Palo Alto Networks VM-Series Reviews

I've mainly worked with the VM-Series, and a few features have been really effective for threat prevention in our networks, like McAfee training, Accountant ID, and apps ID. These features integrate well with our existing environments and tools, such as Panorama. 

 The VM-Series scalability is fast and easy to implement, improving our security posture as our Azure network grows. The only minor issue we've faced is with the apps ID configuration, which requires specific matching for application filtering. Tools like Loopback help us identify open or denied flows between two firewalls and manage the servers effectively. The Palo Alto system easily identifies rules and objects within roles, making maintenance straightforward.

No other major concerns, just the specific issue with Apps ID configuration. Otherwise, overall stability, VPN, IPSec, VRF, and flow management with the VM-Series have been very stable and reliable.

I have been using Palo Alto Networks VM-Series for 2 years.

I've had a positive experience with Palo Alto's support. They usually respond within a few hours, which is satisfactory

Positive

In my experience, Palo Alto and Fortinet offer similar quality and high-level security compared to other vendors like Cisco and Forcepoint. They stand out in terms of reliability and security features. Other vendors may not match their level of performance and security.

It is easy to maintain because we have various tools to manage and monitor the system. 

The pricing for Palo Alto is quite high compared to FortiGate, which is more affordable. I don't have the exact figures as my manager handles that, but from my research, Palo Alto's licensing costs are significantly higher.

I would rate Palo Alto Networks VM-Series as an eight overall. My recommendation for others considering this tool would be to ensure they have the budget for it, as it can be expensive compared to alternatives like FortiGate. Also, they should be prepared to understand and document their application metrics thoroughly to implement the firewall correctly. 

We use the solution for inter-VPC traffic segmentation and inspection. I also use it for external interfaces.

The product gives us the ability to do malware detection and file inspection.

The tool provides ease of use for GUI management and deployment. The product provides more visibility into our traffic. It also helps with troubleshooting a bit of high-level next-generation platforms. The auto-update feature of App-ID is valuable. Traffic monitoring, threat monitoring, and dashboards are the most impactful for our network security.

Having visibility and alerts and being able to react to them is valuable. The integration of VM-Series with cloud services has helped us a lot to streamline our security operations. The solution has ease of use. The web interface and the traffic monitoring are more centralized.

The cost must be improved. The tool is very costly.

I have been using the solution for more than five years.

I rate the tool’s stability a nine or ten out of ten.

I rate the tool’s scalability an eight or nine out of ten.

The technical support is really good. I rate the technical support a nine or ten out of ten.

We deploy AWS VPC as a virtual appliance, as a security VPC. The initial deployment was moderately easy. It is not complex, though.

I have used Juniper. Palo Alto’s next-generation features are better than Juniper’s.

The cloud service providers are also coming up with similar features. It can get really competitive for Palo Alto. People who want to use the solution must engage the system engineer for the deployment, vetting process, and initial implementation. Overall, I rate the product a nine to ten out of ten.

The solution is used to protect some servers and access their traffic in a virtualization environment.

The most valuable features of the solution are its stability, ease of implementation, ease of operation, and security.

It is not very easy to scale up the solution.

I have been using Palo Alto Networks VM-Series for one year.

I rate the solution a nine out of ten for stability.

I rate the solution a seven out of ten for scalability.

The solution’s technical support is very good.

Positive

The solution’s initial setup is very easy.

Palo Alto Networks VM-Series can be deployed in a day or two.

The solution is a little bit expensive compared to other vendors.

I would recommend the solution to other users because it is a good firewall.

Overall, I rate Palo Alto Networks VM-Series a nine out of ten.

Our corporate clients use the product to secure cloud environments.

Palo Alto Networks VM-Series's most valuable feature is the visibility of the environment.

The product's AIOps process needs improvement.

We have been using Palo Alto Networks VM-Series for two years.

I rate the product's stability a ten out of ten.

We have 5000 Palo Alto Networks VM-Series users as our clients. I rate its scalability a ten out of ten.

I rate the initial setup process a nine. It takes a few hours to complete.

I rate Palo Alto Networks VM-Series pricing an eight out of ten.

I rate Palo Alto Networks VM-Series a nine out of ten.

I have completed ten projects. The solution is used for network security, application control, and enforcement of policies on end-user devices.

The solution enables organizations to enforce policies. We can control every endpoint that is connected to the network.

The vendor must improve the way it advertises and markets the product.

I have been using the solution for four years.

