Palo Alto Networks Panorama Reviews

Panorama is a management server that is used to manage the Palo Alto firewalls.

We have almost 20 firewalls in our environment managed by this particular server. Panorama is an appliance, it's not a firewall. It is a management server, which is used to manage or push the policies. If you want to install a policy on the firewall, or you want to allow legitimate traffic, then you leverage this management server.

It's helped with the centralization of policies and installation. It's helped us do everything in one place instead of one at a time. 

In Panorama, installing the policy, and pushing the policy, it's quite seamless. 

It is a centralized management tool. Instead of logging into each firewall and configuring it or deploying the policies, it's quite easy as everything is in one place. We can push the policy and install the policies centrally instead of individually on each firewall. 

In order to push a policy via Panorama, we need to ensure that the firewall is syncing with the management server. I have hardly found any post-upgrade issue with the Panorama management server or the Palo Alto firewall. They are never out of sync.

The initial setup is straightforward. 

It's scalable.

The solution is stable. 

The inbuilt RAM is quite low. If you are increasing the number of firewalls and you want to get this managed via this management server, there are some performance issues. The cost of this product is more. However, the resources they have provided, the inbuilt resources, are less. 

The pricing is quite high.

I've been using the solution for more than ten years. 

It is a stable solution. There are no bugs or glitches. It doesn't crash or freeze. It is reliable. 

We have approximately 20 firewalls, which is integrated with Panorama, and it's doing pretty good.

This solution is like the backbone of inbound and outbound services. 

We have found the solution to be scalable. 

In terms of scalability, it should be able to manage all the firewalls. That said, you need to consider capacity planning down the line for the number of resources, like the CPU memory, if it is low. How many resources are required to be increased to manage these number of firewalls is determined. Capacity planning definitely is required if you're looking for a scalable solution.

Right now, we have no plans to increase usage. We might not look at any increase until five or six years later. 

Technical support has been very good. 

Positive

Cisco does have this centralized management feature as well. They have an ASDM in the Cisco firewall, which is nothing more than a centralized management server. Even Nokia and Check Point have management servers.

Palo Alto is never out of sync with Panorama. However, I find I have issues with Check Point and syncing. We often need to troubleshoot in those scenarios. 

We have Fortinet firewalls. Fortinet is a market leader in terms of Gartner metrics. We have Check Point firewalls as well. That said, Palo Alto is more into the cyber security solution. Everyone is following the footprints of Palo Alto as they were the first to imagine the industry, provide the necessary cybersecurity solutions and next-generation firewalls, and innovate on everything.

The setup itself is very simple and straightforward. It's not overly complex. 

In terms of maintenance, in terms of security, we do require additional resources. Once the security infrastructure is compromised, it'll need a business outage. So we require additional resources in the firewall technology.

The deployment was handled in-house. 

We have definitely seen an ROI. 

When it comes to pricing, compared to the OTC and MRC values, it's really high. They are the market leaders and due to their monopoly, whatever they will demand, we have to pay.

I would rate it five out of five in terms of value for money, however.

I've looked at almost every other product over the last 15 years. However, Palo Alto offers the best cybersecurity solutions. 

Palo Alto definitely a market leader in terms of firewall technology. 

They have good features.

I'd rate the solution ten out of ten. 

We have multiple firewalls in our infrastructure. Palo Alto Networks Panorama serves as the management interface for all our Palo Alto firewalls. As our organization has grown, there has been one company initially, but now three companies have merged into one, and we have increased the number of firewalls. For instance, we have a Palo Alto firewall in our Azure stack and a core firewall from another company that we’ve integrated into our data center. We use Palo Alto Panorama to manage all our Palo Alto firewalls across our infrastructure.

We have centralized management for all Palo Alto firewalls. With the merger of three companies, each previously operating their own Palo Alto firewalls, we can now manage them efficiently through our operations using Panorama. Our network has become more complex as we run various services, including SD-WAN, across three sites. While the SD-WAN operates through a separate firewall, our core firewall remains Palo Alto. Additionally, we use Palo Alto as a perimeter firewall for our Azure stack. In total, we manage four firewalls with Panorama. We monitor various traffic types, including FTP, browser traffic, applications, and unified threat management. We also have SSL inspection enabled and are actively managing and monitoring SSL tunnels and threat management.

Palo Alto Panorama offers robust logging and reporting capabilities, allowing us to extract reports in a user-friendly GUI format with graphical representations. For example, we can track bytes sent and received for specific applications and users since we use Palo Alto XDR for analysis, reporting, and forensics.

