Palo Alto Networks VM-Series Reviews

Azure Firewall is a cloud-native solution. It's only for netting and simple source-destination blocking. The client wanted everything, so they wanted us to implement a third-party solution. Palo Alto was the leading solution. It's easy to install. 

Palo Alto is dynamic regarding protocol rules, and it is classless. The client also wanted a third-party solution between their on-premise environment and Azure, so they went for Palo Alto. Palo Alto VM-Series is deployed on the Azure Cloud.

We previously had a hardware solution. With VM-Series, you don't need to purchase the hardware. You can deploy it in the cloud, or they have a PaaS, SaaS, and IaaS version. You connect your network to their cloud and get the traffic filtered. 

The most valuable feature is the proxy write. It's called the Write Fill process. It's in a bundle of everything. Palo Alto has everything, including CAD management, malware protection, and a file management system. There is a bundle of packages. This is not in the latest edition of Azure Firewall.

The VM-Series reports how much bandwidth a particular IP is using. You don't need to regularly log into a website, like a Cisco command, to see what kind of ACL it's getting. There isn't an ACL use portal event. You can go there and see how much my ACL has been getting me.

It automatically tells what rules are in place, like scheduled and additional rules. You don't need to create new rules every time. It will automatically tell you that this rule exists. 

Palo Alto's next-generation firewall is classless, and it's a bundle of everything, including malware management, bandwidth utilization, and how much each IP is costing you. It offers bandwidth utilization, DDoS protection, a next-generation firewall, and everything I need in one bundle.

You can integrate fully automated virtual firewall deployments and provisioning into existing DevOps workflows if you are a good developer. Palo Alto offers help for it, but you should have developer knowledge.

It's easy to migrate workloads to the cloud. They expose the API also. In two days, I can implement two firewalls in different regions. It's flexible. That is a feature of Azure and Palo Alto. This kind of integration is why I am able to do the migration in two days.

There's room for improvement in terms of integration with the load balancer. It isn't like Fortinet, which has a load balancer built into its firewall. It is effortless to integrate within the load balancer-plus-firewall solution. 

Palo Alto doesn't have much ability to load balance, so you must purchase a third-party load balancer. It would be great if they did these kinds of changes to integrate the solution with the load balancer.

I have used Palo Alto VM-Series for one year.

VM-Series is highly stable. One of our clients has been using it for one year, and we've been using it for a year and a half. There were some bugs initially, but in the past two years, it has gotten more stable. 

I give VM-Series six out of 10 for the scalability. It's one area where they need to improve. Scaling up requires a lot of effort because it's cloud infrastructure. You need to change a lot of settings and ask them to customize before it starts working. 

There are still some issues after a customer has customized the solution. Scalability is something they are working on. I am hoping that we'll see some decent scalability within a year and a half. 

I rate Palo Alto support nine out of 10. Palo Alto technical support is excellent. When you raise a ticket, you get a support call in 10 minutes. They will contact you by phone and follow up on WhatsApp to see if the issue hasn't been resolved. 

Setting up VM-Series is completely straightforward. You have to download the VM, and there is a free interface for internal and external management. You configure the interface and the root table within Azure, then the device is good to go. Lastly, you need to activate your license, and Palo Alto is integrated into Azure.

We had to purchase the license from the vendor and download the VMs from the Cloud market. You can download VM-Series from the Azure marketplace, it is a simple process. You configure everything in the management interface. Once that's done, you configure the access list so that others cannot access it from anywhere. 

After you purchase the license, you have to put the license in Azure VM. There's a similar license you have to implement in the Palo Alto portal. Your Palo Alto is ready to use once that goes through. It took us one week to deploy. An issue came up, and we had to raise a ticket, so it took seven days to complete the implementation within Azure Cloud. One person is enough to deploy it. I deployed two firewalls within seven days, so I didn't need anyone's help. One or two people are enough to manage it.

The price is fair enough. The most expensive is Cisco, followed by Fortinet, then Palo Alto. Palo Alto is very much within the range. We use Software Next-Generation Firewall Credits for licensing and consuming VM-Series. They have a cloud solution using their portal. You can go in and put it through the license.

We can't use the credits on the fly. It is not possible because they acquire new CPU RAMs. We cannot change this on the fly. It will take one day of downtime. It is not easy. This is planned downtime. You have to plan for it outside of business hours. If you do the downtime during the business day, you can't do anything. 

The Software Next-Generation Firewall Credits enable us to protect ourselves without going through a long procurement cycle. The licensing part plus implementation is very easy. You just create the firewall, and it can do everything.

I rate Palo Alto Networks VM-Series eight out of 10. Palo Alto is easy to use, and the price is fair compared to the other solutions on the market. I recommend Palo Alto, but you should also consider the other solutions out there. Some solutions have lots of bugs like FirePOWER. Also, the price for FirePOWER is quite high. That is not the case with Palo Alto. It has fewer bugs, requires minimum effort, and the price is fair. Everything is accessible within the same portal.

