Palo Alto Networks Panorama Reviews

Our firewall uses IPS and other features. We have some firewall rules using the IPS feature. For the VPN users using the MFA authentication protocol, we are using the SAML protocol.

The application ID or App-ID feature is a good feature for us. We are also using IPS and content inspection features. The firewall can inspect the packages that are passing through my network.

It should have more connection with Threat Intelligence Cloud. They can also include features related to SecOps and automation API.

I have been using Palo Alto Networks Panorama for two years. 

It is awesome in terms of stability.

In terms of scalability, it is complicated because you have to scale up. Its scalability could be better. It would be great if you could scale out by integrating another node, and you are good to go. 

Currently, you have to buy new hardware with more power in terms of CPU and memory. You cannot simply increase the nodes in a cluster. In the last five months, we had to acquire new hardware because we are facing some higher usage in the Palo Alto hardware. We have about 15,000 users.

They provide good support. I would rate them an eight out of ten. 

They can increase the SOA time. When dealing with your case, sometimes, they take time. In the queue, you need to pass through one analyst and then go to the next level, which takes some time.

It was quite straightforward. In terms of technology, it was okay. As our environment is quite complicated, we had to deal with several phases of the implementation because we don't have only one appliance installed. We have implemented four Palo Altos. That's why it took some time, but it was just because of the complexity of our environment, not because of the solution itself. The whole project took one year.

We did some POCs to understand this solution. We had a lot of discussions in terms of the best way to implement this solution in our environment. It took the effort that this kind of solution normally takes.

It is not a cheap solution.

I would advise studying and understanding the best factors for implementing Palo Alto Networks Panorama and creating a roadmap to use all the features because it is not a cheap solution. Understand the possible ways to implement Palo Alto Networks Panorama and create a roadmap that implements all the features.

Palo Alto is constantly improving its solutions. They have been doing a great job and putting a great effort into their products. I would rate Palo Alto Networks Panorama a nine out of ten. We are satisfied with the solution.

We primarily use the solution for automation purposes and for security.

The underlying technology is very good, considering that we are moving to a work-from-home environment.

Panorama is a straightforward tool. Palo Alto is comparative to other firewalls. Some firewall tools are more user friendly, and, from a technical perspective, it is very user friendly as well. It's not like Check Point. We use a setup for offshore development centers. For all those ODCs, we usually use a Palo Alto device. We have few perimeter firewalls which are Palo Alto but for the perimeter predominantly we use Check Point.

You don't need an overly experienced workforce to handle Palo Alto. It's very easy to use.

The solution if extremely flexible and scalable.

There are too many OS upgrades. We've had six new versions in the past six months. Even if they are updating it to fix bugs, it's hard to keep pace with the change when you have 800 or more Palo Alto devices that you now need to update and upgrade.

We try to follow version minus one or two for security reasons. To keep pace with the changes, it takes us nearly six months as we have to check with the business, arrange downtime, and count and cover all devices.

These upgrades aren't just little fixes either. Whenever there is a new release, it requires an OS upgrade. It would be nice if there was some automation on the upgrades of the devices.

They need to do less bug-related releases and create versions that are stable for at least six months at a time. I don't find this issue in other solutions like Cisco, Check Point, FortiGate, or others. Those just provide a patch if there is a bug and we don't have to worry about downtime.

We've been using the solution for close to seven years at this point. It's definitely been about six years.

The solution is very, very stable. There aren't too many issues on it once you get it up and running. We consider it reliable.

The solution is very scalable. If a company needs to expand its services, it can do so rather easily.

We have different businesses running inside the organization. We have close to 800 devices, so it means about 800 different projects are using those devices. Each project has a firewall, so most of these, 80%, are on Palo Alto.

We use Check Point as well, however, we don't really like it as much. It's not as user friendly.

Prior to this solution, we were using the ASA products and then Check Point. Check Point is a little complicated. I can use Check Point on my perimeter firewall, but not on my overseas businesses. That's what makes Palo Alto is more user friendly. I can use the GUI to do everything due to the fact that I don't need a skilled person to work on the Palo Alto. On Check Point, I have to go to CLA and do all the changes. 

 It's easy to upgrade or to do anything with the Palo Alto. Technically it's quite sound. It's dynamic, scalable, and there's a lot of things that can be done easily. Plus, I don't need an extremely experienced person to work on Palo Alto. Anybody with two or three years of experience can easily work on a Palo Alto device.

The initial setup is not complex. It's pretty straightforward.

The deployment is easy and uncomplicated. It takes about an hour or so, if not less than an hour. It's pretty quick.

However, we have 800 or more devices. It takes about six months to deploy everything, especially if I have to do everything manually.

We have eight to ten people who manage deployment and maintenance.

We haven't used an integrator or reseller. We handled the implementation ourselves in-house.

In terms of licensing for Panorama and Palo Alto products, we have only the DMC cost and we are billed every year.

It's not overly expensive. It is comparatively okay if you look at other devices. Compared to the top three devices, pricing is okay due to the fact that you have multiple vendors who are selling firewalls and competing with each other for the same clients. 

