Palo Alto Networks NG Firewalls Reviews

Palo Alto Networks NG Firewalls protects our network from outside threats. I use Palo Alto Networks NG Firewalls to block phishing-based malware attacks, DNS security, WildFire, application, and user identity awareness. A common outside threat is a phishing email that tricks a user into clicking a malicious link, and our firewall blocks that suspicious file and protects our end user.

I use Palo Alto Networks NG Firewalls for VPN, remote VPN, and site-to-site VPNs, and application-based policies.

Palo Alto Networks NG Firewalls offers application and user awareness, which allow me to control traffic based on threats. The product includes threat prevention, advanced threat prevention, and deep packet inspection that really helps prevent issues in our network. Deep packet inspection inspects full traffic content, even inside applications and encrypted sessions.

Deep packet inspection makes a very practical difference day to day because it lets me see and control what is actually inside the traffic, not just the open port or IP. I have real visibility of which application is running instead of just seeing HTTPS.

Palo Alto Networks NG Firewalls WildFire sandboxing is really good at detecting and blocking zero-day malware automatically, along with its GlobalProtect and DNS security features.

Using Palo Alto Networks NG Firewalls positively impacts my organization by providing strong security, better visibility, faster response, and simplified operations. After deploying Palo Alto Networks NG Firewalls in our network, it blocks malicious traffic and prevents compromises that occurred before Palo Alto Networks NG Firewalls. I can now block outside IPs to prevent issues.

After Palo Alto Networks NG Firewalls installation, I reduced 60 to 70 percent of malware and phishing attacks. Its threat prevention and DNS security features detect these attacks, block malicious domains, and reduce manual efforts for the security team.

Palo Alto Networks NG Firewalls can improve a little bit in the dashboard and GlobalProtect configuration, as the GlobalProtect configuration is too long with multiple options scattered across different tabs.

In terms of improvements needed, the dashboard visibility and logging system could enhance user experience, as some models rely heavily on external logging.

I have been using Palo Alto Networks NG Firewalls for the last two years.

Palo Alto Networks NG Firewalls is stable in our network.

Palo Alto Networks NG Firewalls scales very well, both vertically and horizontally, and the scaling process is smooth.

Customer support for Palo Alto Networks NG Firewalls is really good.

Before using Palo Alto Networks NG Firewalls, I used SonicWall firewall, which is a Dell product, but it did not provide much security in our network as some malicious traffic passed through it, prompting me to switch.

I have seen a return on investment as there are definitely clear cost reductions, resource savings, time savings, and improved risk detection. The risk in our environment reduces by 70 to 80 percent.

The pricing cost for Palo Alto Networks NG Firewalls depends on the models and requirements, such as the throughput I want and how many users I can manage via the box. The setup cost is worth it, and the licensing is dependent on which features I can utilize. Overall, the pricing is well affordable.

Before choosing Palo Alto Networks NG Firewalls, I evaluated other options such as Sophos and Fortinet firewalls.

I rate Palo Alto Networks NG Firewalls a nine on a scale of one to ten.

I choose nine because of WildFire's effectiveness and its excellent threat prevention capabilities. Its DNS security works well, and it provides faster responses that help detect and prevent malicious traffic quicker than other OEMs.

I recommend others to use Palo Alto Networks NG Firewalls, as it is a powerful firewall.

Palo Alto Networks NG Firewalls is a really good product. This review rating reflects my overall satisfaction with the solution.

Now we work mainly with Palo Alto Networks NG Firewalls on-premises. Before that, we used Prisma Access in some proofs of concept and in a previous job I had, because I am a network consultant.

We use them to do application firewalling and next-generation firewalling to protect the network.

The most beneficial aspects are the good user interface and the practical CLI. Palo Alto Networks NG Firewalls are one of the best security products in the market at the moment, and they have a very good team.

SSL decryption is valuable because it allows you to perform man-in-the-middle analysis of all traffic. Since 80-90 percent of all traffic these days is HTTPS and therefore encrypted, if you do not do SSL decryption, then you cannot see application behavior or the payload of the traffic. This feature is necessary to allow or deny specific traffic flows, which makes it very interesting to have.

