Palo Alto Networks WildFire Reviews

• Much more visibility during an attack lifecycle; found a lot of infected hosts and vulnerabilities.

• App-ID
• Easy migration
• Credential-based attack prevention
• PBF easily configured
• Whole team can use the firewall and understand it

The GUI is better in 8.0, but I still feel it lacks the fast response most of us desire. Logs are much quicker.

We have not encountered any stability issues.

We have not encountered any scalability issues.

Customer Service:

Customer service is excellent. Their support is top-tier for sure.

Technical Support:

Technical support is excellent. Their support is top-tier for sure.

We previously used legacy Cisco ASA. We switched because it was buggy and had no visibility; it was not easy for the rest of my team to use.

Initial setup was straightforward.

A vendor team implemented it. They were amazing.

It IS a bit expensive, but I think you get what you pay for. Value is there.

Before choosing this product, we also evaluated Check Point, Cisco, and Fortinet.

• App-ID
• User-ID
• Ease of deployment and usability
• Filtering Mechanism like SP3 Engine

From a technical perspective this has given us a new high as this is how a technology solution should function. From a sales perspective, we have been able to pitch the solution to new customers as it seems cheap to customers when we bundle the solution, compared to getting each device for individual functions.

• IP SLA tracking
• GRE tunnel support

I believe these are the major improvements in the pipeline.

I've been using it for four years.

It crashes too frequently for a few boxes, which could be expected from a new vendor as it evolves. The best part is RMA, as you get the box back quickly if you have it in the contract.

No issues encountered.

No issues encountered.

If it is Arrow support, it's pathetic. I wouldn't recommend them. However, if you go directly with the PA team they are the best tech junkies I have worked with.

6/10.

We used to have Netscreen as our favourite, but it went EOL. Being an MSP we have to have expertise with all the devices. Although, Netscreen is our favourite.

I would say that this is difficult to answer, as the setup would be adaptable based on the mode you use, and the way the firewall can be configured. If you ask an expert it would be straightforward. If you ask a newbie, it would be not that difficult to configure if you follow the mentioned steps.

Go forward, this is an amazing device to be implemented if you have the cost to bear.

It has one of the best WebUIs that I have used, because at a glance looks simple, but offers us a lot of options to secure all the traffic that is passing through the device (or all traffic that the user decides to pass through). Besides, the way that scan the applications to detect what kind of application is do not affect anything about the device's performance. The way that the product process or handle the traffic, is one of the best in the industry.

Well, I work as a security consultant, so one of my functions is to help and provide to the end users with recommendations about technologies or process to secure their network. So, one of my customer decide to migrate from TMG/UMG to Palo Alto, it took a while, but during this process, I showed them many ways to improve their current security with Palo Alto, and after a while, they are very comfortable with the technology, for them now, it is easier to apply some kind of web filtering or application filtering than the past.

I'd like to see a wizard to create IPSec VPNs. They need to  improve the graphics to show the network behavior.

Deployment is easy.

The stability is acceptable.

It depends about the project, but offers a good HA option.

Always show to the customer what the product can do for them and what not, is a good practice, because they can open their eyes and to be sure what are the benefits of that technology. Always analyze the network topology, using the customer's network diagram and ask every doubt that you have, for my experience a good analysis and deployment plan give us a successful implementation.

It can do sandboxing on the premises, and it can be directly integrated with Palo Alto NGFW. The malware information on the file that has been sandboxing will be directly updated to the Palo Alto NGFW, and added to the Palo Alto Networks NGFW malware signature library. Also, the credential data within the file that has been sandboxing still be kept on the premises.

Palo Alto Networks WildFire can detect many types of attacks that are using malware embedded on files/URLs with minimum time, and it can increase the effectiveness of resources (time and people) to prevent the malware.

In my opinion, it could be developed to be dependent not only on signatures, but also on patterns and behavior of malware. What I would like to see in the next version/release is to be able to handle much more file types on premises during deployment, because now on premises deployment a .APK file must be sent to the cloud for sandboxing.

I can't remember exactly, but probably more than six months.

For now, I have no issues with the deployment.

For now, I have no issues with the stability.

For now, I have no issues with the scalability.

Both customer server and technical support are very good.

In our case, before we contact Palo Alto Networks technical support, we can contact the Palo Alto Networks local distributor, who provide Palo Alto Networks technical support locally.

I forgot what the name or product that used previously, but the reason I choose Palo Alto Networks wildfire is it integrated with Palo Alto Networks NGFW that already used on the network environment

The initial setup of Palo Alto Networks WildFire is simple.

We’re the ones who implement the Palo Alto Networks WildFire in our customers environments.

It’s not about what we will get directly from having Palo Alto Networks WildFire as an ATD device, but it’s all about the loss of resources you suffer if you don't have it implemented.

User identification and the Applipedia are the most useful. The integration of the Applipedia with the application identification at layer seven makes it a very comprehensive, and secure, firewall.

