Palo Alto Networks VM-Series Reviews

We primarily use the solution for cloud firewalling, SASE, ZTNA, and CASB compared to the hardware-based NGFW or cloud firewalls.

The product is easy to use and deploy, and it enhances the overall security posture while deploying the application in the cloud. The most effective features of the solution for threat prevention are Layer 7 inspection, SSL decryption, IPS, and the web filtering profile. You can use the solution to easily protect your data from cyber criminals, including insider or outside-based attacks.

The solution is easy to deploy, easy to manage, and easy to create policies. An organization's overall security posture can be improved by deploying Palo Alto Networks VM-Series firewall.

The DLP functionality or data classification can be improved in the solution's basic firewalling.

I have been using Palo Alto Networks VM-Series for two to three years.

Palo Alto Networks VM-Series is a stable solution.

I rate the solution a nine out of ten for stability.

Compared to Checkpoint Maestro Firewall, the solution's scalability is not up to the mark. We'll need to upgrade the firewall for any tech refresh, throughput requirement, or hardware-based incremental. We have more than 100 customers for Palo Alto Networks VM-Series.

The solution’s technical support is great.

The solution’s initial setup is straightforward.

The solution's deployment time depends on the business application or business requirement. Based on that, the solution is easy to deploy and use.

Based on the customer budget, they can choose from 12-month, 36-month, or 60-month licensing models. The solution is quite expensive compared to Fortinet, Check Point, or Cisco. Customers can go for the solution's premium version, which I wouldn't say is expensive because it secures important data.

We cannot say that we have achieved 100% security by deploying the solution, but we have added one more security layer to protect us from security threats or attackers. For deployment, we have more than 400 engineers handling our SOC, including the MSS part, the security of business center implementation, and manageability.

Deploying the solution does not provide a 100% data safeguard, but it adds another security layer. The solution provides single-pass parallel processing (SP3) architecture, which is more effective than other firewall vendors. From the hardware and architecture perspective, the solution is good compared to Check Point or Fortinet firewalls.

Overall, I rate the solution an eight out of ten.

For remote access and securing our perimeter, Palo Alto Networks VM-Series greatly enhances our network security posture. It serves as a primary firewall for enterprise security and ensures secure remote access to our environment. As for traffic handling in our multi-cloud deployment, Palo Alto Networks' solution effectively manages it, delivering on its promises.

We've integrated all necessary functions into a single box shop currently. This setup is convenient for those who aren't yet in the cloud and prefer to stick with familiar tools. However, there's now a plethora of cloud-based tools that offer similar functionalities, leading to potential duplication and increased costs. 

In terms of security breaches, the product aids in categorizing and monitoring traffic, allowing for the identification of potentially malicisous or incorrectly formatted applications. While there are often false positives, the product has successfully detected unauthorized traffic streams.

I believe that the licensing and overall cost could be more transparent and aligned with how features are utilized, especially considering the duplication of features. 

Sometimes, it's challenging to determine which features to activate or deactivate.

I have been using Palo Alto Networks VM-Series for the past 5 years.

In terms of stability, it's quite reliable once it's up and running. I'd rate it a 9 out of 10. However, it's not a perfect 10 due to the need for manual intervention, especially during firmware upgrades and certificate management. This aspect isn't as seamless as with cloud-native firewalls.

As for scalability, it can be scalable if deployed correctly from the start. Regarding usage, the number of users will likely remain consistent, but the deployment of various firewall types may increase. This could include different instances or flavors beyond the Palo Alto VM series, such as cloud-native versions on Azure or from other vendors. 

The support team is quick, knowledgeable, and responsive. They address issues promptly and escalate them efficiently if needed. Overall, we haven't encountered any significant problems.

We managed the deployment in-house, which presented some challenges.

As for technical staffing, we aim to reduce the team size needed for deployment, ideally managing it with minimal personnel or even through code automation. Currently, we don't have a dedicated firewall team.

Regarding pricing, I initially downloaded the product for feature comparison purposes, not specifically due to pricing concerns. However, the current licensing model can be a sore point as we're paying for features we're not fully utilizing. Simplifying the pricing structure would be beneficial, especially given the duplication of services in some cases, leading to increased costs.

I'd rate it a 9, considering it's an industry-leading firewall with excellent support and features. However, as more customers shift to cloud-native solutions, some unique features of the Palo Alto solution may become less relevant. The company may need to offer a more robust and feature-rich solution to remain competitive. Currently, the monolithic nature of the firewall can be challenging to maintain and secure, which could impact its future viability compared to more agile competitors like Cisco.

When considering the Palo Alto Networks VM-Series, organizations need to carefully assess their specific use case and the extent of changes planned for the firewall. It's crucial to determine if all features are necessary and if they are not replicated elsewhere in the infrastructure. For those already operating in a cloud-native environment, leveraging native security features may be more cost-effective, as they are already included in the package. Conversely, organizations accustomed to traditional on-premises setups may prefer a single firewall device for security. Ongoing support and the frequency of changes to be made on the firewall should be factored in, as these can significantly impact the overall cost and effectiveness of the solution.