Another valuable feature is the ability to define your policy based on users. You can only give user groups specific access towards specific applications or internet access.

Bandwidth usage is not something we use much, but it depends on the SD-WAN plugin because the application load balancing is based on the SD-WAN product. That functionality does not work as it should, although the App-ID is working very well.

SD-WAN functionality is working, but when you compare it with other products on the market, it is very limited. Palo Alto also has ION devices, and ION devices together with Prisma Access or Strata Cloud Manager now are more the way to go than using Palo Alto Networks NG Firewalls on-premises.

At the moment I have some issues, but the issues are more related to the general way of working of many vendors. They implement new things very fast and it is not always bug-free. With new releases, sometimes you still have some issues. This is the main concern. If you look back five or maybe ten years ago, the products were more stable and you had more decent releases, but that is something in general for many vendors. Palo Alto is also a factor with that. They want to bring new features to the market too fast.

Features are a concern because all vendors try to compete against each other. If one vendor comes out with a new feature, then other vendors do the same. Sometimes they want to be the first on the market with it, and that sometimes introduces bugs or issues with the product.

I have been using this product for maybe six or seven years or longer.

Palo Alto Networks NG Firewalls are stable, that is for sure.

Scalability is challenging because it depends on which Palo Alto Networks NG Firewalls product you have. If you are on-premises, then you have to choose a product and you cannot just upscale it because it is a physical hardware product, so it is not easy to say whether it is easy to scale up or down.

The customer service can always be better, but it is okay and good.

Negative

We use some Azure Firewall and Panorama, but it is not really comparable because of the cloud-based integration. I am thinking more about App-ID or the Strata Cloud Manager, but we do not use Strata Cloud Manager at the moment. We also do not use Cortex XDR. These products are not really related to Palo Alto Networks NG Firewalls on-premises.

Azure Firewall is a different kind of product and is worse than Palo Alto Networks NG Firewalls. We implement Palo Alto Networks NG Firewalls inside Azure or inside the cloud instead of using Azure Firewall. Palo Alto Networks NG Firewalls have much more security features. Palo Alto is a security product, while Microsoft Azure is not a security product. They are not bad, but there is still a big difference.

If you know the product, then it is easy to implement and easy to set up or to spin it up.

The Azure Marketplace is only for firewalls that you can deploy Palo Alto Networks NG Firewalls inside Azure. We bought via a local distributor and we received some credits that you can use in the marketplace.

Palo Alto Networks NG Firewalls are quite an expensive product in the market because there are other competitors which are less expensive. However, it is added value to have a firewall because you cannot think about a network without a firewall, and the best way to protect yourself is using Palo Alto Networks NG Firewalls.

If you know the product, then it is easy to implement and easy to set up or to spin it up.

We use both on-premises and in the cloud. We use Microsoft Azure Cloud, and there we have a virtual Palo Alto Networks NG Firewalls running. Palo Alto Cloud is Prisma Access or Strata Cloud Manager. We are using Strata Cloud Manager essential product, which is a Palo Alto Cloud product, but we do not have the Pro version of Strata Cloud Manager because it is quite expensive. We are using on-premises Panorama instead.

We do not use Cortex.

I gave this product a rating of eight out of ten.

My main use case for Palo Alto Networks NG Firewalls is zone protection.

I use zone protection with Palo Alto Networks NG Firewalls by defining external and internal zones, and traffic flows accordingly based on whether the user is coming from the Internet or from an internal source.

Palo Alto Networks NG Firewalls' application context, traffic flow, netting, and other features help provide protection in a more secure way.

The best features Palo Alto Networks NG Firewalls offers include AI powered threat prevention, unknown attacks, comprehensive cloud delivery security services such as URL filtering, Wildfire, Panorama for centralized management, DLP for data loss prevention, zero trust capabilities for secure access, traffic visibility and control, global protect (GPCS), and scalability.

I find myself relying mostly on application-based policy enforcement, user identification using LDAPs, and URL filtering.

GlobalProtect is crucial for secure remote access, as it helps us create a VPN for employees working from home to securely access resources from external to internal.

Palo Alto Networks NG Firewalls has positively impacted my organization as it is very advanced, providing all the features in one place.

