Palo Alto Networks VM-Series Reviews

We mostly use it for threat protection. Currently, I'm working on virtual solutions, and it is deployed on the cloud. We have three people who work with this solution.

I have previously worked on the shared firewall as well as dedicated firewall solutions, where we deployed it on-premises as well as on the cloud. 

The most valuable feature is that you can launch it in a very short time. You don't have to wait for the hardware to arrive and get it staged and installed. From that perspective, it is easy to launch. It is also scalable.

It would be good if the common features work consistently in physical and virtual environments. There was an integration issue in the virtual deployment where it didn't report the interface counters, and we had to upgrade to the latest version, whereas the same thing has been working in the physical deployment for ages now. It seems that it was because of Azure. We were using VMware before, and we didn't have any such issues. We do see such small issues where we expect things to work, but they don't because of some incompatibilities. 

There also seems to be a limitation on how to do high availability in a virtualized environment. All features should be consistently available in physical and virtual environments. 

It is not always easy to integrate Palo Alto in the network management system. We would like to be able to compare two network management systems. They can maybe allow monitoring an interface through the GUI to create a reference or do a baseline check about whether your network monitoring system is actually giving you the correct traffic figures. You need traffic figures to be able to recognize the trends and plan the capacity.

I have been using Palo Alto Networks VM-Series since 2016. 

I didn't see any issues with its stability. 

It is scalable.

I found them quite good.

I found the initial setup okay. I have been using firewalls since 2014, so it is hard for me to say whether it is easy to install or not.

I would advise getting very well prepared by defining the scope and testing it in advance. Make sure that you understand the performance implications and that the core features are supported on the VM, and they are tested before the implementation or migration.

I would rate Palo Alto Networks VM-Series a nine out of ten. 

We have reduced the number of configuration lines by 90%. We need fewer number of admins right now because of it.

The best features are:

• User identification
• Application identification
• Logs and monitoring.

All areas need improvement: manufacturing, education, financial, etc.

None. Works by day with no issues.

No issues. It scales linearly with load and no issues.

I would rate the customer service as 10 out of 10: great.

I would rate the technical support as 10 out of 10: very professional.

We did have a previous solution that we used. We switched due to scalability and the other solution had too many issues.

It was easy to deploy.

The deployment works well.

We did not need a vendor team. We implemented in-house.

Our ROI is excellent.

Do not buy larges box if you do not need them. Rightsizing is a great task to do beforehand.

We evaluated Check Point, Fortinet, and others.

We use the solution for hands-on testing purposes and also for activating firewall re-entries, which is easy to accomplish. We only need to turn up the VM to the firewall. This serves users who are working at home due to the COVID-19 pandemic. We also utilize the solution in respect to several servers which are behind the firewall.

A valuable feature of the solution is that it is not dependent on the hypervisor so we can install it on Hyper-V Microsoft software and deploy it. We have even installed it on Nutanix 81, in which it is supported. It is not dependent on the platform and is stable. 

When we activate the solution on Amazon, instead of AWS, GCP or another type of public cloud, we encounter problems, as our engineers are not yet completely hands-on in respects of the public cloud platforms. Still, they can configure the firewall just fine. 

Integrative capabilities with other solutions should also be addressed. 

I have been using Palo Alto Networks VM-Series for the past five-and-a-half years.

The solution is reliable. 

We have tried to scale. The Western side of migration is very easy in terms of scalability. Our customers may increase their licensing counts in tandem with their increased performance requirements from the firewall. In this case, they would procure a VMP and the license. The activation of the firewall would be accomplished by the tech in the back-end. The customer would get the migration capabilities and procure the license without experiencing any downtime. 

There is room for improvement from the side of technical support. 

The initial setup was straightforward. 

The deployment takes two days. This includes installing the solution on the OVO files, upgrading the firewall panel records, activating the license and configuring basic policies and rules. However, our setup was basic and did not involve business activity, which would necessitate a technical business setup. In such case, the process from start to finish may take a customer up to 10 or 15 days. 

The VM series is licensed annually.

The option exists to procure a basic license. With this, the firewall feature comes with the application and the board, with everything in code. A subscription is included. 

The solution is cost effective in comparison to others. 

We deploy the solution on-premises for customers and organizations, although we also do so via AWS.

