What is your experience regarding pricing and costs for Palo Alto Networks NG Firewalls?

Palo Alto is a more expensive firewall solution than others. However, it is the top choice for a DMZ and a valuable investment overall. We still need to invest in an additional firewall with more advanced features to enhance perimeter security.

I find the pricing of Palo Alto Networks NG Firewalls to be reasonable. The price is based on that selected package, with the lowest starting at $3,000 annually.

I am not from presales or sales, but as a brand, Palo Alto is more expensive than other firewalls. They have different licenses. As a customer, if you know what you are going to purchase exactly, you will get a good price. The price will vary based on whether you are going for the 7000 series, 5000 series, or 3000 series. Overall, the price makes sense because you have IoT security, antivirus security, DNS security, anti-spyware, and many other features. They have a solution to implement SASE. So, it is very expandable for new challenges, and the return on investment can be achieved simply.

Palo Alto Networks NG Firewalls are expensive compared to other solutions. I would rate the price eight out of ten, with ten being the most costly.

I do not have much opinion on that because I have not been involved in the procurement process of the Palo Alto devices with the exception of pay-as-you-go through AWS, but all of this stuff is very expensive, in my opinion.

Palo Alto Networks NG Firewalls are overpriced. While Fortinet offers a more affordable option, Palo Alto commands premium prices due to its strong brand reputation among CISOs and security executives. Despite this, I believe Palo Alto firewalls are overhyped and underperform expectations. Many of these executives, who lack hands-on firewall management experience, base their decisions on marketing claims rather than practical knowledge. In contrast, Check Point pioneered next-generation firewalls, offering advanced features before competitors. However, its reliance on a centralized management system limited flexibility. Cisco, while improving, has also moved towards centralized management, restricting CLI access. Ultimately, I prefer the balance of features and flexibility Check Point offers.

Palo Alto Networks NG Firewalls are expensive.

Cost-wise, I don't see much difference in network-related costs, but this is a premium-grade firewall. There is a cost involved, and you must pay for that to get the most out of it. Its licensing costs are straightforward. There aren't any hidden costs.

There are security licenses.

The tool is expensive, especially considering all the necessary licenses for centrally managing firewalls. For medium-sized companies like ours, it's often not feasible within our budget constraints. We pay around €200k yearly for all our firewalls. Additionally, we received a quote of over 1 million per year for Prisma Access. There is a significant cost difference compared to other options, where it's around €200k per year. We have to pay a license for support.

The solution’s cost is a little high compared to other products.

I rate the product’s pricing an eight out of ten.

My responsibilities are on the technical side, but the price is expensive, especially in Turkey, where I am located. The exchange rate of the dollar against the Turkish lira is very high, making Palo Alto very expensive in our country. Palo Alto is very expensive compared to other vendors, like Fortinet. In addition to the standard fees, there is an extra cost for a GlobalProtect License, and that is something we generally need.

The cost is steep, but most firewalls cost a lot.

I would assume that it's still within mid-range given its company structure and everything else. My guess is it's still okay.

It's very expensive. However, we usually use all of the subscriptions and threat alerts on any firewall that uses the internet. For each edge security endpoint, we use all subscriptions. Otherwise, we just utilize the threat alert, the antivirus, WildFire, etc.

Palo Alto Networks NG Firewalls are expensive. There is an additional cost for support.

We would advise that this solution has a higher price point than other comparable products, however, the license fee covers all the features that the solution can provide and there are not extra costs involved.

Palo Alto uses hundreds of free-open-source-software (FOSS) packages but earns extra money with Linux users.

Palo Alto provides their customers with Windows and Mac VPN client software but take extra annual fees per firewall for Linux VPN client software. In a small company, you have to calculate about 1,700- for 2 devices for 3 years extra just to support Linux users otherwise Linux users are banned from the company VPN.

For me, it is hard to understand that a company is using FOSS extensively but creates extra obstacles for the wide spread of FOSS. An email to Palo Alto Support asking for an explanation for that habit stays unanswered.

The licensing model is becoming more and more typical of vendors. There are several different licenses that we usually provide with the firewalls. DNS security is a newer one, and we're considering the types of customers who might benefit from that. The cost of the license is platform-dependent. It would be nice if they standardized that across the board to make the license a flat fee instead of based on scale and the platform you're using. Functionality shouldn't change based on the platform or the amount of data going through it. It's the same functionality on there. That's one aspect customers often raise. The platform's price is what it is, but the ongoing cost of the annual license is hard for some customers to wrap their heads around.

