Palo Alto Networks VM-Series Reviews

The main concern is VPN. If you're using Azure Firewall, you still need a VPN gateway to terminate your VPN connection. Azure Firewall doesn't remove the need for another VPN gateway, especially for point-to-site VPN. So you have to use another VPN appliance. With Palo Alto and FortiGate, for example, you can have an all-in-one solution. The VPN gateway and all the other features are available.

Palo Alto Networks VM-Series has everything centralized. You have the VPN solution, firewall, routing, UDR, flexibility, updates, and full visibility of your traffic. You can also perform log debugging. It provides all the things that Azure's firewall doesn't offer. Plus, you have full ownership of your device.

Firstly, Palo Alto should update their documentation to make it more readable and provide easier-to-follow instructions through videos. This would help people learn and deploy the product more easily. Even if the product itself is excellent, lacking proper documentation and troubleshooting guidance renders it less useful. It won't be helpful even if it's rock solid but lacks sufficient information and tutorials.

I've been using Palo Alto as a VM for about three months. I use the latest version.

It is a stable solution. I would rate the stability a ten out of ten.

It is a scalable solution. We have more than 20 entities using this solution. 

Customer service and support are great. The response time is good. My experience with them was very good. 

I used Azure Firewall for a while, but then I removed it and installed Palo Alto.

The setup requires professional people to work on it. It's not straightforward. Knowledge is needed to adapt it to your platform. 

So, it's not an entry-level solution; it requires professional and expert-level skills.

I deployed the solution myself. The deployment process took about three to four days. It depends on your production environment because I had to migrate production.

Only one person is required for deployment and maintenance. 

I can't make a suggestion because it depends on the specific needs they have. They can consider using the entry-level version or opt for the expert lab, depending on their workload.

Overall, I would rate the solution a nine out of ten. 

Azure Firewall is a cloud-native solution. It's only for netting and simple source-destination blocking. The client wanted everything, so they wanted us to implement a third-party solution. Palo Alto was the leading solution. It's easy to install. 

Palo Alto is dynamic regarding protocol rules, and it is classless. The client also wanted a third-party solution between their on-premise environment and Azure, so they went for Palo Alto. Palo Alto VM-Series is deployed on the Azure Cloud.

We previously had a hardware solution. With VM-Series, you don't need to purchase the hardware. You can deploy it in the cloud, or they have a PaaS, SaaS, and IaaS version. You connect your network to their cloud and get the traffic filtered. 

The most valuable feature is the proxy write. It's called the Write Fill process. It's in a bundle of everything. Palo Alto has everything, including CAD management, malware protection, and a file management system. There is a bundle of packages. This is not in the latest edition of Azure Firewall.

The VM-Series reports how much bandwidth a particular IP is using. You don't need to regularly log into a website, like a Cisco command, to see what kind of ACL it's getting. There isn't an ACL use portal event. You can go there and see how much my ACL has been getting me.

It automatically tells what rules are in place, like scheduled and additional rules. You don't need to create new rules every time. It will automatically tell you that this rule exists. 

Palo Alto's next-generation firewall is classless, and it's a bundle of everything, including malware management, bandwidth utilization, and how much each IP is costing you. It offers bandwidth utilization, DDoS protection, a next-generation firewall, and everything I need in one bundle.

You can integrate fully automated virtual firewall deployments and provisioning into existing DevOps workflows if you are a good developer. Palo Alto offers help for it, but you should have developer knowledge.

It's easy to migrate workloads to the cloud. They expose the API also. In two days, I can implement two firewalls in different regions. It's flexible. That is a feature of Azure and Palo Alto. This kind of integration is why I am able to do the migration in two days.

There's room for improvement in terms of integration with the load balancer. It isn't like Fortinet, which has a load balancer built into its firewall. It is effortless to integrate within the load balancer-plus-firewall solution. 

Palo Alto doesn't have much ability to load balance, so you must purchase a third-party load balancer. It would be great if they did these kinds of changes to integrate the solution with the load balancer.

I have used Palo Alto VM-Series for one year.

VM-Series is highly stable. One of our clients has been using it for one year, and we've been using it for a year and a half. There were some bugs initially, but in the past two years, it has gotten more stable. 

I give VM-Series six out of 10 for the scalability. It's one area where they need to improve. Scaling up requires a lot of effort because it's cloud infrastructure. You need to change a lot of settings and ask them to customize before it starts working. 

There are still some issues after a customer has customized the solution. Scalability is something they are working on. I am hoping that we'll see some decent scalability within a year and a half. 

I rate Palo Alto support nine out of 10. Palo Alto technical support is excellent. When you raise a ticket, you get a support call in 10 minutes. They will contact you by phone and follow up on WhatsApp to see if the issue hasn't been resolved. 

Positive

Setting up VM-Series is completely straightforward. You have to download the VM, and there is a free interface for internal and external management. You configure the interface and the root table within Azure, then the device is good to go. Lastly, you need to activate your license, and Palo Alto is integrated into Azure.