Since implementing Palo Alto Networks NG Firewalls, I have noticed that the Panorama dashboard saves time because instead of checking different devices, I can view everything in one place, allowing for easier troubleshooting.

We can improve Palo Alto Networks NG Firewalls by adding more features that may work on older versions of Panorama; however, I appreciate what we currently have and believe there is no need for major improvements.

I have been using Palo Alto Networks NG Firewalls for the last five years.

Palo Alto Networks NG Firewalls is very stable.

Palo Alto Networks NG Firewalls is designed for scalability through hardware modality, with its PH series firewalls and cloud solutions such as VM series that dynamically scale in public cloud environments such as AWS and OCI.

Customer support for Palo Alto Networks NG Firewalls is user-friendly.

Before using Palo Alto Networks NG Firewalls, I was using Checkpoint.

I switched from Checkpoint to Palo Alto Networks NG Firewalls because it features a more user-friendly dashboard along with advanced capabilities such as URL filtering, threat prevention, app ID, and content ID.

I have seen a return on investment since using Palo Alto Networks NG Firewalls in terms of time saved.

I do not have much experience with pricing, setup costs, and licensing; however, setup costs are not publicly listed and involve hardware purchase, virtual machine costs, and licensing for security subscriptions such as Federation and URL filtering.

Before choosing Palo Alto Networks NG Firewalls, I evaluated other options such as monitoring tools from Netgears.

My advice for others looking into using Palo Alto Networks NG Firewalls is to leverage their next generation firewall capabilities by implementing a phased customized deployment, segmenting your network with zones, and applying granular security policies based on app ID.

Palo Alto Networks NG Firewalls provides comprehensive network security by identifying and controlling applications, users, and content at the application layer, featuring app ID and user ID, which enhances the user experience.

On a scale of 1-10, I rate Palo Alto Networks NG Firewalls a 10.

We use three types of firewalls for comprehensive network security. Our perimeter firewall, a Palo Alto Networks NG Firewall, safeguards our network from external threats by controlling access at the network's edge.

Palo Alto Networks provides a unified platform by integrating its next-generation firewalls with Cortex XDR, an extended detection and response solution.

It also provides inline protection using ML, which detects almost 100 percent of threats.

Palo Alto Networks NG Firewalls are top-of-the-line security solutions. We are quite satisfied with their performance, as they have effectively addressed our security needs without any issues. Their robust features and reliability make them a valuable asset to our organization.

Palo Alto Networks NG Firewalls block up to 3,000 daily attacks on our organizations.

We utilize nearly all the features of Palo Alto Networks NG Firewalls, including threat detection and anti-spyware capabilities.

Palo Alto Networks NG Firewalls lack built-in multi-factor authentication, requiring the purchase of a third-party tool to implement this essential security feature. Competing firewalls often include this functionality as a standard feature, highlighting an area where Palo Alto Networks could improve its product offering by integrating multi-factor authentication natively.

I have been using Palo Alto Networks NG Firewalls for two and a half years.

We have premium support, which I've contacted three times in two years. Their response time is within one hour.

Positive

I have used almost all the firewalls, including Fortinet, Cisco, WatchGuard, and Sophos, but Palo Alto Networks NG Firewalls are the best. Their inline detection capabilities provide unmatched results compared to other vendors.

Following the successful completion of my Palo Alto certification and a six-month proof of concept, I deployed the NG Firewall without issue. The initial deployment was completed in two days; however, the fine-tuning process required an additional 25 days.

Although Palo Alto Networks NG Firewalls are expensive, they are the best option. We are satisfied with their performance and plan to renew our subscription. Additionally, we will implement these firewalls in our other locations, including our smaller offices.

While Palo Alto Networks NG Firewalls come at a premium, exceeding the cost of most competitors by 45 percent, their advanced security features, superior performance, and comprehensive threat prevention capabilities justify the investment.

I would rate Palo Alto Networks NG Firewalls ten out of ten because it is the best. 

Our disaster recovery site utilizes Palo Alto Networks Next-Generation Firewalls. We are also in the process of upgrading the firewalls at our 365 sites in Pakistan to Palo Alto Networks firewalls.

