Palo Alto Networks NG Firewalls Reviews

We use Palo Alto Networks NG Firewalls for visibility and protection of our network.

Our environment primarily uses Windows, and Palo Alto Networks Next-Generation Firewalls can enhance our security integration.

The firewalls help protect our servers, but we do not have a highly sophisticated data center setup.

The most valuable aspect of Palo Alto Networks NG Firewalls is the performance.

The support needs improvement, as the quality of the responses is not great and sometimes solutions take a long time. Configurations related to different operating systems can be complex, and we have encountered issues with Linux systems.

The internal authentication method for connecting to the firewall's internet access requires an SSL certificate. However, the configuration process is complex and currently incompatible with certain operating systems, such as Linux.

I have been working with Palo Alto Networks NG Firewalls for nearly eight years.

Palo Alto Networks NG Firewalls are stable; we have only faced downtime once in the past two years due to a primary firewall maintenance issue where the standby did not come up.

We have not needed to scale up or down, as the solution we have is currently sufficient.

Support is a challenge as the response time is long, and the quality of responses could be improved.

Neutral

I have used Juniper previously and found its security features superior. However, I prefer Palo Alto for its broader range of features and more competitive pricing.

The setup process is somewhat complex, requiring a couple of days. Fine-tuning and configuring SSL authentications internally is difficult.

Palo Alto Networks NG Firewalls are more expensive than Cisco firewalls, but slightly less expensive than Juniper firewalls.

I evaluated Cisco and Juniper before choosing Palo Alto Networks NG Firewalls.

I would rate Palo Alto Networks NG Firewalls seven out of ten.

The maintenance of Palo Alto Networks NG Firewalls is easy.

We implemented Palo Alto Networks NG Firewalls as our intrusion prevention system to filter layer seven traffic and perform SSL inspection through deep packet inspection at the application layer.

We use Palo Alto Networks NG Firewalls for layer three packet filtering of east-west and north-south traffic and layer seven filtering through web filtering.

Palo Alto Networks NG Firewalls include Panorama, a unified platform providing a complete overview of our security features. This centralized management tool offers a single pane of glass for monitoring all security touchpoints through metrics, streamlining our network infrastructure protection. As a crucial component of our perimeter defence strategy, Panorama is integral to our overall network security priorities.

The machine learning feature embedded in Palo Alto Networks NG Firewalls for inline, real-time attack prevention is essential for proactive incident response and mitigation.

We realized their advantages within the first month of deploying Palo Alto Networks NG Firewalls. While those unfamiliar with the firewall's capabilities may not immediately recognize the benefits, those with a deeper understanding have seen positive results almost instantly.

Palo Alto Networks offers a diverse range of firewall models, catering to small offices, entry-level needs, and large data centres. This consistency in their product line allows them to effectively secure organizations of all sizes, from small to medium-sized businesses to extensive data centres. Considering their out-of-the-box protection across different work environments, I would give Palo Alto Networks a rating of nine out of ten for consistency.

Palo Alto Networks NG Firewalls have helped our organization reduce downtime by safeguarding against DDoS attacks, phishing attempts, and other malicious threats. These firewalls effectively prevent unauthorized access to our enterprise infrastructure.

The most valuable features are IPS and stateful inspection. Stateful inspection simplifies firewall management by automatically allowing return traffic for established connections, eliminating the need to create separate policies for inbound and outbound traffic within the same session.

Palo Alto Networks Next-Generation Firewalls are expensive and could become more competitive with reduced costs.

I have been using Palo Alto Networks NG Firewalls for five years.

Palo Alto Networks NG Firewalls are highly stable.

Since Palo Alto Networks NG Firewalls are physical hardware devices, they offer scalability but are limited by the hardware's capabilities.

The technical support of Palo Alto is fantastic.

Positive

I previously used Cisco ASA firewalls but switched to Palo Alto Networks NG Firewalls because Cisco ASA does not offer next-generation firewall capabilities like stateful.

The deployment was straightforward, even though we received some assistance from Palo Alto engineers.

