Palo Alto Networks Panorama Reviews

Our company uses the solution for monitoring and policies. We monitor data, make rules for firewalls, and allow source IPs to destination IPs with respect to ports and services. 

We also use UR filtering to allow or block things. We have a Prisma Access Firewall that we allow or block for remote users. 

We use the solution in a hybrid model with multiple on-premises instances plus the cloud-based version. 

The solution doesn't need a proxy for the Prisma Access Firewall. 

We can maintain our own policies within the solution and block things from the proxy perspective. 

When creating remote access for users, it would be beneficial to be able to base the object on on-premises or the cloud. We should be able to push policies based on a segregation or as a whole. 

I have been using the solution for one year. 

The solution is stable and satisfies my use case. I rate stability an eight out of ten. 

The solution is scalable. 

My focus is limited and I have not needed technical support. 

We are replacing Cisco and our Forcepoint Proxy with the solution. Since we will be using the solution's proxy, it doesn't make sense to have two filtering instances. 

The setup is simple. 

We implemented the solution in-house. 

The solution is priced a bit higher than competitors and could be a bit more flexible for customers. I rate pricing a six out of ten. 

There are multiple platforms available that include XDR and the Proxy. 

The solution is very easy to use in comparison to the Forcepoint Proxy. 

Based on my limited use of the solution, I rate it an eight out of ten. 

We have multiple firewalls in our infrastructure. Palo Alto Networks Panorama serves as the management interface for all our Palo Alto firewalls. As our organization has grown, there has been one company initially, but now three companies have merged into one, and we have increased the number of firewalls. For instance, we have a Palo Alto firewall in our Azure stack and a core firewall from another company that we’ve integrated into our data center. We use Palo Alto Panorama to manage all our Palo Alto firewalls across our infrastructure.

We have centralized management for all Palo Alto firewalls. With the merger of three companies, each previously operating their own Palo Alto firewalls, we can now manage them efficiently through our operations using Panorama. Our network has become more complex as we run various services, including SD-WAN, across three sites. While the SD-WAN operates through a separate firewall, our core firewall remains Palo Alto. Additionally, we use Palo Alto as a perimeter firewall for our Azure stack. In total, we manage four firewalls with Panorama. We monitor various traffic types, including FTP, browser traffic, applications, and unified threat management. We also have SSL inspection enabled and are actively managing and monitoring SSL tunnels and threat management.

Palo Alto Panorama offers robust logging and reporting capabilities, allowing us to extract reports in a user-friendly GUI format with graphical representations. For example, we can track bytes sent and received for specific applications and users since we use Palo Alto XDR for analysis, reporting, and forensics.

We benefit from a certain level of customization in our reports, utilizing predefined templates and tailored reports. This includes user activity reports, application reports, and SaaS platform reports. We forward logs to a separate SIEM solution, enabling us to monitor TCP and inspect SSL traffic.

The logs from our virtual appliances show potential for improvement, particularly regarding their deployment in hypervisors like VMware, Proxmox, or Azure Stack. Monitoring the internal traffic between hosts with these hypervisors could be enhanced. While predefined reports are available, we often require customized reports tailored to the specific areas involving hypervisors. 

I have been using Palo Alto Networks Panorama for five years.

We use Palo Alto as a perimeter firewall for our public network, which can support nearly 40,000 users daily. About 7,000 to 10,000 users connect to the Internet through this firewall.

In addition, we utilize Palo Alto Global VPN for remote access. We have around 869 VPN users, primarily for remote work or when a government advisory requires the entire staff to connect. This solution integrates seamlessly with our Palo Alto firewall.

I rate the stability an eight out of ten.

It's important to reference authoritative sources like Gartner. We selected the product based on their ratings and assessments. In terms of capability, Palo Alto remains one of the top solutions for on-premises security, XDRs, and cloud security posture management. 

I rate the scalability a nine out of ten.

The support team is very knowledgeable. We only contact them when our partner support or integrated support cannot resolve an issue. They respond quickly, joining within an hour if there’s a critical situation.

Positive

We deployed our Palo Alto solution four years ago for the Azure Stack implementation. The complete deployment took around three months, as it's a comprehensive cloud solution similar to Azure or AWS.

If I were to replace my Palo Alto firewall today, I estimate it would take at least seven days to implement. Given our complex infrastructure, which includes SD-WANs and connections between three different data centers into one main center, this timeframe excludes the planning phase.

We are aligned with Palo Alto, as they are our partners. At times, we need to engage Palo Alto support directly due to our subscription with them, which was also established during the initial deployment.

Managing multiple firewalls across three large identities was becoming quite challenging. To address this, we implemented Palo Alto Panorama, which allows us to manage all our firewalls from a single interface. This has significantly improved our efficiency and manageability. It also helps us better use our current human resources; otherwise, we would need to hire several experts in Palo Alto to oversee the three data centers, which would be a cumbersome task.

