Palo Alto Networks WildFire Reviews

We use this solution to identify whether an unknown file is managed or not. We also use it to identify any unknown file that is executable without reputation. We do this before releasing it to the end-user.

We release the email and the network traffic but also analyze the file. We can do it concurrently before we release the actual traffic to the end user when we have already completed the analysis.

The analysis is very fast. The intermittent is a millisecond and has a speedy response time.

There are some formats that the solution cannot support today, but they are mostly very rare formats. So that can be improved.

We have been using this solution for the past three years. We are using the latest version, and it is deployed on Google cloud. In addition, we do an integration with the Cortex XDR together with Palo Alto Networks WildFire.

It is a stable solution. 

Regarding scalability, 1000 to 5000 is not a problem, but anything more than that, I am unsure. However, it is scalable, and most of the people in our company that use the solution are from our group's information.

We have used the technical support for analysis purposes. They are sound, and the testing system and updates are good. They proactively give us updates, and they are doing a good job. I rate the technical support an eight out of ten.

Positive

We have used different solutions in the past but switched to Palo Alto Networks WildFire due to the fast analysis.

The installation was straightforward. It is a cloud and FaaS-based platform and took about one to two hours to deploy. We completed the deployment in-house, and very minimal maintenance is required.

We have about ten people on our team. We needed only one person to install and deploy and about three to maintain.

I am unsure about the specific ROI, but we have managed to quarantine and block multiple manages on the enterprise price, which is good. We have benefited from Wildfire.

Our licensing costs are annual, and I believe it is not that expensive. I rate the pricing a six out of ten, so it is on the cheaper side.

We evaluated getting proof of concept for another solution and end-user analyzer, but there were limitations to the integration, so we didn't proceed with it.

I rate this solution an eight out of ten. Regarding advice, I would recommend doing a proof of concept first before deciding on the solution.

I use WildFire mostly for customers, especially when they ask about firewalls. We recommend Palo Alto, FortiGate, Check Point, and then a customer decides what is the best firewall for their tasks. 

I generally recommend WildFire for telecom companies, banks, supermarkets, or any company which has its own IT infrastructure.

It provides threat intelligence that supports customers' proactive defense strategies. If a customer has an updated database of signatures or behavior, it is useful for their protection.

The features depend on the file format. For Windows, there is one set of features, and for Linux binaries, it is another. All sandboxes basically work with new binaries for Linux or macOS since they are not able to emulate behavior, and they are unable to analyze what code snippets or what behavior is malicious for binaries.

Improving detection on non-Windows formats would be beneficial as there are many samples, such as Linux or ransomware for macOS. Enhancing detection in these areas would be great.

I have been familiar with WildFire for two to three years, but it depends on the customer because it can be rather periodic.

I have files tickets and their support was great. I was able to solve the problems of my customers.

Positive

I have interacted with Microsoft Box and some online sandboxes.

Generally speaking, it is hard to analyze ROI since no one in Ukraine did analytics on sandbox networks.

It is hard to say because there is a significant difference between some European countries and Ukraine in the ability to buy expensive products. European countries may not find it a huge problem to spend $10,000, however, it is a significant issue for Ukrainian companies, especially given the current situation with war.

I use any online sandbox which is allowed to be public and frequently check malicious files in virus or sandboxes, including virus total information.

I would recommend improving detection in non-Windows formats. Currently, scripts like PHP scripts, Bash scripts, and other issues not related to Windows rank much worse.

I'd rate the solution nine out of ten.

We primarily use the solution for threat protection. 

I found the solution easy to deploy.

It has a nice IP set.

The VPN technologies are very good. 

It's largely very feature-rich.

The solution is scalable. 

Technical support is generally helpful.

It is stable and reliable. 

I don't have any real problems with the solution. 

High availability features are lacking. It's a bit too standard as a solution. It needs high availability. 

We'd like the solution to be a bit cheaper. It's quite pricey. 

I've been working with the solution for three or four years. 

The solution is pretty stable. I'd rate it eight or nine out of ten in terms of reliability. It has limitations for high-availability features. It's more traditional. 

It's a good solution if you need to scale. 

We have three or four customers using the solution right now. 

Technical support is fine. We haven't had issues with them when we need help. 

The solution is straightforward to set up. Since it is so easy, it takes one or two months for a migration. An initial setup might take one or two weeks. 

We need Panorama. We give the IP to the team and Panorama as well. Then we have to ensure the firewall has internet access. 

There are a lot of licensing options. It can be a bit complicated for users. They could work to simplify the options. The product is also a very expensive firewall. 

I'm an integrator. We do use a variety of versions of the solution. We have a few clients using the product. 

I'd recommend the solution to others. It improves protection and is a good firewall. 

I would rate the solution eight out of ten. I'm happy with its capabilities.

WildFire is being deployed based on vendor and security best practices and recommendations from our Managed Service Provider. leveraging their inherent knowledge it allows us to think outside the box. 

When  a security Intel threat talks about an IOC. We can then go to our MSP and ask, "Is there a signature for this particular type of malware?" The response is generally  yes, it is applied almost in real time. 

