Palo Alto Networks NG Firewalls Reviews

We use the solution for IPS. Palo Alto's firewall is really good compared to firewalls like FortiGate, Cisco, or any other competitor.

We're able to monitor traffic based on the source destination and geolocation. The firewall allows us to restrict user access. For example, we have restricted user access to the chat feature on Facebook.

There are about 170 total users on the client side. On the administrative side, we have two or three people.

We're using version PA-200. The solution is deployed on-premises.

We reduced access to unwanted websites by 80%. It allows us to optimize user efficiency. For example, I have restricted the calling feature on LinkedIn, so people can still use LinkedIn, but they aren't able to dial out or receive calls.

We restricted social media sites so that only basic features can be used. The monitoring functionality allows us to see which users are using which websites,  the frequency, and the level of usage. It improves the network monitoring in our organization and gives us the required control level to restrict user access.

Palo Alto Next-Gen Firewall has Panorama, which is a unified platform that natively integrates all security capabilities, but I haven't worked with it yet.

The unified platform gives us more visibility and restricts unwanted guests and unwanted traffic. It gives us more insight into network traffic so that we can analyze it.

It helps eliminate multiple network security tools and the effort needed to get them to work together. Previously, I used other network monitoring tools for bandwidth monitoring. Now, the security features and wireless detection are in a single platform, so it definitely reduces the need for multiple platforms.

It has affected our network operations and network-related costs, but it's not the main benefit. The main benefit is the visibility and not having to maintain or manage multiple platforms. It's a bit costly because it has a lot of features, and each feature has a cost. It's important to do a cost-benefit analysis and know the requirements of your organization. We don't have to manage five to seven platforms and we're getting all the information in a single platform, so we can compromise a little bit on the cost side.

The packet level inspection is the most valuable feature. The traffic restriction features allow us to restrict the sub-features of any platform.

I really like the security aspects. That's why it's highly rated on Gartner. The antivirus definitions, updates, and malware detection are pretty good.

It embeds machine learning in the core of the firewall to provide inline real-time attack prevention, which is a very nice feature. It's part of the add-on services subscription. The autonomous behavior toward malware and potential risk is pretty good. 

Machine learning is really good to have. We received some false positives with machine learning, which was the main problem we had with it.

It's very important to me that the solution integrates natively with security solutions. Inside attacks are very rare. Most attacks are generated from the outside or from a public site, so having Palo Alto is really important on a public site.

Palo Alto is like Microsoft. It has varied features, but it's too technical. A lot of the features could be simplified. The procedure, process, features, and usability could be more simple.

It's too complex and sometimes the process to implement a single thing is hectic.

I have been using this solution for about eight months.

The solution is stable.

It's scalable. If you use the virtual solution, you may need to change the subscription.

I haven't directly worked with Palo Alto's technical support, but their community logs have been really helpful and we can find the answer to almost anything. The documentation is good.

We previously used Fortinet and Cisco.

We switched to Palo Alto because it's an all-in-one solution. We were attracted by its level of detection, level of monitoring, and level of packageable inspection.

The setup is straightforward. Deployment took a week. 

I haven't used it inline directly. First, I did a port mirror. Once I was fully satisfied with the level of detection, I put all of my traffic through it.

We use two or three administrative staff for maintenance. 

The price is high.

We evaluated other features, but we chose Palo Alto early on in the process because of the features and usability.

I would rate this solution an eight out of ten. 

In terms of a trade-off between security and network performance, I would rate it more toward network security. We have a lot of other alternatives for monitoring but not for the security side or antivirus detection.

I would highly recommend Palo Alto. If you want a cheap solution, I would recommend Sophos. But if someone is looking for real-time protection, I would suggest that they go with the virtual instance of Palo Alto, which is PA-200 VM, because it simply fulfills our requirements.

For personal use or SMEs, the price of PA-400 is high, but the security and performance are worth it.

We use it for perimeter security because it gives application layer security and we also use it for VPN access.

We use the PA-3200 and PA-200 models. In terms of the version, we are one version behind the latest one. The latest version is 11, and we are still on version 10.