I did not find any bugs in the tool. However, we'll face some issues if we do not configure it properly.

Almost 25 customers in Riyadh migrated from Juniper to Palo Alto this year. Before buying the product, we must know the number of users who will be using it. We must buy the model that best suits our needs.

Some people do not know how to open a case with the support team. When a customer contacts the support team, the team must help the customer to open a case. After a case is opened, the support team must respond within 15 to 20 minutes. However, the team takes three to four hours to respond. There is no proper support channel to follow up on cases.

Deploying a firewall is not easy until we have a basic knowledge of routing and security. If we have the knowledge, we can find the proper document on the website and do it easily. We should know the basic configuration. The deployment process is user-friendly. We can configure it easily.

The product is cheaper than the on-premise version.

When compared with FortiGate, Palo Alto has more security products. However, Palo Alto did not publish the security profile for the end-users or partners. They must explain to their end users why they are better than FortiGate.

People considering implementing the product must consider investing in the on-premise solution instead. If someone has a good experience with VMs, I suggest they choose VM, as it is cheaper than on-premises. Overall, I rate the tool a nine out of ten.

We use the product on our Azure network firewalls. 

Palo Alto Networks VM-Series is a complex product to work with. 

Palo Alto Networks VM-Series is stable. 

I rate the solution's scalability a nine out of ten. We have 100 users for the product. 

We encountered quality issues over support. 

Neutral

The tool's deployment is simple. 

Palo Alto Networks VM-Series is an expensive product but the best one in the market. 

I rate the product a ten out of ten. 

We are using it on Azure Cloud for our internal systems, where we have set up our internal workloads. We are using it as a perimeter firewall.

We are using it because our internal workflows are on the cloud. Almost everything in our production and development uses these instances. We are using it extensively for conducting reports of the development environment. It is working fine.

It improved all compliance activities. We can close open cases. Compared to other firewalls in these cases, it improved our score on the compliance side.

We are using the complete box. We are mostly using the security services and firewall rules in Panorama.

We need to look at different variables and granular policies of various tools. This makes it easy to understand.

We use Palo Alto’s Panorama centralized management system. We have an on-prem firewall where Panorama is very good for pulling logs in from the cloud so we can see what is going on. It gives us visibility into that as well as showing us what attacks are coming in.

Palo Alto’s Panorama centralized management system simplifies our security posture based on our requirements. Instead of manually pulling logs, then generating them into readable formats, it gives us the console in a readable format to view.

We have been using it for the last two years.

Stability has so far been good. We monitor the resources on the firewall to determine if there will be any spikes on the CPU, RAM utilization, or the load of the firewall. Though, we are yet not putting much load on it. 

I don't think that scaling will be a problem since we can adjust the VM-Series model that we want.

I have around 100 instances protected behind this device.

The customer support is good. They are able to give fast, readily-available solutions upon the creation of a help ticket. I would rate them as 10 out of 10.

Positive

We did a fresh setup for this, but it was pretty easy. We could easily integrate with the VM-Series, then just create our business servers. We were able to do this with the help of the tech team.

It took around seven to eight hours to deploy this solution and configure it to our environment.

We feel that the setup was complex. So, we asked the tech team about the setup process. They explained how to deploy it in the right way, which made it very simple. Once we had a checklist of what to do, it was pretty easy to deploy.

Deploying Panorama has saved us a lot of time. When any incidents happen, our people are comfortable going to the Panorama logs and view the incident report to see what happened.

Initially, pricing was high. Later on, we were able to negotiate the pricing and get something that fits our budget.

The solution provides protection and there wasn't an additional cost involved, in terms of security.

We evaluated FortiGate, Cisco, and the stuff that we are using. Compared to other products, we found it a very useful part of our compliance requirements and liked its format on the graphical interface. It is also a more secure firewall compared to other existing ones in the market. Based on our evaluation, it matched our compliance requirements.

Cisco is pretty complex in nature to deploy. It is helpful to have a skilled person with at least two years of experience. 

We are happy with their features for how we are using it and what we have deployed.

I would recommend giving the solution a try and see the difference between it and your existing firewalls. Give it a shot and see the difference.

In the firewall market, it is the number one product right now. I would rate it as 10 out of 10.

This is our core firewall for the data center network.

We have two on-premises appliances set up in a high availability configuration.

The VM-Series enables us to extend consistent next-generation protection across different infrastructures with a unified policy model, which makes it very easy for us. It is very important that we have this single pane for monitoring all of the network resources and multiple devices because, today, it's a complex environment where you have to take care of many devices.

