Palo Alto Networks VM-Series Reviews

We primarily use the solution for IT. I am from the Palo Alto Partner end, so I am not using it deliberately. I usually deploy to clients in various industries, including the payment gateway industry. 

In Palo Alto the most important feature is the App-ID. It's the biggest selling point in my opinion.

Another important application feature is the Content-ID.

The solution offers great templates.

Overall, the solution has a lot of great features on offer.

Even when the solution locks away a virus, there seems to be a delay for four or five minutes. It should be as little as one. Right now, it's such a long delay. It can be frustrating for clients and I need to answer a lot of questions surrounding that.

The solution needs to have more easily searchable details or documentation about it online, so it's easier to Google if you have queries.

The solution requires more use cases.

I've been on this Firewall for the last two years.

The stability is very good. There aren't bugs, glitches, or crashes. It's very reliable.

Although I haven't personally tried to scale the solution, my understanding is that it's easy to do so. It's convenient for enterprises. It's my understanding it would scale especially well for enterprises.

I've had to reach out to technical support many times. Sometimes, I find that it can take a while to reach support, or for them to get back to us. This is especially true on weekends and holidays. Other than that, it's been pretty good. We're pretty satisfied with the level of support we get.

I only have experience with Palo Alto; I don't know much about other VM firewall solutions.

The initial setup is not complex. It's quite straightforward. The deployment process is great. It only takes about five to ten minutes or so.

I handle the maintenance and troubleshoot any issues that arise. 

I mostly figured out the deployment myself and used Google to assist when I had questions.

I don't have any dealings with the accounting side of the solution. That's handled by someone else. I'm not sure what the cost is or if we pay monthly or yearly.

We're partners with Palo Alto. We're using the latest version of the solution.

We have a VM-Series via Palo Alto and K2K and the hardware Series.

I'd rate the solution seven out of ten.

Palo Alto VM Series is a firewall that makes up part of our security solution, handing IPS, IDS, and other security measures.

The most valuable features are web control and IPS/IDS.

The work from home features, VPN and SSL VPN, are useful and part of the GlobalProtect functionality.

I would like to have automatic daily reporting, such as how many users have connected via SSL VPN. As it is now, we have to manually look at the logs, which is tedious. There are no ready-made reports on that level and the information is not easily available.

I really need more advanced features that support the correlation of log files.

I have years of experience with the Palo Alto VM Series.

This firewall is quite stable and we haven't faced any kinds of issues.

It is scalable but I cannot really comment on how much because we have not taken it to that level. We have between 450 and 500 users.

I am satisfied with the technical support. However, they regularly provide training on the system so we have rarely opened a support case. 

The initial setup is straightforward and easy. 

The deployment will take a couple of hours at the max and will depend on the configuration that you are looking for. Palo Alto will give you a report that recommends policies that are based on industry standards. For example, if you have approved Telnet access then you will be warned because it is not recommended and you should be using SSH instead. They will give you lots of recommendations to warn that the configuration does not follow the standard practice and if allowed to remain then it will explain what vulnerabilities you might face in the future. This kind of report is really valuable.

I highly recommend this service compared to other vendors. It has everything included in one platform including IPS, IDS, and antivirus. By using the Palo Alto initial configuration, it is going to block many threats from day one and it is pretty easy to do. You don't have to have an in-house technical team that is capable of doing that. You don't require that kind of knowledge, which is important because many people don't understand IDS, IPS, or file blocking. They need experience. With Palo Alto, a normal person with perhaps a year of technical experience will understand how to configure the firewall and generate reports.

I would rate this solution a nine out of ten.

The Palo Alto VM-Series is a firewall that is part of our security solution.

With Palo Alto, it feels like you're using the Rolls-Royce of firewalls.

All of the next-generation features are valuable and set Palo Alto apart from other firewalls.

The application filtering, or AppiID, and URL filtering are good.

The interface with Panorama makes it very easy to use.

The command-line interface is something that some people struggle with and I think that they should have an option to go straight to the GUI.

The interface for Panorama has not changed greatly and could be updated.

I have been using Palo Alto VM-Series for more than six years.

It is very easy to scale. All you have to do is get access to the VM base and then spin it off into another virtual environment or send it into the cloud.  This means that you now have a data center through Palo Alto.

