PeerSpot user
Support Engineer & IT Professional at SISAP
Real User
A reliable tool with excellent support
Pros and Cons
  • "It is reliable and the support is very good."
  • "In the newer version, there are 3850s, all of them are scalable. They fit better into the medium or small businesses."
  • "From time to time, they have released some content updates that have some issues, maybe twice a year."
  • "There are various reports that come with the box or with the VMware, but you can only run them daily."

What is our primary use case?

For this VM in particular, it is microsegmentation which is used for implementing the firewall inside the data center.

How has it helped my organization?

When talking about the VM or the virtual firewall, it is mostly about the sessioncapacities that it can handle. In the early version of the firewall, the session or traffic that it could inspect was low. 

In quite a few releases, they have improved a lot. They started with the physical firewall, therefore it is almost virtually the same firewall with the same features, only that it is a virtual one. The main improvements that they have made are surrounding the processing capacity for the virtual machines.

What is most valuable?

The granularity which is used to confirm applications based in users. 

When you have VMware NSX, it is easy to deploy this virtual firewall because it is fully integrated with the VM solution. If I want to segment any type of network inside the data center, it is about two or three clicks, and it works.

What needs improvement?

The reporting. There are various reports that come with the box or with VMware, but you can only run them daily. If you want to generate a report from this week or the past month, you have to create a custom report. It is not that difficult, but I expect these reports to be pre-made. I would like to be able to choose the dates that I can run the reports. As of now, you can only run it for the day before, so this is one improvement they need to make. 

Buyer's Guide
Palo Alto Networks VM-Series
February 2024
Learn what your peers think about Palo Alto Networks VM-Series. Get advice and tips from experienced pros sharing their opinions. Updated: February 2024.
757,198 professionals have used our research since 2012.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

From time to time, maybe twice a year, they have released content updates which have some issues. When they release content updates, the applications with these updates give us a false positives. I manage older software developers and members, and almost everyone has one or two missteps a year regarding these updates.

What do I think about the scalability of the solution?

The Series 2000 version of Palo Alto were somewhat big for small or medium customers. They did not have a middle box. 

In the newer version (3850s), all of them are scalable. They fit better into medium or small businesses, so it is easy for us. E.g, if we have a VMware 500 appliance, we can upgrade it to a 100. They have improved in this way.

How are customer service and support?

The technical support is extremely good. They are a 10 out of 10, not only because of their fast response time, but their knowledgeable personnel as well. They have knowledge regarding very specific issues. 

When we finish creating tickets in the support portal, there are a lot of knowledge-based documents. They answer almost immediately, calling you back about 10 minutes later. When creating a support ticket, I always get a quick answer.

Which solution did I use previously and why did I switch?

I was using Cisco, but I was using the old Cisco. The firewall was the only working protocol. The Palo Alto Network Firewall is a Next-Generation Firewall, so it is a lot different. 

This is the first and only Next-Generation Firewall that I have used. I have put in several Sophos Firewalls, but they are not the same as Palo Alto.

How was the initial setup?

You will need to know what are you doing with the firewall. 

It's different than Sophos or Fortinet where you only need to click two or three times, and it puts you in engaged mode in the simplest way. 

With Palo Alto, you need to know where you are going to be implementing and what architectures you want. It is not complicated, but it is not as easy as Sophos or Fortinet, because when you start with these two firewalls, the quick setup wizard chooses for you and it automatically creates for you network rules.

With Palo Alto, you need to do all those steps manually, but it is somewhat better because it gives you the flexibility to choose how you want your network set up and how you are going to segment the networks.

What's my experience with pricing, setup cost, and licensing?

I know Palo Alto is not cheap because my finance team has been telling me that it is not a cheap solution. It is about the maturity of your security team or infrastructure team and whom you want to work with no matter how big your organization is: small, medium, or large.

The newest version of Cisco, the Next-Generation Firewall, is less expensive than Palo Alto. The price is more comparable to Check Point.

For licensing, it depends how you want to use the firewall. The firewall can be used only for IPS purposes. If you only want that firewall IPS, you will only need a license called threat prevention which includes vulnerabilities, antivirus signatures, and one additional measure; it includes three measures and security updates. 