The biggest benefit we have seen from it is the ability to identify the traffic of our networks based on the application ID that Palo Alto can provide. Palo Alto firewalls have the most extensive App-ID library, so we are able to identify which applications are necessary for business and which ones are not. We can then block those that are not crucial for business at the firewall itself, so App-ID in the firewall was the biggest benefit to us.

Palo Alto NGFW embeds machine learning in the core of the firewall to provide inline, real-time attack prevention, which is important and very helpful. I wouldn't be able to compare it to any other product because we have used Palo Alto for eight years, but the machine learning that they have embedded into their OS has been very helpful. Based on the learning that they have done, they have been able to analyze the traffic and coordinate traffic patterns to alert us about possible malware and even block it.

It provides a unified platform that natively integrates all security capabilities. Palo Alto NGFW has been able to give us all that we need from one particular appliance itself. If we wanted, we could have also used the DNS feature, and in that case, one device could have met all our needs.

Because it's a unified platform, management is easy. You have to learn only one particular management interface. Once our IT team gets familiar with the management interface, it's easier for them to apply security policies, monitor the traffic, and manage the plans using the same GUI. There are no learning curves for different products.

We try to keep our security fairly tight. The policies that we have created on the Palo Alto NGFW have been based on security requirements. As of now, we haven't detected anything that would point to a hole in our environment, so it is very hard to say whether Palo Alto NGFW’s unified platform helped to eliminate any security holes.

It has helped to eliminate multiple network security tools and the effort needed to get them to work together with each other. It has helped us consolidate into one vendor. Earlier, we used to have an appliance for the firewall, and then we had an appliance for VPN. We had a separate appliance for the collection and correlation of data. We have eliminated all of those. They are now in one box. The same firewall gives us security policies and lets us collect all the data about the traffic flowing in and out of the network and correlate events. It has helped us eliminate the VPN appliances that we were using in the past. It has helped us to eliminate two other vendors and bring all the services into one.

The single-pass architecture is good. Everything is analyzed just once, so it improves the performance. 

Application layer firewalling has been the most valuable feature because it gives thousands of application IDs that we can use to control traffic into and out of our environment. The second most important feature has been the GlobalProtect VPN feature.

The only problem that I see with the Palo Alto NGFW being an all-in-one appliance is that because of the different features that are being put into a single appliance, the OS tends to be beefier. Over the eight years, we have seen that the number of features or analyses being put into the appliance itself has a tendency to slow down the appliance, especially at the time of bootup. So, any time we are doing maintenance work, the time required for the appliance to boot up and be fully functional again is significantly longer than eight years ago. They could find a way to make this all-in-one appliance faster.

They should also make the documentation much easier to understand. Given all the features that they have built into the firewalls, it should be easier for the end users to understand the product and all the features available on the product. They should be able to utilize the product to the maximum capabilities. The documentation and the tech support available need to improve. The tech support of Palo Alto has deteriorated over the past few years, especially after our pandemic. Getting tech support on our issues is very difficult. They could definitely improve on that.

I've been using it for about eight years.

It's very stable. We have had no issues. There are only two issues that I recall ever happening on our firewalls. The first one was when they released an application ID that caused a problem on the network, but they were able to resolve it quickly within a matter of hours. The second issue was also because of the change in the OS. In both cases, the resolution was quick.

In terms of scalability, they have a huge range of models, so depending on what your requirements are, you can scale up from the very base model that goes from 100 megabits per second to the largest one that goes to 10 gigs per second. They have a wide range of appliances that you can upgrade to based on your needs.

In terms of the traffic that can pass through the firewall, it has been fairly good for us. We have not had to upgrade our network. Being a small company, we don't have too many users. In the past eight years, we have not had to change our bandwidth for the increase in traffic. Whatever we selected four years ago, they remain the same. We have not had to upgrade the hardware capabilities just because our traffic is increasing, but in terms of feature sets, we have added more and more features to the appliances. When we started off with Palo Alto, we were only using the firewall features, and then slowly, we added a VPN for mobile users. We added a VPN for site-to-site connectivity, and the scalability has been good. We have not had to upgrade the hardware. We have just been adding features to the existing hardware, and it has not caused any deterioration in the performance.