The deployment was completed in five days. Prior to execution, we planned the integration of the firewall into our infrastructure. This high-level plan involved identifying the network, provisioning the firewall, connecting network cables, configuring the firewall, and conducting tests.

Our logs indicate a significant number of attempted unauthorized access or attacks on our infrastructure, which the Palo Alto NG Firewalls have successfully blocked. Given this evidence of the firewall's effectiveness in protecting our systems, I believe it demonstrates a strong return on investment.

Palo Alto Networks NG Firewalls are expensive.

I would rate Palo Alto Networks NG Firewalls ten out of ten.

Even though Palo Alto might be more expensive, I would always recommend it because you typically get better equipment for your investment.

Occasionally, we need to upgrade the operating system, which is considered maintenance. Although we have a high availability setup with two firewalls, an active one and a backup, they typically run continuously without issues.

We have 1,000 users across multiple locations that utilize Palo Alto Networks NG Firewalls in our organization.

I recommend always having a proper plan and considering not only the cost but also the technical benefits in terms of the next-generation firewall features offered by Palo Alto.

Palo Alto is used as our organization's perimeter firewall. In fact, it is our data center. We use it to protect our perimeter level. The model that we use is the PA-5020, which is a bare metal device.

I currently work in ISP operations, where we host DNS servers for customers and also have a few AAA servers for broadband authentication. In Sri Lanka, there are ADSL customers and broadband customers, who authenticate against our AAA service. Additionally, we also protect our internal members using Palo Alto firewalls.

In the event that Palo Alto Networks NG Firewalls detect evolving and rapidly moving threats, we get help from the Palo Alto teams to resolve the issues. We do the level one troubleshooting and then open a tactic attempt to pass that to tech managers for resolution.

Previously, there were a couple of limited features available from GlobalProtect. However, after introducing these new features, the solution has been very helpful for us. This is very important.

We are a telecommunication service provider and we offer many IT services to our customers. The recent attack has made it very important for us to take precautions. Having a unified platform for our organization is an integral part of being able to identify and address attacks quickly.

Most of the features in Palo Alto are very valuable. Recently, in the COVID pandemic situation, we used SSL VPN through GlobalProtect from Palo Alto, which was very helpful for us to do work at home. We use general category-based filtering. Palo Alto is a very sophisticated firewall.

Palo Alto Networks NG Firewalls machine learning in the core of the firewall to prevent attacks is very important. Previously, our country was not targeted by attackers, but recently, we have identified that there are a couple of situations happening in our country. Recently, there has been an unstable political situation in our country, and during that time period, many attackers have been trying to infiltrate our networks. We definitely have to go to the next-generation features such as the Next-Generation Firewalls.

Having a unified platform that natively integrates all security capabilities is a great feature. We previously used a single management platform, Panorama from Palo Alto, across all of our Palo Alto products. However, Panorama is no longer being supported, due to its end-of-life status.

Having a unified platform helped to eliminate security holes. Between the UTM platforms, and Palo Alto, all features are available in one firewall, so we don't need to buy different products or separate IPS devices and separate antivirus devices. In Palo Alto UTM firewalls, most of the features are available such as antivirus with filtering, which is very important.

The solution is user-friendly.

The pricing of the solution is high and can be improved.

Most other VPN clients include mobile VPNs but Palo Alto does not. We are required to purchase the mobile VPN clients separately. During our RFPs we have noticed that most features by vendors are similar but the price for those features is higher with Palo Alto.

I have been using the solution for seven years.

The solution is very stable.

I'm not seeing scalability problems in my scenario, but overall Palo Alto is doing well in terms of scalability. I'm using ten licenses for V systems and the port density is good.

There are five firewall administrators, two engineers, and three technical staff. In my department, there are thirty users and during the work-from-home scenario, all of them are connecting through the SSL VPN. Thirty plus users in our organization and the request for the service that is in our country, in our broadband customer segment are 1,500 thousand.

The solution is at the end of the life cycle and we are in the process of upgrading.

The support from the tech team is good, and their response is fine.

