Palo Alto Networks NG Firewalls Reviews

We are working on creating security policies on the firewall. We have just put GlobalProtect VPN in our company. We also have Prisma Access.

We have on-prem and hybrid cloud deployments.

It has strengthened our security policies and made our environment more secure. It has provided us more security features. Due to the rules that we have created on Palo Alto Firewall, all the malicious things have been stopped from coming into our environment.

The App-ID feature is the coolest feature because you don't need to open a new port. Apps are directly linked to the port. It provides one of the best ways to lock down the additional port switch.

Its software updates can be improved. It sometimes becomes very slow with the software updates for different features.

It should have an External Dynamic List of data. The malicious IP is not frequently getting updated in Palo Alto, and this should be done.

I have been using this solution for six years.

Its stability is good.

Its scalability is also good.

We were using Cisco ASA previously. Palo Alto has strengthened our security policies. It has also made our environment more secure than Cisco ASA.

Its initial setup is straightforward.

I would rate Palo Alto Networks NG Firewall an eight out of ten. It has been working very well.

We primarily use the solution for traditional firewalling. We use it for VPN connections -  especially now that people are doing work from home. This solution is our VPN gateway.

The solution has a lot more features than other firewall solutions, including Cisco, which we also use. It's very rich. There's so much there and we don't use a lot of it, although it is nice to have the option.

The solution itself is very user-friendly and quite easy to use.

You just need a web browser to manage it, unlike Cisco, which requires another management system.

The solution is quite stable.

The initial setup is pretty straightforward.

The scalability is limited and depends on the size of the firewall that you will buy. 

The solution is very expensive. There are cheaper options on the market.

I've been using the solution for three years at this point. It's been a while. I have some good experience with it at this point.

The solution has proven itself to be quite stable. There are no bugs or glitches. It doesn't crash or freeze. It's reliable in terms of performance.

The solution can only scale according to the sizing that a company has purchased. It depends on the size of the firewall that you will buy. For example, right now, we have this firewall with 24, which means our scalability is limited to 24.

They do have higher-end models for companies that have planned for bigger deployments.

At this point, we have about 200 users and three admins.

We're happy to use it for our perimeter firewall and so we are not planning to change it anytime soon.

Technical support is okay. We have local vendor support. Whenever we have an issue, we contact them and they help us open a ticket with Palo Alto.

We use both Palo Alto and Cisco as our firewalls. We use them both at the same time.

The initial setup has the same amount of difficulty as, for example, a Cisco setup. Regardless of if it's Cisco or Palo Alto, it will all the same level of effort. However, the use cases will be different from one another.

That said, the whole process is pretty straightforward.

We have three admins on our team that can handle setup and maintenance responsibilities. 

The price of the solution is quite high, especially if you compare it to Cisco or Juniper.

The solution is subscription-based. Users can pay monthly or yearly. We pay on a yearly basis.

We are Palo Alto customers and end-users. We don't have a business relationship with the company.

We work with the 3000-series and tend to use the latest version of the product.

I would recommend the solution to other organizations if their budget supported buying it. Cost-wise, they are on the high side. 

Overall, on a scale from one to ten, I'd rate the solution at an eight. We've largely been satisfied with its capabilities. 

It is our edge appliance. We use it for our edge security, and we also use it for our VPN termination.

We're using an old version of this solution. At this moment, I'm looking at migrating away from Palo Alto.

The ease of use and the ease of configuration of our policies are the most valuable features.

Palo Alto could do better with integrating the Palo Alto Next-Gen Firewall with SD-WAN.

The biggest issue with Palo Alto is that they are expensive. They are very expensive for what they offer. They should improve their pricing.

I have been using this solution for six or seven years.

We have about a thousand users.

We have third-party support.

I used Cisco ASA.

Its installation was pretty straightforward. There were no problems there.

Deployment duration is difficult to tell because there is a whole world of planning and other things. It probably took a couple of days. You are, of course, always tweaking these things.

I haven't installed it here, but where I was before, we had two people doing it. I and a colleague did it ourselves.

It is expensive.

There are multiple firewalls out there. I am moving away from them because they are expensive, and they don't do what I want to do with them. I have plans of getting FortiGate instead.

I would rate Palo Alto Networks NG Firewalls a six out of ten.

We primarily use the product for web browsing and in order to protect some sites that we are publishing to the web internet.

The solution is very helpful in controlling spam.

The product offers very good web content control and various aspects of security.

The stability of the product has been good over the years.

The initial setup is very easy. Compared to Cisco or other solutions, Palo Alto is very easy to implement and administer. They are both very easy.

I can't recall a feature that was missing. It's a pretty complete solution.

The cost of the device is very high.

To buy license support is very slow. For renewing devices and products, it's slow in terms of contacting and activating upgraded devices.

