Palo Alto Networks Advanced Threat Prevention Reviews

There have been updates to the solution recently that have ramped up protection. Before this, we had a lot of hacks on the network, specifically in the cloud environment. After the proper implementation of that product, we've not had one hack attempt. The last six months have been very good.

The solution offers a feature to show which traffic is the highest on the network, and which traffic is the lowest. There's also a feature that scans incoming and outgoing traffic, and one feature that is able to flag a suspicious IP address. These are all valuable features. With the IP address flag, I was able to see that I was being hacked. The moment there was an interaction between somebody on my network and that IP, the solution was able to flag it, and we were able to protect ourselves.

The solution needs to improve Reverse DNS functionalities.

Right now, when you check the IP address, it tells all. It assumes that that IP address is locally available on the inside. When the request is going back to me it's supposed to do what we call rights. Instead of giving me the public IP address in my response, it's supposed to give me the private IP address or the local IP address so that I can reach the device locally. That's the challenge right now.

Sometimes when you want to group a set of ports, and communicate with Palo Alto, you cannot group TCP and UDP ports together. This needs to be adjusted.

The solution is stable.

The solution is quite scalable.

Apart from software updates, we've not had any reason to reach out to technical support, so I don't have much experience with them.

We've previously used Cisco, Salesforce, and Fortinet. We last used Salesforce, and we mainly switched due to the cost of the solution.

The initial setup is straightforward.

We handled the implementation ourselves.

We use both the cloud and on-premises deployment models.

I'd rate the solution eight out of ten.

We use this solution for the security of our organization. It protects the LAN and WAN traffic.

We have two boxes that have this solution for threat prevention. Some of our servers also have Palo Alto agents installed on them. 

We have an on-premises deployment.

This solution has more than just the threat prevention by itself. It's also a Firewall and many other components.

The most valuable features are the simplicity, transparency, and overall ease of management.

The price of licenses should be lowered to make it less costly to scale our solution.

I would like to see consolidated licensing for on-premises solutions. This would give us all of the features available for the one box.

This is a stable solution, and we have not had any issues.

For ten years we have had a high-availability network. There have been outages as the result of power, or our network, but nothing that is a result of this solution.

Scalability is not a problem from a technical standpoint. However, the price of this solution makes it hard to scale.

We have approximately one thousand users.

The initial setup was simple, but it's been ten years since then and we have grown. The migration has also been simple and straightforward.

You can have a network with thousands of machines with only a few security rules to migrate, or you can have a network with only a few machines and thousands of security rules that make it difficult to migrate.

If you want to have all of the good features then you have to pay extra for licensing.

Security in business is an important issue. There is a difference between the quote and the end price of the end product. Some vendors are impressed with the numbers they see on paper, then they start to use it and compare it and assess the ratio between the quote, security, and final price of the end product. It is important to consider the people who will maintain the solution. For example, if you don't have a large team in your organization, then one person is tasked with several duties, as opposed to having several departments with equal responsibilities. These are all things to consider when it comes to security.

Sometimes, when you have more than one security product running, they fight with each other and it can make things difficult. In the case of this solution, things have been very smooth.

So far, there have been no security issues and we are absolutely happy with Palo Alto Networks.

It is easy to test out a trial version, but there is a problem with that. In my experience, after paying for the solution, it takes time to get to know it. There are complex things that may take half a year to understand how they work. In some cases, it is simple testing at the beginning, but over time you might find problems. With Palo Alto, you can ask for extended trial licenses, which is not something that you get from a lot of vendors.

I have spent a lot of time in IT and I know that there is no such thing as an absolutely perfect solution. This one is easy to use and works well in our organization, but it might not be as suited to another organization. This is a product that I recommend, although it depends on the environment. Every product has pros and cons. Good planning and good testing is the best way to choose the product that best suits you.

I would rate this solution a nine out of ten.

I find the malware protection very handy. The solution has many features that save me time. 

I think they can use some improvement on FID. There are lots of false positives and those can be eradicated. Sometimes you can't identify a 10-year-old doc, but they can probably update those signatures and false positives, so it would be helpful and save us a lot of time. 

I think the stability can improve.

We haven't used the technical support yet because we have our own team of experts.

We used an expert to help us with the initial setup and installation.

It is an expensive solution and I would like to see a drop in price.

On a scale of one to ten, I rate this solution a nine. In the next version, I would like to see a drop in price and more stability.

The primary use is for application control and encryption.

The application control and vulnerability protection are the most valuable features.

The IPS can be improved on the solution.  The itineration, for example. Also, if additional features, like SD Wan, etc. can be added. This would be helpful.

Other additional features that could be added include Individual Traps. In terms of enhancement for overall protection, we would like more Traps or other solutions that are developing within the firewall.

The solution needs to improve its local technical support services. There is no premium support offered in our market.

The solution is very stable. We've used it a number of years and never had any problems. However, only just recently, we found a bug on the model 2220. Other than that, the solution is quite stable.

The scalability of the solution is very good. In our company, we have about 2,000 users.

Technical support is okay, but we have an issue here in terms of local support and company support. Palo Alto doesn't provide premium support directly. It forces us to use third-party support and local distributors. Sometimes it's difficult for us to communicate and get support.

One of the reasons that our clients choose Palo Alto is because they have complex networks, therefore the setup is typically also complex.