We had to purchase the license from the vendor and download the VMs from the Cloud market. You can download VM-Series from the Azure marketplace, it is a simple process. You configure everything in the management interface. Once that's done, you configure the access list so that others cannot access it from anywhere. 

After you purchase the license, you have to put the license in Azure VM. There's a similar license you have to implement in the Palo Alto portal. Your Palo Alto is ready to use once that goes through. It took us one week to deploy. An issue came up, and we had to raise a ticket, so it took seven days to complete the implementation within Azure Cloud. One person is enough to deploy it. I deployed two firewalls within seven days, so I didn't need anyone's help. One or two people are enough to manage it.

The price is fair enough. The most expensive is Cisco, followed by Fortinet, then Palo Alto. Palo Alto is very much within the range. We use Software Next-Generation Firewall Credits for licensing and consuming VM-Series. They have a cloud solution using their portal. You can go in and put it through the license.

We can't use the credits on the fly. It is not possible because they acquire new CPU RAMs. We cannot change this on the fly. It will take one day of downtime. It is not easy. This is planned downtime. You have to plan for it outside of business hours. If you do the downtime during the business day, you can't do anything. 

The Software Next-Generation Firewall Credits enable us to protect ourselves without going through a long procurement cycle. The licensing part plus implementation is very easy. You just create the firewall, and it can do everything.

I rate Palo Alto Networks VM-Series eight out of 10. Palo Alto is easy to use, and the price is fair compared to the other solutions on the market. I recommend Palo Alto, but you should also consider the other solutions out there. Some solutions have lots of bugs like FirePOWER. Also, the price for FirePOWER is quite high. That is not the case with Palo Alto. It has fewer bugs, requires minimum effort, and the price is fair. Everything is accessible within the same portal.

I've mainly worked with the VM-Series, and a few features have been really effective for threat prevention in our networks, like McAfee training, Accountant ID, and apps ID. These features integrate well with our existing environments and tools, such as Panorama. 

 The VM-Series scalability is fast and easy to implement, improving our security posture as our Azure network grows. The only minor issue we've faced is with the apps ID configuration, which requires specific matching for application filtering. Tools like Loopback help us identify open or denied flows between two firewalls and manage the servers effectively. The Palo Alto system easily identifies rules and objects within roles, making maintenance straightforward.

No other major concerns, just the specific issue with Apps ID configuration. Otherwise, overall stability, VPN, IPSec, VRF, and flow management with the VM-Series have been very stable and reliable.

I have been using Palo Alto Networks VM-Series for 2 years.

I've had a positive experience with Palo Alto's support. They usually respond within a few hours, which is satisfactory

Positive

In my experience, Palo Alto and Fortinet offer similar quality and high-level security compared to other vendors like Cisco and Forcepoint. They stand out in terms of reliability and security features. Other vendors may not match their level of performance and security.

It is easy to maintain because we have various tools to manage and monitor the system. 

The pricing for Palo Alto is quite high compared to FortiGate, which is more affordable. I don't have the exact figures as my manager handles that, but from my research, Palo Alto's licensing costs are significantly higher.

I would rate Palo Alto Networks VM-Series as an eight overall. My recommendation for others considering this tool would be to ensure they have the budget for it, as it can be expensive compared to alternatives like FortiGate. Also, they should be prepared to understand and document their application metrics thoroughly to implement the firewall correctly. 

We use the solution for inter-VPC traffic segmentation and inspection. I also use it for external interfaces.

The product gives us the ability to do malware detection and file inspection.

The tool provides ease of use for GUI management and deployment. The product provides more visibility into our traffic. It also helps with troubleshooting a bit of high-level next-generation platforms. The auto-update feature of App-ID is valuable. Traffic monitoring, threat monitoring, and dashboards are the most impactful for our network security.

Having visibility and alerts and being able to react to them is valuable. The integration of VM-Series with cloud services has helped us a lot to streamline our security operations. The solution has ease of use. The web interface and the traffic monitoring are more centralized.

The cost must be improved. The tool is very costly.

I have been using the solution for more than five years.

I rate the tool’s stability a nine or ten out of ten.

I rate the tool’s scalability an eight or nine out of ten.

The technical support is really good. I rate the technical support a nine or ten out of ten.

We deploy AWS VPC as a virtual appliance, as a security VPC. The initial deployment was moderately easy. It is not complex, though.

I have used Juniper. Palo Alto’s next-generation features are better than Juniper’s.

The cloud service providers are also coming up with similar features. It can get really competitive for Palo Alto. People who want to use the solution must engage the system engineer for the deployment, vetting process, and initial implementation. Overall, I rate the product a nine to ten out of ten.

The solution is used to protect some servers and access their traffic in a virtualization environment.

The most valuable features of the solution are its stability, ease of implementation, ease of operation, and security.

It is not very easy to scale up the solution.

I have been using Palo Alto Networks VM-Series for one year.

I rate the solution a nine out of ten for stability.