I've been using the solution for four years at this point. It's been a while. We've been using it over the last 12 months as well.

The stability is excellent. It's reliable. We don't deal with bugs or glitches. It doesn't crash or freeze. Overall, it's been very good in terms of performance.

We have not proven the scalability yet. We're planning to extend our office within the next year or six months to eight months. We are buying some appliances for the process of extending our office.

Currently, around 1,000 people use this solution.

We've never been in touch with technical support. Having never dealt with them, I wouldn't be able to speak to how they are in terms of services.

We also use Barracuda and Cisco for certain aspects of security.

The initial setup is pretty straightforward. It's quite easy to implement.

The deployment takes about one week, or maybe a bit less, depending on the requirements. That includes both implementing and training.

Currently, two people are required for deployment and maintenance of the product

We implement the solution with our network team. We implement the solution ourselves. We don't need the help of integrators or consultants.

The pricing is quite high on Palo Alto.

On the lower end, it's likely to cost $15,000 for renovation and support.

We evaluated Cisco, Juniper, and Dell among other solutions before ultimately choosing this solution. Cisco can be complex in terms of device management compared to other options, for example. Cisco can be cheaper than Palo Alto, but that is not always the case.

I'm not sure which version of the solution we're using. We use a physical appliance.

We're using three different models, for the most part.

My company is an outsourcing company that deploys software and testing.

The solution is very user-friendly and easy to manage and administrate. For that reason, I would rate the product at a nine out of ten.

We use it for LAN users, internet access, and more. The NG Firewall has many functions like user control, access control for servers, natural controls based on applications, schedules, ports, RTs, and IPS functionality with antivirus or security functionality. We also use it to control internet access, traffic shaping for bandwidth control, and fraud prevention.

I like all the functions and features.

I think automation and machine learning can be improved to make bulk configurations simpler, easier, and faster. Scalability can also be better.

I've been working with NG Firewalls for six years.

Palo Alto Networks NG Firewalls is a stable solution.

I don't think Palo Alto and Fortinet firewalls are scalable. Only Cisco is scalable. For clustering, Cisco activity models like the 4000 model are better. For example, if the firewall is undersized due to expansion, you can cluster and add more appliances to the system.

I think Palo Alto has good support. Technical support helped me solve most of my issues very quickly. 

The initial setup depends on the client's infrastructure and the project's scope. 

If it's migration, Palo Alto has a great tool called the Expedition tool. It helps to migrate any firewall to the Palo Alto firewall. This process takes about a day, and it's very simple.

If it's a fresh installation, it depends on the number of policies you need to apply and the number of metrics. You can do it using the command line. You can do it easily and quickly, but it depends on how much the customers prepare. Sometimes the customer has no information to provide, and you struggle to get this information. Sometimes this process can take two to five days or take weeks. 

We implement and maintain Palo Alto Networks NG Firewalls for our customers.

Paul Alto is the most expensive solution in this category. The subscriptions and support are also expensive, but everything is included in the hardware, including the subscriptions.

If a customer is price-sensitive, I will go for Fortinet without a second thought. If customers are willing to invest in their data centers, I might go with Palo Alto and Cisco.

On a scale from one to ten, I would give Palo Alto Networks NG Firewalls a ten.

Normally, we use our firewall at the perimeter level. We are using Palo Alto Networks NG Firewalls as a firewall as well as using a few of their functionalities like the Vulnerability Protection, its IPS module. Additionally, we have remote VPN's on those firewalls, like GlobalProtect. So we are using all the features which are provided by Palo Alto.

The feature that I like the most is its IPS model, the WildFire model. I really like how the whole threat protection model functions, including the vulnerability and anti-spyware aspects. That is really awesome.

In terms of what could be improved, comparatively the price is very high. That would be the one thing. But technically-speaking, it's perfect.

I have been working with Palo Alto Networks NG Firewalls for around five years.

In terms of scalability, normally, we procure the devices based on the future perspective, so there should be a lot of scalability. We never face scalability issues with Next Generation Palo Alto Firewall - it comes with the scalability.

We have around 11,000 to 12,000 users across the globe.

Technical support is pretty good. We get a timely response. There will be plus/minus where we do not getting a response, but not regularly, just one or two cases among, let's say, 20 or 30. As far as my experiences with the tech support go, it's pretty good, very straightforward support. It's not like they're playing on the call and taking their time. It is really straightforward.

The initial setup depends on the office locations of the data center. If that particular firewall is part of the data center, then yes, it is a complex design as well as a complex traffic flow. But for normal office locations, it is pretty straightforward. So it is a mix depending on the location of where the particular firewall is going to be put.

I would recommend Palo Alto Networks NG Firewalls. If a company has the budget and wants to have the next generation of firewalls then they should go for the Palo Alto, because whatever state of features they provide, it's pretty awesome. But if there is a budget constraint there are several other products which give you similar kinds of features but with less cost.