They have a new product called Prisma that allows you to create links between remote users working from different areas and use that to connect to the clouds in this infrastructure. It also allows you to get connectivity to that but not using a backhaul. Rather, you connect straight from wherever you are.

In the places where we have deployed this solution, they have a couple of thousand users.

The technical support is great. This is a brand and they have to protect it, so they make sure that the users get what they need.

I have experience with Check Point and Cisco, who both started improving their management interface after Panorama.

I would say that the initial setup is easy. I have been an IT professional for more than 20 years and can say that this is an example of a product where you simply have to read the manual. If you jump straight into it then you will start struggling.

During the initial setup you begin with the CLI, but you enter a command and it brings you to the GUI. Once you are in the GUI, you will see words on the tabs. All of these things are there if you look carefully.

The price of this solution is very high for some parts of Africa, which makes it a challenge. If it were lowered then it would be more popular.

I have been using Palo Alto since version 6.0, and I am currently evaluating the latest one, version 9.1.

My advice to anybody who is considering this solution is to try the trial version first. It is good for 30 days and it can actually be used because it is the full product. You can test all of the scenarios and try the next-generation features. You can use features like the VPN GlobalProtect and actually see it work. The same with URL filtering and antivirus.

Overall, this is a great next-generation firewall.

I would rate this solution a nine out of ten.

The most valuable features are security and support.

The packet routing speed is very good.

There should be an option for direct integration with the Azure platform. This would allow this product to take advantage of the auto-scaling that is offered by Azure. Because I am purchasing it as a SaaS model, I should get the complete functionality.

I would like to see the direct support and product ownership from the principal vendor. Ideally, the vendor should maintain ownership and be responsible for the system, including that it is operating correctly. This would give my company a better value when purchasing the product.

The pricing could be improved.

The Panorama management license should come with this solution. We have eight nodes and we still have to purchase it separately. Everything should come with a single license, rather than something that is broken into many parts.

I have been using the Palo Alto VM-Series Firewall for a few months.

This solution is stable.

This is a scalable solution but it would be better if it had direct integration with Microsoft Azure.

Currently, we have three administrators and more than 5,000 end-users through our public website.

Technical support is very good and I would give them full marks.

This firewall is easy to implement. 

Everything from Palo Alto is good and I recommend that people implement this firewall.

I would rate this solution a ten out of ten.

We use it to protect applications and data on AWS.

Embedding it into my application development lifecycle prevents data loss and business disruption, allowing the adoption to operate at the speed of my AWS Cloud.

It prevents data loss and business disruption.

It can definitely improve on the performance.

I would like more scalability included on the next release.

It has a good performance which helps you with the stability of your virtual environment.

It has to be more scalable for the deployment of VMs on the cloud.

You have to be an expert administrator of a virtual environment to know how to integrate it with your AWS environment.

Purchasing through the AWS Marketplace is a secure way to purchase this solution. Our organization chose to procure this solution via the AWS Marketplace because we have clients who were interested in the solution. Also, for out proof of concept, we decided to purchase it.

The pricing and licensing of this product on AWS should be from $1.28/hr or $4,500.00/yr. Then, it would be a good price for the performance that it delivers.

It solves several challenges protecting your AWS workloads with good security features, delivering superior visibility, control, and threat prevention at the application level when compared to other cloud-oriented security solutions.

I have not tried integrating Palo Alto with other products.

We use this as our primary security barrier between trusted and untrusted zones.

App-ID and User-ID have repeatedly shown value in securing business critical systems.

In AWS, Palo Alto provides us a better view than flow logs for network traffic.

We have ran into issues with Palo Alto’s limitations for resolving large IP lists from DNS lookups, as well as the antivirus interfering with App-ID.

I would like to see a more thorough QA process. We have had some difficulties from bugs in releases.

I see more improvements needed from AWS than from Palo Alto on the VM-Series, namely a design centered on NGFW.

We are typically at only about eight to ten percent load.

The limit of the product is based on resources that we can obtain from AWS. We have approximately 3500 users and 200 servers leveraging the Palo Alto product.

We used BYOL, because of the cost to own.

We procure the solution through AWS Marketplace because previous experience with their physical appliances.

The pricing and licensing of this product on AWS for a three-year commitment is a great deal, if you can plan that far ahead.

It is a good product, but there is room for improvement.

We use this with Microsoft AD, N2WS, IIS, MySQL, MS SQL, and a number of proprietary applications.