We have about fifty users that are split between the East Coast and the West Coast. Each coast has only about twenty-five users. All in all, we have about fifty users using these products.

It used to be good in the past, but over the last few years, it has been very bad. You open a case, and you expect somebody to get back to you and help you out with the issue. They say that based on the SLAs, somebody will get back to you within a certain number of hours for the priority ticket that you created, but that getting back actually includes the initial response where somebody is just acknowledging that they have the ticket. That does not mean that somebody provides me with the solution or takes action on it. If I open a priority one case, which means my network is down, somebody will get back to me within two hours based on the SLA, but that response only includes the acknowledgment mentioning that your case has been received. That's it. It's a different question whether someone is going to get on the phone with you or give you an email about how to troubleshoot the issue and fix that issue.

I'd rate them a six out of ten based on the response time and the quality of the responses received over the last three or four years.

Neutral

We were using Cisco's router-based firewalls. They had some advantages, but they did not have a graphical interface for configuration, which was the weakest point. Getting team members on the team who were not familiar with the command line configurations for our Cisco firewalls made us select a product that provides a graphical interface for configuration, and that was a reason for moving to Palo Alto.

It has been fairly easy to set up. The initial setup is good. The migration to a new box can also be pretty straightforward.

I have had experience with setting it up from scratch, and it has been good. It's more on the simpler side. The initial setup to get the firewall in place with basic security principles is straightforward. When you go to the advanced features, it gets trickier.

The deployment duration depends on the complexity of the network and the kind of rules that you want to implement. The physical appliances are relatively straightforward to set up. For the base security, it doesn't take more than a couple of hours to set it up, but it can take a relatively long time to set up and configure the firewalls that sit in the cloud.

We use physical appliances and virtual appliances. The physical appliances are in our on-prem environment, and the virtual appliances are in our cloud environment. It took about four hours to set up the physical appliances from scratch, whereas the virtual or VMCD ones took a lot longer. It took two to three days to set them up.

For the VMCD ones, we had to get help from their pre-sales support team, but for the on-prem physical appliances, we did the implementation ourselves.

It isn't cheap. It's cheaper to replace the equipment every three years than to upgrade. We have done two refreshes of their appliances. What I have seen is that the initial hardware cost is low, but you need a subscription and you need maintenance plans. After every three years, if you're trying to renew your maintenance or subscription, that can be very costly. It's cheaper to just get a newer solution with a three-year subscription and maintenance. It's cheaper to replace your hardware completely with a new subscription plan and a new maintenance plan than to renew the maintenance subscription on existing hardware. That's the reality of the Palo Alto pricing that gets to us.

You pay for the initial hardware, and then you have to pay the subscription cost for the features that you want to use. Every feature has an extra price. Your firewall features are included with the appliance, but the antivirus feature, DNS security feature, VPN feature, URL filtering, and file monitoring features are additional features that you need to pay for. So, you pay extra for every feature that you add, and then based on the features you purchase, you have to pay the maintenance plan pricing too.

Before moving to Palo Alto, we did evaluate other options. In those days, we tried out the Check Point firewall. We tried out Fortinet, but Palo Alto was the one that met our needs in terms of the features available and the ease of learning its features and configuration. We went for it also because of the price comparisons.

Try to get hold of a presales engineer and do a PoC with all the features that you're looking at before you make a purchase decision.

It isn't cheap. It's definitely the faster one. It meets all the needs. If you're looking for an all-in-one solution, Palo Alto NGFW would definitely meet your needs, but it isn't the cheapest one.

We have not used their DNS security feature because we use a competitor's product. We use Cisco Umbrella for that. The reason is that for the DNS security to work, the traffic from those endpoints needs to flow through the firewalls, but we have a lot of mobile user devices whose traffic does not flow through the firewall and we'd like them to have DNS security. We use Cisco Umbrella because that's an endpoint application that protects the endpoints from vulnerabilities based on the DNS reputation, and all the traffic from those endpoints does not necessarily need to go through a central endpoint, like a firewall.

