We are working on creating security policies on the firewall. We have just put GlobalProtect VPN in our company. We also have Prisma Access.
We have on-prem and hybrid cloud deployments.
We are working on creating security policies on the firewall. We have just put GlobalProtect VPN in our company. We also have Prisma Access.
We have on-prem and hybrid cloud deployments.
It has strengthened our security policies and made our environment more secure. It has provided us more security features. Due to the rules that we have created on Palo Alto Firewall, all the malicious things have been stopped from coming into our environment.
The App-ID feature is the coolest feature because you don't need to open a new port. Apps are directly linked to the port. It provides one of the best ways to lock down the additional port switch.
Its software updates can be improved. It sometimes becomes very slow with the software updates for different features.
It should have an External Dynamic List of data. The malicious IP is not frequently getting updated in Palo Alto, and this should be done.
I have been using this solution for six years.
Its stability is good.
Its scalability is also good.
We were using Cisco ASA previously. Palo Alto has strengthened our security policies. It has also made our environment more secure than Cisco ASA.
Its initial setup is straightforward.
I would rate Palo Alto Networks NG Firewall an eight out of ten. It has been working very well.
Our primary use case is for the perimeter connection of our clients in the network. Our client brings their services to their clients, and they have the option to connect to a webpage. With Palo Alto Networks NG Firewalls they can safely provide a username and password to their clients.
It is mainly on-premise, because the majority of the clients at this point want that kind of option. But many of them are already asking for the cloud option, like Prisma, for example.
It has improved our clients' organizations because previously the clients did not have the option to fully connect. In this solution, they have the opportunity to add services to their web page and book clients.
The feature that I have found most valuable is the connection. It's very easy for the clients to connect to their information. They use an SSL connection by BPM.
We work very closely with the vendors here and at this point they use external support.
Maybe they could add some tools and more competing services, like servers, but that would increase the cost of the solution.
My company has been using Palo Alto Networks NG Firewalls for almost one year. It is new for us. We have more experience with Cisco and Fortinet.
In my company, I am responsible for the development of the proposal that we give to the client. We develop the spectrum and the pricing. We make presentations to the customer to explain the solution and answer questions about it.
The scalability is very strong. The vendor provides has high availability.
Our clients are medium sized businesses.
Palo Alto is not a cheap solution. It is expensive. But because of its technology it pays itself back. In each case we work with the vendor to obtain a major discount for their business. I give that discount to our customer, who benefit from the services that we can bring them.
This is our first dealing with Palo Alto. With other vendors we have more experience, like with Cisco and Fortinet.
Palo Alto's documentation and manuals are very complete. It's very easy to obtain the information that way.
The client still uses Cisco, Fortinet, and Checkpoint. Palo Alto has very good administration tools which is not the case with the others. You can't compare all vendors. Also, the granularity of the information that they can obtain from the firewalls is better.
The initial setup depends. In the case of one client, for example, they have a very complex connection of networks, which is architectural. It is integrated and we need to pick it out and include all the rules that they have and to put in the firewalls which they want to buy in the next month. That kind of job is not easy for us, not just regarding Palo Alto but for other vendors, too.
On a scale of one to ten, I would give Palo Alto Networks NG Firewalls a nine.
I would recommend this product to others.
In terms of what advice I would give to future customers looking into implementing Palo Alto Firewalls, I would tell them that they have a good system operator in the firewalls and that it provides many tools that they can use to protect their networks. You don't find that in the other vendors.
We have two 3000 Series Firewalls placed in our primary location. We have two sites and the secondary site uses the primary site for internet access. All traffic to the secondary location goes through a VPN tunnel. I'm a network administrator.
The value of this solution for me is the protection from a single packet and ease of making security rules. It also doesn't require a special dedicated network team, I'm able to do it myself. It's a time saver for me and now in this pandemic period, users have access from home.
I'd like to see some changes to the licensing policies and, on the technical side, improvement in scalability. It's not so easy to scale out your security capabilities. With the situation in business today, everybody lacks money and if you have to increase your resources and to constantly pay more for that, it becomes a problem.
I've been using this solution for 10 years.
It's been 10 years and I don't remember any outages because of a hardware failure or a logical error in configuration. We had problems with servers or switches initially but it works like a charm now.