I use the solution in my company to block threats, detect vulnerabilities, and protect the organization's internal network.

The most valuable feature of the solution stems from the fact that its UI is good since it offers options. In terms of being compliant with the firewall security standards, the product falls in the first or second place. The product can also be considered as NGFW. In general, the product is user-friendly.

The reporting part of the product is an area of concern where improvements are required. Compared to Palo Alto Networks VM-Series's reports, FortiGate NGFW provides users with reports that are easy to understand.

I have been using Palo Alto Networks VM-Series for three to four years.

The product's stability is good. Considering the cloud availability, I can say that the product is 99.99 percent stable. The firewall functions properly on the cloud, and there has been no downtime in the last couple of years. Unless the cloud services from Microsoft Azure go down, the firewall works properly.

My company has 1,000 users of the product, but not all of them are connected to the product all the time since my company has three different fire products running in the cloud. I would say there are around 600 Palo Alto Networks VM-Series users.

The technical support for the solution is very good.

The product's deployment phase is not complex. The tool is easy to deploy.

The solution is deployed on the cloud.

There is a need to make payments toward a yearly subscription-based model in which you need to add modules that you want to use in your company.

I can't elaborate on how the product was deployed in our company's existing infrastructure since the product was not deployed by our company, as the vendor handled it. The product can be deployed on the cloud platform you want to use. If you are using Azure's cloud services, then we select VM-Series, take care of the configurations, and upload the required details to get the product.

In terms of the product's ability to improve our company's network security posture, I see that the tool keeps our systems protected since all the network traffic is routed through the tool. The tool provides protection against any malicious traffic that attempts to get into the company network as such networks get blocked and quarantined by the firewall. Been blocked on the firewall network. Malicious components in the network don't enter our company's internal network, so the users are protecting the systems attached to the internal traffic.

My company has not integrated the product with any third-party software.

Speaking about the benefits of dynamic scalability, I would say that my company has not used the product's scalability features. I don't think there is anything wrong with the tool's scalability functionalities.

The tool is good for enterprise-level organizations because it has many options for users in its office. The product also comes with a lot of add-ons. If you can leverage the benefits of everything the product offers, then it can be useful. It is easy if you want to integrate the tool or connect it with other applications or third-party software, and you can do cloud monitoring and SIEM. The tool also works with XDR products. In general, the tool has its pros and is good software.

I have not encountered any issues with policy management in the product.

The product helps find vulnerabilities in the system, especially opened ports and unwanted ports that are open. If there are any issues, you can explore your system further with Nmap and with the help of a given IP address.

I rate the tool an eight out of ten.

We use the solution for inter-VPC traffic segmentation and inspection. I also use it for external interfaces.

The product gives us the ability to do malware detection and file inspection.

The tool provides ease of use for GUI management and deployment. The product provides more visibility into our traffic. It also helps with troubleshooting a bit of high-level next-generation platforms. The auto-update feature of App-ID is valuable. Traffic monitoring, threat monitoring, and dashboards are the most impactful for our network security.

Having visibility and alerts and being able to react to them is valuable. The integration of VM-Series with cloud services has helped us a lot to streamline our security operations. The solution has ease of use. The web interface and the traffic monitoring are more centralized.

The cost must be improved. The tool is very costly.

I have been using the solution for more than five years.

I rate the tool’s stability a nine or ten out of ten.

I rate the tool’s scalability an eight or nine out of ten.

The technical support is really good. I rate the technical support a nine or ten out of ten.

We deploy AWS VPC as a virtual appliance, as a security VPC. The initial deployment was moderately easy. It is not complex, though.

I have used Juniper. Palo Alto’s next-generation features are better than Juniper’s.

The cloud service providers are also coming up with similar features. It can get really competitive for Palo Alto. People who want to use the solution must engage the system engineer for the deployment, vetting process, and initial implementation. Overall, I rate the product a nine to ten out of ten.

We are using the solution for IDS, IPS, and security.

We need a perimeter firewall to expose anything on the internet. Our inbound and outbound traffic is controlled via Palo Alto. It has multiple features. We have Palo Alto in every location and have a central console where we control all the firewalls.

IDS, IPS, web filtering, and URL filtering are valuable features. Palo Alto is a good product. We have become a major reseller of the product. The tool is beneficial to us. The solution strengthens our IT posture.

The solution must improve Zero Trust integration and use cases. The Zero Trust solution has limitations.

I have been using the solution for four years.

The stability is good. The vendor communicates about the releases in advance. We keep updating the operating systems based on compliance and security notifications.

Scalability might be an issue for large organizations. The throughput is a challenge. Multiple segregations need to be done. More than 40 customers are using the solution. We don't face challenges in deployment and maintenance.

The support is responsive.

The setup is not complex, but it is not simple. We get everything from Microsoft Marketplace. We buy the license outside Microsoft Marketplace because it is more cost-effective. All our VMs are deployed on the cloud.

