IT Central Station is now PeerSpot: Here's why

Palo Alto Networks Panorama OverviewUNIXBusinessApplication

Palo Alto Networks Panorama is #4 ranked solution in top Firewall Security Management tools. PeerSpot users give Palo Alto Networks Panorama an average rating of 8.6 out of 10. Palo Alto Networks Panorama is most commonly compared to AWS Firewall Manager: Palo Alto Networks Panorama vs AWS Firewall Manager. Palo Alto Networks Panorama is popular among the large enterprise segment, accounting for 69% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 23% of all views.
Palo Alto Networks Panorama Buyer's Guide

Download the Palo Alto Networks Panorama Buyer's Guide including reviews and more. Updated: July 2022

What is Palo Alto Networks Panorama?

Panorama network security management provides static rules and dynamic security updates in an ever-changing threat landscape. Reduce administrator workload and improve your overall security posture with a single rule base for firewall, threat prevention, URL filtering, application awareness, user identification, file blocking and data filtering.

Palo Alto Networks Panorama Customers

University of Arkansas, JBG SMITH, Temple University, Telkom Indonesia

Palo Alto Networks Panorama Video

Palo Alto Networks Panorama Pricing Advice

What users are saying about Palo Alto Networks Panorama pricing:
  • "You can buy the hardware only and each box is not even $10,000. It's only $8,000 for the unit itself. However, then you are charged a three-year license at $81,000."
  • "The price of the licenses could be lower. Still, because we have Panorama with 25 firewalls, Palo Alto gives us a good discount."
  • "We're a reseller, and we're an MSSP. So, we get some extreme discounts."
  • "Its cost is quite high."
  • Palo Alto Networks Panorama Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    JamesJiang - PeerSpot reviewer
    IT Security Analyst at a energy/utilities company with 51-200 employees
    Real User
    Top 20
    Easy to manage with a straightforward initial setup and good stability
    Pros and Cons
    • "The product can scale."
    • "The solution is extremely expensive. You can integrate it with other Palo Alto products, however, it ends up being too much."

    What is our primary use case?

    We use the solution for segregation. We also use it as a gateway in order to do URL filtering on the DNI as a security measure. We use the product's global protective VPN as well. 

    How has it helped my organization?

    The application ID, this kind of technology, has a very high-level check. It makes everything more secure for your enterprise network. Otherwise, fake applications can sneak in. 

    If you're using application ID, they check the high side, the traffic, and they analyze everything. They see if it's a normal application. They're working closely with each vendor, to make it easy to identify applications. For the hackers or malicious traffic, they can see it and block it. 

    What is most valuable?

    I like the user ID and the application ID as it's easy to identify the popular applications and the EZT does the security checking in regards to the user and the application ID.

    The initial setup is very easy.

    The solution is easy to manage. It has a good interface as well.

    The solution is stable.

    The product can scale.

    The solution offers good integration potential.

    What needs improvement?

    While Palo Alto is the leading firewall worldwide, it's so pricey. Other products like Checkpoint still do the job, and yet it's way cheaper than Palo Alto. The solution is extremely expensive. You can integrate it with other Palo Alto products, however, it ends up being too much.

    Palo Alto prefers the VM version. However, for the VM level, often we have a migration from one host, VM host, to another host, and then the network jobs. And they're not fully redundant. With VM, the purpose is easy migration from one host to another one. That's the purpose of VM in play, however, if you want to have high availability or redundancy, you have to purchase two licenses - one on one host, another one on another host - and it costs a lot of money to do that. 

    Technical support could be better.

    Buyer's Guide
    Palo Alto Networks Panorama
    July 2022
    Learn what your peers think about Palo Alto Networks Panorama. Get advice and tips from experienced pros sharing their opinions. Updated: July 2022.
    620,068 professionals have used our research since 2012.

    For how long have I used the solution?

    I've used the solution for about five to seven years at this point.

    What do I think about the stability of the solution?

    It is a stable solution. With the cloud, you don't even touch the physical box at all. However, for the traditional network guests, I like my stuff to be reliable. That's why I don't like the VM migrating from one host to another host. That's why I'm in the process of converting the VM back to the physical box using redundancy. That will be the network solution. I want my network available 24/7. 