Scalability is the main disadvantage of Palo Alto. They call themselves a firewall with router capabilities but it's not a router and it requires a good bandwidth in VPN which could become a problem because you have to scale to really big hardware. We can solve the issue with other solutions, but for me the idea is to have less devices in your environment.
It's all about the hardware.
The support is quite good. A couple of months ago, I sent an email with an issue and we got an answer in 15-20 minutes. In my experience, Palo Alto support is one of the best, maybe the best support available.
We previously used Juniper which is currently called Net Screen. I also looked at Sonic Wall. We carried out a proof of concept five years ago and they had to decide whether to go with Palo Alto or another vendor.
For me, the initial setup is very easy. To get the device running with some capabilities but maybe not all security rules takes about an hour and it's the same for any upgrades. We have around 900 users and one admin person from our organization who deals with any issues.
Palo Alto is an expensive solution, we currently have a three year contract. I'm not sure what our terms are. People always want cheaper, nobody wants to pay more. In our region, I think if Palo Alto was cheaper, more companies would buy the solution.
I would absolutely recommend this product, it's expensive but I trust it. There is always room for improvement such as with scalability capabilities in Palo Alto. I know I'm not the only one who thinks this is an issue. It's possible that next time we will try virtualized firewalls, it may be a little cheaper for us. We would consider switching to something else but it would be a big move and quite complicated. Moving to a different vendor is a whole other story.
I rate this solution a nine out of 10.
We use this solution as our central firewall, but not as a perimeter firewall. For our perimeter, we use another solution.
Our organization consists of roughly 2,000 to 3,000 employees.
Identifying applications is very easy with this solution.
I don't like the reporting. The reports it provides are not helpful. They should include more executive summaries and other important information — they're too technical.
I have been using this solution for three years.
The stability is excellent.
The technical support is good, but not excellent. Their responses can be quite vague and unhelpful at times.
We used to use Checkpoint. We stopped using it because the price was too high.
Considering our limited amount of experience, the initial setup was easy. Deployment took one month.
A local reseller team of roughly three to five people implemented it for us — it was a great experience.
We evaluated Palo Alto, Checkpoint, Fortinet, and Cisco Firepower. Overall, it came down to the price — that's why we went with Palo Alto Networks NG Firewalls.
This solution is very particular; it's only suited to specific companies — it's a commercial opportunity.
Overall, on a scale from one to ten, I would give this solution a rating of eight.
We use these firewalls on-premise. We use them as a central gateway for internet security. We also use them for organizing access to the internet from organizations, and security access rules.
We have found the DPI ability to understand web applications and build access rules on web application categories first to be a great feature. The firewalls have good integration and good log journals' integration with Qradar. This is how the system produces user logs, how they build, how they structure the logs is stable to integrate with SIEM. For example, Check Point is not so good in this category.
They could improve their support and pricing and maybe integration. It's a little more expensive than Check Point but the quality is better. Integration with firewall endpoints could be better. Palo Alto does have very good malware or antivirus protection. I think they could improve on that front.
We have been using the Palo Alto Networks Next-Generation Firewalls for about 12 months. We are using the latest version.
We have found Palo Alto Networks Next-Generation Firewalls to be a very stable solution and very convenient solution.
We don't have any problems with the performance. It works very good. We have not had any problems. If we compare with Check Point, Check Point is not really good in stability, not for monitoring. That is why we didn't choose Check Point to move to Palo Alto.
We are satisfied with Palo Alto's support. We don't need to contact them frequently but when we do it is a good experience.
If we compare with Check Point, Check Point is not really good in stability, not for monitoring. That is why we didn't choose Check Point to move to Palo Alto. Compared with Check Point, it's excellent. It's very good. It's even better than Cisco also. So for this kind of usage scenario, it's very good. We don't use it as a regular firewall or perimeter firewall. We use it only as an internet gateway. But for an internet gateway, it's very good.
It was a very straightforward install and we were able to perform it from the Palo Alto books available. It only took one or two days for the installation. No problem with SIEM integrations or with the security policies. It's just worked as expected.
We performed the installation in house from the Palo Alto books available.
I would give Palo Alto Networks Next-Generation Firewalls a rating of nine on a scale of ten.
In manufacture, we use this solution as a firewall and an internal gateway. Additionally, we use it for traffic control which keeps strategic traffic separate from production traffic.