The license fee is slightly high. We must choose the right licensing.

Palo Alto’s compatibility and integrations are better than Juniper's. Zscalrer’s Zero Trust solution is better than Palo Alto’s. We recommend Palo Alto over Fortinet, Juniper, or Check Point. Palo Alto is less complicated.

Palo Alto is a straightforward solution. The solution does not have any negative impacts on our organization. Overall, I rate the product a nine or nine and a half out of ten.

The primary use case for the Palo Alto Networks VM-Series is real-time inspection for vendor security.

We have been using Palo Alto Networks VM-Series for three years.

I rate the stability a ten out of ten.

The product has good scalability. We have small to enterprise businesses as our clients for it.

As per premium support licenses, we received 24/7 support services. Apart from that, they join the calls quickly to resolve the issues for distributors' performance.

Positive

The initial setup is easy. We managed and configured it with the help of existing management tools and courses. We deployed it on the cloud and on-premises.

The deployment time depends on specific business requirements and bandwidth. It takes around one to two weeks to migrate and configure for large organizations. For small organizations, it takes one or two days to complete.

The product is costly but provides all essential security features. I rate the pricing a seven out of ten.

VM-Series enhances the security of our virtualized infrastructure. It ensures that every interaction, pre and post-loan processing, undergoes a thorough inspection, leveraging VPN features and comprehensive security protocols. It reviews the data for encryption and decryption before sending it to the server.

By applying Palo Alto's robust security measures, we enhanced the overall security posture of the cloud development process. Generally, it is challenging to scale hardware while increasing the bandwidth. When it comes to VM-Series, it is more scalable than other firewalls.

Certainly, the prevention capabilities can have an impact on bandwidth. Without the imposition of security profiles, the bandwidth can operate at its full capacity, reaching up to 100 Gbps. However, upon introducing security profiles, there may be a slight decrease in bandwidth due to the utilization of a software control plan and software data plan. The data plan involves a parallel processing mechanism, incorporating multi-scan and multi-action functions. While this may introduce a minimal latency, it efficiently prevents threats with lesser bandwidth. The operation efficiency is enhanced after the deployed VM-Series. We can easily fetch all licensing details, including serial numbers.

I rate it a nine out of ten.

The main concern is VPN. If you're using Azure Firewall, you still need a VPN gateway to terminate your VPN connection. Azure Firewall doesn't remove the need for another VPN gateway, especially for point-to-site VPN. So you have to use another VPN appliance. With Palo Alto and FortiGate, for example, you can have an all-in-one solution. The VPN gateway and all the other features are available.

Palo Alto Networks VM-Series has everything centralized. You have the VPN solution, firewall, routing, UDR, flexibility, updates, and full visibility of your traffic. You can also perform log debugging. It provides all the things that Azure's firewall doesn't offer. Plus, you have full ownership of your device.

Firstly, Palo Alto should update their documentation to make it more readable and provide easier-to-follow instructions through videos. This would help people learn and deploy the product more easily. Even if the product itself is excellent, lacking proper documentation and troubleshooting guidance renders it less useful. It won't be helpful even if it's rock solid but lacks sufficient information and tutorials.

I've been using Palo Alto as a VM for about three months. I use the latest version.

It is a stable solution. I would rate the stability a ten out of ten.

It is a scalable solution. We have more than 20 entities using this solution. 

Customer service and support are great. The response time is good. My experience with them was very good. 

I used Azure Firewall for a while, but then I removed it and installed Palo Alto.

The setup requires professional people to work on it. It's not straightforward. Knowledge is needed to adapt it to your platform. 

So, it's not an entry-level solution; it requires professional and expert-level skills.

I deployed the solution myself. The deployment process took about three to four days. It depends on your production environment because I had to migrate production.

Only one person is required for deployment and maintenance. 

I can't make a suggestion because it depends on the specific needs they have. They can consider using the entry-level version or opt for the expert lab, depending on their workload.

Overall, I would rate the solution a nine out of ten. 

The primary use case of this solution is as a firewall for our servers.

We are running a total of 12 servers. Four of them are hardware servers and the rest are VMware servers. We have about 80 clients running Windows 10.

The most valuable feature is the Posture Assessment.

From my understanding, we used to have the Sophos firewall and a nice feature that is missing in Palo Alto is the heartbeat that monitors each endpoint. It would be helpful if Palo Alto monitored the status of every endpoint. It could be that it was not set up correctly.

In the next release, I would like to see better integration between the endpoints and the firewalls.

I have been using Palo Alto for approximately 12 months.

The stability is good.

We haven't explored the scalability yet.

We have approximately 80 Windows 10 clients, and we have approximately 85 users in our organization.

Technical support is okay. It's the same across the board, you have good techs and you have bad techs.

At times, it's a little slow in getting back to us, but nothing out of the norm.

Prior to using Palo Alto, we used a Sophos firewall.

The initial setup was complex, but we were able to work through it.

I would rate this solution an eight out of ten.

We evaluated quite a few solutions before choosing Palo Alto Networks VM-Series.