While budget firewalls may advertise comparable features, they often fall short of effectively detecting viruses, threats, and ransomware. In contrast, Palo Alto Networks NG Firewalls, combined with Cortex XDR, provide comprehensive threat intelligence and detection capabilities, ensuring superior security coverage.

I recommend conducting a proof of concept before selecting a firewall. This will allow you to evaluate different options and determine which best suits your needs. While Palo Alto offers robust firewall solutions, it's essential to compare them with other vendors to ensure you make an informed decision.

My main use case for Palo Alto Networks NG Firewalls is helping my students use this resource and understand why it works and how it works. I now understand the benefits and the gaps that the firewall has. This involves not just one project, but several teaching classes and discussions with customers about many uses.

I can provide a specific example of how my students and I use Palo Alto Networks NG Firewalls in a class or project. I have participated in a process where the next-generation firewall works with another Palo Alto tool, Prisma Access, to deliver secure access for customers and their companies.

Palo Alto Networks NG Firewalls positively impacts my organization and classes. When students learn what the firewall can do and how it does it, I believe that some myths that customers normally develop are resolved.

In my opinion, the best features of Palo Alto Networks NG Firewalls include App-ID. Application identification was the first game-changer when it was released. I know that other companies have similar features now, but the way Palo Alto understands applications is differential, and this helps deliver security in a manner that other firewalls cannot do.

These features help in my classes and with customers because they have changed how a firewall identifies the flow. Before App-ID, firewalls needed to use the IP address and port, which limited them to Layer 4. With application awareness, the firewall can go further to Layer 7, allowing users to identify exactly the traffic without solely trusting IP or port to determine the type of traffic. This is why I think they are a game-changer.

Other features including Content-ID, decryption, and protections against DoS attacks add significant value. It is not just an App-ID device, and Palo Alto keeps trying to bring new advancements to stay on the cutting edge of technology, which I think is great for them.

Regarding the myths that get resolved, I think that the AI solutions Palo Alto is bringing with tools such as AIOps or Strata Cloud Manager help customers understand the benefits of their rules and how to create a great experience for them and everyone who lives in the house.

I think there are some gaps, but not in network security. These gaps should generally be addressed by other features from the company. When I attempt to find solutions regarding this, I believe there are options available.

I have been using Palo Alto Networks NG Firewalls for around eight years. It was my first product that I had contact with in my new role.

My advice for others looking to use Palo Alto Networks NG Firewalls is that it is a great tool, but it has many details. If you want to improve your network security device, Palo Alto could help, but the programming is not so easy. I would rate this product an 8 out of 10.

It was set up for VPN tunnels and inbound file access in my previous organization. We also had connections from our on-prem systems to any cloud systems, meaning Azure, AWS, or site-to-site VPNs.

We had a unified platform to look at and compare configurations between firewalls, the versions that we have, and what was available. We could do upgrades or updates to the firewalls using the interface.

Palo Alto Networks NG Firewalls are the best in the field in terms of usability and coverage.

Palo Alto Networks NG Firewalls did help reduce downtime. Because of the features that they had, we were able to push updates. We would do one site at a time. We had set up the cluster mode, so it saved the previous configuration, and then it went through the updates while the other one was running. It would apply the patch, recycle it, and make sure all the connections failover before going to the next one.

We rarely had any downtime. We were running 24/7. Most of the issues we had were with ISP. We did have multiple firewalls, and we were going through two different ISPs. Once one ISP was down, and then it was able to switch over to the other ISP automatically because of the way it was set up. If we had not set up the clustering or failover correctly with the Palo Alto Firewalls handling the two ISPs, it would have been almost a day's worth of downtime. When one ISP was down, if it had not automatically failed over, we would've had to go in and take care of this. This team was pretty much remote, so it would have easily taken us a day.

It was valuable in inspecting packets and analyzing traffic patterns. It helped us understand where people were going and what kind of interactions they were doing. We could go to the level of controlling access and uploads/downloads. We could control what they could do, what ports could be opened, and what ports were blocked. We could handle all that.

Understanding the flow and application of securities can be complex, requiring navigation across different sections. Further integration into a unified system could improve usability.

