our customers are enterprise-sized financial institutions with over 3,000 branches. 

Palo Alto Networks doesn't directly support Pakistan but rather through distributors. Out tickets go to the distributors, which are then forwarded to Palo Alto.

Neutral

The initial setup is very straightforward; we can complete it three to four hours after activating the licenses.

The product is expensive. With one being the cheapest and ten being the most expensive, I give it an eight.

I rate the solution nine out of ten. 

Palo Alto Networks NGFW is an excellent solution; 90% of the financial institutions in Pakistan use it as their ultimate gateway. 

People are just starting to get into machine learning in Pakistan, so we're not 100% sure of its capabilities and potential. I believe machine learning becomes more efficient in a cloud environment than a hybrid one, though I have yet to research this thoroughly.

To a colleague at another company who says they want the cheapest and fastest firewall, Palo Alto Networks provides an expensive solution, but you can't compromise on security. You can buy the most inexpensive firewall, but you'll have to purchase add-ons and subscriptions to enable a complete security infrastructure in your organization. One solution for every situation that doesn't require any additional services is a better choice. 

I advise those considering the solution to understand where they want to deploy it in the organization, as a broad installation is best for internet gateways. Next, the sensitivity of the data is important; for a financial institution like a bank, I recommend Palo Alto NGFWs because of the quality of the security and machine learning.

We use it for our edge firewalls and our east-west and north-south traffic for our firewalls. We have also deployed each firewall to every site for our Layer 3 connections back to our data center.

Since we've integrated it into our east-west traffic and north-south traffic, I feel that it has reduced the number of viruses or other things in our endpoints. I wish to expand it more all the way to our endpoint computers so that we have end-to-end firewall security through Palo Alto.

It provides a unified platform that natively integrates all security capabilities. This is very important to me because I'm in IT infrastructure. I take care of the entire operations network and everything that flows north and south, east and west, and inside and out of our data center. It's very important that we have Palo Alto to protect us.

It embeds machine learning in the core of the firewall to provide inline, real-time attack prevention. When any packet comes through the network, everything is like a first pass. It goes through every single part of our network, and we don't have a delay in alerts or network security. It stops any attack on the line.

I like all the threat alerts and WildFire. I also like scanning because everything that comes into our network via customers is scanned. We're an electric company, so every one of the bills is scanned and emailed in and out of our network. 

I like the reports, but I wish the reporting was a little better. When I set up the automatic reports to come in, they're pretty basic. I would like them to be a little more advanced at the ACC monitoring and things like that. I still enjoy all the daily alerts that I get and all the daily PDFs and reports, but I just feel that it could expand upon the visualization of the reports.

I've been using this solution for seven years.

The stability is great. They're not going anywhere. They're the industry leader.

It doesn't matter whether you are small or large, Palo Alto will fit your needs.

I'm in Pacific Standard Time. During the day, I have great support, and after 5:30, I don't have great support. During my business hours, I would rate their support as a ten out of ten. I love Palo Alto's support. However, at night, when the sun changes and I go to a different area, it's not always the best at level 1. If the incident was like having a system down, the support would be better, but after hours or 5:30, I have a harder time.

We were using Cisco ASA. We switched because of its ease to use and the GUI. There is also Single Pass Architecture, which is related to the way a packet flows through our network. It doesn't have to go through one area into another area. It's all at one, and it just separates. It gives me the best visibility of our network and firewalls.

It has decreased the time of technicians in researching the vulnerabilities. We also do web filtering, so that helps. Web filtering has changed things because we used to use Websense, and it's night and day.

It's very expensive. However, we usually use all of the subscriptions and threat alerts on any firewall that uses the internet. For each edge security endpoint, we use all subscriptions. Otherwise, we just utilize the threat alert, the antivirus, WildFire, etc.

Palo Alto is the best firewall company. Whether you're a small company or a large company, it will fit your needs.