If you do not want to buy the threat prevention license in the box, you can buy it with only the support license which is for the support of the hardware. It works like a simple firewall. It integrates what it calls user IDs and application IDs. If you do not buy any other license, only the firewall, Palo Alto will also help you improve your security.

Which other solutions did I evaluate?

We evaluated VanGuard for their Next-Generation Firewall.

We chose between Check Point and Palo Alto for their support teams. Check Point is very bad for support. We switched from Check Point to Palo Alto.

What other advice do I have?

If you do not have a Next-Generation Firewall, Palo Alto is a good choice. It is reliable and the support is very good. The VMware version is in all the boxes and they use the same OS, so it is not different if you manage a physical box or a virtual box. The only difference is the virtual box depends on where it will be placed, and its main usage is for microsegmentation and data center firewalls.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
PeerSpot user
Director of Cloud Security at a tech services company with 10,001+ employees
Real User
It provides complete security posture from end-to-end
Pros and Cons
  • "It provides complete security posture from end-to-end. This has given us better visibility into what our security aspects are."
  • "The product could provide protection above Layer 3, which gets into the application layer and provides better visibility into those aspects of application security."

What is our primary use case?

Primary use case is network protection, next-generation IDS, and IPS protection.

How has it helped my organization?

  • It provides better protection.
  • There is seamless integration.
  • It provides complete security posture from end-to-end. This has given us better visibility into what our security aspects are.

What is most valuable?

The next-generation features of its IDS and IPS.

What needs improvement?

The product could provide protection above Layer 3, which gets into the application layer and provides better visibility into those aspects of application security. This would be very helpful. This way, there would be one tool that we could continue using.

The data aspects of data security and data loss prevention could provide visibility which would be very useful.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

It is stable. We haven't had any issues and don't think about the stability.

What do I think about the scalability of the solution?

One of the great features that we liked and selected it was its  scalability. We can autoscale and put it in Auto Scaling groups, which is very useful.

How is customer service and technical support?

We have hardly any issues. We have had some patches of data needing some help, but that was it, and the technical support has been spot on.

How was the initial setup?

Integration on on our AWS environment was one of the points that we liked about it.

What about the implementation team?

We used technical support in the initial stages when we were setting it up and configuring some of the features. We used their Professional Services, who were very useful.

What was our ROI?

We have already seen ROI. 

We continue using it, because the concept was at six months, we should receive value back out of it. If the value is seen, only then would we continue using it. It is two years later, and we still continue using it.

What's my experience with pricing, setup cost, and licensing?

Because the solution was getting deployed on AWS, it was the best place to go and it was available there.

One of the factors for selecting Palo Alto was they had flexible pricing. They had a pay-as-you-go model. Comparable to other products, such as Check Point, the price point was definitely a plus. It was expensive but it was comparable.

Which other solutions did I evaluate?

We looked at Palo Alto, Check Point, Fortinet, and some other vendors.

We chose Palo Alto because its features, especially its advanced features from the IDS and IPS. We were existing customers with Palo Alto from the on-premise side along with the integration aspects of its hardware.

What other advice do I have?

Identify a use case first of all. If the use case is a match, then use the product.

We use it in the cloud for both AWS and non-AWS versions. The AWS version is far better. It works seamlessly and integrates very well with some other services. 

We have integrated it with Splunk for the security aspects and with identity and access management for configuration purposes. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
PeerSpot user
Buyer's Guide
Palo Alto Networks VM-Series
February 2024
Learn what your peers think about Palo Alto Networks VM-Series. Get advice and tips from experienced pros sharing their opinions. Updated: February 2024.
757,198 professionals have used our research since 2012.
Infrastructure Team Lead at a financial services firm with 1,001-5,000 employees
Real User
App-ID and User-ID have repeatedly shown value in securing business critical systems, but we have run into issues with the antivirus interfering with App-ID
Pros and Cons
  • "In AWS, Palo Alto provides us a better view than flow logs for network traffic."
  • "App-ID and User-ID have repeatedly shown value in securing business critical systems."
  • "I would like to see a more thorough QA process. We have had some difficulties from bugs in releases."
  • "We have ran into issues with Palo Alto’s limitations for resolving large IP lists from DNS lookups, as well as the antivirus interfering with App-ID."

What is our primary use case?

We use this as our primary security barrier between trusted and untrusted zones.

How has it helped my organization?