We benefit from a certain level of customization in our reports, utilizing predefined templates and tailored reports. This includes user activity reports, application reports, and SaaS platform reports. We forward logs to a separate SIEM solution, enabling us to monitor TCP and inspect SSL traffic.

The logs from our virtual appliances show potential for improvement, particularly regarding their deployment in hypervisors like VMware, Proxmox, or Azure Stack. Monitoring the internal traffic between hosts with these hypervisors could be enhanced. While predefined reports are available, we often require customized reports tailored to the specific areas involving hypervisors. 

I have been using Palo Alto Networks Panorama for five years.

We use Palo Alto as a perimeter firewall for our public network, which can support nearly 40,000 users daily. About 7,000 to 10,000 users connect to the Internet through this firewall.

In addition, we utilize Palo Alto Global VPN for remote access. We have around 869 VPN users, primarily for remote work or when a government advisory requires the entire staff to connect. This solution integrates seamlessly with our Palo Alto firewall.

I rate the stability an eight out of ten.

It's important to reference authoritative sources like Gartner. We selected the product based on their ratings and assessments. In terms of capability, Palo Alto remains one of the top solutions for on-premises security, XDRs, and cloud security posture management. 

I rate the scalability a nine out of ten.

The support team is very knowledgeable. We only contact them when our partner support or integrated support cannot resolve an issue. They respond quickly, joining within an hour if there’s a critical situation.

Positive

We deployed our Palo Alto solution four years ago for the Azure Stack implementation. The complete deployment took around three months, as it's a comprehensive cloud solution similar to Azure or AWS.

If I were to replace my Palo Alto firewall today, I estimate it would take at least seven days to implement. Given our complex infrastructure, which includes SD-WANs and connections between three different data centers into one main center, this timeframe excludes the planning phase.

We are aligned with Palo Alto, as they are our partners. At times, we need to engage Palo Alto support directly due to our subscription with them, which was also established during the initial deployment.

Managing multiple firewalls across three large identities was becoming quite challenging. To address this, we implemented Palo Alto Panorama, which allows us to manage all our firewalls from a single interface. This has significantly improved our efficiency and manageability. It also helps us better use our current human resources; otherwise, we would need to hire several experts in Palo Alto to oversee the three data centers, which would be a cumbersome task.

Palo Alto solutions are more expensive than other products, but this often depends on an organization’s specific requirements. The level of security and features needed will influence the decision. For example, VPN access is essential for our corporate users and consultants, as company policy mandates that they connect via VPN to access the corporate network. When purchasing bulk licenses, we receive discounts, which makes the cost comparison with other solutions more favorable.

When it comes to security, complexity often accompanies it. With advancements over time and the integration of AI and new technologies, we're seeing improved features in the GUI compared to some online solutions. 

The ongoing improvements with the latest firmware updates are a positive sign. Still, virtual firewalls or appliances face a challenge: They could provide more comprehensive information than what is currently available in the reports.

We also use the VPN functionality, which became crucial during COVID-19. Initially, we had around 610 users, and now that number has risen to about 890 users who connect remotely through Palo Alto GlobalProtect VPN. We've never considered switching to another solution because it is stable and reliable for our needs.

You encounter news about zero-day vulnerabilities and firewall firmware updates when browsing the internet. We've been using our Palo Alto solution for the past four years, and during this time, some devices were procured five years ago, while others, including our Palo Alto firewall, were acquired around three years ago. Each identity had IT staff coordinating individual updates, which was inefficient. Now, with a unified approach through Panorama, we can monitor and manage zero-day vulnerabilities more effectively. Panorama plays a crucial role in ensuring timely updates. The features we utilize depend on the complexity of our network and the number of applications hosted in our environment.

Suppose your infrastructure is extensive, and you need a reliable, secure SDR, UTM, and firewall solution. In that case, choosing a product with comprehensive capabilities that you can rely on for at least the next five years is crucial. Proper planning is essential; if you purchase something that isn’t reliable or only plan for six months to a year, it may not be appropriate for your needs. Palo Alto is one of the best secure solutions for organizations with complex infrastructures, such as multiple sites in different regions.

Overall, I rate the solution a nine-point five out of ten.

We use this solution because it provides us with a consistent security profile no matter the location. Regardless of users, we use the same configuration. 

We also use Panorama for management. Currently, all of our users are working from home — this solution has helped us manage everything. 

Over the next four years, we are planning on moving all of our data centers onto the cloud.  

Before I joined this organization, they experienced some issues when trying to set up zone protection parameters. Last week I applied a zone protection profile; for each and every branch, I had to apply a zone protection profile or modify existing metrics — I needed to physically go to each branch. When we originally deployed Panorama, we were managing the firewalls individually. After implementing all those firewalls and changing all of the templates, it's really hard to modify them. 