We're just a customer. We don't have a business relationship with the company.

We have multiple variants of the solution's model. Currently, we are using 8.1.15-H. We also have some virtual firewalls that are recently in Tokyo. We are using close to around 800+ Palo Alto firewalls. 

We're currently developing our virtual firewalls and have them in different locations. 

It is not just Palo Alto. We have other devices as well, so we have close to around 1300 plus firewall devices.

I would recommend the solution to others.

I'd rate the solution eight out of ten. If you need a perimeter type of device, Check Point may be a better option. However, for my businesses, I would choose Palo Alto due to its scalability and user-friendliness. It also has great security features. That said, if it didn't release so many new updates, I would rate it higher, simply due to the fact that so many upgrades requires a lot of work on our part.

I primarily use Palo Alto Networks Panorama for the global administration of firewalls and managing the GlobalProtect services. It is used for logging and standard firewall activity, and opening firewall rules. Additionally, it centralizes various tasks on the platform.

The main value of Palo Alto Networks Panorama lies in its ability to centralize management, similar to FortiManager. It provides a single dashboard for all firewalls, allowing centralized control over different feeder systems based on Palo Alto. It's a comprehensive solution for managing firewalls globally.

There is room for improvement in the graphical user interface (GUI), which is becoming outdated, especially the NAT section. However, it still meets expectations and works well for our needs.

I have been using Palo Alto Networks Panorama for three years.

Stability is rated highly at nine out of ten.

Scalability depends on whether it's a hardware or virtual machine model, and I rate it at eight out of ten.

I rate technical support at seven out of ten. It depends on the case, with room for improvement in both quality and response time.

Neutral

In comparison, I prefer Panorama over FortiManager because Panorama includes all the modules needed for troubleshooting, unlike FortiAnalyzer. From an operational perspective, Panorama is better.

The initial setup for Panorama is simple.

Overall, I rate Panorama an eight out of ten and would recommend it to other users.

Our customers are using the product.

The solution offers good logging features. 

The management is great. 

It is easy to set up.

The solution is stable.

I can scale well. 

Using a Palo Alto solution is very straightforward. 

We have faced some challenges with the solution. We had Panorama in the cloud, and then we used Panorama to manage the on-prem firewalls. Then we had some network-centric architecture to connect to on-prem, where we had two separate Palo Alto firewalls on the cloud. From there, we had a direct connect, external direct connect to the on-prem. In that case, the issue we faced was that whenever the traffic left AWS, it went with any one of the subnets, either from availabilities on one subnet or availabilities on two subnets. When we configured Panorama, it was actually behind a NAT device on two separate IP signals, and there were challenges around that.

When we were deploying Panorama in AWS, there were some issues with Panorama deployment in AWS. I was the first customer to deploy Panorama in AWS, and I raised a case with both AWS and Panorama. Then, in the next Panorama release, they enhanced some features, and both came up in the same version. I had to wait for two or three months to get to a resolution. 

Sometimes technical support is slow to respond. 

The solution is expensive. 

Panorama can be a bit difficult compared to other Palo Alto solutions. It would be ideal if they could simplify it a bit. 

I've been using the solution for two years. 

Overall, the product is stable. There are no bugs or glitches, and it doesn't crash or freeze. 

We haven't had an issue with scalability.

We work mainly with enterprise-level organizations. 

In our region, technical support is not so good. We need to wait if we are reaching out with a P1 case. Sometimes we have to wait for two or three hours. That can be an issue.

I do also work with various other vendors. 

The initial setup is very simple and quite straightforward. It was not overly complex. It's been two years now since I implemented the solution, and therefore I cannot recall exactly how long the deployment took. While the process was smooth, we did face some integration issues, for example, integrating the active standard Palo Alto to Panorama.

It's a costly product. All Palo Alto products are pretty expensive. Nowadays, people are looking for security and something that offers easy management. Therefore, Palo Alto can easily charge what they want. 

We're partners. We handle pre-sales and implementation of the solution for clients. 

It's a good product. However, if a company wants to deploy the solution, it should first do a proper study and design it properly. Otherwise, they will likely run into issues. 

I'd rate the solution seven out of ten.

We are a cybersecurity business, so we are a Palo Alto reseller and integrator. We also use Palo Alto to run our firewalls in our own environment. 

It's really the central management component that helps us. From a configuration point of view, when we are implementing it for large organizations where the customer owns a hundred firewalls, it's just easy to manage them all at one central location. I think that's probably one of the best features from a visibility component.

Price is probably one of the biggest things that we struggle with, specifically with Palo, and that's across their whole portfolio. Also, the tech support could be better.

I have been working with this solution for about five years.

The solution is very stable.

The solution is easy to scale.

On a scale of one to five, I would rate the technical support as a four. 

Positive

The setup process is simple and straightforward. 

If I were to rate the pricing of Palo on a scale of one to five, with one being really high and five being a good, reasonable price, I would rate Palo as a three.

We generally compare Palo Alto with the offerings from Check Point because they both seem to have the majority of the market share here in my region.
From a stability point of view, I think Panorama is better. Check Point is struggling with their current software releases along those lines, and Panorama is very good at releasing new features along those lines. Palo is a lot faster than a lot of the competitors on the market.