The pricing is straightforward with no hidden costs. There is a cost for the licensing, the Virtual Network if the solution is run in Azure, and there is also a cost for the operational support. I suggest sizing correctly when in the cloud because the skew can always be changed at a later time.

This solution is quite expensive because along with the license there is premium partner support that has to be purchased as a default addition. There is also a specific Threat Prevention License that has to be requested and purchased separately. However, licenses can be purchased for specific periods as opposed to just an annual offering.

There is an advantage to going with the high availability pair licensing model versus the standalone. It gives you a high availability pair, but the pricing is only a slight increase over a single system. It makes sense to take a look at your add-on functionality, like the Applications and Threats subscription and URL protection subscription. On the user side, I might want everything. However, on the server side, I might not need very much. I might want the Applications and Threats subscription and not much else. So, you don't have to buy all the bells and whistles for every firewall. Depending on what the function is, there are ways around it. There are a lot of other subscriptions available, such as DNS Security and URL protection. I have heard there is an advanced URL protection going to be released soon. Also, there are a few others, like SD-WAN and GlobalProtect, which is one that we have because we have users who use Macs, Linux Boxes, and Windows systems. So, we need to support all of that.

Compared to other products, the pricing is flexible and reasonable.

There is a license for DNS Security, which I have never actually licensed, but it is a very powerful tool. DNS security is important, and I think that Palo Alto's capabilities are effective and strong there. However, I don't find a lot of companies taking advantage of it. This is not the firewall to choose if you are looking for the cheapest and fastest solution. Palo Alto NGFWs are expensive. By the time you license them up and get them fully functional, you have spent quite a bit of money. If it is a small branch office with 10 to 15 users, that is hard to justify. However, my customers will do that if I tell them, "You still need to do that," then they will do it since it is still an entry point into the network. You really need Premium Support, Applications and Threats, DNS Security, and antivirus. The extra bolt-ons, such as Advanced URL Filtering, you need to determine by use case where you are going to use those licenses, then see if you really need them. You might be adding a bunch of licenses that you will never actually get to effectively use. Their licensing model has gotten a bit exorbitant and a la carte . You will wind up spending quite a bit of money on licenses and renewals.

I don't know about the price of the platform or the license fees, as the finance department deals with that. I only bill for the materials involved in the design. I don't know about the price. When there's a new project, I go to the meeting, but after a point, all the engineers leave when it comes to money because it's not our business. I know Palo Alto offers good discounts for the partners, and the solutions are good. They offer free trials and win many customers because it allows them to test products and see how well they perform. The only thing I can say is it's a top technology.

If someone doesn't have a security platform in their network, then the following licenses will be required: antivirus, anti-spyware, vulnerability, and Wildfire analysis. There are also licenses for GlobalProtect and support.

Its price is higher than other vendors. They need to re-think its pricing. With Fortinet, the SD-WAN feature is totally free, whereas, with Palo Alto, I need to pay for this feature. With Fortinet, there is one licensing, and I can get many things, whereas, with Palo Alto, I need to go for individual licensing.

Its price is comparable to other companies. The license is on a one-year or three-year basis. It depends on the customers what they want to go for. There are some features that require an additional license, and there is also the cost of the support.

It could be less expensive.

The Palo Alto solution is actually not expensive. It was comparable to the old firewall manufacturers that we were using. From the benefits that we have gotten out of the Palo Alto products, it is well worth the difference in cost, even though the difference in cost is not much at all. I would highly recommend Palo Alto products to anyone. I just started getting in some of the PA-400 series a couple weeks ago. As far as pricing goes, it was not that much more than the existing hardware platform or the existing firewall that we had in there, i.e., the PA-220. It was not much more expensive and the performance was way better, as far as the management of the firewall itself. The management of those firewalls has greatly been increased.

The price could be better. Pricing is very different compared to WatchGuard, which costs around 60 lakhs, and FortiGate, which costs approximately 40 lakhs. Palo Alto Networks costs about a crore which is very high pricing. We bought this firewall, and our organization did not want to pay so much. We spent around one crore rupees which is not within our budget at all, and we are unhappy with them.

It is expensive compared to some of the other stuff. However, the value you get out of it is sort of the central control and the ability to reuse templates. It is a good product, but you pay for it. I think it is one of the more expensive products. So, if you are looking for a cheaper product, there are probably other options available. However, if you are looking for high performance, reliable devices, then it has kind of everything. Basically, you get what you pay for. You can get other firewalls for cheaper and some of the performance would probably be just as good, but some of the application awareness and different threat detections are probably superior on the Palo Alto Networks.