This solution makes it very easy to quickly migrate workloads to the cloud.

Since we updated the system, the network has been very stable. Previously, there were issues with traffic throughput. With the improved visibility we now have, the traffic is being properly monitored, which means that we are better able to manage it. These are improvements that we saw very quickly.

This is a firewall product and every OEM has claims about their special features. This device is very user-friendly and offers ease of monitoring.

Changes to the configuration happen quickly.

There is a single pane of glass for reporting, which is quite good. 

The interface is user-friendly.

It would be helpful if we had a direct number for the support manager or the supporting engineer. That would be better than having to email every time because there would be less wait. Having a dedicated number where we could send a text message in the case of an emergency would be helpful.

We have been using Palo Alto Networks VM-Series for approximately six months.

We are very much satisfied with the stability and performance.

This solution is quite scalable because it has options for deploying in a VM as well as an appliance. The interfaces are all license-based, which means that features can be added just by obtaining another license.

Our current environment has more than three gigs of traffic.

We have a team of four or five people that is responsible for the network. They are continually monitoring the firewall and updating the policies, as required.

Pala Alto has very good support. Generally, the response is very good and they address our issues as soon as we contact them. For example, they assisted us during our deployment and it was a very good experience.

My only complaint about the support has to do with complications that we had with communication. Sometimes, support was done over email, and because of the difference in time zone, there was occasionally a long gap in time before we got the proper response.

We used to have Cisco ASA and Firepower, and we had some issues with those firewalls. Once they were replaced by Palo Alto, we didn't have any problems after that. 

Compared to the previous devices that we have used from other vendors, Palo Alto is very user-friendly, and we are comfortable with the features and capabilities that it offers.

The initial setup is very straightforward and we had no issues with it. It is not complex because the procedures are properly defined, the documentation is available, and there is proper support. Our initial setup took about 15 days, which included migrating all of the data.

Our deployment is ongoing, as we are adding policies and dealing with updates on a day to day basis. We have a very complex environment that includes a firewall for the data center, as well as for the distribution networks.

The Palo Alto team supported us through the deployment process.

Palo Alto definitely needs to be more competitive compared to other products. The problem that I have faced is that the price of licensing is very high and not very competitive. When a customer wants to implement Palo Alto, even a small box, there are several licenses, and having all of them is sometimes really hard to justify. It is difficult for some clients to understand why such a small box costs so much.

For instance, they have the dashboard license, and then they have the user license, and so on. If the pricing were more competitive then it would be good because more customers would use the product, rather than use simpler firewalls.

We have worked with firewalls like Sophos, FortiGate, and Cisco ASA. We have dealt with almost all of the vendors but at this point, our experience with Palo Alto has been the best one. Palo Alto has been doing what it claims to do, whereas the other vendors' products have various shortcomings.

For example, some vendors do not have the performance that they claim in terms of throughput. Sometimes, the user interface is complex, or the device needs to restart whenever you make changes. With Palo Alto, it's simple to use and easy to get things done.

We have not yet used Panorama for centralized management but in the future, we may do so for other projects.

My advice for anybody who is looking into purchasing a firewall is to carefully consider what their requirements are. I have seen that when a customer procures a firewall, they initially choose products like Sophos. Over time, they engage in trials with the majority of the vendors and finally end up with Palo Alto. This is only after spending a lot of time and money on other products.

If instead, a client is aware of the requirements including how much traffic there is and what throughput is needed, it's better to invest in Palo Alto than to try all of the cheaper alternatives. Then, evaluate everything afterward and finally select Palo Alto. This, of course, is providing the client doesn't have limitations on the investment that they're going to make.

I say this because generally, in my practice, what I've seen is that when choosing a firewall, the clients first choose a cheaper alternative. Then, after some time they think that it may not be what they wanted. This could be brought about by a throughput issue or maybe some threats were not blocked or they have had some security incidents. After trying these firewalls, they replace them with another, and yet another, until finally, they settle on Palo Alto.

Essentially, my advice is to skip the cheaper vendors and go straight to Palo Alto.

In summary, this is a very good product and my only real complaint is about the cost. If it were more competitive then more customers would choose it, and those people suffering losses as a result of security incidents would be saved. I find the real reason that people don't choose the right product is due to the cost factor. Even when they know that the product is the best choice, because of the limitation that they have on the investment they can make, they're not able to choose it.

I would rate this solution a nine out of ten.