There is a tendering process in my organization, so products that are technically qualified go through a two-stage process: the first stage is the technical qualification stage and the second stage is the financial qualification stage. However, in the end, everything comes down to finances, and that's why Palo Alto was awarded the tender and we switched from Check Point.

The first thing we did was install a client to manage the Check Point firewall. However, I think the new versions which operate at this time don't need the client. Previously, it definitely required a client, so that was a headache. Palo Alto is not like that, it's a dual-based configuration. Also, when we apply the rules, it's also very easy in Palo Alto. Another important aspect is that Palo Alto uses its own based firewall, and Check Point does not. We have to put the configuration to interfaces and likewise. This is very helpful because in my network, in some cases, we have to have a couple of interfaces that are met with the source, and we have to easily apply rules by selecting the source.

The initial setup is straightforward. I was in the deployment stage when this firewall came to my organization. Palo Alto includes a quick reference guide in the box. For an initial setup, everything is available in that quick reference guide. 

We had the Check Point firewall previously and after the tender process, Palo Alto was selected as the new replacement. We took three to four weeks to migrate all the Check Point rules. We migrated around 100 to 150 rules from Check Point to Palo Alto which was very easy.

There is a team in my organization made up of engineers and technical officers. Working under the engineers the technical officers are responsible for the physical implementation of everything. I am an engineer in my organization, and engineers are responsible for installing programs and configurations. We have a timeline to meet for every new implementation, which is a project for us.

In the deployment stage, we had six or seven members on the deployment team. After deployment, we now have two engineers and three technical staff, for a total of five people who perform maintenance.

The implementation was completed in-house.

My firewall is used to protect my internet servers. This means that the servers provide services to our broadband customers. After taking the revenue from broadband customers, Palo Alto is almost covered. However, there is no direct ROI for Palo Alto in my setup.

We are purchasing an annual subscription for signatures, and categories. Our box has ten perpetual licenses for V Systems.

We don't have licenses for SSL VPNs because it is included in the box. For VPNs, we don't need a license. However, if we use the Power VPN client on our mobile devices, we need to purchase the client software.

Before choosing Palo Alto, we evaluated Check Point and FortiGate.

I give the solution a nine out of ten.

We are currently in the process of procuring a new parallel processing solution. Our current parallel processing solution is reaching the end of its life in 2023, so we need to find a new solution by March 2023. Ideally, we would like to find a new solution from Palo Alto, but the selection process is still in progress so I can't say for sure which model will be chosen.

In the past seven years I have been using the solution, I have only had to open ten tickets for support.

The zero delay signature feature is not implemented because our license is not enabled in our firewall. We use layer seven filtering for our data center.

Palo Alto Networks NG Firewalls are protecting our data center. Almost all our country's broadband users request access through this firewall.

I can recommend the Palo Alto firewall for other companies as a perimeter firewall, as a data center, and as a work-from-home scenario for SSL VPN, but I don't have experience with it as a managed service.

To any potential new users, definitely go for Palo Alto, don't worry about its sophistication. With all my experience using Palo Alto, I have had very minor issues. I recommend Palo Alto as a company network solution.

The configuration of the solution is nice. During the time period that I have used Palo Alto, I have had only a few tickets raised and the tech support is helpful. Palo Alto firewalls cover most security threats.

We are managing services for our customers. I am mostly dedicated to Palo Alto.

I have had a very good experience with Palo Alto firewalls and Panorama. We have used Palo Alto firewalls for multiple use cases. We have used them at the perimeter as well as in the data center. I have experience in 5000 series, 7000 series, and 3000 series. I have worked with most of them.

We are able to meet 99% of the requirements of our customers. It is a good solution to have in the data center as well as at the perimeter.

Palo Alto Networks NG Firewalls provide a unified platform that natively integrates all security capabilities.

Machine learning as well as AI have been added. About 99% of new malware or signatures can be blocked with machine learning and AI. Rather than sending these new signatures to a verifier, they are automatically blocked by leveraging machine learning and AI.

