Palo Alto Networks NG Firewalls Reviews

The primary use case is enterprise-level security. Our organization utilizes Palo Alto Networks Next-Generation Firewalls for internal security measures, including SD-WAN and SSL authentication configurations to establish secure network connections through the firewall.

Palo Alto Networks NG Firewalls provides a unified platform that natively integrates all security capabilities. The integration of machine learning in the core of the firewall that provides inline real-time attack prevention is crucial.

Palo Alto Networks NG firewalls embed machine learning in their core, which aids in preventing real-time attacks. The effectiveness of this technology improves with each release, bolstering confidence in the product's ability to provide robust security.

When we identify a vulnerability, we use Palo Alto Networks Next-Generation Firewalls to mitigate the threat.

We experienced no downtime in the past two and a half years while using Palo Alto Networks Next-Generation firewalls.

The most valuable features include the usual firewall functionalities, such as IPS and antivirus, which are effective. 

The configuration framework for Palo Alto Networks Next-Generation firewalls should be simplified, particularly for applications like ASG authentication. Technical support needs improvement, as issue resolution takes a significant amount of time. Furthermore, vulnerabilities in Palo Alto releases require prompt attention.

I have worked with Palo Alto Networks NG Firewalls for more than ten years, and our company has used them for three years.

The overall stability of Palo Alto Networks NG firewall is good. I would rate it nine out of ten.

The scalability of Palo Alto Networks NG Firewalls is good. I can comfortably rate it as an eight out of ten.

Palo Alto Networks' technical support is generally good. However, some non-popular issues take longer to address.

Our organization initially utilized FortiGate firewalls. However, as we grew, we transitioned to Palo Alto Networks NG Firewalls due to their better performance in enterprise-level evaluations.

Standard security configurations were straightforward to set up initially. However, adding portal security and application customizations posed challenges.

The deployment was small and required two to three people.

Our experience with the integrator was mixed. While they provided some assistance, our team faced challenges configuring certain features, requiring additional support from Palo Alto and their partners.

The pricing, setup cost, and licensing depend on the model. Overall, it is commercially competitive compared to Cisco and Fortinet. We paid less than $18,000.

Colleagues looking for the cheapest and fastest firewall can still use Palo Alto Networks NG Firewalls because they are affordable.

We evaluated several top products, including Fortinet, SonicWall, Sophos, and Cisco, before choosing Palo Alto Networks NG Firewalls.

I rate Palo Alto Networks NG Firewalls a seven out of ten. While the features are satisfactory, improving the configuration framework and enhancing technical support would improve the product.

Palo Alto Networks NG Firewalls do not require maintenance.

We have 500 users in our organization.

On-premises

The primary use case for Palo Alto is to address traffic-related issues and manage configurations pushed from Panorama to Palo Alto Firewalls. Additionally, it handles GPU-related challenges, global protect, and IP internal problems.

Both FortiGate and Cisco firewalls process network traffic sequentially, meaning each packet passes through security engines, e.g., security profiles and URL filtering, one by one, which can be time-consuming. In contrast, Palo Alto Networks NG Firewalls utilize single-pass parallel processing. When a packet arrives on an interface, the firewall creates multiple copies and sends them to all relevant security engines simultaneously. This parallel approach significantly reduces processing time and increases overall efficiency.

Palo Alto Networks Next-Generation Firewalls offer a comprehensive platform that seamlessly integrates all essential security functions, eliminating the need for multiple platforms. With integrated routing, switching, threat prevention, SASE, and Prisma capabilities, Palo Alto provides a centralized solution. A notable feature is the active-passive router configuration, enabling one firewall to be active while another remains on standby. Additionally, these firewalls incorporate SD-WAN, IPsec, and VPNs for enhanced network security and connectivity.