It's not a problem specific to the technology, it's a problem across the board. All the encrypted traffic can be a challenge. Becoming a man in the middle requires CPU cycles, causing additional  overhead.

The stability's great as long as its sized correctly. no huge hits from a CPU or RAM from a performance perspective. It would be prudent to monitor performance statistics. 

The way it's delivered, I don't see scalability being an issue.

We're a managed service, so we've got to fill in the middle that's running interference for us.

The initial setup is really straightforward. Turn the WildFire service on within firewalls and then apply that service to the security policies you want.

Some services require additional licensing. WildFire was one of the services we definitely wanted out of the gate. Suggestion is to determine your requirements of services and map back to the cost of turning on the service.

Install the solution set it up the service in alert mode. Run reports and determine how you want it tuned, them move into block mode. You may want to go to  block mode right away with known out of the box threats. 

My primary use case of this solution is on-frame and in-cloud security of the infrastructure.

We use this with different clients in the financial sphere, the health sector, and the insurance sector. Across all of these different verticals, we use this product.

Being an application-based firewall, this is one of the critical focus factors along with the threat prevention services it provides.

As a firewall and 360 degrees of security, there needs to be more maturity. And, the industry is currently moving towards automation and orchestration. I would like to see more of this in the product. They are part of the future roadmap to AI (Artificial Intelligence).

It is stable, and we are also trying to integrate this with the Palo Alto MIME shell. We did that, and also I have inquired recently about Evident, which is a recent acquisition. So I have requested for demos, and still I did not see any response from Palo Alto yet. This is something that we would like to explore.

It's pretty much scalable. We were able to manage both the cloud, and also the on-frame devices or appliances from centralized management station. So, we just implemented in the  migration onto the cloud.

We used tech support to help us implement the product initially. 

I have prior experience with Cisco Firepower. But, they are very expensive in comparison to Palo Alto.

The initial setup was complex because we were switching from traditional firewalls to application-based firewalls. We needed Palo Alto's help insetting up initially. From there, we tried to understand, and followed suit with implementation.

It is a reasonable price compared to other solutions on the market.

Some of our clients used to have the traditional firewalls so where we do have enabled the application control but being it's a pretty small firewall. At the end of the day, even in spite of them demanding the application controls, it's on top of the firewall functionality (especially in terms of controlling the applications). So, after implementing the Palo Alto firewalls, they have achieved more than what is expected, and we are able to control the number of applications; who gets to have access, and what is flowing inside the network. Anything that is traversing the firewall, is available right now.

The free version does not have real-time updates. It is slow. 

I have been working with the product for four to five years. 

Palo Alto Networks WildFire is stable. 

My company has over 20 users for the product. 

We get support in the free version. 

We switched to the solution since it matches our requirements and helps to analyze threats with a free version. 

I use Palo Alto Networks WildFire's free version. 

I rate Palo Alto Networks WildFire an eight out of ten. 

I like the analysis they apply to the unknown files, and I think they have good technology to use as a sandboxing tool. I didn't find something similar to WildFire in the marketplace.

The price could be better.

I have been using Palo Alto Networks WildFire for about four years.

Palo Alto Networks WildFire is a stable solution.

On a scale from one to ten, I would give stability a ten.

Palo Alto Networks WildFire is a scalable solution.

On a scale from one to ten, I would give scalability a ten.

On a scale from one to ten, I would give technical support a seven.

Neutral

The initial setup was straightforward. It takes ten minutes or less because it's just to activate a button. And after that, the client has to apply the security profile to security rules. One cybersecurity engineer can deploy and maintain this solution, but it depends on the company's size.

On a scale from one to ten, I would give the initial setup a ten.

Our clients say they have an ROI because they don't have to analyze the file with a lot of different tools. They consider that all the information is centralized, and they like that.

The price could be better.

I used the solution, and I think that it's wonderful. They have different layers of analysis, but I wouldn't say I like the price. 

On a scale from one to ten, I would give Palo Alto Networks WildFire a nine.

We don't want a virus. We don't want people visiting unknown sites and opening us up to any type of malware or any type of virus attacks.

We haven't had a virus. That is a good thing. It makes my job easier. For the organization as a whole, no viruses mean people keep their jobs, which is a good thing.

It is an outstanding solution. It is one of the top solutions out there from what we have tested, and we have even tested Cisco Firepower.

You can see everything that's going on in your network. It constantly updates their signatures and new anti-spyware signatures. That is updated daily.

It catches modified signatures of known viruses. It is an easy interface to use. 

They should make their user interface a little more user-friendly.

We are a decent size organization. If the product can fit our organization, it should be able to fit pretty much any other organization just as well.

Their technical support is outstanding and top-notch.

They were things that only somebody who had worked with Palo Alto before would probably be able to break down, then tell you how to set up your initial rule sets and explain what exactly they do. The vendor helped us look at what we have going out versus what is coming in.

They provided in-house support when we initially set it up. They made sure that we were supported from start to finish. Any questions we had, we had someone that we could reach out to, and we had an answer within a matter of minutes to hours. They are very responsive and easy to work with.

Test it in your environment because everyone's environment is different.

Most important criteria when selecting a vendor:

• Price matching up with features.
• Support
• SLA agreements
• Customer relationship management.