On a scale of one to ten, I would give Palo Alto Networks NG Firewalls an 8.

Nothing is perfect. There are features that they should add. One of the features that I'm looking at is when it comes to the Vulnerability Protection. We are blocking the threats which are, by default, updated by the Palo Alto Threat Engine. Currently, there is no scope of manually adding the external database to the firewall so the firewall will convert that database to their own. This is currently not functional with the current version. There are a few functions that they could add that are available with other vendors. That's why I am giving the 8.

The most valuable features of this solution are all of the services it provides. 

The application layer to the hardware Layer is good, as are all layers it offers.

It's a very comprehensive solution.

The features should be built into the system. For example, it generates many logs with a lot of information that can be converted into security and business information and shown to the user. This is a time-consuming job.

I would like to see it provide us with intelligent information from the data that it captures, within the same cost.

I have been using this solution for two years.

It's a very stable product, so far.

It's very scalable. We have 300 users in our company.

Technical support is very good.

We have worked with various firewalls such as Check Point, Sophos, Cisco, and some unknown product names as well.

There are several things to consider before recommending a solution. It depends on the business requirements, the budget, and the complexity of the security needs.

I believe that Palo Alto is the best one, then Check Point and Sophos. Those are my three preferences.

Palo Alto and Check Point would be rated an eight out of ten and the others would be a seven out of ten.

The initial setup is complex, but it can be done.

The rollout takes a couple of weeks but you have to keep improving it every day.

Part of the setup was completed by me, with some help externally.

We have a subcontractor for maintenance.

This is an expensive product, as are the others of this type.

Know your business requirements, the features, the ease of use, and know what type of budget you have. These are the types of requirements to know before you use this product.

I would rate this solution an eight out of ten.

The solution can be used in the data center it can be used as perimeter firewalls and gateways as well. It can be used anywhere. From the systems side, the data center side, or I typically recommend that it be deployed in a VM, as it may be able to see the internet traffic and specifically it would basically look into the details of a virtualized environment as well.

It's a next-generation firewall and it's pretty stable. You don't have to worry about if you restart it for some maintenance. It will just come back. Basically, it would come back in a straightforward manner. There are no stability issues.

The one thing that I like about Palo Alto is it's throughput is pretty straightforward. It supports bandwidth and offers throughput for the firewall.  The throughput basically decreases.

Palo Alto actually provides two throughput values. One is for firewall throughput and other is with all features. Whether you use one or all features, its throughput will be the same.

It's performance is better than other firewalls. That is due to the fact that it is based on SPD architecture, not FX. It basically provides you with the SB3 technology, a single path parallel processing. What other brands do is they have multiple engines, like an application engine and IPS engine and other even outside management engines. This isn't like that.

With other solutions, the traffic basically passes from those firewalls one after the other engine. In Palo Alto networks, the traffic basically passes simultaneously on all the engines. It basically improves the throughput and performance of the firewall. There's no reconfiguration required.

Palo Alto has all the features that any firewall should have. Other firewalls should actually copy Palo Alto so that they can provide better stability, performance, and protection - at levels that are at least at Palo-Alto's.

This isn't necessarily an issue with the product per se, however, sometimes basically there are some features, depending on the customer environment, do not work as well. Sometimes some of the applications the customer has do not respond as they normally should. Palo Alto support needs to understand the customer requirements and details so that they can resolve customer queries more effectively.

I've been using the solution for the past six years at this point.

The solution offers very good stability. I don't have issues with bugs or glitches. It's reliable.

We have a variety of customers ad they all have a different amount of users. Some have 50 users. Some have 100 users. Some have 1,000 users as well. It varies quite a bit. In that sense, it scales to meet the customer's needs.

I've dealt with technical support in the past. Sometimes it is good and sometimes it's not as good. It depends on the complexity of the deployment. Overall, however, I would say that I have been satisfied with the level of service provided.

There are multiple products from different vendors, and I basically deploy different firewalls from different vendors for the customers based on their needs. The solutions I work with include Cisco, Fortinet, and WatchGuard. There are a few others as well.

The initial setup isn't too complex. It's pretty straightforward.

The deployment time basically depends on the deployment model. If it's a VMware model, it's pretty straightforward and you can basically deploy it in half an hour to one hour.

If it is in another deployment model, for example, if it's in Layer 3, it depends on the subnet environment, how many subnets they have, or how the traffic is routing from one end to the other end, etc. 

I'm involved in system integration, so I basically deploy and manage the solution for the other customers.

I'm an integrator. I work with many clients. My clients use both the cloud and on-premises deployment models.

I would recommend the solution to other organizations.

Overall, I would rate it at a nine out of ten.