Primary use case is network protection, next-generation IDS, and IPS protection.

• It provides better protection.
• There is seamless integration.
• It provides complete security posture from end-to-end. This has given us better visibility into what our security aspects are.

The next-generation features of its IDS and IPS.

The product could provide protection above Layer 3, which gets into the application layer and provides better visibility into those aspects of application security. This would be very helpful. This way, there would be one tool that we could continue using.

The data aspects of data security and data loss prevention could provide visibility which would be very useful.

It is stable. We haven't had any issues and don't think about the stability.

One of the great features that we liked and selected it was its  scalability. We can autoscale and put it in Auto Scaling groups, which is very useful.

We have hardly any issues. We have had some patches of data needing some help, but that was it, and the technical support has been spot on.

Integration on on our AWS environment was one of the points that we liked about it.

We used technical support in the initial stages when we were setting it up and configuring some of the features. We used their Professional Services, who were very useful.

We have already seen ROI. 

We continue using it, because the concept was at six months, we should receive value back out of it. If the value is seen, only then would we continue using it. It is two years later, and we still continue using it.

Because the solution was getting deployed on AWS, it was the best place to go and it was available there.

One of the factors for selecting Palo Alto was they had flexible pricing. They had a pay-as-you-go model. Comparable to other products, such as Check Point, the price point was definitely a plus. It was expensive but it was comparable.

We looked at Palo Alto, Check Point, Fortinet, and some other vendors.

We chose Palo Alto because its features, especially its advanced features from the IDS and IPS. We were existing customers with Palo Alto from the on-premise side along with the integration aspects of its hardware.

Identify a use case first of all. If the use case is a match, then use the product.

We use it in the cloud for both AWS and non-AWS versions. The AWS version is far better. It works seamlessly and integrates very well with some other services. 

We have integrated it with Splunk for the security aspects and with identity and access management for configuration purposes. 

We use Palo Alto for the VPN, firewalls, and the hybrid site-to-site.

We have purchased Palo Alto VM for one of our customers. It has been a year since we have been using this product.

We use Palo Alto's on-premise version for a different purpose. We are using the cloud version for our contractors to VPN to the AWS environment.

For Palo Alto on-premise, we use it more for security firewalls. On the cloud side, we use it for customer contractors to get into the AWS environment for VPN. we use native routing and native security tools that they developed already in AWS. 

We have big team which can support Palo Alto on-premise. We have engineers which are familiar with Palo Alto products. Our customers are perfectly suited for our use case. They wanted to get onto AWS or be on the hybrid cloud. They want to keep the technology consistent across the board. Therefore, Palo Alto makes sure that they are a leader in this space. We are able to support them, and customers can take advantage of using these products, both on-premise and cloud.

• Firewalls
• VPN

On the cloud side, they need to come up with more HA solutions to support the multi-region.

The stability is fine. The product has been running well so far.

We have about 150 contractors who log into Palo Altos. We don't put heavy stress on them, but they are working fine for now.

You already can scale it if you put it in Auto Scaling groups. If you put it in a load balancer, it should already be able to scale. 

We put our Palo Altos in the public VPC, then we have contractors come over the Internet and VPN into the Palo Altos to get into the AWS environment. 

It depends on the person you get on the call from technical support, but many times I have gotten good people on the call. Sometimes, you get some bad experiences. Most of the time, it has been good.

It is easy to install. You buy it on the AWS Marketplace, then you just install it. You have already purchased the license and everything else. It is easy to configure and use.

The purchase process through AWS Marketplace was easy for us because we are partner to Palo Alto, so it was straightforward. All we need to do was purchase it from AWS Marketplace because we had a license.

AWS is available as a AMI that you can purchase from the AWS Marketplace. Therefore, you need to purchase the licensing, since it is per AMI. Then, you deploy it on a regular EC2. Then, for on-premise, you can use both Palo Alto's software and hardware. So, it depends on your usage.

Compared to other solutions, I think the pricing is efficient.

For on-premise, we evaluated Check Point and Fortinet.

I would recommend the product, and tell people, "Go for it." It has not disappointed us for the purpose that we use it. It is really matured in the networking area.

Because of our use case, we didn't have to integrate the product with anything else.

The AWS side of the product is a seven out of ten rating. The on-premise side of the product is a ten out of ten for a rating.