You can't just modify them with a single click, you need to physically go to each individual branch and make the changes yourself — we can't directly seal all of the fireworks. This needs to be improved. 

With version 9.1, when configuring it, if something goes wrong, then it reverts back to your original settings automatically. This is a nice feature but it's not available on the standard firewalls. If we didn't have Panorama and I was setting up some remote Palo Alto firewalls, after implementing my configurations, if I were to lose the configurations then I would lose firewall access. This isn't the case with other firewalls like Cisco and Juniper SRX where you can just put in a reminder in the last 10 minutes. 

I have been using Palo Alto Networks Panorama for the past five years.

Besides the odd bug, Panorama is stable. From a management point of view, it's good. Even though we now have 25 firewalls, with a single click, we can add and submit a request. With a single click, we can apply changes to all 25 firewalls. Upgrading our remote locations, the firewalls, logs, and the reporting is all very easy. We can easily add more power and stability, it's nice.

GlobalProtect is a great extension that you can add on. If something goes wrong with our cloud solution, then it will automatically fall back to our local physical firewalls across the globe. We have four different locations that GlobalProtect automatically connects to. At the moment, our company is expanding so we are adding more clients. 

The technical support is pretty good. The best part about Palo Alto is that you can find answers with a simple Google search. Compared to other vendors, all of their technical data is online — for all of their solutions. Still, sometimes we prefer to use support. Sometimes it takes time as their technical team has to regenerate our issues in their lab, etc. 

The initial setup can be complex. As I mentioned before, making modifications is very difficult. Before implementing, you need to plan carefully.

Our engineer made some mistakes when he was setting it up; we still experience some complications due to that as everything is already in place and we can't change it. 

Licenses are available on a one to three-year basis. If you go for a one-year license, you won't get much of a discount. We have a three-year license for all of our firewalls. Currently, we have 25 firewall licenses.

Currently, we have around 20 TB of data. We are in the process of upgrading our licenses because we are adding more and more files.

The price of the licenses could be lower. Still, because we have Panorama with 25 firewalls, Palo Alto gives us a good discount. 

I would definitely recommend Panorama to others. Compared to all of the other firewall vendors, Palo Alto is very secure. Personally, I'd say it's the best firewall vendor on the market. When combined with WildFire, it's highly secure; just make sure you configure it properly as there are a lot of viruses out there. 

Overall, on a scale from one to ten, I would give Panorama a rating of nine. 

We require Palo Alto Networks Panorama to safeguard internet access for our users. Additionally, we need features such as URL filtering and sandboxing, among other useful functionalities.

The Palo Alto Networks Panorama was highly useful to us. However, it is important to consider that Palo Alto is a specific solution, and therefore one must be certain about their requirements before investing in it as it can sometimes be overburdening and expensive. Despite this, Palo Alto offers a plethora of features that can be useful if required. The product was great, and whenever there was a bug or issue, they released updates quickly. Additionally, their support was very good.

Feature-wise, Palo Alto Networks Panorama had a mix of everything. With the centralized view for the firewall, it was really convenient to have the same rule set for all. We could check everything from the logs, do some packet tracing, and more. In the beginning, we had BrightCloud as a database provider, but we eventually moved to Palo Alto Networks Panorama, which was also convenient. So, we can say that the ease of use was a big factor.

The pricing of the solution could be considered an area of improvement, as it is a comprehensive and feature-rich product that may include features that are not needed by some companies. Therefore, the solution should have a more competitive pricing structure.

I have been using Palo Alto Networks Panorama for three to four years. There are a lot of upgrades, so I don't clearly remember the version.

Stability-wise, I rate the solution a nine out of ten.

Scalability-wise, I rate the solution an eight out of ten. I may consider increasing the solution's usage.

I rate the technical support an eight out of ten.

Positive

In the beginning, the solution was hosted in a data center that was not owned by us but by Verizon. However, when we migrated to SD-WAN, it became cloud-based.

The infrastructure was managed by Verizon towards the end. Therefore, any issues or problems, as well as room modifications, were raised by us through a ticket, and they took care of everything related to the infrastructure. So, it wasn't something we had to deal with directly.

I have seen a return on the investment. But maybe we can see higher ROI with other solutions at the moment. So, we are a bit tight on budget now.

I would tell those planning to buy the product that if you really need those features and you are able to afford the price, go for it because it will probably be hard to get by any other product with the same features. Overall, I rate the product a nine out of ten.