I've mainly worked with the VM-Series, and a few features have been really effective for threat prevention in our networks, like McAfee training, Accountant ID, and apps ID. These features integrate well with our existing environments and tools, such as Panorama. 

 The VM-Series scalability is fast and easy to implement, improving our security posture as our Azure network grows. The only minor issue we've faced is with the apps ID configuration, which requires specific matching for application filtering. Tools like Loopback help us identify open or denied flows between two firewalls and manage the servers effectively. The Palo Alto system easily identifies rules and objects within roles, making maintenance straightforward.

No other major concerns, just the specific issue with Apps ID configuration. Otherwise, overall stability, VPN, IPSec, VRF, and flow management with the VM-Series have been very stable and reliable.

I have been using Palo Alto Networks VM-Series for 2 years.

I've had a positive experience with Palo Alto's support. They usually respond within a few hours, which is satisfactory

Positive

In my experience, Palo Alto and Fortinet offer similar quality and high-level security compared to other vendors like Cisco and Forcepoint. They stand out in terms of reliability and security features. Other vendors may not match their level of performance and security.

It is easy to maintain because we have various tools to manage and monitor the system. 

The pricing for Palo Alto is quite high compared to FortiGate, which is more affordable. I don't have the exact figures as my manager handles that, but from my research, Palo Alto's licensing costs are significantly higher.

I would rate Palo Alto Networks VM-Series as an eight overall. My recommendation for others considering this tool would be to ensure they have the budget for it, as it can be expensive compared to alternatives like FortiGate. Also, they should be prepared to understand and document their application metrics thoroughly to implement the firewall correctly. 

The solution is used to protect some servers and access their traffic in a virtualization environment.

The most valuable features of the solution are its stability, ease of implementation, ease of operation, and security.

It is not very easy to scale up the solution.

I have been using Palo Alto Networks VM-Series for one year.

I rate the solution a nine out of ten for stability.

I rate the solution a seven out of ten for scalability.

The solution’s technical support is very good.

Positive

The solution’s initial setup is very easy.

Palo Alto Networks VM-Series can be deployed in a day or two.

The solution is a little bit expensive compared to other vendors.

I would recommend the solution to other users because it is a good firewall.

Overall, I rate Palo Alto Networks VM-Series a nine out of ten.

I have completed ten projects. The solution is used for network security, application control, and enforcement of policies on end-user devices.

The solution enables organizations to enforce policies. We can control every endpoint that is connected to the network.

The vendor must improve the way it advertises and markets the product.

I have been using the solution for four years.

I did not find any bugs in the tool. However, we'll face some issues if we do not configure it properly.

Almost 25 customers in Riyadh migrated from Juniper to Palo Alto this year. Before buying the product, we must know the number of users who will be using it. We must buy the model that best suits our needs.

Some people do not know how to open a case with the support team. When a customer contacts the support team, the team must help the customer to open a case. After a case is opened, the support team must respond within 15 to 20 minutes. However, the team takes three to four hours to respond. There is no proper support channel to follow up on cases.

Deploying a firewall is not easy until we have a basic knowledge of routing and security. If we have the knowledge, we can find the proper document on the website and do it easily. We should know the basic configuration. The deployment process is user-friendly. We can configure it easily.

The product is cheaper than the on-premise version.

When compared with FortiGate, Palo Alto has more security products. However, Palo Alto did not publish the security profile for the end-users or partners. They must explain to their end users why they are better than FortiGate.

People considering implementing the product must consider investing in the on-premise solution instead. If someone has a good experience with VMs, I suggest they choose VM, as it is cheaper than on-premises. Overall, I rate the tool a nine out of ten.

Our corporate clients use the product to secure cloud environments.

Palo Alto Networks VM-Series's most valuable feature is the visibility of the environment.

The product's AIOps process needs improvement.

We have been using Palo Alto Networks VM-Series for two years.

I rate the product's stability a ten out of ten.

We have 5000 Palo Alto Networks VM-Series users as our clients. I rate its scalability a ten out of ten.

I rate the initial setup process a nine. It takes a few hours to complete.

I rate Palo Alto Networks VM-Series pricing an eight out of ten.

I rate Palo Alto Networks VM-Series a nine out of ten.

I use Palo Alto Networks VM-Series for testing purposes of VMs.

The main advantage of Palo Alto Networks VM-Series stems from the fact that you can access it with the help of cloud services.

With Palo Alto Networks VM-Series, it is hard for me to manage its network configuration part. Regarding Palo Alto Networks VM-Series, I am figuring out whether to use interzone or intrazone networks for the VMs in our company's environment, which is very confusing. The aforementioned aspects of the solution can be considered for improvement.

In the future, whenever I try to onboard Palo Alto Networks VM-Series, it should allow for easy configuration, especially in terms of network connectivity. I want an easier setup and configuration in the product's future releases.