I rate the solution a seven out of ten for scalability.

The solution’s technical support is very good.

Positive

The solution’s initial setup is very easy.

Palo Alto Networks VM-Series can be deployed in a day or two.

The solution is a little bit expensive compared to other vendors.

I would recommend the solution to other users because it is a good firewall.

Overall, I rate Palo Alto Networks VM-Series a nine out of ten.

Our corporate clients use the product to secure cloud environments.

Palo Alto Networks VM-Series's most valuable feature is the visibility of the environment.

The product's AIOps process needs improvement.

We have been using Palo Alto Networks VM-Series for two years.

I rate the product's stability a ten out of ten.

We have 5000 Palo Alto Networks VM-Series users as our clients. I rate its scalability a ten out of ten.

I rate the initial setup process a nine. It takes a few hours to complete.

I rate Palo Alto Networks VM-Series pricing an eight out of ten.

I rate Palo Alto Networks VM-Series a nine out of ten.

I have completed ten projects. The solution is used for network security, application control, and enforcement of policies on end-user devices.

The solution enables organizations to enforce policies. We can control every endpoint that is connected to the network.

The vendor must improve the way it advertises and markets the product.

I have been using the solution for four years.

I did not find any bugs in the tool. However, we'll face some issues if we do not configure it properly.

Almost 25 customers in Riyadh migrated from Juniper to Palo Alto this year. Before buying the product, we must know the number of users who will be using it. We must buy the model that best suits our needs.

Some people do not know how to open a case with the support team. When a customer contacts the support team, the team must help the customer to open a case. After a case is opened, the support team must respond within 15 to 20 minutes. However, the team takes three to four hours to respond. There is no proper support channel to follow up on cases.

Deploying a firewall is not easy until we have a basic knowledge of routing and security. If we have the knowledge, we can find the proper document on the website and do it easily. We should know the basic configuration. The deployment process is user-friendly. We can configure it easily.

The product is cheaper than the on-premise version.

When compared with FortiGate, Palo Alto has more security products. However, Palo Alto did not publish the security profile for the end-users or partners. They must explain to their end users why they are better than FortiGate.

People considering implementing the product must consider investing in the on-premise solution instead. If someone has a good experience with VMs, I suggest they choose VM, as it is cheaper than on-premises. Overall, I rate the tool a nine out of ten.

We are using it on Azure Cloud for our internal systems, where we have set up our internal workloads. We are using it as a perimeter firewall.

We are using it because our internal workflows are on the cloud. Almost everything in our production and development uses these instances. We are using it extensively for conducting reports of the development environment. It is working fine.

It improved all compliance activities. We can close open cases. Compared to other firewalls in these cases, it improved our score on the compliance side.

We are using the complete box. We are mostly using the security services and firewall rules in Panorama.

We need to look at different variables and granular policies of various tools. This makes it easy to understand.

We use Palo Alto’s Panorama centralized management system. We have an on-prem firewall where Panorama is very good for pulling logs in from the cloud so we can see what is going on. It gives us visibility into that as well as showing us what attacks are coming in.

Palo Alto’s Panorama centralized management system simplifies our security posture based on our requirements. Instead of manually pulling logs, then generating them into readable formats, it gives us the console in a readable format to view.

We have been using it for the last two years.

Stability has so far been good. We monitor the resources on the firewall to determine if there will be any spikes on the CPU, RAM utilization, or the load of the firewall. Though, we are yet not putting much load on it. 

I don't think that scaling will be a problem since we can adjust the VM-Series model that we want.

I have around 100 instances protected behind this device.

The customer support is good. They are able to give fast, readily-available solutions upon the creation of a help ticket. I would rate them as 10 out of 10.

Positive

We did a fresh setup for this, but it was pretty easy. We could easily integrate with the VM-Series, then just create our business servers. We were able to do this with the help of the tech team.

It took around seven to eight hours to deploy this solution and configure it to our environment.

We feel that the setup was complex. So, we asked the tech team about the setup process. They explained how to deploy it in the right way, which made it very simple. Once we had a checklist of what to do, it was pretty easy to deploy.

Deploying Panorama has saved us a lot of time. When any incidents happen, our people are comfortable going to the Panorama logs and view the incident report to see what happened.

Initially, pricing was high. Later on, we were able to negotiate the pricing and get something that fits our budget.

The solution provides protection and there wasn't an additional cost involved, in terms of security.

We evaluated FortiGate, Cisco, and the stuff that we are using. Compared to other products, we found it a very useful part of our compliance requirements and liked its format on the graphical interface. It is also a more secure firewall compared to other existing ones in the market. Based on our evaluation, it matched our compliance requirements.

Cisco is pretty complex in nature to deploy. It is helpful to have a skilled person with at least two years of experience. 

We are happy with their features for how we are using it and what we have deployed.

I would recommend giving the solution a try and see the difference between it and your existing firewalls. Give it a shot and see the difference.

In the firewall market, it is the number one product right now. I would rate it as 10 out of 10.