Palo Alto has different types of series. They have 800, 400, and 200 series for small branches, and then they have 1000 series for smaller branches. For a data center, they have the 3000 series and 5000 series. For big ISPs, they have 7000 series where we can also do virtualization. We can have separation and even multi-tenancy at the core level, which is something amazing. Also, we can share policies, objects, and virtual systems. That helps the network infrastructure security engineer to achieve their use cases. It provides a fast and amazing experience.

There is a reduction in downtime because it is a stable firewall. It helps our customers to have a stable network. Most of our customers have high availability. If the customers configure it well, they will have a good experience. They will not have any data loss.

It has a very good user interface. The documentation is also very good. It is very useful for monitoring things.

The integration with RADIUS, LDAP, and other servers also works very well. API integration is also very nice. The way security policies can be configured is also amazing. The Quality of Service can also be achieved. All these things are nice.

Palo Alto is a leader in the market when it comes to performance, virtualization, and the cloud platform. It is working well. In my opinion, nothing can be added at this time. However, when it comes to the cost, Palo Alto firewalls are the most expensive.

I have been working with this solution for about seven years.

It is stable. Almost everything is fine.

It is fairly scalable. Especially when you have a firewall as a service, scalability is good. Even if it is a physical firewall, a customer can simply do a tech refresh.

Their technical support is good, but they take time. Most of the time, they are occupied. We experience delays in their replies.

Neutral

I have experience with other products such as Cisco ASA, Cisco Firepower, Fortinet FortiGate, and Fortinet FortiManager, but I have mainly worked with Palo Alto firewalls.

The main competitor is Fortinet FortiGate. Palo Alto firewalls provide more control over features and give you more capabilities for control. The administrator has the required visibility to do that. Fortinet seems to have a UTM solution with multiple network and security features comprising Fortinet FortiGate, FortiSwitch, FortiAnalyzer, and FortiManager.

Our customers deploy these firewalls in the cloud as well as on-premises. On-prem, it is straightforward, but on the cloud, you require a different design.

In terms of the implementation strategy, we need to size the firewall in the correct way. For maintenance, there should be a support contract for each and every security solution, especially for the firewalls because they are very critical.

I am not from presales or sales, but as a brand, Palo Alto is more expensive than other firewalls. They have different licenses. As a customer, if you know what you are going to purchase exactly, you will get a good price. The price will vary based on whether you are going for the 7000 series, 5000 series, or 3000 series.

Overall, the price makes sense because you have IoT security, antivirus security, DNS security, anti-spyware, and many other features. They have a solution to implement SASE. So, it is very expandable for new challenges, and the return on investment can be achieved simply.

I would rate Palo Alto Networks NG Firewalls a nine out of ten.

I have used it in a couple of different ways. One way was to use it as a perimeter device and to act like a traditional firewall for controlling the traffic in and out of the network and doing intrusion detection. It was more of a filtering-type device for remote access and VPNs. 

At another job, we used it as a site-to-site VPN. We scanned customer applications and code over a site-to-site VPN. These were the two main use cases that I have done over the last eight years with Palo Alto.

It integrates very well with AWS Cloud. We use the VM-Series of Palo Alto firewalls. It is good.

It is very important that Palo Alto Networks NG Firewalls provide a unified platform that natively integrates all security capabilities. That is because it is a very sophisticated environment when you start talking about the cloud and software-defined networking. When you think about that level of complexity, to have somebody like Palo Alto and AWS work together to make the deployment of those devices seamless is an incredible benefit to users.

There are different types of modules to provide defense for customers. It is pretty amazing.

It can secure data centers consistently across all workplaces. It is no secret that Palo Alto has made a large footprint in the industry when it comes to those types of security services. When you talk about the data centers and things like that, Palo Alto scales well. They are doing a great job.

In terms of downtime reduction, downtime is relative. There are many different types of elements that can cause downtime. It could be some type of attack or just a configuration change. However, things like Panorama and high availability embedded in the platform allow for high availability.

The ease of updating the platform was valuable. We could easily update the OS and different modules within the platform. It was a fairly user-friendly and easy-to-use platform. 