Palo Alto solutions are more expensive than other products, but this often depends on an organization’s specific requirements. The level of security and features needed will influence the decision. For example, VPN access is essential for our corporate users and consultants, as company policy mandates that they connect via VPN to access the corporate network. When purchasing bulk licenses, we receive discounts, which makes the cost comparison with other solutions more favorable.

When it comes to security, complexity often accompanies it. With advancements over time and the integration of AI and new technologies, we're seeing improved features in the GUI compared to some online solutions. 

The ongoing improvements with the latest firmware updates are a positive sign. Still, virtual firewalls or appliances face a challenge: They could provide more comprehensive information than what is currently available in the reports.

We also use the VPN functionality, which became crucial during COVID-19. Initially, we had around 610 users, and now that number has risen to about 890 users who connect remotely through Palo Alto GlobalProtect VPN. We've never considered switching to another solution because it is stable and reliable for our needs.

You encounter news about zero-day vulnerabilities and firewall firmware updates when browsing the internet. We've been using our Palo Alto solution for the past four years, and during this time, some devices were procured five years ago, while others, including our Palo Alto firewall, were acquired around three years ago. Each identity had IT staff coordinating individual updates, which was inefficient. Now, with a unified approach through Panorama, we can monitor and manage zero-day vulnerabilities more effectively. Panorama plays a crucial role in ensuring timely updates. The features we utilize depend on the complexity of our network and the number of applications hosted in our environment.

Suppose your infrastructure is extensive, and you need a reliable, secure SDR, UTM, and firewall solution. In that case, choosing a product with comprehensive capabilities that you can rely on for at least the next five years is crucial. Proper planning is essential; if you purchase something that isn’t reliable or only plan for six months to a year, it may not be appropriate for your needs. Palo Alto is one of the best secure solutions for organizations with complex infrastructures, such as multiple sites in different regions.

Overall, I rate the solution a nine-point five out of ten.

We deploy Prisma SD-WAN for our NetBackBot and sell Fortinet SD-WAN and Fortinet SRC solutions. We also provide both on-premises and account solutions. Our customers focus on security rather than DLP.

Palo Alto integrates the whole policy into the platform and deploys all policies to every end device, making it easy to manage and deploy policies for IT departments.

Panorama integrates security management by allowing easy modification of policy by account, IP, or application. This flexibility helps IT departments securely manage Internet security.

Palo Alto needs to improve deployment by making it easier to deploy an agent to a desktop. Currently, it's complex since the product cannot utilize the AD serving for deployment, which would be a desired improvement in the near future.

Panorama is capable of managing complex network environments. Its scalability is rated nine out of ten.

I am satisfied with their support and would rate it nine out of ten.

Positive

We used to work with Fortinet products. However, our focus has shifted, though Fortinet products remain an alternative for our customers who are familiar with its platform.

The initial setup can be complicated, specifically when deploying to desktops using batch files.

Palo Alto Panorama might appear expensive to some enterprises, but its powerful platform justifies the cost.

We evaluate solutions like Fortinet, which has advantages in pricing and functionalities such as user-friendly deployment.

I would recommend this solution to customers, though it can be very expensive. As an alternative, Fortinet solutions are also recommended.

I'd rate the solution nine out of ten.

I have used Panorama as a log collector and for administration. It's primarily used for optimizing firewall policy posts and reporting.

Panorama has improved the organization by enabling log collection, administration, and optimization of firewall policies. It supports policy migration and offers platform stability and decent uptime.

The valuable features of Panorama include log collection, policy optimization, ability to migrate policies from other platforms, and platform stability and uptime.

There needs to be an improvement in integrating AIOps functionalities into Panorama. I'd like to see a seamless integration with both on-prem and cloud environments. Furthermore, they should address the static nature of current additions instead of adding them through plugins.

There are no significant stability issues. The uptime and platform stability are fairly decent.

Panorama does not bring in a lot of complexities. It's a straightforward setup, allowing licenses to add more devices without significant complications.

The support has been good, benefiting from the partnership channels established with Palo Alto.

Positive

I previously worked with Cisco ALDM before using Palo Alto Panorama.

I am not privy to a lot of the pricing details.

I have experience with AlgoSec or Tufin, but they are not exactly replacements for Panorama.

To manage network security effectively, if the intent is cloud first, leverage Streta Cloud Manager. For hybrid or on-prem deployments, Panorama is suitable.

I would rate it a seven out of ten.

I primarily use Palo Alto Networks Panorama for the global administration of firewalls and managing the GlobalProtect services. It is used for logging and standard firewall activity, and opening firewall rules. Additionally, it centralizes various tasks on the platform.

The main value of Palo Alto Networks Panorama lies in its ability to centralize management, similar to FortiManager. It provides a single dashboard for all firewalls, allowing centralized control over different feeder systems based on Palo Alto. It's a comprehensive solution for managing firewalls globally.