Palo Alto Networks NG Firewalls effectively utilize embedded machine learning to provide real-time attack prevention. Upon receiving a packet, the firewall performs an initial ingress phase analysis before passing it to the fast path for routing, switching, and connection establishment. Simultaneously, the security policy is checked. If a threat is detected, the initial packet is allowed through for analysis, while subsequent traffic is automatically blocked without the need for manual security policy configuration.

Our organization benefited from the comprehensive feature set of Palo Alto Networks NG Firewalls, eliminating the need for separate purchases of web-based firewalls, load balancers, routers, switches, Prisma devices, and SD-WAN devices. This saves our organizational costs.

Palo Alto provides strong security in our data centers and across all our workplaces.

Palo Alto Networks NG Firewalls reduce downtime and enhance network reliability and security through active-passive setups, where a secondary firewall automatically takes over if the primary one fails, ensuring continuous operation. These firewalls provide a seamless and efficient environment by automatically capturing logs and managing known threats. Advanced features like App-ID and Content-ID inspection enable deep packet inspection, identifying and mitigating threats even within encrypted files or those disguised as legitimate data, such as a virus bound to an MPG file. This comprehensive approach ensures robust security and minimizes the impact of malicious activities, regardless of the attacker's techniques.

The most valuable features of Palo Alto Networks NG Firewalls are Threat Vault and AutoFocus. Threat Vault allows us access to a comprehensive threat database, enabling us to get detailed information on threats and how to mitigate them. AutoFocus provides sandboxing capabilities, automatically addressing global threats.

Palo Alto Firewalls could improve by introducing more features, particularly in load balancing. Enhancing this capability would be beneficial.

I have been working with Palo Alto NG Firewalls for six and a half years.

I would rate the stability of Palo Alto Networks NG Firewalls at eight and a half out of ten.

Palo Alto Networks NG Firewalls are scalable and reliable. I have not faced any limitations with its scalability, and it is suitable for environments ranging from small offices to large data centers.

Palo Alto provides good support.

Positive

I previously worked with Cisco and FortiGate devices. I switched to Palo Alto Firewalls because of the comprehensive features offered by Palo Alto, including better hardware, software, and support.

The initial setup was straightforward, taking about 20 to 30 minutes for one Palo Alto Network NG Firewall.

The level two team was responsible for the configuration and setup process for Palo Alto Network NG Firewalls.

I am not sure about the specific licensing costs of Palo Alto Networks NG Firewalls, but FortiGate and Palo Alto are generally cheaper than some high-end Cisco devices.

I would rate Palo Alto Networks NG Firewalls eight out of ten.

For colleagues seeking a cost-effective firewall, I recommend Palo Alto Networks NG Firewalls. Despite not being the absolute cheapest, their robust hardware and software, combined with excellent support and comprehensive features, make them a more efficient and reliable long-term investment.

Palo Alto Networks NG Firewalls require maintenance.

I recommend considering Palo Alto for small or medium-sized environments due to its cost-efficiency, reliability, ease of use, and extensive features.

Hybrid Cloud

Other

We use Palo Alto firewalls to secure the enterprise network and connect our branch offices with our data centers.

A lot of Palo Alto's attack mitigation is automatic. It's nice that you can define security policies and profiles, and the firewall can automatically take action to mitigate attacks as they occur.

We can avoid downtime because Palo Alto supports high-availability firewalls, which usually enable us to do maintenance without interruption to the enterprise. We also have redundancy in our wide area, so we are not dependent on one internet provider. If it fails, we can route across an alternate provider through our VPN tunnels. 

Palo Alto solutions are scalable and highly capable. NG firewalls offer a complete solution that's reliable, consistent, easy to manage, and full of rich security features. They're easier than other firewalls and certainly more effective.

NG Firewalls provide a unified platform that natively integrates all security capabilities. It's critical to have a cohesive system that works across the entire organization. Palo Alto embeds machine learning into the firewall's core, which is necessary to keep up with the threat landscape. 