I have been using Palo Alto Networks VM-Series for around a year. My company has a partnership with Palo Alto Networks.

The technical support of Palo Alto Networks does reply to the cases or issues I file with the support team. The support is equally good for all the products that fall under Palo Alto Networks. I rate the technical support a nine out of ten.

Positive

I rate the implementation process a six or seven on a scale of one to ten, where one is difficult and ten is easy.

During the implementation process of the product, I faced some issues related to the networking part and connectivity of VMs. I faced issues with how an end user could connect the VMs to a firewall or connect a firewall to VMs, but the same process was easy for me on a physical device firewall.

I am more comfortable with the physical device firewall. I am actually trying to figure out things since I am not very familiar with the VM side of Palo Alto.

I would recommend Palo Alto Networks VM-Series since it is a cheaper product compared to the other tools available in the market. Apart from Palo Alto Networks VM-Series, I usually recommend Palo Alto Networks Cortex XSOAR and Palo Alto Networks Prisma Cloud.

I rate the overall product an eight out of ten.

We are using it on Azure Cloud for our internal systems, where we have set up our internal workloads. We are using it as a perimeter firewall.

We are using it because our internal workflows are on the cloud. Almost everything in our production and development uses these instances. We are using it extensively for conducting reports of the development environment. It is working fine.

It improved all compliance activities. We can close open cases. Compared to other firewalls in these cases, it improved our score on the compliance side.

We are using the complete box. We are mostly using the security services and firewall rules in Panorama.

We need to look at different variables and granular policies of various tools. This makes it easy to understand.

We use Palo Alto’s Panorama centralized management system. We have an on-prem firewall where Panorama is very good for pulling logs in from the cloud so we can see what is going on. It gives us visibility into that as well as showing us what attacks are coming in.

Palo Alto’s Panorama centralized management system simplifies our security posture based on our requirements. Instead of manually pulling logs, then generating them into readable formats, it gives us the console in a readable format to view.

We have been using it for the last two years.

Stability has so far been good. We monitor the resources on the firewall to determine if there will be any spikes on the CPU, RAM utilization, or the load of the firewall. Though, we are yet not putting much load on it. 

I don't think that scaling will be a problem since we can adjust the VM-Series model that we want.

I have around 100 instances protected behind this device.

The customer support is good. They are able to give fast, readily-available solutions upon the creation of a help ticket. I would rate them as 10 out of 10.

Positive

We did a fresh setup for this, but it was pretty easy. We could easily integrate with the VM-Series, then just create our business servers. We were able to do this with the help of the tech team.

It took around seven to eight hours to deploy this solution and configure it to our environment.

We feel that the setup was complex. So, we asked the tech team about the setup process. They explained how to deploy it in the right way, which made it very simple. Once we had a checklist of what to do, it was pretty easy to deploy.

Deploying Panorama has saved us a lot of time. When any incidents happen, our people are comfortable going to the Panorama logs and view the incident report to see what happened.

Initially, pricing was high. Later on, we were able to negotiate the pricing and get something that fits our budget.

The solution provides protection and there wasn't an additional cost involved, in terms of security.

We evaluated FortiGate, Cisco, and the stuff that we are using. Compared to other products, we found it a very useful part of our compliance requirements and liked its format on the graphical interface. It is also a more secure firewall compared to other existing ones in the market. Based on our evaluation, it matched our compliance requirements.

Cisco is pretty complex in nature to deploy. It is helpful to have a skilled person with at least two years of experience. 

We are happy with their features for how we are using it and what we have deployed.

I would recommend giving the solution a try and see the difference between it and your existing firewalls. Give it a shot and see the difference.

In the firewall market, it is the number one product right now. I would rate it as 10 out of 10.

The most effective features for threat prevention are application-based prevention and WildFire. These features cover various threats, such as ransomware, malware, etc. They provide real-time visibility. By applying appropriate policies, threats can be blocked.

The solution needs to improve its visibility. It's not straightforward to use. Understanding the policies, authorizations, and initializing features requires careful review. The product needs to offer proper training. 

I have been working with the product for three to four months. 

I rate Palo Alto Networks VM-Series' stability as ten out of ten. 

The main issue with the tool's support is the delayed response time, ranging from one to two hours. This delay can impact customers who are waiting for support. Additionally, partners may become busy. 

Positive

The tool's improvement in cloud security posture depends on the features used and the licenses purchased. Different suites are available, such as Professional, Core, and Enterprise, each offering various features for endpoint.

Competitors such as Fortinet and Check Point also offer similar features, but I don't know much about their offerings. However, Palo Alto Network VM-Series stands out with its application deployment capability, iOS zone protection, and features like application ID, user ID, and device ID identification. These features enable policy application and on-premises protection, which may not be available in competing solutions.

I rate the overall product a nine out of ten.