App-ID and User-ID have repeatedly shown value in securing business critical systems.

What is most valuable?

In AWS, Palo Alto provides us a better view than flow logs for network traffic.

What needs improvement?

We have ran into issues with Palo Alto’s limitations for resolving large IP lists from DNS lookups, as well as the antivirus interfering with App-ID.

I would like to see a more thorough QA process. We have had some difficulties from bugs in releases.

I see more improvements needed from AWS than from Palo Alto on the VM-Series, namely a design centered on NGFW.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

We are typically at only about eight to ten percent load.

What do I think about the scalability of the solution?

The limit of the product is based on resources that we can obtain from AWS. We have approximately 3500 users and 200 servers leveraging the Palo Alto product.

What's my experience with pricing, setup cost, and licensing?

We used BYOL, because of the cost to own.

We procure the solution through AWS Marketplace because previous experience with their physical appliances.

The pricing and licensing of this product on AWS for a three-year commitment is a great deal, if you can plan that far ahead.

What other advice do I have?

It is a good product, but there is room for improvement.

We use this with Microsoft AD, N2WS, IIS, MySQL, MS SQL, and a number of proprietary applications.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Hewlett Packard Enterprise Solution Architect at a tech services company with 11-50 employees
Consultant
It prevents data loss and business disruption
Pros and Cons
  • "Embedding it into my application development lifecycle prevents data loss and business disruption, allowing the adoption to operate at the speed of my AWS Cloud."
  • "It has a good performance which helps you with the stability of your virtual environment."
  • "It can definitely improve on the performance."
  • "It has to be more scalable for the deployment of VMs on the cloud."

What is our primary use case?

We use it to protect applications and data on AWS.

How has it helped my organization?

Embedding it into my application development lifecycle prevents data loss and business disruption, allowing the adoption to operate at the speed of my AWS Cloud.

What is most valuable?

It prevents data loss and business disruption.

What needs improvement?

It can definitely improve on the performance.

I would like more scalability included on the next release.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

It has a good performance which helps you with the stability of your virtual environment.

What do I think about the scalability of the solution?

It has to be more scalable for the deployment of VMs on the cloud.

What about the implementation team?

You have to be an expert administrator of a virtual environment to know how to integrate it with your AWS environment.

What's my experience with pricing, setup cost, and licensing?

Purchasing through the AWS Marketplace is a secure way to purchase this solution. Our organization chose to procure this solution via the AWS Marketplace because we have clients who were interested in the solution. Also, for out proof of concept, we decided to purchase it.

The pricing and licensing of this product on AWS should be from $1.28/hr or $4,500.00/yr. Then, it would be a good price for the performance that it delivers.

What other advice do I have?

It solves several challenges protecting your AWS workloads with good security features, delivering superior visibility, control, and threat prevention at the application level when compared to other cloud-oriented security solutions.

I have not tried integrating Palo Alto with other products.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
System Administrator at DeepMap
Real User
It offers a single pane of glass for all the different types of installations
Pros and Cons
  • "It offers a single pane of glass for all the different types of installations."
  • "It gives us the ease that we are secure. We have set up the proper things that help make our data safe."
  • "I would like a way to do everything programmatically, or be able to copy the configs from different prices at different levels."

What is our primary use case?

  • To do a lot of intrusion detection.
  • Threat prevention.
  • As an application firewall, to be able to securely deliver apps to the public.

How has it helped my organization?

It gives us the ease that we are secure. We have set up the proper things that help make our data safe. This is the biggest benefit.

What is most valuable?

It offers a single pane of glass for all the different types of installations.

The easy of use is pretty good.

What needs improvement?

I would like a way to do everything programmatically, or be able to copy the configs from different prices at different levels.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

The stability is excellent. We have about 50 to 60 employees on it per day. Then, we have about 100 edge connected devices coming through it as well.

What do I think about the scalability of the solution?

It is definitely scalable. We have about 100 users with about 200 to 300 instances on the cloud that we protect.

How are customer service and technical support?

The technical support is really good. It is usually one phone call to get everything done if we are having an issue.

Which solution did I use previously and why did I switch?

We chose to purchase Palo Alto through the AWS Marketplace because we needed an easy to use firewall and a way to protect our public applications and services.

How was the initial setup?

The integration and configuration on our AWS environment was pretty simple. We did not have to ask any questions about anything on it, so it was good.