Palo Alto could improve its machine-learning capabilities. That's all new. They integrate the telemetry data and analytics up to the cloud, where they can analyze security policies and best practices like DNS Security. It uses AI tools to sort through all the massive logs and highlight where you can take action or be aware of what's happening. If you don't have many tools in your organization, it's nice to have one tool that does an excellent job across the board. 

I have used Palo Alto NG Firewalls for five and a half years. 

Palo Alto firewalls have excellent scalability. The same techniques and configuration scale from a small branch office to larger data centers. They're consistent in terms of configuration. You have centralized administration through Panorama to manage all of them easily and have global visibility with both configuration and logging.

I rate Palo Alto support seven out of 10. Palo Alto has some excellent engineers, but recently, I've had difficulty finding a technician who can solve the problem quickly.  They're easy to reach, but it's sometimes harder to communicate with the support engineers. Some are more effective, but other engineers take a couple of days to analyze the issue. The support is not as good as it used to be.

Neutral

I've used other brands of firewalls in another company, and this company has used some older firewalls. I have used Juniper SRX and NetScreen firewalls. I've also worked with Cisco ASA and SonicWall firewalls.

Palo Alto firewalls provide better visibility into the data and excellent logging that enables you to track all threats and activity. They seem to be more resilient to attacks. Other brands get overwhelmed by DDOS attacks, whereas Palo Alto has multiple levels of security that can head off some of those floods. They act almost like an intrusion detection system and some form of DDoS protection. They do a good job if you can't afford a separate product.

I rate Palo Alto NG firewalls nine out of 10 for ease of setup. They're easier to set up than Juniper SRX or NetScreen. When I arrived, they had already installed a few firewalls, but they weren't working well. The failover and high availability were not set up properly. 

They were new to Palo Alto. They started deploying a few in their branch offices and configuring them with Panorama, so they're all registered and centrally administered. There are consistent policies and shared objects across your organization for filtering geographic regions and things like that. 

The IT VP administered some of the network after their other engineer left. They had previously used Fortinet and only recently purchased Palo Altos, but they were trying to get them deployed. As a senior network engineer, I deployed it with the IT VP, and the IT manager made some operational changes. I and a member of my team maintain the firewalls. 

Palo Alto enables you to support an extensive, busy network with fewer people. You can centrally administer the solution and apply automated content updates for virus and threat prevention. Once you get these things set up, they do a lot of it independently. You only need to keep a close watch on them. 

Palo Alto can be priced higher than some less capable firewalls. However, they are exceptional when you consider the completeness of the solution and its ability to handle threats. Palo Alto is better than other solutions, which justifies a slightly higher price point. You have other tools that are easier to deploy, reducing your total cost of ownership. The newer models are faster, making the pricing more attractive.

A cheaper solution might be better if you have a small or home business that doesn't have many security requirements. Palo Alto scales down to small offices and larger data centers and enterprises. Their product scales to a wide range of use cases. 

I rate Palo Alto NG Firewalls 10 out of 10. I recommend spending time with Palo Alto and other support partners planning and understanding your network before you deploy. You can simplify many capabilities into common rules that you can apply consistently across the organization to save time. Planning can help you build consistency in naming address objects, VLANs, and network resources.

For Palo Alto Networks NG Firewalls, clients mostly use this as a ZTNA solution, so it works as a perimeter firewall combined with ZTNA for external access and all other related functions.

We usually work with a whole bundle of subscriptions with Palo Alto Networks NG Firewalls, offering the ATP, URL filtering, DNS, and everything that the firewall can provide.

We use all the subscriptions that Palo Alto is offering, including WildFire, URL filtering, and ATP; basically, everything they provide is something we are offering to our customers.

My clients use AI technology with Palo Alto for analytics; Palo Alto Networks NG Firewalls has machine learning integrated into the firewalls that is actively utilized.