By attending this RSA Conference, I was hoping to find new security solutions. However, I seem to like my existing Palo Alto security solutions. In terms of the impact of the RSA Conference on our organization’s cybersecurity purchases, it depends on what we're looking for at the time of attending an RSA Conference. Right now, we're looking for something that I didn't really see here. We're looking for security, but this means we need a security operations center (SOC), whereas we're small. We just don't have that type of network. This is almost too much. However, that's why we have Palo Alto Networks.

I would rate it a nine out of ten. It's not perfect, but it's pretty good. Palo Alto is the best firewall security network that I could possibly purchase.

We're partners. Essentially, we take all the Palo Alto firewall policy information and all the device information, and we put it on a single pane of glass for them.

It provides a unified platform that natively integrates all security capabilities. This communication between security devices or security platforms is pretty important.

It helps to reduce downtime in our organization, but I don't have the metrics.

Their Prisma log collection is pretty great. Our product collects the logs, and it definitely makes the configuration of log collection easier.

Everything has been great. More machine learning would be something great to see, but I don't know if it's a priority for Palo Alto.

We're partners with Palo Alto. We've been partnering with them for about ten years for their firewalls.

It's pretty stable.

It's pretty scalable. Palo Alto does a great job across the board from small businesses to large enterprise solutions.

I have not had direct communication with their support.

We've worked with different firewall solutions such as Check Point, Cisco, ACI, and Fortinet, but Palo Alto is definitely among the ones that I like to work with.

Overall, it provides a wide range of features for securing an environment.

You get what you pay for.

The RSA Conference is great. You get to see a wide range of products all in one place. In terms of security, this is the place to be. It has been a great experience.

I believe attending the RSA Conference has an impact on our organization’s cybersecurity purchases made throughout the year afterward. It gives us a good forecast as to where the industry is going and what's to come so that we can be better prepared to partner with all different vendors.

To a colleague at another company who says, “We are just looking for the cheapest and fastest firewall,” I would say that Palo Alto is definitely not the cheapest. It's one of those things where you prefer quality.

Overall, I'd rate this solution a nine out of ten.

We have clients in the government and supermarkets, for example, who use this firewall for integration with EDR, NDR, CN, and IPS.

Palo Alto Networks NG Firewalls' IPS is more complete and is very good. This is a user-friendly solution that is easy to install, and it provides the best protection.

It's very important that Palo Alto Networks NG Firewalls embed machine learning in the core of the firewall to provide inline, real-time attack prevention because all components are moving laterally these days. We need tools that follow the zero-trust model.

These firewalls have helped reduce downtime in our organization as well.

Palo Alto needs to improve their training. They do not invest in their partners. I have been a partner for seven years, and it is very expensive for me to certify my engineers.

I've been working with these firewalls for almost seven years.

The firewalls are very stable.

Palo Alto's scalability is not as good as that of Check Point. With Check Point, I can integrate the firewall with other products.

We do not have technical support in Brazil, so I would rate it a two out of ten. However, Palo Alto's technical support in the US is good, and I would give them a rating of eight out of ten. 

Neutral

I have worked with Check Point, but it's very difficult to configure. Palo Alto is much easier to configure, and the dashboard is very user-friendly as well.

Because I have worked with Palo Alto for seven years, the initial setup is very easy for me. However, new engineers may find the configuration difficult.

Palo Alto Networks NG Firewalls are very expensive compared to other firewalls such as Fortinet. As a result, Palo Alto is losing some of its market share. 

I would rate Palo Alto Networks NG Firewalls an eight out of ten because it's a good product.

I like attending RSA conferences because it gives me the opportunity to see what competitors are doing and what is new on the market.

Attending RSAC does have an impact on our cyber security purchases, but I would like to see manufacturers offer more training, certifications, labs, and demos at RSAC. 

We use Palo Alto as our perimeter firewall. We also use the GlobalProtect VPN solution.

It gives visibility into different threats. There is a wide range of threats that can be identified.

We collect logs from Palo Alto into our Rapid7 SIEM solution. It's pretty well integrated. This integration is important because we don't necessarily want a solution from the same vendor. I know Palo Alto has Cortex for collection. Being open to other vendors in order to ingest the data or logs is a great thing.