If you compare Palo Alto with other firewalls, it's a bit expensive.

Palo Alto is like Mercedes-Benz. It is quite expensive, but the price is definitely justified.

I am not involved in the commercial side, but I believe that Palo Alto is quite expensive compared to others.

Look at Palo Alto because it is a bit modular, so you can take the components that you need when you need them. You need something that will do the job. It doesn't matter if it's cheap and fast, if it quickly lets through vulnerabilities. You need something that will be reliable. We were very happy when they released the PA-440s. Previously, we had been looking at the PA-820s, which were a bit of overkill for us. Price-wise and capability-wise, the PA-820s hit the nail on the head for us. Go for a three-year deal, then Palo Alto will bring in some discounts. We also deployed them as HA Pairs to make sure we had resiliency.

Palo Alto is not a cheap solution but it is competitive when it comes to subscriptions. The hardware is something that you can buy all day long, regardless of the vendor. It's when you start adding in all of the subscriptions that it is either going to make or break the budget. All things considered, Palo Alto is comparable. There are several extra features available and what you use depends on what you want to do with the firewall, and how it's going to be deployed. AV is an option, the Threat Prevention app is extra, along with URL filtering, and WildFire. You won't have all of the options on all of the servers. For example, the internal servers won't be doing any web surfing, so the requirements are a little bit different. I'm more worried about my building to building, East-West traffic because I can't afford to put a Palo Alto in every building. Instead, I put a Palo Alto in front of me to deal with the North-South traffic.

I'm not sure about pricing. I don't know if Palo Alto NG Firewalls are cheaper or not, but I would definitely recommend Palo Alto as an option. If you need additional features, you need additional licenses, but I'm not aware of the cost details.

Definitely look into a multi-year license, as opposed to a single-year. That will definitely be more beneficial in terms of cost. We went with five-year licenses. After looking at the overall costs, we calculate that we're only paying for four years, because it works out such that the last year is negligible. If we were to be billed yearly, the last year's costs would be a lot more. With the five-year plan we're saving about a year's worth of licenses. Based on the quantity of devices we purchased, we found that the hardware price was actually cheaper than most of the other vendors out there. If a colleague at another company were to say, "We are just looking for the cheapest and fastest firewall," given my experience with Palo Alto's NG Firewalls, my answer would depend on the size of the company and how much traffic they're going to be generating. Palo Alto is definitely not the cheapest, but if you scale it the right way it will be very comparable to what's out there.

We are on an annual license for this solution. I am happy with the price and when comparing it to other solutions it is priced competitively.

We have five-year contracts with Palo Alto. I know the solution is on the expensive side but I'm not involved in licensing and don't have the numbers.

It has a yearly subscription.

The price of the solution is quite high, especially if you compare it to Cisco or Juniper. The solution is subscription-based. Users can pay monthly or yearly. We pay on a yearly basis.

This solution is quite expensive.

It is expensive.

Compared to other solutions, it's very expensive to set up and maintain.

After the hardware and software are procured, it is the AMC support that has to be renewed yearly.

The pricing is quite high on Palo Alto. On the lower end, it's likely to cost $15,000 for renovation and support.

With the licensing we pay for it annually, the price could be cheaper.

Paul Alto is the most expensive solution in this category. The subscriptions and support are also expensive, but everything is included in the hardware, including the subscriptions. If a customer is price-sensitive, I will go for Fortinet without a second thought. If customers are willing to invest in their data centers, I might go with Palo Alto and Cisco.

It is an expensive solution.

We find the cost of the solution to be very high. It's quite expensive, and one of the most expensive on the market. The pricing is related to the complexity of the environment. The more complex the company's requirements, the more it will cost.

The pricing is very high.

The device is very expensive compared to Cisco and Fortinet. But many of my customers use Palo Alto as Palo Alto is the standard of their organization.

This is an expensive product, as are the others of this type.

The licensing is paid on a yearly basis. The pricing could be better, however, the cost depends on the sizing of the product. The pricing, therefore, varies from company to company for the most part.

Palo Alto is more affordable than some competing products, such as Check Point.

Its price can be better. Licensing is on a yearly basis.

This is an expensive product and there is a subscription cost.

The NG firewall is an expensive solution.

It is a little bit expensive.

It is a little bit expensive than other firewalls, but it is worth every penny. There are different licenses for the kinds of services you want to use. When we buy a new product, we go for a three-year subscription.

You could say that the cost is higher for Palo Alto, but they are a better product compared to the other principals.

Palo Alto is more expensive in comparison to Fortinet and other firewalls. It's okay because they do provide quality.