There are around 16 users connected to the VMP firewall. 

The security feature is really good, although there would be a bit of a learning curve when it comes to the cloud.

I rate Palo Alto Networks VM-Series as a nine out of ten. 

We use it for all next-gen firewall features such as ACLS, application monitoring, security, virtual networking, etc.

The feature that I have found the most useful is that it meets all our requirements technically. 

Its web interface is a bit outdated, and it needs to be updated. 

They can also improve the NAT functionality. We have had issues with the NAT setup.

I have been using this solution for the last five years. 

It has good stability. We haven't had any issues, and it has never been down. 

It is scalable. It has handled the network very well with our growth in the last five years. 

I haven't directly contacted them, but based on what I have heard from our network team, they are pretty quick at getting back to us. 

It was complex. We used a lot of professional service hours. 

We had an in-house team as well as a consultant. 

I would definitely recommend this solution. It comes under the top industry leaders and is comparable to other top products in this category. 

I would rate Palo Alto Networks VM-Series a nine out of ten. 

We use it to secure all traffic leaving and entering AWS.

It allows us to see all our traffic to properly secure it and only allow what is needed through the firewall.

• Full content inspection
• Visibility into the traffic in AWS.

There is work to be done on the integration side, as AWS doesn't integrate well with third-party firewalls.

I would like to see AWS have more integration with Palo Alto from a routing standpoint, so it could become a routing egress without having to redesigning it.

It is very stable, and we are not putting stress on it.

It is fairly scalable. We have a couple hundred servers already.

They are the leading next-generation firewall. I would recommend deploying a next-generation firewall.

I am using the on-premise and AWS version. They are exactly the same.

I have some financial experience with the program. We use it with Cisco and Fortinet technology, and have integrated it with NSXi.  

It has had good performance.

As an integrator, we need to understand the business case:

1. The customer's needs. 
2. The implementation phase. 
3. Provide clarity and clarify details with the customer.
4. Relate to their business's needs more than the technology system. 

I am an integrator. Palo Alto Networks has improved my position in the cyber security market here in Paraguay. It is easy to sell. Basically, I just need to implement the demo and the program starts itself. So, it has improved our position in this market. It is a program with very strong performance in an excellent position along with quality data sharing. Overall, it has improved our width. 

My clients have a group who will be on the security scheme. They now know the details about their network traffic that they did not know before: Applications that they are using and some application they did not know they were using. It has improved the retail control of their traffic and the users on their network. 

• Its strong intelligence is the feature that I like the most.
• A solid operating system with all the necessary data center security features. 
• Easy to manage.

When you have a client compare box against box, a lot of times Palo Alto is a bit more expensive, but its network firewalls have a very rich ratio.

No issues. We did integration with NSXi and the system works likes a charm. There have not been any issues in regards to the format, delivery, or management. It has worked great.

I have not encountered any problems.

I have not had to call the technical support yet, which makes me very happy.

Their pre-sale team, who assisted us initially, consists of very responsive, kind people.

We were previously Cisco partners. It is different since it is a network company.

It is very simple. They have a very unique approach to simplicity. You have to do some basic set up to some parts where it will be needed. Therefore, it is simple compared to Cisco or Check Point. Also, it is very flexible.

The licensing is pretty much like everyone else.

In each case, it depends on the expectations of the customer. 

I have worked with Fortinet, Cisco, and Check Point. However, once I began to work with the Palo Alto Networks, it became my preference for cyber security.

Compared to Cisco, Palo Alto is a much better product.

It is a great product. It is a great company, and I am very glad to work with them. 

Use the learning material that Palo Alto has free on their webpage. The customer should compare it with other products. They need to see the product and understand the power that that technology brings to cyber security. In this case, they can see the benefit against risks to your network and its capacity to prevent threats.

We use it to monitor all traffic, so we can do URL filtering with it. We can also use the VPN features, which we have not set up yet, but we know the functionalities are there. In addition, we use it to monitor all our trusted and non-trusted traffic, then block it as appropriate. 

It does a lot of threat management as well. It is like a threat management gateway and it does some virus scanning. From that perspective, it is really good.

We now have a lot more details about what our users are doing on the network. Whereas before, we did not know certain things they were accessing, websites they were going to, and what vulnerabilities were potentially being introduced into our network. Now, we have a very good understanding of what is actually traversing our network, what is coming in, and what is going out.