Palo Alto has embedded machine learning in the core of the firewall to provide inline, real-time attack prevention, which is important because AI is the future. All cybersecurity companies are going to start using it. It's definitely a good thing. We just need to make sure that there's still the human component because AI can still fail.

Palo Alto has a wide range of different appliances or virtual machines. It can be installed anywhere from a small branch to a data center. It helps to secure small businesses to large enterprises.

The most valuable feature is advanced URL filtering. Its prevention capabilities and DNS security are also valuable. It pinpoints any suspicious activities and also prevents the users from doing certain things. For example, DNS security prevents users from reaching certain websites, so it's really interesting.

Palo Alto should improve their support. It's sometimes difficult to get the right technician or engineer to fix the problem as soon as possible.

We have been using Palo Alto for at least five years. 

They're pretty robust. They also have Unit 42, which is their threat intelligence team. They make you feel safer because they can identify the threats and then implement protection from those into their firewall.

Scalability is pretty good on the virtual side. Because the virtual environment licensing model is based on credit, if you don't wanna use UI protection tomorrow, you can get rid of it and use those credits for another product or another license.

Because of the pandemic, there's a lot of turnover and the quality of the support technicians is not great. I hope they will improve. I would rate their support a seven out of ten.

Neutral

I didn't use any other solution previously.

It was straightforward. They have great documentation. We use Palo Alto in the Azure environment, and their Azure documentation is one of the best documentation I've ever seen. It's very detailed. It can be confusing sometimes because there's a lot of information, but it's definitely good. They're good at documenting, and their knowledge base is really interesting for troubleshooting. There's a lot of useful information.

We deployed it ourselves. We didn't use any company to deploy it.

It's hard to tell. It's preventing attacks, but I don't have any specific case where I can say whether a particular attack would not have been blocked by another vendor.

It can be quite expensive, but there's a good incentive for the three-year contracts. The part that is especially confusing is for the virtual environment. The credits or the licensing system can be very confusing.

We didn't evaluate any other options.

As a result of my experience with Palo Alto NGFW, to a colleague at another company who says, “We are just looking for the cheapest and fastest firewall,” I would say that the cheapest and fastest means there is a potential risk of breach. Even though Palo Alto is quite expensive, it definitely makes you feel secure. The configuration of the appliances or virtual machines is pretty straightforward, so you don't need to be highly trained in order to be the administrator of the platform.

It's important to attend an RSA Conference even if you're already a customer. That's because you might not be necessarily aware of the new products, so going to an RSA Conference can help you identify new solutions that may be valuable for your company. 

Attending an RSA Conference will have an impact on our organization’s cybersecurity purchases made throughout the year afterward. There are a lot of different vendors that I've found, and I will probably get in touch soon.

Overall, I would rate this solution a nine out of ten.

Our use cases include combining multiple next-gen firewalls and bringing them into the Panorama centralized platform.

In general, it's one of the better firewall brands out there. It definitely has the investment and the dedication of the Palo Alto team to constantly improve their product and move forward. They're not a static company, like some of the other companies out there, and that's why I like them.

From a firewall perspective, there is a unified platform that natively integrates all security capabilities, which is good because there is a single pane of glass. I don't have to go to every single firewall to look at certain things. I don't have to go to every single firewall to deploy rules. I can use Panorama to deploy the rules, so it's a one-stop job type of thing.

For securing data centers consistently across all workplaces, all next-gen firewalls pipe into the same Panorama centralized management solution. We can manage everything from a single pane of glass, deploy all that out, and make sure it goes through each firewall and updates correctly. That's huge. If you had to do it manually and you had thirty locations, that'd be like a day's job versus thirty minutes.

Having a centralized platform where they all feed into the Panorama solution significantly drops firewall-by-firewall management. We can use the Panorama solution to communicate with all of them.

I like the navigation of the general Panorama solution. I can easily navigate around and get to the thing I need. I'm not wasting time trying to find something.

Personally, I feel that their dashboards for reporting and things like that need some improvement.

We've been using Palo Alto for one to two years.