Overall, I would rate Palo Alto NGFW an eight out of ten. 

We have multiple offices across the United States. Palo Alto Networks NG Firewalls is the best solution for securing our network, and the best part is that we can provide a single working solution.

Palo Alto Networks NG Firewalls' embedded machine learning is very important. Every packet is inspected by the firewall, and if it is heuristic or contains a virus or some other unknown packet, it is sent to the Wildfire feature for review. If the packet is safe, it is allowed to pass through, otherwise, a signature is left to protect the organization. The updated signature is then sent to the entire network for the same packet.

Palo Alto Networks NG Firewalls machine learning helps secure our networks against threats that are able to evolve rapidly.

Palo Alto Networks NG Firewalls DNS security helps prevent DNS-related attacks in combination with our policies and machine learning.

Palo Alto Networks NG Firewalls provide a unified platform that integrates with all security capabilities.

The zero-delay security feature with cloud technology is able to immediately releases the signature and update the database.

Palo Alto Networks NG Firewalls single-pass architecture has fast processing and security because of the separate models. The networking speeds rely more on the routers, not the firewall.

The solution provides the ability to process the packets regularly saving us processing time and that is very valuable.

The user ID, Wildfire, UI, and management configuration are all great features.

The stability, scalability for enterprise-level organizations, and technical documentation have room for improvement.

I have been using the solution for six years.

When it comes to network security, there is no such thing as stability; every day brings different forms of attacks, which we must constantly work to prevent.

The solution is scalable but has room for improvement at an enterprise level.

We have around 1,000 people using the solution.

The technical support is good. We receive a quick resolution for our issues.

Positive

The initial setup is straightforward. The deployment time depends on the type of implementation the organization requires but it is not complex. We can do everything from the firewall GUI without having to install any software.

The implementation is completed in-house.

The solution is expensive. Other vendors such as Fortinet provide the same features for less.

I give the solution a nine out of ten.

Palo Alto Networks NG Firewalls is a good solution and I recommend it to others for their network security needs.

Compared to the other firewalls, Palo Alto Networks NG Firewalls are the quickest.

We use these firewalls to manage wastewater systems for over a hundred municipalities across the country. As a result, we exclusively use them in the operational technology (OT) space.

One of the key benefits is that it enables us to secure environments that may pose more significant security challenges.

The centralization capability is the most valuable feature of this solution as it enables us to monitor our systems efficiently. Additionally, the firewalls are excellent, with straightforward configuration and comprehensible interfaces that our engineers can set up with ease.

The cloud firewall solution offers a unified platform that integrates social security capabilities, but it comes at an additional cost.

I think having the ability to see the big picture is important for us, and that's not always easy to achieve. 

As for how important it is for us to have Palo Alto NG Firewalls and defense machine learning at the core of the firewall for real-time attack prevention, I think it's a bit premature to say. There are many players in that field currently, and I would prefer to see them get it right before jumping in just for the sake of being there.

A major concern is making the licensing more accessible to enable small municipalities to afford and manage their own systems independently.

I have had experience working with Palo Alto Networks NG Firewalls for a minimum of three to four years.

I would rate the stability of Palo Alto Networks NG Firewalls a nine or ten out of ten.

Palo Alto Networks NG Firewalls are very scalable.

As far as I know, the technical support for this solution is excellent. 

My team has used it a few times and has always been satisfied with the service. I have never received any negative feedback regarding the support lines.

I would rate the technical support an eight or nine out of ten.

Positive

A lot of the municipality's systems rely on Palo Alto Networks NG Firewalls to stay online, and we've found that they provide better uptime compared to most other solutions.

Our downtime has been reduced by 80 to 90% with the implementation of Palo Alto Networks NG Firewalls.

I was not involved in the deployment process.

We have seen a return on investment. By centralizing our monitoring of systems, we have been able to make our lives easier.

The licensing leaves a lot to be desired. 