Palo Alto Networks NG Firewalls have precision AI that can recognize AI traffic, allowing you to control it within the company by blocking it if you have policies against employee use.

Segmentation and policy management in Palo Alto Networks NG Firewalls are mandatory, and that is why customers are using it.

The only room for improvement I see for Palo Alto Networks NG Firewalls is with their pricing; it could be more flexible for clients.

It could be cheaper because Fortinet is very aggressive with their pricing, but the functionalities of Palo Alto are really good.

The technical support from Palo Alto could be better; I find that it can be improved.

The issues are mainly with response time and quality, as their first level support used to be better a couple of years ago, but now you sometimes get support that isn't as good.

I have been working with Palo Alto Networks NG Firewalls for six to seven years.

The initial setup for Palo Alto Networks NG Firewalls is not easy to implement since it is an enterprise solution, but I find it intuitive.

For stability, I would rate Palo Alto Networks NG Firewalls a nine out of ten.

For scalability and the ability to expand, I rate it a nine out of ten.

The technical support from Palo Alto could be better; I find that it can be improved.

The issues are mainly with response time and quality, as their first level support used to be better a couple of years ago, but now you sometimes get support that isn't as good.

Positive

When comparing Palo Alto Networks NG Firewalls and Fortinet, it ultimately depends on the different types of customers they serve; Fortinet offers everything on one device, including wireless controllers, but Palo Alto has better functionality, stability, and is less compromised.

The initial setup for Palo Alto Networks NG Firewalls is not easy to implement since it is an enterprise solution, but I find it intuitive.

I would rate Palo Alto Networks NG Firewalls a nine out of ten, as it is a very good and stable solution, and I recommend it over Check Point, Fortinet, and Cisco; it stands out as the leader.

I can recommend Palo Alto Networks NG Firewalls for every company size; we are just starting to offer it for the SMB market, but it is an enterprise solution and they also have a series for small businesses.

On-premises

Other

Palo Alto Networks NG Firewalls are our perimeter firewalls that protect the network from external attackers. They provide visibility into network activity, from layer four to layer seven, including application visibility, user awareness, and content awareness. These features are crucial for any network and organization, regardless of size, whether it's 20 users or two million users – they all need a firewall.

It's crucial that the entire cybersecurity landscape shifts from traditional methods to artificial intelligence and machine learning. When vendors stay current with emerging and future technologies, they're better positioned for success. This proactive approach ensures they remain relevant and effective in the ever-evolving cybersecurity space.

Palo Alto Networks NG Firewalls helped reduce our downtime.

The most valuable features of Palo Alto Networks NG Firewalls are DNS sync calls, enabled security features, and Wildfire.

The machine learning component on the firewall level requires more computing power to perform at the full production level. Therefore, the ML is currently providing partial real-time attack prevention.

In large data centers, enabling multiple features, such as SSL decryption, can lead to performance degradation. This is especially noticeable in Palo Alto firewalls when SSL inspection is enabled. Ideally, this shouldn't happen. To address this, enterprises are often forced to upgrade to higher-end models, which is unnecessary. Palo Alto needs to address this issue. When performance degrades due to full packet inspection, the solution should be to increase the computing power within the same firewall, not to recommend upgrading to a larger, more expensive model. Performance issues during full inspection need to be resolved without requiring hardware upgrades.

The technical support has room for improvement.

I have been using Palo Alto Networks NG Firewalls for five years.

I would rate the stability of Palo Alto Networks NG Firewalls six out of ten. After the upgrade, we are experiencing performance issues. Occasionally, we need to reboot the firewalls to refresh and recreate sessions. Gradually, performance returns to normal. Immediately following the upgrades, performance and utilization spike significantly.

I would rate the scalability of Palo Alto Networks NG Firewalls eight out of ten.

We previously used Checkpoint firewalls, but the performance was subpar and lacked an available interface. In contrast, Palo Alto Networks NG Firewalls offered more interfaces.