    What do I think about the scalability of the solution?

    The solution is quite scalable.

    We have about 150 people using the product currently.

    How are customer service and support?

    Support is awesome. However, it can depend. When you get a ticket and you take it to the proper person, they can give you a solution really quick, and the support is really good. That said, sometimes, if you are not lucky, you create a ticket and a salesperson or specialist runs it to a different person. Sometimes it takes a long time. Sometimes they make you do a lot of the work and ask you to send them reports or check certain things. If they run the ticket to the proper person, I can resolve the problem in 10 minutes. If they run my ticket to some other person, maybe it takes a whole day or two and I don't have time to play around.

    I'd rate it as average, at maybe a five out of ten in terms of the service level you get in general.

    Which solution did I use previously and why did I switch?

    I previously used Juniper. I have experience with Cisco ASA as well. 

    Currently, I use Microsoft Defender for my endpoint protection.

    I switched when Palo Alto turned into the top firewall management solution. I did do research.

    From the GRI management port, it's easier than Cisco ASA

    How was the initial setup?

    The solution is very easy to set up. I've been working for many years on this. I know the whole process is easy to start with some simple logarithmic management It's easy to manage. 

    The deployment is fast. It usually takes about a day. On the first day, you get the management running on the UI. On the second day you need to get the traffic going through the certificate, and to do some proper security policies. That's all. Yes. To do it in one day is just a one-man job.

    I manage the solution myself and maintain it every two months or so. Of course, if there are any issues in between these maintenance events, I also work on them.

    What about the implementation team?

    I did the implementation myself, however, five or seven years ago, I used a consultant and learned from him. I've likely done 20 or so firewalls myself at this point.

    What's my experience with pricing, setup cost, and licensing?

    The issue with Palo Alto is that the price is almost double other products such as Checkpoint, or Fortinet. There's no reason you price yourself to be double other brands.

    I just did a call for renewing my license. I requested two redundancy units. The price, which was all-inclusive with WiFi, a VPN solution, a global VPN, et cetera - all of them bundled together, for two units, over three years, was $81,000.

    You can buy the hardware only and each box is not even $10,000. It's only $8,000 for the unit itself. However, then you are charged a three-year license at $81,000.

    What other advice do I have?

    I'm just a customer.

    I'm using the latest version of the solution.

    I would rate the solution at an eight out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    PeerSpot user
    Lead Program Manager at a computer software company with 10,001+ employees
    Real User
    Top 5Leaderboard
    Flexible, scalable and very user friendly
    Pros and Cons
    • "You don't need an overly experienced workforce to handle Palo Alto. It's very easy to use."
    • "They need to do less bug-related releases and create versions that are stable for at least six months at a time. I don't find this issue in other solutions like Cisco, Check Point, FortiGate, or others. Those just provide a patch if there is a bug and we don't have to worry about downtime."

    What is our primary use case?

    We primarily use the solution for automation purposes and for security.

    What is most valuable?

    The underlying technology is very good, considering that we are moving to a work-from-home environment.

    Panorama is a straightforward tool. Palo Alto is comparative to other firewalls. Some firewall tools are more user friendly, and, from a technical perspective, it is very user friendly as well. It's not like Check Point. We use a setup for offshore development centers. For all those ODCs, we usually use a Palo Alto device. We have few perimeter firewalls which are Palo Alto but for the perimeter predominantly we use Check Point.

    You don't need an overly experienced workforce to handle Palo Alto. It's very easy to use.

    The solution if extremely flexible and scalable.

    What needs improvement?

    There are too many OS upgrades. We've had six new versions in the past six months. Even if they are updating it to fix bugs, it's hard to keep pace with the change when you have 800 or more Palo Alto devices that you now need to update and upgrade.

    We try to follow version minus one or two for security reasons. To keep pace with the changes, it takes us nearly six months as we have to check with the business, arrange downtime, and count and cover all devices.

    These upgrades aren't just little fixes either. Whenever there is a new release, it requires an OS upgrade. It would be nice if there was some automation on the upgrades of the devices.