We buy the license and then we can't transfer the license without paying an exorbitant fee to our client if they leave us, and that just seems to be a bit of a pain point for us, and there's really no way to partner effectively to make that more reasonable.

We continuously review firewalls, whether it's Check Point or Fortinet, or Cisco. But Palo Alto has been the best for us.

As most of our environments are in the cloud, we don't have a lot of experience in securing data centers.

If a colleague at another company is only looking for the cheapest and fastest firewall, I would advise them that Palo Alto Networks is not the right solution for them. 

While it may not be the most affordable or the quickest to set up, the investment in Palo Alto Networks NG Firewalls is well worth it in terms of reliability and security. 

Choosing a firewall based solely on cost and speed may result in a false sense of security and leave the organization vulnerable to breaches and downtime.

I would rate Palo Alto Networks NG Firewalls an eight out of ten.

These are gateway firewalls to the Internet for every site. At a majority of the sites, we use the firewall as our gateway for the network below.

Previously, we used them just for the Internet firewall and Internet security side. However, in the last year or two, we have started to migrate them as the gateway routers, e.g., as gateways for the networks below. They are doing Internet firewalling as well as firewalling for the networks below.

We are using the PA-220s, PA-440s, PA-820s, PA-3250s, and PA-5250s. We are using all of those hardware models. Then, we are running the PAN-OS 10.1.3 on those.

We have around 40 locations worldwide. At minimum, we have one Palo Alto Networks NG Firewall at each location. At some of the larger sites, we have two Palo Alto Networks NG Firewalls in HA configuration. Then, at our headquarters and disaster recovery site, we have two at each site.

The WildFire feature that they offer is very nice to have. The URL filtering that they offer has been a great help to us as well. We have found with the URL filtering that they offer that we are able to categorize what traffic can go outbound to the Internet from our internal network. By doing the URL filtering, we are able to say that we are not allowing gambling, adult content, or certain URL categories that we just don't want to allow. Then, with WildFire, that helps detect any viruses coming inbound or on east-west traffic inside of our network.

Palo Alto Networks NG Firewalls embeds machine learning in the core of the firewall to provide inline, real-time attack prevention, which is very important. I got an email saying that there was going to be a new 400 series firewall, and it was talking about the ML and AI features that it is offering. That is very exciting to see coming for all our firewalls.

We have the Palo Alto Next-Gen firewalls as well as Cortex XDR for the antivirus side. We are making use of Cortex XDR and Data Lake to correlate the data. We definitely see the benefits of having all that in one unified platform. Some of my colleagues are able to see how certain malware security incidents can correlate to how the virus or malware came into the network, then how it traversed our network based on the XDR information.

I can manage 1,000 firewalls from a single pane of glass.

I am looking to have the machine learning see how a virus or malware will morph, then prevent that from happening. That seems invaluable at this point.

We have a lot of the older firewall models, i.e., the PA-220. It seems that with newer operating systems the PA-220 is becoming slower than when I first bought it. It is not really an issue for users who are passing traffic through the firewall, but more from the management access of it.

We have had them for about three years.

I have had some issues here recently, but it has been more operating system issues. As far as the hardware goes, they have been very solid. Out of the last three or four years that we have utilized Palo Alto Network NG Firewalls. I have only had one time where I had a hardware failure on it that had to get a replacement.

It is very scalable. The Panorama management tool makes it very easy to add a new firewall. You can add one, 10, or 100 firewalls, deploying them quickly and keeping the same security posture that you had in place previously with other devices.

I have not noticed any trade-offs from security versus network performance at all. I think they are both running very well. We haven't lost network performance with an increase in security or vice versa.

The entire company is using the solution. We are a manufacturing company who manufactures electronic interconnects. We have our own marketing department, engineering, learning development, HR, accounting, and IT. Thus, we have a broad spectrum of users who are using the solution.

We actually have a very small staff. There are only five of us who are actively administering the Palo Alto environment. We have around 40 locations worldwide with just over 8,000 users globally.

