The licensing cost is a typical complaint with many clients. The solution is expensive.

In terms of automation, they could get better with it, especially with third-party integration. There are not too many products that will integrate with ease to the Palo Alto product set. They keep things locked down quite hard, which technically is also a benefit. That said, third-party integration definitely would be a benefit to us, as most of our implementations are two or even three different firewalls. Having third-party tools that integrate with all three or all two other products would be a benefit.

In the past, we've had trouble with Palo Alto's application filtering not getting it right. I would not be recommending layer 7 application filtering yet. That's the only hiccup with the product line. In terms of the features, I'd like to see, one of the bigger pieces missing from any firewall system is the ability to monitor and report. I don't think there are any firewalls doing this, but I'd like to see firewalls have the ability to do what Splunk is doing automatically. In other words, the ability to provide log analysis and monitoring from a visualization standpoint would be very beneficial to any firewall. That doesn't really exist today. 

There also needs to be a real methodology to maintain rules. They have rule sets in there and different ways of showing it, but the presentation isn't great. It's not a great presentation of where you have duplicate rules in place that makes it easy to find. Then again, I would say that no firewall company really has good management abilities for that. This isn't to badmouth Palo Alto. It's just that these features don't exist. So as we talk about where threat modeling and cybersecurity need to go, there's no one vendor with the best solution. It'd be nice if it would come in one platform. In other words, you buy their product, and they have a platform that includes that functionality.

The company needs to align better with the customer. At the price point they offer, they need to be as good or better than the competition. They're losing market because they aren't there yet in that regard.

When it comes to renewing the solution, they tend to try to jack up the pricing.

The reporting functionality in GlobalProtect needs to be improved. Other products, such as Check Point, have better reporting features that give more reports.

The price of the K2-Series should be lowered.

The dashboard could be improved by adding more GUI components.

The user interface could be improved. Right now, it's an aspect that is lacking. They should make it more user-friendly. There are too many options visible right now, which makes it confusing. They need to streamline and simplify it.

I'd like to see more data protection on the system. It needs a DLP, a Data Loss Prevention, system.

They should lower their prices for small businesses. They should offer subscriptions or box-sets because a lot of companies want to buy it, but they just can't afford it. 

It's not that expensive necessarily; the market is just doing poorly at the moment.

Everything I could possibly want has already been implanted into the new version, including the Internet of Things, machine learning, and SD-WAN; every feature I wanted has already been integrated.

Palo Alto K2-Series firewalls could use some technical improvements, like main and standby, as well as FTU and STU support. In addition, they should upgrade the CPU, and there are so many other things that I cannot think of off the top of my head. 

We had some issues with upgrading in the past. They could make the process easier.

Palo Alto Networks K2-Series has improved their central management but if they could improve upon it more that would be a great benefit.

They could improve by providing more features in the solution.

Palo Alto has many other products. It would be nice for these products to be centralized under one tool rather than having to jump from tool to tool.