We are using Palo Alto Networks Panorama for a single pane of glass view of our network. 

Palo Alto Networks Panorama provides many features, such as alerts, traffic monitoring, and logs.

Sometimes in Palo Alto Networks Panorama, we receive issues where it is overloaded and unresponsive. We have issues with accessing the devices due to a slow response from Panorama.

Palo Alto Networks Panorama should be more robust and resilient. 

I have been using Palo Alto Networks Panorama for approximately two years.

The stability of Palo Alto Networks Panorama is good.

Palo Alto Networks Panorama is scalable.

We have approximately 250,000 users using this solution.

We have a technical support manager from Palo Alto Networks Panorama but their response time could be faster.

We previously used Cisco ASA and we switched to Palo Alto Networks Panorama because it is a superior solution.

The initial installation of Palo Alto Networks Panorama is straightforward and the process takes a couple of hours.

We used an integrator to do the implementation of Palo Alto Networks Panorama.

We have four to five engineers that support the solution.

There is a license required to use this solution and it is paid annually.

I would recommend this solution to others.

I rate Palo Alto Networks Panorama an eight out of ten 

We use the solution for segregation. We also use it as a gateway in order to do URL filtering on the DNI as a security measure. We use the product's global protective VPN as well. 

The application ID, this kind of technology, has a very high-level check. It makes everything more secure for your enterprise network. Otherwise, fake applications can sneak in. 

If you're using application ID, they check the high side, the traffic, and they analyze everything. They see if it's a normal application. They're working closely with each vendor, to make it easy to identify applications. For the hackers or malicious traffic, they can see it and block it. 

I like the user ID and the application ID as it's easy to identify the popular applications and the EZT does the security checking in regards to the user and the application ID.

The initial setup is very easy.

The solution is easy to manage. It has a good interface as well.

The solution is stable.

The product can scale.

The solution offers good integration potential.

While Palo Alto is the leading firewall worldwide, it's so pricey. Other products like Checkpoint still do the job, and yet it's way cheaper than Palo Alto. The solution is extremely expensive. You can integrate it with other Palo Alto products, however, it ends up being too much.

Palo Alto prefers the VM version. However, for the VM level, often we have a migration from one host, VM host, to another host, and then the network jobs. And they're not fully redundant. With VM, the purpose is easy migration from one host to another one. That's the purpose of VM in play, however, if you want to have high availability or redundancy, you have to purchase two licenses - one on one host, another one on another host - and it costs a lot of money to do that. 

Technical support could be better.

I've used the solution for about five to seven years at this point.

It is a stable solution. With the cloud, you don't even touch the physical box at all. However, for the traditional network guests, I like my stuff to be reliable. That's why I don't like the VM migrating from one host to another host. That's why I'm in the process of converting the VM back to the physical box using redundancy. That will be the network solution. I want my network available 24/7. 

The solution is quite scalable.

We have about 150 people using the product currently.

Support is awesome. However, it can depend. When you get a ticket and you take it to the proper person, they can give you a solution really quick, and the support is really good. That said, sometimes, if you are not lucky, you create a ticket and a salesperson or specialist runs it to a different person. Sometimes it takes a long time. Sometimes they make you do a lot of the work and ask you to send them reports or check certain things. If they run the ticket to the proper person, I can resolve the problem in 10 minutes. If they run my ticket to some other person, maybe it takes a whole day or two and I don't have time to play around.

I'd rate it as average, at maybe a five out of ten in terms of the service level you get in general.

I previously used Juniper. I have experience with Cisco ASA as well. 

Currently, I use Microsoft Defender for my endpoint protection.

I switched when Palo Alto turned into the top firewall management solution. I did do research.

From the GRI management port, it's easier than Cisco ASA. 

The solution is very easy to set up. I've been working for many years on this. I know the whole process is easy to start with some simple logarithmic management It's easy to manage. 

The deployment is fast. It usually takes about a day. On the first day, you get the management running on the UI. On the second day you need to get the traffic going through the certificate, and to do some proper security policies. That's all. Yes. To do it in one day is just a one-man job.

I manage the solution myself and maintain it every two months or so. Of course, if there are any issues in between these maintenance events, I also work on them.

I did the implementation myself, however, five or seven years ago, I used a consultant and learned from him. I've likely done 20 or so firewalls myself at this point.

The issue with Palo Alto is that the price is almost double other products such as Checkpoint, or Fortinet. There's no reason you price yourself to be double other brands.

I just did a call for renewing my license. I requested two redundancy units. The price, which was all-inclusive with WiFi, a VPN solution, a global VPN, et cetera - all of them bundled together, for two units, over three years, was $81,000.