It is a bit complex to understand the flows and how the securities are applied to each of those flows. It was a little bit challenging because we had to go to two different sections to figure that out. It would be helpful if it is all unified so that we can see the way the firewall connections and security are set up and the applications that are using those connections. It could be structured differently so that it is more understandable. It has been a while, but it was a bit of a complex way. We had to hop from one area to the other and go back and forth to figure out how a specific connection and application was set up.

I have used the solution for two years and was hands-on for one year.

Customer service and support have been very helpful and enabled the successful setup of site-to-site VPNs.

I have interacted with them on multiple occasions, and they have been good. We had some challenges in terms of setting up these site-to-site VPNs, and they were very helpful. They enabled us to be successful in setting up new infrastructure.

We had three different sites. I handled two specific sites. One was an existing site, and the other one required setting up brand-new infrastructure. In both cases, we reached out to Palo Alto for support, and they were very helpful.

Positive

I previously used Cisco firewalls, which are more network-oriented and complex. Palo Alto Networks firewalls are easier to manage and maintain. Palo Alto is more application-oriented than Cisco. Cisco is more network-oriented. The interface of Cisco firewalls is very complex. With Palo Alto firewalls, there is an opportunity to improve, but it is still good.

With Cisco firewalls, no-downtime upgrades are very difficult or complex to do. Palo Alto firewalls are easier in terms of upgrading and minimizing downtime.

The pricing of Palo Alto firewalls is better than Cisco firewalls. Cisco firewalls are not cheap.

Cisco ASA firewalls are very good but require a pretty knowledgeable engineer to manage and maintain. Palo Alto firewalls are great. I am not implying that they are simple, but it is easy to manage and maintain a complex infrastructure with them.

It was deployed on-prem. The whole building management system, such as door access security or cameras had to connect to the SaaS for video processing or tracking and recording. All those interfaces went through the firewall.

The biggest challenge we had was the download. The initial configuration was challenging, especially setting up site-to-site VPNs. Going through our Internet Service Provider took a while because those were all brand new. Setting up the firewall to talk and open it on the backend was a little bit of a challenge. We were also using a software-defined network, and there were some challenges in setting those connections up. There were also other data centers we had to talk to on a different protocol specifically for exchanging files. I believe it was a serial connection between systems. We had a few unique things in terms of setup.

The implementation was handled internally with some support from Palo Alto Networks when needed.

The solution helped reduce downtime, which is crucial in time-sensitive industries like manufacturing. This reduction in downtime was significant and contributed to overall operational efficiency.

If you are in the manufacturing site, you do not want employees waiting for the infrastructure to be restored and get networks going. Especially in drug manufacturing, things are time-sensitive and under heavy regulation. You could lose the resources or the raw materials needed for producing your final product. From that aspect, it was very critical. There were a lot of savings there.

Palo Alto Networks offers more cost efficiency compared to Cisco, with better operational and maintenance ease. 

Its initial cost may be high, but the overall return on investment is superior due to reduced downtime and maintenance costs. When it comes to the cost, in addition to the initial investment, you have to look at the investment in the hardware, maintenance, and the time that you spend on it. Those all have to be added. Palo Alto provides the ease of operational maintenance.

I would rate Palo Alto Networks NG Firewalls a nine out of ten.

Palo Alto Networks NG Firewalls are primarily used for perimeter security, typically deployed in pairs at most locations. Smaller sales offices often have just one, while larger facilities prioritize security with more firewalls due to their broader operational scope. These firewalls are also highly valuable in mixed environments where standardized security features are essential.

Palo Alto Networks NG Firewalls provides a unified platform that natively integrates all security capabilities. Panorama is our single console that allows us to do all things Palo Alto. We are a value-added reseller. Some customers specifically request Palo Alto firewalls, while others need guidance and comparisons. 

Palo Alto Networks NG Firewalls are considered some of the most secure firewalls available, offering robust protection when configured with strict security rules. Palo Alto firewalls maintain consistent security functionality across all models, with the primary difference being throughput capacity. While they previously faced criticism for their licensing model requiring separate purchases for features like URL filtering, their advanced malware detection, Wildfire and other integrated tools like IDS, IPS, and SIEM reporting provide comprehensive threat protection. Furthermore, their single-pass processing architecture mitigates the performance degradation typically associated with enabling multiple security features, ensuring consistent performance even with advanced threat protection enabled.