What was our ROI?

We haven't had any security issues since deploying it.

What's my experience with pricing, setup cost, and licensing?

Purchasing on the AWS Marketplace was simple, effective, and easy.

The price is not bad. They have a yearly renewal fee, and the pricing is exactly where we expect it to be.

Which other solutions did I evaluate?

We also evaluated Fortinet, but Palo Alto is sort of the new up and coming product. There were a lot of good recommendations from other security experts.

In addition, Palo Alto is easier to configure when you are building policies on applications. 

What other advice do I have?

Talk to their technical services to make sure you are getting the right size solution for what you want to do.

The product is easy use. I don't have to think twice when I am using it. I know it is doing its job. Customer support has been great.

We are using both the AWS and on-premise versions. Both versions are about the same. The interface is nice and easy to configure. I like that it seems like it is one platform to manage.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Infrastructure Architect at a tech services company with 51-200 employees
Real User
An easy-to-maintain product that provides security and can be smoothly installed within a couple of hours
Pros and Cons
  • "Palo Alto Networks VM-Series is easy to maintain...From a security point of view, I find Palo Alto Networks VM-Series to be a better product compared to the other solutions in the market."
  • "There are some delays that I have observed when my company communicates with Palo Alto's support engineers."

What is our primary use case?

We use Palo Alto Networks VM-Series for our company's customers, especially those who use Azure Firewall to secure their environment but still want a third-party firewall from companies like Fortinet FortiGate and Palo Alto in their environment. Whenever our company's customers want to opt for a third-party firewall, we suggest firewall products from companies like Fortinet FortiGate and Palo Alto. There have been cases where our company's customer who already uses firewall products from Fortinet FortiGate and Palo Alto deployed on an on-premises model want to shift the same product to the cloud, going on the good experience they have had with the products. If our company's customers are not interested in purchasing a third-party firewall, my company suggests the cloud-native firewall provided by Azure, specifically for their landing zone environment.

What is most valuable?

Regarding Palo Alto, my company normally does a high availability configuration for our customers, which are active-active and active-passive. There are multiple add-on packages a customer can choose from in Palo Alto, including antivirus, web filtering, IDS, and IPS solutions.

What needs improvement?

Considering Azure, some customers may purchase Palo Alto Networks VM-300. Considering the pricing perspective, customers want multiple NIC types because they might have different spokes, and they may like to extend it with different interfaces on different spokes. Considering VM-Series on Azure Virtual Machines, since there is a limitation when it comes to Azure VM-300 as it supports only four cores, there may be some modifications made to support more cores.

For how long have I used the solution?

I have been using Palo Alto Networks VM-Series for three to four years. My company functions as a managed service provider and an integrator for Palo Alto Networks.

What do I think about the stability of the solution?

Palo Alto Networks VM-Series can be made more stable. I have seen some bugs in the solution. After deployment with an API call, you can use an HA solution in two scenarios, namely, as a load balancer and for API calls. I see that in the Palo Alto Networks VM-Series, there are some delays when it comes to an API call configuration.

What do I think about the scalability of the solution?

It is a scalable tool. Considering the licensing part of the solution, it may not seem scalable, especially when you want to move from Palo Alto Networks VM-300 to Palo Alto Networks VM-500 since, for such a procedure, the virtual machines will have to be brought down and registered again with a different license, which is challenging.

My company's customers who use the solution are mostly enterprise-sized businesses.

How are customer service and support?

The solution's technical support has been good. I rate the technical support a seven and a half to eight out of ten.

There are some delays that I have observed when my company communicates with Palo Alto's support engineers. There are also some problems related to the understanding of our company's issues with the product by Palo Alto's support team.

How would you rate customer service and support?

Positive

How was the initial setup?

Users are provided with templates to go ahead with the deployment phase of Azure. There are already prepared templates available for installation, which users can use during installation.

Suppose our company's discussions with the customers are completed, and the design has been frozen. Considering the aforementioned case, the Palo Alto Networks VM-Series installation phase can be completed in a couple of hours, while the only time-consuming task is the creation of policies.

What other advice do I have?

Palo Alto Networks VM-Series is easy to maintain.

From a security point of view, I find Palo Alto Networks VM-Series to be a better product compared to the other solutions in the market.