Compared to other security offerings, Palo Alto is very expensive. Palo Alto also doesn't offer many discounts. They may discount as much as 15%. However, in comparison, Cisco can give a discount of up to 85%.

We work with the public and private cloud as well as the on-premises deployment models. Our role is to implement security solutions at our customer's premises. The deployment depends on the infrastructure.

I would rate the solution seven out of ten. As a next-generation IPS, it's a very good firewall. I would recommend it.

We primarily use the solution as a firewall.

It's not so easy to set up a test environment because it's not so easy to get the test license.

The vendor only gives you 90 days for a test license; it's a tough license to get.

The stability of the solution is quite good.

So far, scalability is okay, but you don't really need too much scalability in a firewall solution.

Technical support is good. We do get some support from the reseller.

We do have other solutions that we run in parallel, but it isn't like we had one solution and then we switched to Palo Alto.

The initial setup was straightforward. It's quite easy. Deployment took one to two weeks.

The pricing is a bit higher than the competition, but it's okay. The cost seems cheaper than Cisco's Firepower.

We use the on-premises deployment model.

The solution is very good, especially compared to other solutions. I would rate it nine out of ten. It also offers re-instruction detection and prevention software, which we also use in conjunction with the Threat Prevention solution.

Our primary use case for Palo Alto Threat Prevention is related to the placement of files in a laboratory test environment. We use Palo Alto Threat Prevention for network testing.

I can't give an example of how Palo Alto has improved our organization because we are using this product in test networks.

The most valuable feature of Palo Alto Threat Prevention for our company is the next generation firewall.

The organization mail security solutions could be improved. There is no mail security solution available.

Palo Alto Threat Prevention is naturally stable in operations.

I don't see a problem with Palo Alto Threat Prevention in scalability. Because it's a testing product for use it only for test alignment.

We have maybe 10 or 12 engineers dedicated to the solution. Only engineers are using this product. For deployment and maintenance, only one staff.

We use Palo Alto Threat Prevention just for testing.

Palo Alto's technical support is very good.

The setup of Palo Alto Threat Prevention is very easy and straightforward. From initial configuration to deployment, it took maybe one day.

We did not use an integrator, re-seller, or consultant for the deployment.

I would rate Palo Alto Threat Prevention a nine out of ten overall. I would prefer better mail security features.

For a total overall solution, Palo Alto Threat Prevention can satisfy most of your needs as a company. Right now, we are implementing Cisco ASA and renewing our Palo Alto license.

All of the Palo Alto Threat Prevention functions are good. We feel like the product is comfortable to use and is what it should be. 

Palo Alto Threat Prevention is recommended for large enterprise organizations and SMEs. We have good results on our follow up calls with clients using the software.

Most of the features of Palo Alto Threat Prevention are alright. I recommend features like content filtering, IP address, & intelligent firewalls. The reporting feature is very good.

In most areas, Palo Alto Threat Prevention is a fine choice. The application is very good. The most important feature we find to be the NCR Reader. It is best for application security. I don't know how they could improve it more. The application is already working fine with good results. 

Support is really good with Palo Alto and we are resellers of the software to our customers. They will let us know how they find it valuable after we implement it. Most of our customers have found Palo Alto Threat Prevention very good to use. We have a number of customers in the market. Everybody is happy with the product. Overall, Palo Alto Threat Prevention doesn't need much more. From a general point of view, you get everything. If it is content filtering, it should be no problem.

The stability of Palo Alto Threat Prevention is very good when compared to Cisco.

Generally, to deploy it will take some downtime, about a day. For customization, it will take you a little more time. For the maintenance, around one week. It depends on the project.

For most projects, I have around three people dedicated to product support and maintenance.

The scalability of Palo Alto Threat Prevention is very good. For most of the requirements, we find it very easy to implement and deploy.

We have about 20,000 users on Level One, 80 agents at Level Two, and around 30 big operations on Level Three.

For me, Palo Alto Threat Prevention customer support is very good. I am happy with the technical support from Palo Alto.

We just replaced a firewall, so we didn't find the setup to be complex. We have network rules to convert. For the rules and connections, we use tools from Palo Alto to convert them.

We implement the firewall setup for our customers. It generally takes a little bit of time, i.e. one or two weeks to customize the policy that they use. 

The old rules we can remove with Palo Alto Threat Prevention, which is nice.

We take licensing on a yearly basis. Palo Alto provides a straightforward cost structure on the annual plan.

If you are a first time user, you should be pretty pleased with it. I would rate Palo Alto Threat Prevention a nine out of ten.

We use the firewall in the network.

It protects us from cyber attacks.

One of the most valuable features is the anti-malware protection.

Right now we are focusing on email. If Palo Alto can increase the features related to email filtering and the new malware, it would help us protect our systems.

I think the stability is better than Fortinet or Check Point

The scalability is there, for an enterprise network or a big company. It's good. It can support many endpoints and servers. We have over 2,000 users, most of them are end-users.

Technical support is good. There are no problems with it.

Before, we used Fortinet and Check Point.

The setup is neither complex nor easy. We worked with the vendor and they have more experience than us. For the PoC they did the configuration for us and we were able to learn from them.

Our deployment took about two months.

It's not too expensive. It's a more powerful tool for IT companies that need a next-generation tool.