We found it to be fairly stable as well. It was largely stable.

Overall, when you consider how sophisticated the appliance or the platform is, they have done a remarkable job. It is probably as good as it can be in terms of being highly sophisticated but having a very small leap to learn the platform and deploy it. I do not have many complaints about the platform.

I have worked with this solution for about eight years.

Palo Alto has a great support ecosystem. I only had one issue with somebody, but we got that addressed. It was just like any industry or business. You are going to have some people who do not want to act right, but overall, they have high-quality support.

I would rate them an eight out of ten. I am a customer, and I am involved in high-pressure situations. I am always going to say that I want a quicker response, but when I am being flat-out honest and reasonable, they are as good as they could possibly be without overstepping.

Positive

We have used Check Point. I did not like Check Point at all. It is very cumbersome, so I definitely would not recommend it. 

I found the Cisco ASA line to be overly complicated for what it needs to be, but that is the history of Cisco. They have very capable devices, but they are definitely not as friendly, in my opinion. I would give a nod to Palo Alto. Palo Alto GUI seems to be a little bit easier to navigate. Cisco devices have always been very capable, but they have a steeper learning curve.

It is fairly simple. It is as simple as it can be to get started.

The number of people required depends on the environment and the type of project that you are doing. If you are designated to deploy it as a perimeter device, you do not need that many people. If you have a situation where it is in the cloud and you have to do a lot of other things to get traffic to the device, configure the interfaces in the cloud, and later create policies and bring everything into Palo Alto, it is a more sophisticated process. You need somebody very knowledgeable about that, or you need multiple people to work that out.

We have had some complex scenarios, but I was fairly knowledgeable about AWS and the firewalls, so I was able to put everything together myself. I did not require any third-party help.

It is a pretty significant return on investment if a device does what it says it will do, and it has a small learning curve and good stability.

I do not have much opinion on that because I have not been involved in the procurement process of the Palo Alto devices with the exception of pay-as-you-go through AWS, but all of this stuff is very expensive, in my opinion.

I will be a little bit pessimistic and rate it a nine out of ten, but I feel that it is a ten.

The tool's most valuable features are its security features, which are highly valued based on market standards and Gartner reports. We conducted a POC before procuring it, and from that perspective, it is very good. The machine learning feature helps prevent more threats, but no device or firewall can be 100 percent secure because threats evolve daily.

We use geofencing in our firewalls to prevent unknown attacks from other countries. The solution stops these attacks in the cloud so they don't reach my firewall. Only allowed countries can access it.

The solution provides a unified platform that natively integrates with other security platforms. It is a must as a compliance requirement and aligns with standard security best practices. The platform also helps to prevent security holes by 70-80 percent. 

We have implemented the Zero-Delay Signature feature. It is important to prevent unwanted network penetration and information theft, so having it in the firewall at the gateway level is mandatory. 

The setup was complex. We have perimeter firewalls and multiple voice devices handling calls. Directing traffic through gateway perimeter firewalls becomes quite complex in such a scenario. The implementation took around two months and required three to four people for deployment.

I have been working with the product for four years. 

Palo Alto Networks NG Firewalls' stability is very good. 

Based on our expected growth, we have some buffer and procured a model that offers an additional 10-20% capacity. Around 1,500 people in our company use it, and two to three administrators manage it around the clock. Currently, we have no plans to increase usage.

The technical support is very good. We log a call and get a response within five to ten minutes. If there is any critical issue, they get on a call and resolve it. We opt for OEM direct support. It depends on whether an integrator will assist us or we must log in through the portal. 

Positive

I decided to switch from FortiGate to Palo Alto Network NG Firewalls because we found that it performs better regarding security standards. It's considered an industry standard.

A system integrator helped us with the implementation. 

Cost-wise, I don't see much difference in network-related costs, but this is a premium-grade firewall. There is a cost involved, and you must pay for that to get the most out of it. Its licensing costs are straightforward. There aren't any hidden costs. 