The technology's very good. We have had a lot of good experience with this solution. We have done a lot of implementation for our clients and we have not had a lot of problems with this solution.
For an upcoming release, they could improve on the way to build security rules per user. Palo Alto has this functionality but in implementation, we had some problem. This functionality should be better in our opinion.
I have been using the solution for more than seven years.
In my experience, the stability is very good.
We have more than 700 people using the solution in my company.
We have had a good experience with technical support.
We have used FortiGate in the past and we prefer this one.
The setup was complex.
Depending on the project, specific environment, and performance the deployment could take some time.
With the licensing we pay for it annually, the price could be cheaper.
If someone looking for stability and the leader in next-generation firewall technology, I would choose this solution.
I would recommend this solution to others.
I rate Palo Alto Networks NG Firewalls a ten out of ten.
We primarily use the solution for our internal network.
The active features on the solution are excellent.
The dashboard and management console are both very user-friendly. Everything is easy to navigate.
The interface is very nice. We generally like the UI the product offers.
The ability to check cases could be improved upon. We find that most of the packets we have to directly open with the PA. Until then, it's possible that there cannot be any support.
Take, for example, the XDR. The XDR is the real power to all our solutions from PA, however, when we are using their XDR, we have directly to contact PA. It's like this for the licensing or for any technical issues.
The solution could offer better pricing. We'd like it if it could be a bit more affordable for us.
The solution should offer SD-WAN.
We've been using the solution since 2016. It's been quite a few years now, at this point.
The solution is quite stable. We don't have bugs or glitches. It doesn't crash or freeze. It's quite good and we've been happy with it.
We haven't tried to expand the solution or to scale it up. It's not an aspect of the solution our company has explored just yet. Therefore, I can't speak to its capabilities in this aspect. I'm not sure what exactly is possible.
I don't have any experience with technical support. I've never had to contact them. Other colleagues would be the ones that deal with this aspect. I wouldn't be able to comment on their level of knowledge of responsiveness.
We're also using Check Point as a firewall.
The initials setup was pretty straightforward. It was not complex at all for us. We didn't run into any issues during the implementation.
The licensing is paid on a yearly basis.
The pricing could be better, however, the cost depends on the sizing of the product. The pricing, therefore, varies from company to company for the most part.
We have a partnership with Palo Alto.
We're using the 5000 series of Palo Alto. It's a next-generation firewall. We're currently using the Management Gateway and Virtual Firewall. Also, the Endpoint Solution.
I'd recommend the solution to other organizations. We've been pretty happy with it so far.
I'd rate the solution at an eight out of ten.
We use this firewall as part of our overall security solution. It is used to protect our perimeter on the internet side. We have the on-premises version installed for our offices and the cloud-based version for our cloud offerings. For our cloud setup, we use both Azure and AWS.
The most valuable feature is the security provided by the ATP. It is definitely better than the security provided by other firewalls.
The API is available for integration with tools for automation and AI, which is very good.
The interface contains some decentralized tools, so simplifying it would be an improvement.
I would like the option to be able to block the traffic from a specific country in a few clicks.
Some of the implements under artificial intelligence should provide better visibility in terms of my traffic, such as where it originates and where it is going.
Better integration with industry tools would allow me to do quicker automation and reduce my operational costs.
We have been using the Palo Alto Next-Generation firewall for almost five years.
This solution is definitely not scalable. Although it is a next-generation firewall, it has its limitations in terms of policies. At one point in time, it becomes the bottleneck, which is something that we have to optimize.
We are using this firewall at between 10 and 15 locations.
We have been in contact with technical support and we are satisfied with the service.
We also use FortiGate VDOM, although this is for internal protection. The FortiGate interface is simpler in design than Palo Alto.
Prior to Palo Alto, we were using the Cisco ASA platform. When it was through with its lifecycle, we switched. Seeing the next-generation firewall competition in the market, Cisco definitely has a larger portfolio, but it is not as competitive in the security domain. Solutions from Palo Alto and Fortinet are better in this space.
It is easy to install and we did not find the initial setup complex at all. The basic firewall can be set up, and then it takes a little time for the hardening. In total, the deployment can usually be completed within two or three hours.
The pricing is competitive in the market.
Palo Alto NG is definitely a firewall that I recommend for the right size of deployment.
I would rate this solution an eight out of ten.