It can help reduce downtime caused by malicious insiders. If an employee intends to steal data on behalf of a competitor, these firewalls can help prevent data exfiltration and maintain network availability.

The most valuable feature of Palo Alto Networks NG Firewalls is Cortex Data Lake. This AI tool leverages data from 70,000 Palo Alto customers, correlating breaches and intrusion attempts into a back-end engine to analyze zero-day and incoming threats rapidly. This means if someone was attacked two days ago, I am protected from that same attack because the information is already in the system. My subscription to the Cortex Data Lake AI platform applies to my latest Palo Alto firewall, regardless of the specific model.

Palo Alto Networks NG Firewalls offer best-in-breed security but could improve by reducing their pricing. Their current premium pricing strategy limits accessibility for many customers. A more competitive pricing model would enable a wider range of organizations to benefit from their advanced security features.

I have been using Palo Alto Networks NG Firewalls for 12 years.

Palo Alto Networks NG Firewalls are considered highly secure in the industry. Their main vulnerability stems from administrators configuring overly permissive rules. However, with appropriately configured policies, these firewalls can provide robust network security. 

Palo Alto firewalls offer scalability across their various models, with throughput capacity being the primary differentiator. All models share a consistent set of security features, ensuring functionality remains the same regardless of the firewall's size. This simplifies adjustments as needs change.

Customer service and support for Palo Alto Networks are excellent. They provide fast response and rapid remediation of problems.

Positive

The initial setup is straightforward, especially with Palo Alto's zero-touch configuration concept. Plugging the firewall into the network and applying a predefined template allows quick and efficient deployment. With thorough network planning and pre-built configuration templates, firewall deployment can take less than an hour and be done by one person.

Increased data security and reduced cyber insurance premiums deliver a clear return on investment.

Palo Alto Networks NG Firewalls have a higher price tag, costing roughly twice as much as competing products. However, this investment translates into substantial security advantages and has the potential to reduce cybersecurity insurance costs.

I rate Palo Alto Networks NG Firewalls nine out of ten.

When choosing a firewall, consider the implications of prioritizing cost over security. Your vulnerability, attack surface, and the sensitivity of your data should factor into your decision. Industries like retail, aerospace, and engineering often handle sensitive data, making them attractive targets. Cyber insurance costs decrease as security measures increase. Opting for the cheapest firewall might lead to a significant increase in insurance premiums, potentially exceeding the price of a more robust firewall.

While no firewall is perfect, Palo Alto Networks NG Firewalls offer comprehensive security and reliable performance. However, choosing a firewall involves balancing cost with the sensitivity of your data and your risk tolerance. I recommend Palo Alto Networks NG Firewalls.

In my previous company, we used Palo Alto Networks NG Firewalls for the government, specifically for the Security Operation Center (SOC). We used it not only for on-premises but also for the cloud infrastructure in AWS. Instead of using the cloud-native firewall, we implemented Palo Alto Networks NG Firewalls to inspect the traffic.

The version we work with varies based on the customer.

Palo Alto Networks NG Firewalls reduced the downtime. We upgraded the primary and then failed over to the secondary, so there was no impact on the customer. There was just one ICMP packet drop.

The IPS with firewalls is very important. We do not have to buy a separate appliance. We have just one firewall. We have the single-plane and parallel processing. The traffic is spread from layer 2 to layer 3 to layer 4 to layer 7, including the applications. There are also antivirus, spyware, and vulnerability checks. It is very important to inspect the traffic.

I find Palo Alto Networks NG Firewalls to be a stable product and very easy to manage from layer 4 to layer 7. They are also seamless for environments with high availability. During upgrades, there is a seamless failover to the secondary firewalls. It is very reliable. I have upgraded these firewalls a lot, and I do not see any issues or failures on the firewall or the hardware. It also depends on whether you have a higher-end or a lower-end model, such as the 800 series or the 220 series, which can be very slow, but eventually, it manages to come up. 

It is very easy to learn and user-friendly. The integration is also easy.

