Threat prevention could use improvement. Not just in malware exploits and C2 traffic; enhancing web traffic protection would be a great upgrade.

View full review »

The graphical user interface is a little complex and difficult to manage. L1 engineers cannot work on the Palo Alto Networks K2-Series because it's too complex, which requires L2 and above level of engineers. There is room for improvement in terms of integration, as the solution lacks AI integration. View full review »

The scalability for the on-premises version is limited as it depends on the model. 

It always needs to stay updated. It just needs to keep the threat IDs and the latest kinds of threats updated. Otherwise, it's great.

View full review »

The prices are not affordable for small companies.

View full review »

There are always things to change. It is hard to say now. I cannot think of anything specific to improve at the moment.

View full review »

The solution's commitment time could be reduced as it often takes a lot of time to execute. Additionally, reducing the SLA response time from two hours would be beneficial.

View full review »

It would be really helpful to have dashboards that provide information on IOC blockings such as where and how many. It will also be good to know how many hashing files have been reported. It would also be nice to have easy access to this information. Otherwise, it's a painful, manual task.

View full review »

The product should get frequent updates allowing us to add new signatures. This is my only concern.

View full review »

It is recommended that the Palo Alto Networks K2-Series be implemented step by step for the Panorama. Sometimes we can't overwrite the configurations because it fails.

View full review »

In the past, we've had trouble with Palo Alto's application filtering not getting it right. I would not be recommending layer 7 application filtering yet. That's the only hiccup with the product line. In terms of the features, I'd like to see, one of the bigger pieces missing from any firewall system is the ability to monitor and report. I don't think there are any firewalls doing this, but I'd like to see firewalls have the ability to do what Splunk is doing automatically. In other words, the ability to provide log analysis and monitoring from a visualization standpoint would be very beneficial to any firewall. That doesn't really exist today. 

There also needs to be a real methodology to maintain rules. They have rule sets in there and different ways of showing it, but the presentation isn't great. It's not a great presentation of where you have duplicate rules in place that makes it easy to find. Then again, I would say that no firewall company really has good management abilities for that. This isn't to badmouth Palo Alto. It's just that these features don't exist. So as we talk about where threat modeling and cybersecurity need to go, there's no one vendor with the best solution. It'd be nice if it would come in one platform. In other words, you buy their product, and they have a platform that includes that functionality.

View full review »

The tool needs to improve integration with more products from other vendors. I would like the product to add threat intelligence features as well. 

View full review »

Palo Alto has many other products. It would be nice for these products to be centralized under one tool rather than having to jump from tool to tool.

View full review »

Palo Alto K2-Series firewalls could use some technical improvements, like main and standby, as well as FTU and STU support. In addition, they should upgrade the CPU, and there are so many other things that I cannot think of off the top of my head. 

View full review »

The licensing cost is a typical complaint with many clients. The solution is expensive.

In terms of automation, they could get better with it, especially with third-party integration. There are not too many products that will integrate with ease to the Palo Alto product set. They keep things locked down quite hard, which technically is also a benefit. That said, third-party integration definitely would be a benefit to us, as most of our implementations are two or even three different firewalls. Having third-party tools that integrate with all three or all two other products would be a benefit.

View full review »

The user interface could be improved. Right now, it's an aspect that is lacking. They should make it more user-friendly. There are too many options visible right now, which makes it confusing. They need to streamline and simplify it.

I'd like to see more data protection on the system. It needs a DLP, a Data Loss Prevention, system.

View full review »

The partner support, which is a local company, is not that good and can be improved.

I would like to see the threat intelligence capability integrated with other vendors such as Cisco and Forcepoint. This would effectively be a multi-threat intelligence solution. Along the same lines, it would be useful to share threat signatures with different vendors.

View full review »

There is not really anything that needs to be improved in the product. It might be nice if it were possible for newer users to get a higher level of support.  

View full review »

It's like anything else. What's good today might not be in a day, a week, a month, etc. The solution needs to constantly be adapting and updating.

The solution needs a series of OS changes.

View full review »

The solution's pricing could be better.

View full review »

We had some issues with upgrading in the past. They could make the process easier.

Palo Alto Networks K2-Series has improved their central management but if they could improve upon it more that would be a great benefit.

View full review »

They could improve by providing more features in the solution.

View full review »

They should lower their prices for small businesses. They should offer subscriptions or box-sets because a lot of companies want to buy it, but they just can't afford it. 

It's not that expensive necessarily; the market is just doing poorly at the moment.

Everything I could possibly want has already been implanted into the new version, including the Internet of Things, machine learning, and SD-WAN; every feature I wanted has already been integrated.

View full review »

The company needs to align better with the customer. At the price point they offer, they need to be as good or better than the competition. They're losing market because they aren't there yet in that regard.

When it comes to renewing the solution, they tend to try to jack up the pricing.

View full review »

The reporting functionality in GlobalProtect needs to be improved. Other products, such as Check Point, have better reporting features that give more reports.

The price of the K2-Series should be lowered.

The dashboard could be improved by adding more GUI components.

View full review »

The URL Filtering module needs to have more categories added to it.

The concept of clustering would be of benefit to Palo Alto and it would make it more productive. For example, with Forcepoint, you can cluster two different products.

View full review »

The ease of management and configuration should be improved.

The price of the K2 series could be lower.

View full review »

The technical support, and how they provide it to the client, needs to be improved. They take too long to provide answers.

I would like to have a statistical report that shows the number of times that each rule is used.

View full review »

In terms of what needs improvement, Palo Alto is lacking abilities that other firewalls can do. They disable the current sessions when you think the hardest part is done. They have a workaround for authentication, but then our clients just use the local database of the device itself.

Some of the small to medium businesses are using these features and it would be easier for us to upsell the product up to other networks. Palo Alto Networks is quite a bit higher when it comes to prices. They should implement the features that the other firewalls have.

In the next release, I would like for them to include a checkbox where the user could disable concurrent users of the portal.

View full review »

The solution could be improved with more dedicated reporting about the user's context. For example, if I need to have a summarized report that includes uses as well as consolidating the user's activities, threads and applications on the endpoint machine, Palo Alto does not have the visibility for the endpoint in their firewalls. If I want to have a report from the firewall that summarizes user application from the user side, rather than the server side, Palo Alto software does not have that information.

Other vendors, such as Cisco, have that in their profile. You can generate a report from Cisco firewall and it will tell you that you're using the internet, and using Firefox or Google Chrome. Palo Alto doesn't have that extended visibility to the end point. 

It would be the same for additional features - I need to have the visibility of the endpoint application, endpoint context. It's an innate feature in Cisco firewalls. I don't like the style of Forte, for example. It has email spam over the firewall. I don't like this feature, and I don't like to have features that are not really good for out of the box. What Forte does have that is good is an explicit proxy capability and Palo Alto could include that.

View full review »

There are a lot of bugs in this solution.

View full review »

The password function of the solution could be improved. Additionally, some of the processes take too long to complete.

View full review »

Palo Alto releases a lot of bug fixes for their firewalls, which means it's necessary to do frequent upgrades. They should work on decreasing their bugs so that upgrades aren't needed so often. They also don't always ensure that their upgrades are available for older firewalls.

View full review »