Threat management. That is very important, obviously. There has been a lot of press about hacking, virus vulnerabilities, the cron bug, etc. It is very important that we detect these as soon as it happens, so we can implement measures before they get on to our network. It is very good at doing that; it is very good at identifying these vulnerabilities.

The interface, maybe. It is all Java-based and I would prefer an HTML5 interface. It would make things a bit quicker. It is not that it is really bad once you are in, it is just another Java-based application that is not amazing. I am not really a fan of Java-based applications. 

The user-friendliness of the UI could be improved.

No issues, it is very stable. It is fairly easy to use. I would not say it is difficult, just sometimes it can be a bit sluggish navigating through pages. That is just purely because of Java.

We picked the PA-3050s. They can handle a lot of traffic, so we are nowhere near our limits on it. We are not really touching its full capacity at the moment.

It is very good. I have not actually called their support line, because we have a direct contact to a senior engineer in the company for any issues that we handle with them. I will say they are very responsive, and they do give you the information you need when you need it.

We previously used Cisco ASA. We switched to Palo Alto because it can do a lot more. They are called Next-Generation Firewalls (NGFW). They can do a lot of threat detection and things that the Cisco firewalls could not, or could only do with plugins, and the firewalls were not really built for that purpose. Palo Alto can handle a lot more and give us more insight into our network. 

The hardware install was mildly complex; it was somewhere in the middle. It was just about working out the best way to monitor our traffic, because you can have a segregation of interfaces. You can use something called vwire, which is like a bump in the wire, or you can use Layer 3 interfaces. It was just working out which way to go with. We could not really configure the Layer 3 interface solution properly, so we just went for a different setup. 

It was not overly complex. There was enough information online and enough support. There is enough info in the community on their website to allow you to do what you need to do.

For what you get, it does do what it says it does. It is a good value for an enterprise firewall.

We had a look at Check Point firewalls, as well as Huawei. 

• With Check Point, it was a feature-rich product, but it was a bit more expensive. 
• With Huawei, it was not really a valuable solution or as advanced as the other two, so we discounted them straight away.

Make sure you have a detailed plan of what you want to get out of it, you fully understand your network infrastructure beforehand and you have all the IP addresses documented and things that you might need before you actually implement it. Also, it is a feature-rich product, so ensure you have looked at what it can give you, and decide if you need all that functionality in your network. If you do not need it, then you can obviously go for something that is a bit less feature-rich.

We primarily use the solution for IT. I am from the Palo Alto Partner end, so I am not using it deliberately. I usually deploy to clients in various industries, including the payment gateway industry. 

In Palo Alto the most important feature is the App-ID. It's the biggest selling point in my opinion.

Another important application feature is the Content-ID.

The solution offers great templates.

Overall, the solution has a lot of great features on offer.

Even when the solution locks away a virus, there seems to be a delay for four or five minutes. It should be as little as one. Right now, it's such a long delay. It can be frustrating for clients and I need to answer a lot of questions surrounding that.

The solution needs to have more easily searchable details or documentation about it online, so it's easier to Google if you have queries.

The solution requires more use cases.

I've been on this Firewall for the last two years.

The stability is very good. There aren't bugs, glitches, or crashes. It's very reliable.

Although I haven't personally tried to scale the solution, my understanding is that it's easy to do so. It's convenient for enterprises. It's my understanding it would scale especially well for enterprises.

I've had to reach out to technical support many times. Sometimes, I find that it can take a while to reach support, or for them to get back to us. This is especially true on weekends and holidays. Other than that, it's been pretty good. We're pretty satisfied with the level of support we get.

I only have experience with Palo Alto; I don't know much about other VM firewall solutions.

The initial setup is not complex. It's quite straightforward. The deployment process is great. It only takes about five to ten minutes or so.

I handle the maintenance and troubleshoot any issues that arise. 

I mostly figured out the deployment myself and used Google to assist when I had questions.

I don't have any dealings with the accounting side of the solution. That's handled by someone else. I'm not sure what the cost is or if we pay monthly or yearly.

We're partners with Palo Alto. We're using the latest version of the solution.

We have a VM-Series via Palo Alto and K2K and the hardware Series.

I'd rate the solution seven out of ten.