    They need to do less bug-related releases and create versions that are stable for at least six months at a time. I don't find this issue in other solutions like Cisco, Check Point, FortiGate, or others. Those just provide a patch if there is a bug and we don't have to worry about downtime.

    For how long have I used the solution?

    We've been using the solution for close to seven years at this point. It's definitely been about six years.

    What do I think about the stability of the solution?

    The solution is very, very stable. There aren't too many issues on it once you get it up and running. We consider it reliable.

    What do I think about the scalability of the solution?

    The solution is very scalable. If a company needs to expand its services, it can do so rather easily.

    We have different businesses running inside the organization. We have close to 800 devices, so it means about 800 different projects are using those devices. Each project has a firewall, so most of these, 80%, are on Palo Alto.

    Which solution did I use previously and why did I switch?

    We use Check Point as well, however, we don't really like it as much. It's not as user friendly.

    Prior to this solution, we were using the ASA products and then Check Point. Check Point is a little complicated. I can use Check Point on my perimeter firewall, but not on my overseas businesses. That's what makes Palo Alto is more user friendly. I can use the GUI to do everything due to the fact that I don't need a skilled person to work on the Palo Alto. On Check Point, I have to go to CLA and do all the changes. 

     It's easy to upgrade or to do anything with the Palo Alto. Technically it's quite sound. It's dynamic, scalable, and there's a lot of things that can be done easily. Plus, I don't need an extremely experienced person to work on Palo Alto. Anybody with two or three years of experience can easily work on a Palo Alto device.

    How was the initial setup?

    The initial setup is not complex. It's pretty straightforward.

    The deployment is easy and uncomplicated. It takes about an hour or so, if not less than an hour. It's pretty quick.

    However, we have 800 or more devices. It takes about six months to deploy everything, especially if I have to do everything manually.

    We have eight to ten people who manage deployment and maintenance.

    What about the implementation team?

    We haven't used an integrator or reseller. We handled the implementation ourselves in-house.

    What's my experience with pricing, setup cost, and licensing?

    In terms of licensing for Panorama and Palo Alto products, we have only the DMC cost and we are billed every year.

    It's not overly expensive. It is comparatively okay if you look at other devices. Compared to the top three devices, pricing is okay due to the fact that you have multiple vendors who are selling firewalls and competing with each other for the same clients. 

    What other advice do I have?

    We're just a customer. We don't have a business relationship with the company.

    We have multiple variants of the solution's model. Currently, we are using 8.1.15-H. We also have some virtual firewalls that are recently in Tokyo. We are using close to around 800+ Palo Alto firewalls. 

    We're currently developing our virtual firewalls and have them in different locations. 

    It is not just Palo Alto. We have other devices as well, so we have close to around 1300 plus firewall devices.

    I would recommend the solution to others.

    I'd rate the solution eight out of ten. If you need a perimeter type of device, Check Point may be a better option. However, for my businesses, I would choose Palo Alto due to its scalability and user-friendliness. It also has great security features. That said, if it didn't release so many new updates, I would rate it higher, simply due to the fact that so many upgrades requires a lot of work on our part.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Palo Alto Networks Panorama
    July 2022
    Learn what your peers think about Palo Alto Networks Panorama. Get advice and tips from experienced pros sharing their opinions. Updated: July 2022.
    620,068 professionals have used our research since 2012.
    Director at a tech services company with 1-10 employees
    Reseller
    Top 5
    Centralized management system for network visibility and control; has good stability and technical support, but not easy to use
    Pros and Cons
    • "Variable creation and template stack functionalities make Palo Alto Networks Panorama a brilliant solution. It is a completely scalable system, with good technical support."
    • "The ease of use of Palo Alto Networks Panorama is an area for improvement. Another downside is that you need a lot of comprehension to understand what it is."

    What is our primary use case?

    Palo Alto Networks Panorama can be used for managing all your files at once. Its primary use case is that it's a centralized management system for firewalls. For example: we have a company with four different sites, and each one of those sites has two Palo Alto networks in there, so rather than do one integration, then replicate it four times, what we do is we plug it all into Palo Alto Networks Panorama and make the change once, and it pushes out to all the firewalls, regardless of where those are located.