You can buy the hardware only and each box is not even $10,000. It's only $8,000 for the unit itself. However, then you are charged a three-year license at $81,000.

I'm just a customer.

I'm using the latest version of the solution.

I would rate the solution at an eight out of ten.

My clients use Palo Alto Networks Panorama for centralized management of multiple firewalls across various locations. It allows them to easily oversee and configure all their firewalls through a single interface, streamlining security management across their network infrastructure.

The most valuable aspect of Palo Alto Networks Panorama for me is the centralized management of multiple firewalls. It saves time, provides consolidated visibility into my network, and allows me to configure all firewalls from one web interface, eliminating the need to access each firewall separately.

In the future, it would be beneficial if Panorama could include a firewall assurance feature similar to Skybox. While each firewall has its policy optimizer, a consolidated policy optimizer in Panorama could further enhance firewall management and optimization.

I have been working with Palo Alto Networks Panorama for over ten years.

Panorama is stable.

Palo Alto Networks Panorama is scalable and can support up to 1,000 devices, making it suitable for various network sizes. In terms of clients, it is mainly used by larger customers with more than ten firewalls. Some smaller customers with six or eight firewalls may not opt for Panorama, but those with ten or more find it beneficial for centralized management.

I find Palo Alto Networks' technical support to be good, especially with premium support. The initial support level is handled by us, and if we encounter issues beyond our scope, Palo Alto's support team is efficient in resolving them. I would rate the support as a nine out of ten.

Positive

Installing Palo Alto Networks Panorama is easy, and connecting firewalls is a straightforward process. Deployment typically requires just one person, usually the firewall administrator. Maintenance is also easy, especially for those familiar with managing individual firewalls, and Panorama serves additional functions like log collection and setting up SD-WAN functionality, making it highly useful for networks with multiple firewalls.

In terms of return on investment, Palo Alto Networks Panorama is worthwhile, especially for larger networks with more than ten firewalls. The time saved and the consolidated view it provides investment pay off quickly, often within a couple of months.

In terms of pricing, Palo Alto Networks Panorama is moderate. It is very affordable when compared to more expensive firewalls. The license is yearly, and the price typically includes the initial license and support, with subsequent years requiring only twenty percent of the initial license cost for support. It is negotiable, and the overall cost depends on your network setup and the type of firewalls you are using.

Overall, I would rate Palo Alto Networks Panorama as an eight out of ten.

We use Palo Alto Networks Panorama firewall, rule and policies management.

The most valuable feature of Palo Alto Networks Panorama is the simplicity of rule management. Both this device group and template management are very easy to use. 

Palo Alto Networks Panorama currently lacks the capability of integrating with other software, such as AlgoSec to simplify rule management and schedule management. However, this feature has been requested by the company and it is uncertain if Palo Alto will implement it in the future. Additionally, the UI needs improvement, it is too slow.

I have been using Palo Alto Networks Panorama for approximately five years.

The solution has frequent upgrades that reduce the stability.

I rate the stability of Palo Alto Networks Panorama a six out of ten.

Palo Alto Networks Panorama is scalable.

I have been using the same management software from other vendors, such as Check Point and Fortinet, but they are not as scalable as Palo Alto Networks Panorama.

We have approximately 25 people using the solution.

We do not plan to increase our usage because we are migrating to Zscaler and Cisco. Zscaler has some scalability advantages over Palo Alto Networks Panorama and this is why we are switching.

I rate the scalability of Palo Alto Networks Panorama a nine out of ten.

There are a few areas where Palo Alto Networks Panorama support could be improved. Specifically, when we encounter issues, it takes a significant amount of for support to resolve them, particularly when it comes to coding-related problems. We are unsure if they have invested in research and development in this area.

The initial setup of Palo Alto Networks Panorama took a long time to complete because there was not a lot of documentation.

We used the support from Palo Alto Networks Panorama for the implementation. They were very professional and helpful. We used five people for the deployment of the solution.

The price of Palo Alto Networks Panorama should be reduced. We pay for the solution annually.

We have acquired Palo Alto Networks Panorama for a three-year period, and we are selecting firewall options based on our specific needs, which may result in purchasing a DNS Security solution separately.

We use five people for the maintenance of the solution.

The solution is easy to use and superior to other competitors. Additionally, there are occasional graphical or visual glitches that also take a while for them to address through updates. The length of time it takes to resolve these issues depends on their severity.

I rate Palo Alto Networks Panorama a nine out of ten.

The solution is good compared to the competition, but the support is not up to standard.