When the primary Palo Alto Networks firewall fails over to the secondary, it requires manual intervention to bounce the IPsec for it to work properly. Unlike BGP peering, which automatically changes from idle to established, this process needs automation. In Cisco, there is no need to bounce the IPsec traffic during failover, and I suggest automation for Palo Alto Networks in that process.

I have been using Palo Alto Networks NG Firewalls since 2017.

I find Palo Alto Networks NG Firewalls to be very reliable. 

I do not see any trouble with the scalability of Palo Alto Networks NG Firewalls. They are able to secure data centers consistently across all workplaces, from the smallest office to the largest data centers.

Palo Alto is one of the leaders. Fortigate is pretty close, but no one can beat Palo Alto in the data center environment. Most of the customers prefer to use Palo Alto Networks NG Firewalls.

I am satisfied with their support. Even if a support engineer is not immediately helpful, I can escalate very quickly and get assistance.

Positive

I also use Cisco firewalls. With Cisco firewalls, there is no need to bounce the IPsec traffic during failover, but Cisco only supports up to layer 4. Palo Alto Networks offers better features up to layer 7. Palo Alto wins in terms of new features, but for traditional and IPSec features, Cisco is better. 

Configuration-wise, Palo Alto has a granular control, which is not there with Cisco. We can even choose a specific policy group. For configuration flexibility, I prefer Palo Alto.

The initial setup of Palo Alto Networks NG Firewalls is straightforward for me. 

The implementation usually takes two to four weeks. If we start from scratch and also do the documentation, it would take about one to two months to complete the project.

For deployment, we typically need two engineers and sometimes a professional service engineer from Palo Alto Networks. For a Telco deployment, we needed a professional service engineer from Palo Alto Networks. Overall, three engineers are enough for a big deployment. 

I do not know the price, but if the price is not that different, I will definitely recommend Palo Alto Firewalls over other vendors.

Palo Alto Networks offers a stable product with a user-friendly UI. It integrates well into existing systems and is future-proof, especially as we are moving towards cloud-based security products like Prisma. I would recommend it to everyone if affordability is not an issue. 

I would rate Palo Alto Networks NG Firewalls a nine out of ten.

We use Palo Alto Networks Next-Generation Firewalls in our data center to manage security for both east-west and north-south traffic. These firewalls provide comprehensive protection for various traffic types, ensuring secure communication within the data center and between the data center and external networks.

Palo Alto Networks Next-Generation Firewalls provide a unified threat management solution with various security features, including threat prevention, URL filtering, security policies, and zone protection. These features are crucial for internet-level protection, enabling URL filtering, threat prevention, security policies, user identification, and a comprehensive VPN solution for site-to-site and remote access connections.

Palo Alto Networks Next-Generation Firewalls include WildFire, which uses machine learning for inline, real-time threat prevention.

It effectively secures our data centers with their application-based approach. Unlike traditional firewalls that solely rely on port numbers and IP addresses, these firewalls identify applications to determine whether to allow or block traffic. This enhanced inspection ensures only legitimate applications access the network, providing robust security.

It has also helped us reduce downtime because the failover is very swift and the performance is good. This offers us good throughput and parallel processing.

Palo Alto Networks NG Firewalls are highly valued for their performance and parallel processing architecture. Unlike traditional firewalls that operate based on ports, these next-generation firewalls are application-centric, identifying specific applications to provide enhanced security against a wider range of attacks.

Palo Alto recently introduced a security analyzer in version ten, but this feature could be enhanced, and the URL filtering improved.

I have been using Palo Alto Networks NG Firewalls for almost eight years.

Palo Alto Networks NG Firewalls are stable and reliable when deployed and configured correctly.

Palo Alto Networks Next-Generation Firewalls offer scalability both in the cloud and on-premises, but the methods differ. Cloud deployments benefit from auto-scaling, allowing for automatic adjustments to firewall capacity based on demand. On-premises solutions require manual provisioning of new hardware and subscriptions to achieve scalability.

Palo Alto offers multiple tiers of support, including basic, premium, and premium plus. Overall, the technical support is good.

Neutral

I have experience with both Check Point and Palo Alto firewalls. In a previous role, I worked with Check Point firewalls, while my current client utilizes Palo Alto firewalls.