    What is most valuable?

    What I find brilliant in Palo Alto Networks Panorama is that you can create variables. The template stack function of the system is also valuable. You can create one profile for several firewalls, and I find that really, really cool. If there's a file on the network that needs to have an address arrangement, you can just import it similar to how you do a CSV import. It's a solid product and it does what it's supposed to do.

    What needs improvement?

    The ease of use of Palo Alto Networks Panorama is an area for improvement, because it's not very easy to use. The downside with the system is that you need a lot of comprehension to understand what it is. There are also risks associated with making a change, e.g. you can accidentally break your network which knocks off the firewall, and then you can't get back on again. If you know what you're doing, e.g. if you're a specialist, then there won't be any problems, in general.

    It's important to gain an understanding of Palo Alto Networks Panorama, or the concept, before you start. It works like Palo Alto, but it doesn't at the same time, because you have templates, and the templates have to be applied before your variables, and then those variables directly affect your objects. It's important to understand how it works. I wish they could make it easier, and a bit more intuitive, but if you're doing the training, and you're properly in the system, then it will make sense the way it's explained to you, otherwise, it'll be hard to make sense of it.

    It could be difficult to get to the stage you want to be on with this system. It's similar to a different language, and it's so hard to just do it on your own, but if you are in the culture and you're speaking to other people, then it becomes easier because you're doing it. That's the learning curve right there, e.g. if you've never done it before, you'll sit and look around saying: "What is this? I don't understand." If you're doing the training, and you're more involved in the product, or even if you speak to specialists, they will be able to help you, then you start to learning it and what it can do.

    For how long have I used the solution?

    I've been dealing with Palo Alto Networks Panorama for four years now.

    What do I think about the scalability of the solution?

    Palo Alto Networks Panorama is very, very scalable. The way the system works is that you have clustering, so you can have all these machines connect to each other in stacks. It's a completely scalable system.

    How are customer service and support?

    Technical support for Palo Alto Networks Panorama is good. I'm giving them a score of four out of five.

    How was the initial setup?

    The setup for Palo Alto Networks Panorama is quite difficult, because you're essentially building this one machine, then you have to create all the log ins, then once you've done that, you start registering your files, but you have to do an ingestion on them. You have to bring the file all in, and then it takes the config then puts the config back out again, but that config will then be a "protected config", so if I was logging onto that machine locally, I can't change that file.

    The setup is quite easy just to build the machine, but to get it to work is quite difficult.

    What other advice do I have?

    I've been dealing with version 10.0 of Palo Alto Networks Panorama. I'm a reseller of this solution.

    One person could do the deployment and maintenance for Palo Alto Networks Panorama, but what we do in our office is: we have a buddy system. If there's a change that needs to be made, e.g. if someone does the work, someone verifies it, and then catches any problems there, because if you're managing several firewalls, one more change might break all of them. That's the risk that you're in.

    My advice to others who are planning to implement Palo Alto Networks Panorama is to look at the use case, e.g. if you have two firewalls, or if you have several firewalls across the country, it's best to get a specialist in to help you deploy it. For a regular IT guy who works in a company managing the server, etc., it'll be such a hard learning curve to go through. Try and learn it yourself if you can, but if not, always defer to a specialist.

    I'm rating Palo Alto Networks Panorama seven out of ten, just because it's quite difficult.

    Disclosure: My company has a business relationship with this vendor other than being a customer:
    Flag as inappropriate
    PeerSpot user
    Sagar More - PeerSpot reviewer
    Network Security Engineer at Ares Management Corporation
    Real User
    Top 20
    When combined with WildFire, it's highly secure
    Pros and Cons
    • "Compared to all of the other firewall vendors, Palo Alto is very secure."
    • "The initial setup can be complex."

    What is our primary use case?

    We use this solution because it provides us with a consistent security profile no matter the location. Regardless of users, we use the same configuration. 

    We also use Panorama for management. Currently, all of our users are working from home — this solution has helped us manage everything. 

    Over the next four years, we are planning on moving all of our data centers onto the cloud.  

    What needs improvement?