We are using it at every facility. We are using it as a gateway router as well as our next-gen firewall. We have no plans to change all that. We are pretty happy with how we are configured. So, I think we will keep that trajectory.

The technical support is very good. I am very happy with the tech engineers. They have always been quick to respond and very knowledgeable about the issues that I have had. They help me get those issues resolved quickly. I would give them 10 out of 10.                                

Positive

It gives us added security compared to our previous firewalls. They were very cumbersome to manage, and they had no central management. By switching to Palo Alto Networks NG Firewalls, we made use of the Panorama management tool to manage all our firewalls. The management side is much easier. Also, it provides visibility from their monitoring to be able to see the traffic. Whereas, I was not able to see that before with our previous firewall manufacturer.

With our previous firewall vendor, the maintenance was running to the end of its contracts. Therefore, we were looking to switch anyway because we just weren't happy with that hardware. Our implementation strategy was basically to replace all the old firewall hardware with something new. At the time, we were pretty happy with what Palo Alto Networks was offering.

The setup is very straightforward. I am familiar with other firewalls and the configurations for them. Switching to the Palo Alto Networks NG Firewalls was pretty seamless.

The initial deployment of the first site, switching from the old firewalls to the Palo Alto Network NG Firewalls, took about two to three days configuration-wise. Actually switching over from the old firewall to the new firewall was pretty seamless because we can preconfigure the firewall and then replace the old firewall with it. There were no issues.

Our VAR helped us do some research on what firewalls would be the best for us. We did our own testing, and we liked this solution. That is why we ended up going with it.

We do have other tools that we are phasing into the Palo Alto unified platform environment, bringing in Cortex XDR as well as looking at SIEM products. So, we definitely see the benefit of the unified platform. We have been able to cut down on some of our other hardware. So, it is definitely saving us costs as far as combining different hardware into one hardware device.

We have not had to replace hardware routers nor purchase additional hardware. So, that has provided a little bit of an ROI.

The Palo Alto solution is actually not expensive. It was comparable to the old firewall manufacturers that we were using. From the benefits that we have gotten out of the Palo Alto products, it is well worth the difference in cost, even though the difference in cost is not much at all. I would highly recommend Palo Alto products to anyone.

I just started getting in some of the PA-400 series a couple weeks ago. As far as pricing goes, it was not that much more than the existing hardware platform or the existing firewall that we had in there, i.e., the PA-220. It was not much more expensive and the performance was way better, as far as the management of the firewall itself. The management of those firewalls has greatly been increased.

When we were looking to switch, we narrowed it down to two or three. Then, we obviously decided to go with the Palo Alto product. Palo Alto had better specifications for their hardware.

I would highly recommend the solution as well as looking at the new PA-400 series product line with the machine learning and AI. That is a very good feature that is now available.

The biggest lesson for me was to not skimp out on hardware based on pricing.

I would give this solution 10 out of 10. I am very happy with the product.

We use the solution to access clients.

I like the configuration of the product. The configuration is quite simple to understand. The product is easy to manage.

The solution has a lot of features. However, there are no deep configurations available. The functionalities are limited. Other products offer more customization.

I have been using the solution for the last five years.

The product is stable.

The product is currently being used by three of our customers. We provide them with dedicated VMs.

The local support is good. The response is slow when I try to reach out to technical support on the customer portal. It might be because the tickets I raised were P3 or P4 tickets. However, I do not get proper responses for P2 tickets either. I get a good response when I call support directly.

We also use FortiGate, Check Point, Forcepoint, and SonicWall. We use the tools based on our clients’ requirements.

The initial installation was easy. It was not difficult for me because I am familiar with many products.

The solution is worth the money. However, there are other tools that provide features similar to Palo Alto but are less expensive.

The solution’s cost is a little high compared to other products.

I will recommend the tool to others. It is a fine product. If someone is looking for DLP and other features, the product might not suit them. The product has good URL filtering features. Overall, I rate the solution a seven or eight out of ten.

We use Palo Alto Networks NG Firewalls to protect our end-to-end environment.