The initial deployment was not complex but we did face some issues with respect to dynamic routing configurations.

We used a third-party for the deployment.

We have observed an average return on investment from Palo Alto Networks NG Firewalls.

Palo Alto Networks NG Firewalls are expensive. The total cost of ownership is high.

I would rate Palo Alto Networks NG Firewalls six out of ten.

For those looking for the cheapest NG firewall, I would recommend Fortinet.

We deployed a total of four Palo Alto Networks NG Firewalls, two in the data center and two in the data recovery center. We have a total of 1,800 endpoints in our organization.

Frequent updates necessitate regular maintenance, which requires a team of four people.

Before purchasing, conduct a proof of concept to verify functionality, alignment with use cases and organizational requirements. Validate hardware compatibility and ensure correct sizing. Opt for direct Palo Alto OEM support instead of partner-enabled support.

On-premises

I mainly use Palo Alto Networks NG Firewalls as the firewall device, and I deploy it at the perimeter of the networks to secure our infrastructure.

By implementing Palo Alto Networks NG Firewalls, we mainly wanted web security and protection from DDoS and other attacks. We also wanted to provide a VPN solution so that mobile users could work from anywhere.

Palo Alto Networks NG Firewalls provide a unified platform that natively integrates all security capabilities. This is very important because with a single box, we can enable multiple security features and have web security, application security, and network security. It works on OSI model layers one to seven. It provides end-user security and enables us to allow any URL, website, or application for a user.

Palo Alto Networks NG Firewalls provide VPN solutions. With site-to-site or remote VPN, anyone from the organization can work from anywhere in the world. They only need Internet connectivity on their devices to connect to our enterprise network and access the required resources. It supports secure remote work through VPN connectivity.

Palo Alto Networks NG Firewalls are effective in preventing attacks by blocking abnormal behaviors. It detects any anomalies using signature-based detection and automatically alerts administrators. Palo Alto Networks NG Firewalls have machine learning embedded in the core to provide inline, real-time attack prevention.

We can use Palo Alto Networks NG Firewalls for securing data centers consistently across all workplaces, from the smallest office to the largest data centers. We can deploy the firewall anywhere based on business requirements. We can use Palo Alto Networks NG Firewalls at a broad level to secure our data center. Within the data center, we can also segment the network and deploy the perimeter firewalls between different departments. For example, if a salesperson is communicating with the database team or marketing team, the traffic has to pass through the firewall. The firewall inspects the behavior. If an internal employee is trying to delete a database file, the action will be prevented at the application level.

The solution provides web security, application security, and network security. We have app security, app gateway, and app ID. There are multiple models.

Palo Alto Networks NG Firewalls should be more flexible and user-friendly. 

There should be more comprehensive documentation, case histories, and technical training on new technologies available on their portal. It will help us with troubleshooting.

I have been using Palo Alto Networks NG Firewalls for ten years.

Palo Alto Networks NG Firewalls are very stable. I would rate Palo Alto Networks NG Firewalls a nine out of ten for stability.

Palo Alto Networks NG Firewalls are highly scalable, allowing deployment in various modes, including virtualized, cloud, and bare metal. We are using it at multiple locations.

I would rate Palo Alto Networks NG Firewalls a nine out of ten for scalability.

Palo Alto's tech support is fine. They are proactive, responsive, and effective in logging cases and troubleshooting.

Positive

We previously used Cisco ASA and switched to Palo Alto Networks NG Firewalls. It is very fast. We are not getting any latency. Palo Alto Networks NG Firewalls have a unique vertical packet inspection feature. It checks all parameters in a single shot, which makes it fast. Other firewalls, such as Check Point and Cisco, do the inspection horizontally, so there is a delay.

We have on-prem, hybrid, and cloud deployments. We have deployed Palo Alto Networks NG Firewalls on the AWS platform.

The initial setup was a bit complex initially, but with experience, it has become straightforward.