    Before I joined this organization, they experienced some issues when trying to set up zone protection parameters. Last week I applied a zone protection profile; for each and every branch, I had to apply a zone protection profile or modify existing metrics — I needed to physically go to each branch. When we originally deployed Panorama, we were managing the firewalls individually. After implementing all those firewalls and changing all of the templates, it's really hard to modify them. 

    You can't just modify them with a single click, you need to physically go to each individual branch and make the changes yourself — we can't directly seal all of the fireworks. This needs to be improved. 

    With version 9.1, when configuring it, if something goes wrong, then it reverts back to your original settings automatically. This is a nice feature but it's not available on the standard firewalls. If we didn't have Panorama and I was setting up some remote Palo Alto firewalls, after implementing my configurations, if I were to lose the configurations then I would lose firewall access. This isn't the case with other firewalls like Cisco and Juniper SRX where you can just put in a reminder in the last 10 minutes. 

    For how long have I used the solution?

    I have been using Palo Alto Networks Panorama for the past five years.

    What do I think about the stability of the solution?

    Besides the odd bug, Panorama is stable. From a management point of view, it's good. Even though we now have 25 firewalls, with a single click, we can add and submit a request. With a single click, we can apply changes to all 25 firewalls. Upgrading our remote locations, the firewalls, logs, and the reporting is all very easy. We can easily add more power and stability, it's nice.

    What do I think about the scalability of the solution?

    GlobalProtect is a great extension that you can add on. If something goes wrong with our cloud solution, then it will automatically fall back to our local physical firewalls across the globe. We have four different locations that GlobalProtect automatically connects to. At the moment, our company is expanding so we are adding more clients. 

    How are customer service and technical support?

    The technical support is pretty good. The best part about Palo Alto is that you can find answers with a simple Google search. Compared to other vendors, all of their technical data is online — for all of their solutions. Still, sometimes we prefer to use support. Sometimes it takes time as their technical team has to regenerate our issues in their lab, etc. 

    How was the initial setup?

    The initial setup can be complex. As I mentioned before, making modifications is very difficult. Before implementing, you need to plan carefully.

    Our engineer made some mistakes when he was setting it up; we still experience some complications due to that as everything is already in place and we can't change it. 

    What's my experience with pricing, setup cost, and licensing?

    Licenses are available on a one to three-year basis. If you go for a one-year license, you won't get much of a discount. We have a three-year license for all of our firewalls. Currently, we have 25 firewall licenses.

    Currently, we have around 20 TB of data. We are in the process of upgrading our licenses because we are adding more and more files.

    The price of the licenses could be lower. Still, because we have Panorama with 25 firewalls, Palo Alto gives us a good discount. 

    What other advice do I have?

    I would definitely recommend Panorama to others. Compared to all of the other firewall vendors, Palo Alto is very secure. Personally, I'd say it's the best firewall vendor on the market. When combined with WildFire, it's highly secure; just make sure you configure it properly as there are a lot of viruses out there. 

    Overall, on a scale from one to ten, I would give Panorama a rating of nine. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Cyber Ambassador at a comms service provider with 11-50 employees
    Reseller
    Easy to use, updated regularly, and helpful for managing multiple environments, firewalls, and locations
    Pros and Cons
    • "The entire ease of use is most valuable. If you're managing firewalls locally with PAN-OS, the look and feel of Panorama is the same. So, you don't have to relearn another product. If you're used to managing firewalls from Palo Alto, you can easily use Panorama to manage them. It looks and feels the same."
    • "Reporting might be an area to improve. It can provide reporting or some sort of graphical representation of your environment."

    What is our primary use case?

    We use it internally to manage the solutions that we provide to our customers. So, we use it to manage our own firewalls and Prisma Access. We also use it to manage managed firewalls. We can also resell it, but we don't tend to do too many panoramas.

    We are using version 10.0.7, which is the latest one under version 10. We're not running 10.1 yet. We don't need to run that.

    What is most valuable?

    The entire ease of use is most valuable. If you're managing firewalls locally with PAN-OS, the look and feel of Panorama is the same. So, you don't have to relearn another product. If you're used to managing firewalls from Palo Alto, you can easily use Panorama to manage them. It looks and feels the same.