I rate the overall product a ten out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: MSP
Flag as inappropriate
PeerSpot user
Solution Architect at JM Family Enterprises
Real User
AWS has improved our agility to apply firewall rules because everything is based in the cloud
Pros and Cons
  • "AWS has improved our agility to apply firewall rules. It has reduced the amount of time that it takes to apply firewall rules because everything is based in the cloud."
  • "We don't know how it will scale once we start putting more load on it."

What is our primary use case?

We use it for firewall purposes.

How has it helped my organization?

We use it mostly for the firewall and its ability to work in AWS. That is why we like it.

What is most valuable?

AWS has improved our agility to apply firewall rules. It has reduced the amount of time that it takes to apply firewall rules because everything is based in the cloud. It helps us to bring agility to the project teams when applying them.

What needs improvement?

We still need to understand what are the best practices which we need to implement. 

We also don't know how it will scale once we start putting more load on it.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

We like its stability.

What do I think about the scalability of the solution?

We are happy with the scalability. 

We just started migrating to the cloud. Thus, we are slowly adding more volume to it. Maybe next year, we should know how it is scaling in the cloud.

How are customer service and technical support?

We have in-house experts and a good relationship with the Palo Alto technical support team.

Which solution did I use previously and why did I switch?

We were using a lot of Cisco firewalls before. We switched because we wanted what works best in the cloud.

How was the initial setup?

We have been happy with the configuration and implementation on the AWS environment.

What was our ROI?

It takes the bottleneck away from the information security teams and increases their agility on projects. 

What's my experience with pricing, setup cost, and licensing?

We found purchasing process the product on the AWS Marketplace to be very good. We used the AWS Marketplace because we were set to move to AWS. We rely on Amazon and their partners to process our research.

What other advice do I have?

I would recommend to try it out.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
IT Security Head with 1,001-5,000 employees
Real User
Easy to set up, powerful IDS and IPS functionality, and helpful policy compliance reporting
Pros and Cons
  • "The most valuable features are web control and IPS/IDS."
  • "I would like to have automatic daily reporting, such as how many users have connected via SSL VPN."

What is our primary use case?

Palo Alto VM Series is a firewall that makes up part of our security solution, handing IPS, IDS, and other security measures.

What is most valuable?

The most valuable features are web control and IPS/IDS.

The work from home features, VPN and SSL VPN, are useful and part of the GlobalProtect functionality.

What needs improvement?

I would like to have automatic daily reporting, such as how many users have connected via SSL VPN. As it is now, we have to manually look at the logs, which is tedious. There are no ready-made reports on that level and the information is not easily available.

I really need more advanced features that support the correlation of log files.

For how long have I used the solution?

I have years of experience with the Palo Alto VM Series.

What do I think about the stability of the solution?

This firewall is quite stable and we haven't faced any kinds of issues.

What do I think about the scalability of the solution?

It is scalable but I cannot really comment on how much because we have not taken it to that level. We have between 450 and 500 users.

How are customer service and technical support?

I am satisfied with the technical support. However, they regularly provide training on the system so we have rarely opened a support case. 

How was the initial setup?

The initial setup is straightforward and easy. 

The deployment will take a couple of hours at the max and will depend on the configuration that you are looking for. Palo Alto will give you a report that recommends policies that are based on industry standards. For example, if you have approved Telnet access then you will be warned because it is not recommended and you should be using SSH instead. They will give you lots of recommendations to warn that the configuration does not follow the standard practice and if allowed to remain then it will explain what vulnerabilities you might face in the future. This kind of report is really valuable.

What other advice do I have?

I highly recommend this service compared to other vendors. It has everything included in one platform including IPS, IDS, and antivirus. By using the Palo Alto initial configuration, it is going to block many threats from day one and it is pretty easy to do. You don't have to have an in-house technical team that is capable of doing that. You don't require that kind of knowledge, which is important because many people don't understand IDS, IPS, or file blocking. They need experience. With Palo Alto, a normal person with perhaps a year of technical experience will understand how to configure the firewall and generate reports.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Palo Alto Networks VM-Series Report and get advice and tips from experienced pros sharing their opinions.
Updated: February 2024
Buyer's Guide
Download our free Palo Alto Networks VM-Series Report and get advice and tips from experienced pros sharing their opinions.