There is room for improvement in the graphical user interface (GUI), which is becoming outdated, especially the NAT section. However, it still meets expectations and works well for our needs.

I have been using Palo Alto Networks Panorama for three years.

Stability is rated highly at nine out of ten.

Scalability depends on whether it's a hardware or virtual machine model, and I rate it at eight out of ten.

I rate technical support at seven out of ten. It depends on the case, with room for improvement in both quality and response time.

Neutral

In comparison, I prefer Panorama over FortiManager because Panorama includes all the modules needed for troubleshooting, unlike FortiAnalyzer. From an operational perspective, Panorama is better.

The initial setup for Panorama is simple.

Overall, I rate Panorama an eight out of ten and would recommend it to other users.

Palo Alto Networks Panorama is essential for those adopting a centralized landing zone firewall approach as it provides a unified management point for enforcing security policies. It becomes particularly crucial in multicast strategies and cloud environments, streamlining configuration and monitoring across multiple firewalls.

Using Palo Alto Networks has brought numerous benefits to our organization. It effectively addresses security vulnerabilities, incorporates advanced AI technology, ensures reliability, and continually innovates with a demand-driven approach to security features.

The most valuable feature of Palo Alto Networks Panorama is its innovation and impressive capacity to handle network traffic efficiently.

A potential improvement for Palo Alto Networks Panorama could be a more competitive pricing structure.

I have been working with Palo Alto Networks Panorama for three years.

It is a fairly stable solution.

I would rate the scalability of the product as an eight out of ten. We have approximately 30 to 40 customers using it.

The technical support is good.

The setup of Palo Alto Networks Panorama is moderately complex. In my experience, the deployment of Palo Alto Networks Panorama involves considering accessibility, and if it's on-premises, it may face challenges like procurement delays. The cloud version tends to be smoother and more straightforward for deployment.

The pricing structure could use some improvement.

I highly recommend Palo Alto Networks Panorama. It is a mature, solid, and innovative technology. Overall, I would rate it as a ten out of ten.

We primarily use it for firewall monitoring, reviews, and policy-level monitoring.

Threat prevention and traffic monitoring are the most valuable features for us. We use them the most.

There is room for improvement in response time for tech support.

I have been using this solution for three years. 

The stability is good, so I would rate it around nine.

I would rate the scalability an eight out of ten. 

The customer service and support team is okay because the response time depends on the case. For example, it can take a lot of time if they don't have a readily available solution.

If compared with Cisco, I find Panorama is better and easier to use.

Our technical team did the setup for us.

Overall, I would rate the solution a seven out of ten. 

We are doing the centralized network for the global base. We have several countries with different firewalls being used and we are also cataloging the log to keep data on that. When we're having some issues, we can track back the details via Palo Alto Networks.

Most firewalls are the same, however, it depends on the service. If they have a good service, that means they guarantee that our business does not have any impact. That is a very important part of business today.

Palo Alto is very user-friendly.

It's a stable solution

Technical support is quite helpful.

We can scale well.

The initial setup was complex.

The licensing costs are quite high.

I would like there to already be a log centralized for the things, however, I don't see any soft security operation center or something that can make it a regular report. When we need some GDPR policy, we just have a one-pack we deploy and tune by ourselves a little bit to suit our organization. We'd like to have something more standardized for this purpose. It would be more of a value-add. 

We'd like more log monitoring in general.

I've been using the solution for five years already.

While it was stable, the one thing that I am not sure about is the Cortex Advantage. Maybe we have to leave it again as the life cycle of the hardware is almost finished. We are looking for some other solutions as well.

We have the full-scale of the Panorama solution. We are using the Cortex, the XDR from Palo Alto, as well and link all of them together to go to the Cortex network intelligence. We can scale when we need to.

There are about 5,000 users on the solution right now. 

We are impressed with the Thailand technical team.

When we have some trouble or issues happen, they always are there to help us guide us to solve the issue, and sometimes they even escalate the case to the global team.

Positive

We have certain firewalls in AWS and in Azure as well.

We had a complex initial setup. It wasn't that simple to execute. We do have help with deployment, however. We have a deputy to help us to deploy but Palo Alto also supports us as well.

The deployment itself was quick. In two months we were up and running.

We only have two people on our end looking at maintenance. The company that handled deployment had four people and also Palo Alto has some specialists and engineers. They had two guys, the implementer had four and we had two more - we were eight people in total.

We have a vendor that helps us. They also take care of the maintenance. 

We haven't noted an ROI yet. We'd like to see some reporting on that.

It's an expensive solution.

We pay a yearly fee. It is just one fee and everything is covered under it, including support.

We're a customer and end-user.

We are using the latest version of the solution. 

I'd rate the solution eight out of ten. We work with other firewall brands that are also quite impressive as well.