I need to check DNS security with Palo Alto Firewalls. I set it up initially, but my team manages it daily. I approve any changes, but my team handles the hands-on work. I can't say all tools will be integrated, but other tools might also be needed based on our business and use cases. This alone might not suffice.

Network performance is okay but not great because multiple hops are involved. Each tool, like an endpoint with antivirus, scans the traffic before it moves to the firewall, which also scans it before sending it out. So, there will be some performance regulation. We cannot expect 100% performance in any network once you have any firewall with all the built-in security features implemented.

When I recommend the tool to others, I first check their business needs and understand what they're looking for. If they're focused on security posture and are ready to invest, I'd recommend Palo Alto Networks NG Firewalls. But if they want something cheap, I'd suggest options like FortiGate or SonicWall. Also, I'd check if they have the in-house skills to manage it day-to-day.

I'm familiar with the PA-400 series of Palo Alto Networks NG Firewalls. It's good for small offices, and we use the same series in one of our branch offices. 

I've learned that using this solution is a continuous learning process. Every day, I analyze and evaluate the differences between each product to see if it meets our business requirements and is cost-effective. I rate it a ten out of ten. 

We partner with vendors primarily to foster better understanding and relationships. Our core business is system integration, where we cater to diverse customer requirements. A customer might approach us with a specific need, and we deliver. A product like Palo Alto's XDR or EDR endpoint protection is popular due to its features, but ultimately, the choice depends on individual customer requirements, including extra services or integrations. We currently have around six customers using Palo Alto.

Aside from the usual content filtering and application filtering, the primary driving force for Palo Alto Networks NG Firewalls has been the SD-WAN. Additionally, ADR has also been a significant factor. All our clients also use Palo Alto as their firewall solution.

Palo Alto NG Firewalls offer a comprehensive platform that consolidates all security features, making them the preferred choice for our clients implementing SD-WAN and ADR solutions due to their integrated threat management capabilities.

Palo Alto NG Firewalls' embedding of machine learning into the firewall's core is crucial. They provide a cloud-based sandbox platform, enabling offloading of numerous tasks and offering AI-powered solutions to detect advanced or new threats. Palo Alto's methods for achieving this are impressive.

Some of the benefits our clients have seen using Palo Alto NG Firewalls include rapid deployment to their branches thanks to SD-WAN, improved control over branch networks, and enhanced overall environmental protection. It's important to remember that firewall security is product-dependent, and attackers often target widely deployed products for maximum impact. This explains the prevalence of attacks on popular firewalls like FortiGate and Checkpoint. Interestingly, Palo Alto is not as frequently targeted because attackers seek large-scale impact, making niche platforms like Palo Alto less appealing. Staying on a less common platform can offer a security advantage by attracting less unwanted attention from potential attackers.

Palo Alto NG Firewalls help secure our data centers across all workplaces. We also leverage a cloud platform for edge security.

Palo Alto NG Firewalls help reduce our clients' downtime. They are rarely attacked, and their uptime is over 99 percent.

Our clients find the most valuable features in Palo Alto Networks NG Firewalls to be the user-friendly interface, extensive capabilities, and highly granular rule creation process. This level of granularity allows for precise control and customization in network security policies.

Some of our clients find the price of the NG Firewalls to be expensive.

The UI needs to be more user-friendly to attract novice users.

I have been using Palo Alto Networks NG Firewalls for four years.

I would rate the stability of Palo Alto Networks NG Firewalls nine out of ten.

The entry-level Palo Alto Networks NG Firewalls lack scalability, but their higher-end counterparts offer this feature. Overall, I would rate their scalability a six out of ten.

The Palo Alto support is excellent.

Positive

The initial deployment is straightforward for technical people. The number of people required for deployment depends on the environment, but one or two people are usually sufficient. For example, in a branch scenario, one person might handle the headquarters while the other visits the branches. However, even at headquarters, there could be more than one person depending on the customer's services, enabling them to collaborate on creating rules, modifying requirements, or gathering information while someone else focuses on the deployments.

Usually, our clients see a return on investment after the first year of deployment.