    Our primary issue at the moment is to manage Prisma Access because we just switched over to using Prisma Access for our customers. My newest one is in North America. It is a great tool for that. The fact that you can push out your Prisma Access just dynamically and it changes into Prisma Access Cloud is fantastic.

    What needs improvement?

    It tends to move along fairly quickly in terms of features because it is a part of PAN-OS. We are waiting on one feature that's on the beta at the moment, but that's because we use Okta as our authentication.

    Reporting might be an area to improve. It can provide reporting or some sort of graphical representation of your environment.

    For how long have I used the solution?

    I have been using it for probably two years.

    What do I think about the stability of the solution?

    There are no reliability issues.

    What do I think about the scalability of the solution?

    You can manage multiple environments, multiple firewalls, and multiple locations with it. So, it scales really well.

    We have just a handful of admins. We have less than five of them.

    How are customer service and technical support?

    I have not used their technical support.

    Which solution did I use previously and why did I switch?

    We've always been Palo Alto. The founders of our company were ex-Palo Alto people, so it is always going to be Palo Alto.

    How was the initial setup?

    I've been using it for two years, but I didn't actually deploy those instances at Panorama. When we recently moved to Azure, I actually deployed it in Azure, and I had no issues. So, I was a complete rookie in terms of deploying it because I'd never done it before. I did that with minimal assistance from Palo Alto or anybody. So, I would say it is easy to deploy in the cloud.

    In terms of updates, PAN-OS releases come every month, six weeks, or so. You have to be running a higher or equal level of Panorama to the firewalls that you're managing. If you're keeping your firewall environments up to date, you also have to keep your Panorama up to date, and with that comes new features. You have to plan for firewall updates more than Panorama, which is just managing other environments. You can pretty much update Panorama whenever you want. There is no customer or firewall outage when you update Panorama. It is just the reboot time. You just download it, install it, and reboot it, and you're done. It takes less than 20 minutes.

    What's my experience with pricing, setup cost, and licensing?

    We're a reseller, and we're an MSSP. So, we get some extreme discounts. 

    What other advice do I have?

    It is easy if you're used to managing firewalls. Using Panorama to manage the firewalls is not rocket science. It is just another GUI or web UI.

    Palo Alto is really good at innovation, adding new functions and features, and rolling those out on a regular basis. So, they're going in the right direction. As long as that keeps happening, they are good. They should just keep adding and improving. 

    I would rate Palo Alto Networks Panorama a nine out of 10.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Microsoft Azure
    Disclosure: My company has a business relationship with this vendor other than being a customer:
    PeerSpot user
    Associate IT Director at Siam Makro PCL
    Real User
    Reliable and user-friendly with good firewall features
    Pros and Cons
    • "Technical support is quite helpful."
    • "The licensing costs are quite high."

    What is our primary use case?

    We are doing the centralized network for the global base. We have several countries with different firewalls being used and we are also cataloging the log to keep data on that. When we're having some issues, we can track back the details via Palo Alto Networks.

    What is most valuable?

    Most firewalls are the same, however, it depends on the service. If they have a good service, that means they guarantee that our business does not have any impact. That is a very important part of business today.

    Palo Alto is very user-friendly.

    It's a stable solution

    Technical support is quite helpful.

    We can scale well.

    What needs improvement?

    The initial setup was complex.

    The licensing costs are quite high.

    I would like there to already be a log centralized for the things, however, I don't see any soft security operation center or something that can make it a regular report. When we need some GDPR policy, we just have a one-pack we deploy and tune by ourselves a little bit to suit our organization. We'd like to have something more standardized for this purpose. It would be more of a value-add. 

    We'd like more log monitoring in general.

    For how long have I used the solution?

    I've been using the solution for five years already.

    What do I think about the stability of the solution?

    While it was stable, the one thing that I am not sure about is the Cortex Advantage. Maybe we have to leave it again as the life cycle of the hardware is almost finished. We are looking for some other solutions as well.

    What do I think about the scalability of the solution?

    We have the full-scale of the Panorama solution. We are using the Cortex, the XDR from Palo Alto, as well and link all of them together to go to the Cortex network intelligence. We can scale when we need to.