The initial deployment, while challenging, successfully validated Palo Alto's claims regarding throughput, session count, and parallel processing capabilities. Their assertion that enabling all engines does not cause packet rebuffering proved accurate, resulting in impressive performance. With a strong design and skilled architects, the deployment process ultimately proved efficient and successful.

The migration tool assists in transferring configurations from systems like Cisco or Check Point, eliminating the need for manual migration.

The return on investment from Palo Alto Networks NG Firewalls is excellent. Their user-friendly interface and Panorama central management, which provides a comprehensive overview, make them an ideal investment.

While Palo Alto Networks Next-Generation Firewalls may be considered expensive, their quality justifies the cost. They offer various support levels, including basic, premium, and premium plus, to cater to different needs.

I would recommend Cisco firewalls for those seeking the cheapest firewall.

I would rate Palo Alto Networks NG Firewalls eight out of ten.

Palo Alto Networks NG Firewalls require maintenance due to the ongoing creation of new rules and policies, configuration changes, and necessary upgrades. For example, the operating system version is frequently updated, necessitating regular maintenance to ensure optimal performance and security.

The staffing needs for maintaining Palo Alto Networks NG Firewalls vary based on several factors, including the size and complexity of the organization. Key considerations include the number of data centers, hosted applications, users, and remote locations. Essentially, larger organizations with more users, devices, and network activity will require more personnel to effectively manage and maintain their firewall infrastructure.

Admins should be knowledgeable and should take proper training. It's essential to follow the correct configurations to avoid inconsistencies that may require significant maintenance.

The primary use case is enterprise-level security. Our organization utilizes Palo Alto Networks Next-Generation Firewalls for internal security measures, including SD-WAN and SSL authentication configurations to establish secure network connections through the firewall.

Palo Alto Networks NG Firewalls provides a unified platform that natively integrates all security capabilities. The integration of machine learning in the core of the firewall that provides inline real-time attack prevention is crucial.

Palo Alto Networks NG firewalls embed machine learning in their core, which aids in preventing real-time attacks. The effectiveness of this technology improves with each release, bolstering confidence in the product's ability to provide robust security.

When we identify a vulnerability, we use Palo Alto Networks Next-Generation Firewalls to mitigate the threat.

We experienced no downtime in the past two and a half years while using Palo Alto Networks Next-Generation firewalls.

The most valuable features include the usual firewall functionalities, such as IPS and antivirus, which are effective. 

The configuration framework for Palo Alto Networks Next-Generation firewalls should be simplified, particularly for applications like ASG authentication. Technical support needs improvement, as issue resolution takes a significant amount of time. Furthermore, vulnerabilities in Palo Alto releases require prompt attention.

I have worked with Palo Alto Networks NG Firewalls for more than ten years, and our company has used them for three years.

The overall stability of Palo Alto Networks NG firewall is good. I would rate it nine out of ten.

The scalability of Palo Alto Networks NG Firewalls is good. I can comfortably rate it as an eight out of ten.

Palo Alto Networks' technical support is generally good. However, some non-popular issues take longer to address.

Neutral

Our organization initially utilized FortiGate firewalls. However, as we grew, we transitioned to Palo Alto Networks NG Firewalls due to their better performance in enterprise-level evaluations.

Standard security configurations were straightforward to set up initially. However, adding portal security and application customizations posed challenges.

The deployment was small and required two to three people.

Our experience with the integrator was mixed. While they provided some assistance, our team faced challenges configuring certain features, requiring additional support from Palo Alto and their partners.

The pricing, setup cost, and licensing depend on the model. Overall, it is commercially competitive compared to Cisco and Fortinet. We paid less than $18,000.

Colleagues looking for the cheapest and fastest firewall can still use Palo Alto Networks NG Firewalls because they are affordable.

We evaluated several top products, including Fortinet, SonicWall, Sophos, and Cisco, before choosing Palo Alto Networks NG Firewalls.

I rate Palo Alto Networks NG Firewalls a seven out of ten. While the features are satisfactory, improving the configuration framework and enhancing technical support would improve the product.

Palo Alto Networks NG Firewalls do not require maintenance.

We have 500 users in our organization.