I find the pricing of Palo Alto Networks NG Firewalls to be reasonable. The price is based on that selected package, with the lowest starting at $3,000 annually.

I would rate Palo Alto Networks NG Firewalls nine out of ten.

I would recommend Palo Alto Networks NG Firewalls, but it ultimately comes down to the organization's needs. Some organizations are almost entirely cloud-based, while others rely on the Internet for a few specific tasks and may have on-premises processing or branch offices. The ideal firewall solution varies depending on the specific environment and use cases; a firewall that performs well for one organization might not be the best fit for another.

The primary reason people opt for cloud or hybrid solutions is to manage workloads or services already operating in the cloud. This trend extends to Palo Alto Networks NG Firewalls, where the cloud versions are gaining popularity. However, many users prefer the on-premise version of the firewalls to safeguard their on-premise infrastructure. This may involve physical or virtual appliances as long as they remain on-premise and not in the cloud.

Other than updates, Palo Alto Networks NG Firewalls rarely require physical maintenance because most data centers are clean.

Palo Alto Networks NG Firewalls are excellent firewalls but require technical expertise and dedicated resources for deployment. However, with technical know-how, they are easy to configure and deploy and offer flexibility for adaptation to various environments. We highly recommend them for SD-WANs and VPNs due to their high compatibility.

We use the solution to filter out the traffic from our internal networks, not a public-facing network.

The predictive analytics and machine learning for blocking DNS-related attacks keep track of IP addresses and DNS names from other countries requesting access to our resources. The solution helps us identify any malicious activity and maintain our network safety. We first check the DNS issue and put it into the blacklist. If we get a similar DNS issue from another country in the future, we block the IP range altogether.

Apart from traditional technologies, we have been relying on signature-based identities. For example, we have been following up on what is in the data system and the firewall. These systems can only detect what has already been returned by the data system. If any security vendor does not update its databases or firewalls, or if its upgrades or firmware are not up to date, then malicious attacks can occur. The advantage of Palo Alto is its real-time analysis, as opposed to traditional methods that use signatures. Palo Alto Network NG Firewall has come up with some great behavioral analytics and the Wildfire feature, which helps organizations stay safe from false positive notifications or alerts.

The unified platform helps eliminate security gaps. We had certain servers that we hosted with open ports and we needed to ensure that these ports were closed. When we first set up the solution in the production environment for testing purposes, we detected traffic coming from ports on the server that had not been identified by our previous firewall. Palo Alto Network NG Firewalls uses all of its resources to detect security threats. The solution helps our organization close security vulnerabilities, Palo Alto Network NG Firewalls provide us with the instruments we need to complete our job. 

The unified platform helped eliminate multiple network security tools and the effort needed to get them to work together. We need to be able to detect the type of traffic being generated from which applications are on which systems and by which users. This will help us identify which IPs are making the requests. Previously we had to rely on multiple tools to collect this information. Palo Alto Network NG Firewalls also provide one graphical interface to display all the information. The solution simplified the process by dropping two to three tools and giving us a clear view of some first-hand data, especially data that has been preliminarily investigated in the case of cybercrime, which is essential.

Security is our primary concern which we build our networking concept around and networking is secondary. We have a single sign-on agent and a dedicated service to run the firewalls. Our architecture is set up in a way that, if a DDoS attack occurs, all the traffic would go down and we have to be prepared. When we consider both the network and security features, we are more inclined toward the security side. Our clients are usually understanding if the downtime is only two to ten minutes and we can recover quickly. 

There are no actual delays happening on the side of setting the solution up because we have all the resources documented on YouTube and on the website itself. We haven't experienced any delays in identifying and collecting the documents or installing the server. However, once we began the onboarding process, some technical issues arose. We forgot to include a customer's request for support from Palo Alto and as a result, the customer executed support themselves either through our website or a call, but a customer service agent acknowledged and resolved the request quickly. Because of that issue, we have been able to allocate adequate resources for implementation. We feel as if we are receiving premium service.