This is an expensive product, which is why some of our customers don't adopt it.

The pricing is competitive in the market.

The pricing of the solution is quite high. It's too expensive, considering there's so much competition in the space. There aren't extra costs on top of the standard licensing policy. Still, Palo Alto seems to be adding some premium costs that competitors just don't have.

I know the solution is not inexpensive. It depends on what you ultimately sign up for or whether you just want the warranty on the hardware.

Palo Alto is a little expensive compared to every other solution, but you get what you pay for. The question I have been asking customers since I became a solutions architect is what the best in security is worth. The problem with people seeking security solutions is thinking that all solutions are the same, thinking the newest technology solutions are best and thinking cost-first. A better way to think about it would be how expensive a break-in is. If I am shopping around for a firewall solution and I see I have to pay a lot per year for Palo Alto and I see Meraki is a much lower price, I might be attracted by the less expensive product. When it is deployed, we get broken into and lose $10 million worth of design documents. It may be quite possible that break-in could have been avoided by paying more for a better security solution. Because I went the cheap route, I lost many times what I 'saved.' For possibilities like this alone, it is hard to put a price on security. Take a deeper look at what happens when you try to save money on security. Meraki does SD-WAN (Software-defined Wide Area Network). That is touted as fantastic because the client is going to save a whole lot of money because they don't need MPLS (Multi-Protocol Label Switching) anymore. But the reality behind it is, there is absolutely no application acceleration, no data deduplication, and no forward error correction. Forward error correction is extremely important when you're using a device between points. But Meraki sells its devices for nickels or pennies on the dollar in comparison to other security solutions. Only then you only learn the lesson of what happens when you go cheap. Your network gets broken into more easily because of the inherent exposure in SD-WAN and it goes down a lot. If you have sales offices and those sales offices have Meraki firewalls, the device may observe a problem out on the internet. When it does, the Meraki's failover results in an outage. With Meraki, failover to a better link takes 30-seconds. Whether it is a 30-minute failover or 30-second failover, you can drop a call. If you are cold calling and you dropped a call, you don't get a second chance. It is impossible to say how much money you might lose. For example, if my company sells microchips and that call was going to develop into a $40 million sale, that sale is gone. It is gone because of the small comparative cost savings in security and the instability of the solution you chose to use. But a 30-second outage every single time a route is withdrawn across the internet means your phone is going to ring if you are the IT Director, and you will eventually lose your job. The costs for Palo Alto are structured in a similar way to other products. With Palo Alto you can do one, two, three and five years contracts. It is the same thing with Fortinet and Meraki. Hardware cost is very different than the application license. The hardware maintenance agreement is separate. With all of the firewall solutions, you will pay for a hardware maintenance agreement. That protects the hardware itself. That is an annual billing and separate from the software in all cases. Nobody bills for firewalls on a monthly basis. Even the VM version of the Palo Alto is billed per year. Using that license, you can build up a VPN that forces all default traffic to a particular device before it goes out to the internet. It is comparatively pretty cheap in practice, and it works. It works well because you only need one piece of hardware. Build the server and start slicing out VMs. Then it becomes possible for everybody in a network to be protected by Palo Altos security at a lower cost.

If you have some network experience then you can set it up on your own, with no setup costs. Don't buy a device with more power than you really need, because licensing depends on the cost of the box you have.

I think, if you compare, they're a little costly next to Cisco of Check Point, but they offer a lot of other additional features to look at. The licensing is annual, and there aren't any additional fees on top of that.

It will be worth your time to hire a contractor to set it up and configure it for you, especially if you are not very knowledgeable with PA firewalls.

In terms of pricing, every model has a license. For example a small model, the license around 1,000 USD. The next one around 2,000 USD. The next range is 11,000 USD to 13,000 USD. It's expensive compared to PaloAlto competitors.

I would advise anyone to go ahead and understand exactly what they need. It's not because Palo Alto's cost is a little less. Depending on use, it's expensive. So they should understand the requirements first, before going with Palo Alto.

Licensing is on a three year basis. Customers prefer one to three years. Licencing is pretty expensive. Check Point is cheaper than Palo Alto. There's also an international license. If a customer wants to control different things, they will need an extra license.

It's a bit pricey.

At our company, we sell the solution for another vendor, and they sell to another vendor. So our pricing is more expensive than other vendors.

Pricing is yearly, but it depends. You could pay on a yearly basis or every three years. If you want to add a device or two, there would be an additional cost. Also, if you want to do an assessment or another similar add-on you have to pay accordingly for the additional service.

Annually, the licensing costs are too much.