It has been very stable so far.

So far, it has been scalable enough to hit multiple divisions.

I have not personally contacted their support. That just dictates that they have a good product.

Positive

We also use Cisco firewalls.

I am not directly involved in its deployment, but I do help manage it. To my knowledge, the deployment was straightforward. It was easy to connect them into the Panorama platform.

There was a consultant. They knew their stuff.

There is typically no return on investment for firewalls because it's an IT cost, and we don't make money because we don't resell them.

It's pretty good.

We evaluated Fortinet and Check Point.

The value I receive from attending an RSA Conference is huge because I visit all my vendor partners to understand their roadmaps for the future. Attending an RSA Conference has had an impact on our organization’s cybersecurity purchases made throughout the year afterward because it brings out new features and subsets of the vendor partners. Also, if there is a deficiency in any of the current ones we currently use, we'll go engage other providers in order to find out if they can reach that gap or not, and then it'll dictate future proof of concepts and decisions.

Palo Alto embeds machine learning in the core of the firewall to provide inline, real-time attack prevention, but I personally haven't experienced that. It's a good thing that there hasn't been an attack where that became useful, but that's great to know.

As a result of our experience with Palo Alto NGFW, to a colleague at another company who says, “We are just looking for the cheapest and fastest Firewall,” I would say, "Go with Palo Alto."

Overall, I would rate Palo Alto NGFW an eight out of ten.

We use these firewalls to manage wastewater systems for over a hundred municipalities across the country. As a result, we exclusively use them in the operational technology (OT) space.

One of the key benefits is that it enables us to secure environments that may pose more significant security challenges.

The centralization capability is the most valuable feature of this solution as it enables us to monitor our systems efficiently. Additionally, the firewalls are excellent, with straightforward configuration and comprehensible interfaces that our engineers can set up with ease.

The cloud firewall solution offers a unified platform that integrates social security capabilities, but it comes at an additional cost.

I think having the ability to see the big picture is important for us, and that's not always easy to achieve. 

As for how important it is for us to have Palo Alto NG Firewalls and defense machine learning at the core of the firewall for real-time attack prevention, I think it's a bit premature to say. There are many players in that field currently, and I would prefer to see them get it right before jumping in just for the sake of being there.

A major concern is making the licensing more accessible to enable small municipalities to afford and manage their own systems independently.

I have had experience working with Palo Alto Networks NG Firewalls for a minimum of three to four years.

I would rate the stability of Palo Alto Networks NG Firewalls a nine or ten out of ten.

Palo Alto Networks NG Firewalls are very scalable.

As far as I know, the technical support for this solution is excellent. 

My team has used it a few times and has always been satisfied with the service. I have never received any negative feedback regarding the support lines.

I would rate the technical support an eight or nine out of ten.

Positive

A lot of the municipality's systems rely on Palo Alto Networks NG Firewalls to stay online, and we've found that they provide better uptime compared to most other solutions.

Our downtime has been reduced by 80 to 90% with the implementation of Palo Alto Networks NG Firewalls.

I was not involved in the deployment process.

We have seen a return on investment. By centralizing our monitoring of systems, we have been able to make our lives easier.

The licensing leaves a lot to be desired. 

We buy the license and then we can't transfer the license without paying an exorbitant fee to our client if they leave us, and that just seems to be a bit of a pain point for us, and there's really no way to partner effectively to make that more reasonable.

We continuously review firewalls, whether it's Check Point or Fortinet, or Cisco. But Palo Alto has been the best for us.

As most of our environments are in the cloud, we don't have a lot of experience in securing data centers.

If a colleague at another company is only looking for the cheapest and fastest firewall, I would advise them that Palo Alto Networks is not the right solution for them. 

While it may not be the most affordable or the quickest to set up, the investment in Palo Alto Networks NG Firewalls is well worth it in terms of reliability and security. 

Choosing a firewall based solely on cost and speed may result in a false sense of security and leave the organization vulnerable to breaches and downtime.

I would rate Palo Alto Networks NG Firewalls an eight out of ten.