    There are about 5,000 users on the solution right now. 

    How are customer service and support?

    We are impressed with the Thailand technical team.

    When we have some trouble or issues happen, they always are there to help us guide us to solve the issue, and sometimes they even escalate the case to the global team.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    We have certain firewalls in AWS and in Azure as well.

    How was the initial setup?

    We had a complex initial setup. It wasn't that simple to execute. We do have help with deployment, however. We have a deputy to help us to deploy but Palo Alto also supports us as well.

    The deployment itself was quick. In two months we were up and running.

    We only have two people on our end looking at maintenance. The company that handled deployment had four people and also Palo Alto has some specialists and engineers. They had two guys, the implementer had four and we had two more - we were eight people in total.

    What about the implementation team?

    We have a vendor that helps us. They also take care of the maintenance. 

    What was our ROI?

    We haven't noted an ROI yet. We'd like to see some reporting on that.

    What's my experience with pricing, setup cost, and licensing?

    It's an expensive solution.

    We pay a yearly fee. It is just one fee and everything is covered under it, including support.

    What other advice do I have?

    We're a customer and end-user.

    We are using the latest version of the solution. 

    I'd rate the solution eight out of ten. We work with other firewall brands that are also quite impressive as well. 

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Other
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Director, Compliance and Risk Management at a pharma/biotech company with 10,001+ employees
    Real User
    Top 10
    Sophisticated and robust prevention that is relatively easy to setup even in complex environments
    Pros and Cons
    • "The product features allow the capacity to take effective, advanced security measures."
    • "The product could use some method of allowing for more customization and open integration with other controls."

    What is our primary use case?

    My obligations consist of overseeing cyber threat intelligence, threat defense operation, digital forensic incident response, and data loss prevention. So in the context of endpoint solutions, my position pertains mainly to the DLP (data loss prevention) function.  

    Cisco AMP (Advanced Malware Protection) plays a significant role in our perimeter strategy for protecting the infrastructure. I work primarily with making sure that we have indicators of compromise in Cisco AMP. I am not on the network engineering or network operations side of things. I am mainly a consumer of services from those particular groups.  

    We use Snort rules (open source network intrusion detection system [NIDS]). We use Yara rules (Yet Another Recursive/Ridiculous Acronym, rules for malware identification). We have Palo Alto IPSs (Intrusion Prevention Systems).  

    Our use cases are primarily perimeter-based for runtime malware defense.  

    What is most valuable?

    The most valuable features are the management features like the ACL (Access Control List) management. These give us the capacity to make effective use of the capabilities of the product.   

    What needs improvement?

    Pricing is always something that consumers hope will be addressed in their favor. I think that some method of allowing for more customization and open integration with other controls within the enterprise is something that we want to have. We want to be able to have more orchestration of disparate parts.  

    I think the features that most of the features that I would like to see are currently being implemented. Behavioral heuristic analysis of connections, for example. That is something that I know is being done now.  

    For how long have I used the solution?

    We have been using Networks Panorama for a couple of years now.  

    What do I think about the stability of the solution?

    The stability is good. If you consider the size of our organization and the number of users that can verge on being impressive.  

    What do I think about the scalability of the solution?

    I have good impressions of the scalability of this solution. We have not really had any issue scaling the usage.  

    How are customer service and technical support?

    The tech support is actually pretty good. In general, they address issues in a timely manner with reasonable responses.  

    Which solution did I use previously and why did I switch?

    My team has not previously used any different solutions in this company, but I have definitely, in the past, used other solutions. It is really necessary for the evaluation of product capabilities.  

    How was the initial setup?

    The installation was straightforward in a complex environment. That means that we could have had far more issues were the product not well-designed from an installation standpoint. We are a big organization. Deployment can be a matter of weeks or it could be a matter of months depending on what jurisdiction the installation happens to be in.  

    What about the implementation team?

    We have various partners and consultants that we work with in addition to having expensive competencies in-house. We do not often have a reason to go beyond the network of expertise that we have established.  

    What other advice do I have?