It does require maintenance. There could be a hardware fault. This is why we recommend deploying them in an HA environment.

I did the implementation myself. We have a team of five people.

For maintenance, one person is usually enough, but if you have multiple firewalls, you might require more people.

Everyone has different requirements. Palo Alto Networks NG Firewalls are a good and stable choice. They also have solutions for medium-sized enterprises. I would recommend trying Palo Alto Networks NG Firewalls.

Overall, I would rate Palo Alto Networks NG Firewalls an eight out of ten.

In our country, there are multiple use cases. Usually, it is for virtual cases or virtual environments and source areas.

The most valuable feature is threat prevention. SSL VPN is also very valuable. These are essential for our clients, especially for access to local infrastructure while preventing Internet threats.

Our clients can have a unified cybersecurity system if they subscribe to it. This firewall is an important part of access to any data center or branch office. They have site-to-site connectivity.

It is a good product, but they can add some functions for port scanning and network scanning. More network functionality would be beneficial.

I have been working with the new generation firewall from Palo Alto Networks for two years.

The solution is very stable and reliable. I have not experienced any outages or issues. I would rate it a ten out of ten for stability.

The solution is scalable if the right model is purchased. It is important to assess the infrastructure size before choosing a model.

The technical support is very good. They offer fast and competent assistance. I would rate them a ten out of ten.

Positive

Its deployment is easy. It takes two to three days.

The initial setup process involves basic and network configuration, security and policy configuration, and then getting the device to the client.

It does not require much maintenance. One person is enough for it.

Its price is quite high but is justified for the features and capabilities provided, although I would prefer a lower price.

If you have the budget, I would recommend using Palo Alto Networks NG Firewalls instead of other brands because they offer the greatest functionality.

I would rate Palo Alto Networks NG Firewalls a ten out of ten.

Public Cloud

I use Palo Alto Networks NG Firewalls as a perimeter firewall for VPN accesses to secure data centers and complex networks, involving multiple sites connecting through a single point to the internet. At that point, I set up the security for all sites.

Palo Alto Networks NG Firewalls is most beneficial for network security as they use AI and machine learning, which are especially effective against zero-day attacks. Their AI is adept at identifying potential attacks or unusual traffic. Among the top three vendors—Fortinet, Check Point, and Palo Alto Networks—I find Palo Alto Networks to be the most efficient in dealing with zero-day threats due to their advanced use of AI and machine learning.

I believe the configuration part can be improved, particularly because the management tools like Panorama and the cloud management solutions are not fully aligned. Additionally, the routing configuration within Palo Alto Networks NG Firewalls is confusing and not logically structured like traditional network equipment, which is challenging, particularly for those accustomed to Cisco's networking logic.

I have been working with Palo Alto Networks NG Firewalls since the second half of 2020, so approximately three years.

Overall, I find the product to be stable with minimal crashes or access issues, comparable to Check Point, but slightly better.

Palo Alto Networks NG Firewalls is scalable but starts at a high price range, which may not be affordable for smaller companies.

Customer service and technical support for Palo Alto Networks is great. They are responsive and helpful.

Neutral

The installation process generally takes about an hour, depending on the complexity of the configuration. An easy setup could be completed in approximately two hours.

Two people are usually involved in the deployment: one technician for installing on-site and conducting basic configuration, and one remote engineer for detailed configuration.

Palo Alto Networks NG Firewalls is the most expensive solution without discussion, which often makes it less competitive for small companies. Management tools like Panorama significantly add to the cost, making it affordable primarily for larger enterprises.

Palo Alto Networks offers an excellent range of products and I generally recommend them unless the price is a concern. They lead the market in complex solutions, though Check Point is a close competitor in NGFWs. The routing aspects could be more logically structured. Overall, I rate Palo Alto Networks NG Firewalls ten out of ten because they are unmatched in their function.

Hybrid Cloud

Other