Palo Alto Networks NG Firewalls use machine learning embedded in the core of the firewall to provide in-line, real-time attack prevention.

Palo Alto Networks NG Firewalls use predictive analytics and machine learning to instantly block DNS-related attacks. The data for attacks or prevention is based on a segmented mask. Palo Alto Networks also keeps signatures updated on a holiday and on the Palo Alto Network and cloud. This helps to prevent signature leaks and secures dynamic web applications.

The solution is able to detect and resolve the initial tunneling attack.

Palo Alto Networks NG Firewalls are constantly being updated with new feature packages, and the improvements are the best we have seen compared to any other product in the industry. This is due to the company's deep knowledge of technology and the field.

The solution provides a unified platform that natively integrates all security capabilities. The ability to integrate all of the capabilities is good because it is ready to use right out of the box. Additionally, it is an ECPU. The security is quite robust.

The unified platform helps to eliminate security holes in our organization by providing multiple layers of security. This is important because it can help to prevent any attack.

The unified platform helps eliminate the need for multiple network security tools and the effort required to get them working together. If we are filtering traffic using any other firewall, we will be using different processing methods. However, when we use a firewall or a third-party tool, it then has access to the restriction using the firewall. We can then use this feature to centralize and combine with this.

The zero-delay signature feature handles Wi-Fi. It analyzes each file type that is downloaded during a session and then sends the file analysis signature to the file cloud. This has made our network more secure.

Palo Alto Networks NG Firewalls' single pass architecture provides greater security and performance because all security functions are consolidated into a single device.

I like the remote access and URL filtering features that are available on global products. There are also other features, such as application-based access, that allow us to provide user IDs based on the type of access needed.

The analysis of the ITS ID by Palo Alto Networks NG Firewalls could be improved.

I have been using Palo Alto Networks NG Firewalls for six years.

Palo Alto Networks NG Firewalls are stable.

Palo Alto Networks NG Firewalls are scalable. We have around 10,000 users.

The technical support is generally good, but it can be difficult to get the right person on the phone.

Positive

The initial setup is moderate. We can deploy within an hour or two. The deployment requires two people. Four to five people can handle the maintenance.

We implement the solution for our clients. 

Our clients have seen a return on investment with the solution.

Palo Alto Networks NG Firewalls are expensive compared to other firewalls such as FortiGate Next-Generation Firewall.

I give Palo Alto Networks NG Firewalls a nine out of ten.

Organizations that require network security should not choose a firewall based on cost. I recommend Palo Alto Networks NG Firewalls to harden security posture.

I definitely recommend Palo Alto Networks NG Firewalls for medium and large organizations.

We use Palo Alto Networks NG Firewalls for our network security. We deployed the solution on both the cloud and on-prem.

Palo Alto Networks NG Firewalls machine learning secures our network against threats that evolve rapidly.

The DNS security feature is already commonly used for authentication by clients, with many threats being pushed from the inside to the outside. DNS security helps improve our network.

The DNS security feature is integral in protecting against DNS tunneling.

The solution provides a unified platform that natively integrates all security capabilities. Palo Alto Networks NG Firewalls' unified platform helps us eliminate security threats. We use all the Palo Alto Networks NG Firewalls' features including the UTM, WiFi, and VPN feature to protect our network. 

Both the network performance and security of the single-pass architecture are good. 

There are many valuable features, such as wireless cloud features. The IP and signals are updated regularly, and all UTM features provide good basic gateway-level security.

Palo Alto Networks NG Firewalls machine learning in the core of the firewall to provide real-time attack prevention is a basic requirement for our private security network.

The bugs can be improved.

I have been using the solution for eight years.

The solution is stable. We encounter small bugs sometimes but they are not a problem.

The solution is scalable.

The technical support is good.

Positive

For experienced people, the initial setup is straightforward. Cloud deployment can be challenging for someone new. The deployment takes around one hour.

We implement the solution for our clients.

I give the solution a nine out of ten.

Our clients are enterprise-level.

The PA400 series has good performance and security.

I recommend Palo Alto Networks NG Firewalls to others.