The most valuable features of Palo Alto Network NG Firewalls are policy editing and rule assigning for firewalls, as well as Wildfire. The solution does a great job of identifying malicious items and vulnerabilities with URL filtering. When combined with Fortinet, we have instant results.

Palo Alto Network NG Firewalls is doing impressive work with its AI technology, which is important to our organization. I have forwarded the papers to the director board in a recommendation to make the solution public-facing. We are considering using Palo Alto as an internet-facing firewall for our next project because the solution is an excellent firewall appliance with impressive features and a great UI.

The user interface can be significantly simplified. The dashboard and other features can be more thoughtfully designed. We get all the data in a single dashboard, which gives us additional insights. However, it takes time to sort it all out so it's easily accessible. If the data can be presented in a more graphical and structured way, it would be more helpful.

I have been using the solution for eight months.

We have had a very minimal number of false positives with the solution and it has been very stable. There have been no issues with the firewall itself. In the previous case, we had a lot of tension between the firmware update and the customer service department. This was due to the system working itself up. We had absolutely zero capability issues.

The solution is scalable with the Azure environment. I believe it is scalable because we have many data connectors. We were able to speed up the process within the hybrid environment.

We had some technical support from Palo Alto at the time of installation.

Positive

We have been using the FortiGate firewall for almost 20 years in our environment, but we recognized the Wildfire feature and some of the AIM firewall systems. FortiGate is not a next-gen firewall. Other applications such as Gartner insight offer better connections and recommend a firewall, similar to Palo Alto Networking NG Firewalls, for better application performance. We procured the solution and we have been testing it. We don't like to put all our eggs in one basket. We need multiple firewall solutions to connect with our environment. If one fails for any reason, we can have the second one take over the job. We have servers hosted in the cloud environment and each server has a different firewall installed. If we lose our connection due to a firewall issue, a firmware issue, or if Fortinet couldn't detect malware or a zero-day attack, we would be out of luck without Palo Alto Networks NG Firewalls. We are considering utilizing both solutions to best suit our needs. 

The initial setup is straightforward. Depending on the resources and skill set of the network engineers the deployment should take between 15 and 20 minutes.

The solution provides good protection and is worth the price.

The only additional cost to our organization comes from having to train our engineers on the proper use of the solution.

I give the solution an eight out of ten.

We have two network administrators, which have been working on the design end, three analysts working on the system itself who are continuously monitoring the firewall status, three cybersecurity engineers, and two network engineers to deal with the networking concepts and any delays with the networking protocols. We also have three cybersecurity engineers to follow up with the monitoring, checking the security incidents, and responding. In total there are five users administrating this firewall on eight servers. The firewall acts as a router, filtering the packages between five servers on the other side. This provides an eight versus five network filtering job. The firewall is not public-facing. We are utilizing it to filter up the data, and packets of files, which are moving between the load balances.

We have an environment for production and for development. The development environment is for scaling our application. The production environment goes to the public, and we have a staging environment for testing our application. We have a joint venture with our clients, which we call UIT. This joint venture helps to reduce costs and create an environment that is beneficial for both our clients and us. We only use our staging environment occasionally, whenever we need to push something new to our service for testing purposes. It will be used around two to three days a week, or twelve to fifteen days a month. We are underutilizing the solution currently because we have only completed five percent of the development. We have analyzed the cost and are trying to procure the solution in our live environment.

The cost of security can be expensive when we analyze new technology and the need for new technologies to cover emerging vulnerabilities and malicious acts. I recommend Palo Alto Networks NG Firewalls because most of the colleagues in our environment, such as Cognizant, Deloitte, and many other IT companies use Palo Alto Networks NG Firewalls. 10 to 12 years ago, Fortinet was the leading security solution that most people were using followed by Cisco Firewall. Presently Palo Alto Networks NG Firewalls provide the most value from a security solution, such as the detection of vulnerabilities and malware, in a cost-effective way. 

Apart from the standard features of any firewall system, Palo Alto Networks offers some additional benefits that make it worth the price. These features include URL filtering and deep packet inspection, with the best feature being Wildfire. I recommend the solution.