I would rate Panorama as an eight out of ten.

We use it internally to manage the solutions that we provide to our customers. So, we use it to manage our own firewalls and Prisma Access. We also use it to manage managed firewalls. We can also resell it, but we don't tend to do too many panoramas.

We are using version 10.0.7, which is the latest one under version 10. We're not running 10.1 yet. We don't need to run that.

The entire ease of use is most valuable. If you're managing firewalls locally with PAN-OS, the look and feel of Panorama is the same. So, you don't have to relearn another product. If you're used to managing firewalls from Palo Alto, you can easily use Panorama to manage them. It looks and feels the same.

Our primary issue at the moment is to manage Prisma Access because we just switched over to using Prisma Access for our customers. My newest one is in North America. It is a great tool for that. The fact that you can push out your Prisma Access just dynamically and it changes into Prisma Access Cloud is fantastic.

It tends to move along fairly quickly in terms of features because it is a part of PAN-OS. We are waiting on one feature that's on the beta at the moment, but that's because we use Okta as our authentication.

Reporting might be an area to improve. It can provide reporting or some sort of graphical representation of your environment.

I have been using it for probably two years.

There are no reliability issues.

You can manage multiple environments, multiple firewalls, and multiple locations with it. So, it scales really well.

We have just a handful of admins. We have less than five of them.

I have not used their technical support.

We've always been Palo Alto. The founders of our company were ex-Palo Alto people, so it is always going to be Palo Alto.

I've been using it for two years, but I didn't actually deploy those instances at Panorama. When we recently moved to Azure, I actually deployed it in Azure, and I had no issues. So, I was a complete rookie in terms of deploying it because I'd never done it before. I did that with minimal assistance from Palo Alto or anybody. So, I would say it is easy to deploy in the cloud.

In terms of updates, PAN-OS releases come every month, six weeks, or so. You have to be running a higher or equal level of Panorama to the firewalls that you're managing. If you're keeping your firewall environments up to date, you also have to keep your Panorama up to date, and with that comes new features. You have to plan for firewall updates more than Panorama, which is just managing other environments. You can pretty much update Panorama whenever you want. There is no customer or firewall outage when you update Panorama. It is just the reboot time. You just download it, install it, and reboot it, and you're done. It takes less than 20 minutes.

We're a reseller, and we're an MSSP. So, we get some extreme discounts. 

It is easy if you're used to managing firewalls. Using Panorama to manage the firewalls is not rocket science. It is just another GUI or web UI.

Palo Alto is really good at innovation, adding new functions and features, and rolling those out on a regular basis. So, they're going in the right direction. As long as that keeps happening, they are good. They should just keep adding and improving. 

I would rate Palo Alto Networks Panorama a nine out of 10.

We primarily use it for firewall monitoring, reviews, and policy-level monitoring.

Threat prevention and traffic monitoring are the most valuable features for us. We use them the most.

There is room for improvement in response time for tech support.

I have been using this solution for three years. 

The stability is good, so I would rate it around nine.

I would rate the scalability an eight out of ten. 

The customer service and support team is okay because the response time depends on the case. For example, it can take a lot of time if they don't have a readily available solution.

If compared with Cisco, I find Panorama is better and easier to use.

Our technical team did the setup for us.

Overall, I would rate the solution a seven out of ten. 

Even though there was a dedicated team to monitor the logs with the SIEM platform, I would use the solution when there is a potential outbreak to provide a particular tool to view the effects of the outbreak on my environment.

It was a good functional tool. When we had multiple Palo Alto devices to be managed, it provided a lot of visibility onto those solutions. It was a good and useful tool.

The solution helped us consolidate and use logs.

The UI was fine. The visualization would be almost similar to Palo Alto Firewalls.

Overall, the functionality was very good.

It was a stable product.

It's easy to set up. 

I don't have any real comments in terms of areas of improvement. 

The scalability is limited. 

It is an expensive product. 

The last time I used the solution was six months ago. I recently switched jobs. I previously used the solution for about three or four years. 

The solution was stable and reliable. There were no bugs or glitches, and it didn't crash or freeze. I'd rate the stability of the solution nine out of ten. 

It's not hugely scalable. It has limited scalability. That said, it's good. It offers what is requested. It depends on your initial planning and pricing, so it's not great in scalability. However, I would give it an overall scalability rating of seven out of ten.

At my old company, we had six to eight people using the solution. 

I did raise some tickets with technical support, and I found them to be helpful and responsive. 

Positive

It was pretty easy to set up. I did not find the implementation complex. I'd rate the ease of deployment nine out of ten. 

The pricing of the product is high. They aren't very cost-effective. That said, they do provide high value to organizations. 

I've seen three other devices like FortiGate and FortiManager as well as FortiAnalyzer. However, I can't make apples-to-apples comparisons between the solutions. I can say that the interface of Panorama is better in general, and Panorama does offer very good visibility.

I was a customer and end-user. 

I'd rate the solution eight out of ten.