    My advice to anyone considering Networks Panorama is to thoroughly research the competitive landscape. Do your Gartner research. Make sure you develop a set of requirements — a feature matrix that you can use to compare your requirements with the functionality offered by the various solutions under consideration. There are a lot of solutions out there and the goal would be to pick the one that best fits your situation rather than just one that someone recommends.  

    On a scale of one to ten (where one is the worst and ten is the best), I would rate this product as an eight-of-ten considering the knowledge and insight I have into it now.  

    Which deployment model are you using for this solution?

    Hybrid Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Security Solution Engineer at a computer software company with 501-1,000 employees
    Real User
    Easy to deploy and manage devices, quite stable, but is expensive and not user-friendly
    Pros and Cons
    • "The management and the deployment features are most valuable. We can easily deploy and manage the devices. We can do fast deployments without moving from our office and by just providing a short description to the end-user about how to install the physical device."
    • "It is very hard to understand the platform. It is not easy and user-friendly. You need a lot of experience to use Panorama. It is very complex, and you must know exactly what to do. I would like to have a more user-friendly product. FortiManager is comparatively very easy to use. It would be good if Panorama improves in terms of user-friendliness. It is also harder to use than Palo Alto Firewalls."

    What is our primary use case?

    I worked for a system integrator, and some of our clients  asked us to manage their firewalls. They have a large number of sites all around the world. One of them has got 25 sites, and the other one has got 13 sites. So, we deployed Panorama in our DataCenter, and we managed the gateway for our customers with Panorama.

    What is most valuable?

    The management and the deployment features are most valuable. We can easily deploy and manage the devices. We can do fast deployments without moving from our office and by just providing a short description to the end-user about how to install the physical device.
    With Panorama you are able to manage a large number of firewall and to simplify change and incident management process .
    With Panorama, firewall rules may be  managed mixing preconfigured templates (common on all/some firewalls) and more specific rules
    From Panorama Dashboard you have an immediate view about the status of all the firewall deployed. 

    What needs improvement?

    It is quite hard to understand the platform. It is not easy and user-friendly. You need some experience and the proper technincal training  to use Panorama without risks.
    It is very complex, and you must know exactly what to do.
    The bigger problem is that Panorama Dashboard Logic is quite different than PanOS firewall Dashboard.
    The second problem is that you dont have wizards or template .You need to build your enviroment from zero on your own incurring in possibile configuration or logic errors.

    I would like to have a more user-friendly and simple to use product .
    For istance FortiManager is comparatively much more easier  to use and understand.
    Palo Alto Firewall too are Really easier to manage than Panorama. 

    Panorama Logging and reporting features are quite good ( like PaloAlto Firewall) but not the best on the market ( for istance Checkpoint SmartEvent is still far better) 

    For how long have I used the solution?

    I have been using this solution for two years.

    What do I think about the stability of the solution?

    It is quite stable based on my experience. I did not have any big issues regarding the operating system.

    What do I think about the scalability of the solution?

    It is quite easy to scale with Panorama. It is more for a medium or big enterprise. To manage an environment from Panorama, you must have people with high skills. Its cost is not suitable for a couple of gateways only.

    How are customer service and technical support?

    We have three levels of Palo Alto support. I also have email support in the Italian language. They provide very good support levels.

    How was the initial setup?

    I did not install Panorama from scratch. Palo Alto Gateway is quite easy to deploy and has a decent setup.

    In terms of maintenance, it doesn't require too much effort. We usually check the best practices from their website. We update the Panorama server according to the best practices and the compatibility with the gateway.

    What's my experience with pricing, setup cost, and licensing?

    Panorama price is quite high (comparing with other Firewall management suites) 

    What other advice do I have?

    We have used it in the past for logging and reporting, but now we have another third-party product to manage the logs.

    I would recommend Panorama for managing a large-sized or medium-sized network. To manage a center with a lot of devices or cloud services, Panorama is useful. 

    I would rate Palo Alto Networks Panorama a seven out of 10.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
    PeerSpot user
    Buyer's Guide
    Download our free Palo Alto Networks Panorama Report and get advice and tips from experienced pros sharing their opinions.
    Updated: July 2022
    Buyer's Guide
    Download our free Palo Alto Networks Panorama Report and get advice and tips from experienced pros sharing their opinions.