On-premises, we used Cisco but replaced our core firewall world with Palo Alto because we wanted more visibility. Plus, we were looking for features such as IPS for PCI compliance. We wanted next-generation capability, but we had the ASA traditional firewall with Cisco, which doesn't do much, so we replaced it with Palo Alto.
In the cloud, we use Palo Alto for the zero trust implementation. Initially, we tried to work with the Azure firewall, but we found a lot of limitations in terms of visibility. It couldn't provide us with the same visibility we wanted for Layer 4 and above.
The solution is deployed both on cloud and on-premises. The cloud provider is Azure.
We have about 6,500 endpoints in my organization and five administrators.