We have the ability to see what traffic is coming and going in a much deeper and more detailed fashion. We have also found, and stopped, several malware applications before they infected the endpoints.

I've used it for five months.

During initial testing we were too strict on what was allowed outbound. We ended up needing to open up more broad categories. We also found that several websites do not function well with the SSL Decryption feature. We also found that a custom script is required to put the SSL Decryption certificate into Mozilla Firefox.

No the product has been very stable and reliable.

We implemented it in a smaller environment but, find that the 3000 series has plenty of power and has the ability to grow with us as we provide north-south as well as east-west security between internal environments.

Customer service is very friendly and responsive to any request.

I have found the tech support to be impressive. Support agents are available 24/7, and I have never waited for more than an hour to speak with an agent. I would consider the first team you call to be equivalent to most level two or three engineers.

Previously we used Cisco ASA 5510 and Fortinet. Fortinet was an old version and was phased out due to this. The Cisco ASA was replaced do to the limited capability of the out of box functionality and reporting.

Initial set-up was straightforward and easy. We were able to get both devices on the network and set-up to look at traffic within a few hours on split up time. The products complexity came from the terms and the overall thinking of how the product works.

We did it in-house.

Before choosing Palo Alto we also reviewed Cisco ASA, Fortinet, and Sophos.

The product is straightforward to implement, though if you are looking for a quick implementation, I would suggest bringing in an expert.

Being able to discover malicious files unknown to most AV vendors.

It has allowed me to stop new attacks before they could gain a foothold in my network.

• Inspection over different protocols (not just HTTP/FTP)
• Inspecting more file types
• Providing information back to the community that it uses to support its product.

I've used it for three years. However, my current company isn't using the product. I took a different engineering route into the company and I decided to use other protection solutions and not Wildfire.

The deployment of Wildfire was surprisingly easy.

Wildfire itself was a very stable product.

I never had any issues with scalability. When I enabled it, it seemed to work in the environment that the firewall was already servicing.

Great when I was at a large company but average or less than average at a small company.

Overall their support people are better than most tech companies.

There was no solution in this space before Wildfire. Both FireEye and Wildfire came onto the market right around the same time.

It was straightforward as I could, literally, turn on the firewall settings in five minutes or less.

You really don't need to pay to turn it on. The configuration is very simple.

There are two levels of Wildfire.

1. The free version which is great, so I would guess there is no ROI on this version
2. Then there is the subscription version of the service and this is a very affordable yearly subscription per firewall

Initially, the product doesn't cost anything for the first tier of usage you can prove the product before buying it.

• FireEye
• Blue Coat
• ProofPoint.
• Even as the more the list of products I look at each year is pretty long.

If you're running Palo Alto firewalls there is no reason not to use it at the free level. Once you have run it for a while at the basic level, you can make an educated decision if it's worth paying for the subscription (it is).

Sandboxing is the primary use case. WildFire is used for that. There are two options: one is on the cloud, and one is on-premise. The cloud version is perfect. It is working very well. But on the on-premise version, we have faced a lot of problems previously.  

The threat intelligence from WildFire supports our proactive defense strategies. Palo Alto has a unit 42 team, which is one of the best in the market for threat intelligence. Their threat intelligence is comprehensive.

Also, Palo Alto is a pioneer in AI and ML integration, so I think there are some AI processes running in clusters.

It can detect new threats, particularly. It's a sandboxing prototype. 

We send mostly emails or connections with context or files. The most important thing is how many kinds of files the sandbox can handle. Also, Palo Alto is good at this. There are more than 20 different file types, this product can understand.

 The important thing for sandboxing is how many different types of files the sandbox product is analyzing. And so, also, Palo Alto is good at it, compared to other sandboxes.

Palo Alto doesn't do much to support the on-premise version. It wants too much self-support for the on-premise version of WildFire. 

But for regulation purposes, some of our customers don't want to use the cloud environment, so they have to use the on-premise version. 

Integration is okay, not too hard, with Palo Alto. But we are facing a lot of issues, and most of the issues go unresolved. So, the on-premise version is not very stable.

With my experience, the cloud version is stable. So I need the on-premises version to be more stable.

I have been working with Palo Alto for four years, but I have been familiar with WildFire for one and a half years.

I would rate the stability a seven out of ten. 

The cloud version is very stable. It is working very fine. Integration is very easy. There are not too many issues. I like it. Compared to the on-premise version, it is very easy and very effective for customers.

Some of my colleagues work on SD-WAN.

The initial setup is a little bit complex on-premise, but not too complex because it can only connect to a Palo Alto firewall. On the cloud, it is very easy; you only need to enable it with a click, and it is done. After that, you can set up the configuration on the firewall. 

But on-premise, it is not a configuration issue; it's a little bit of a stability issue.

Integration with existing infrastructure: 

WildFire can only integrate with the Palo Alto firewall. Right now, maybe XDR can integrate on the cloud version, but you cannot integrate it with other vendors or put it standalone without any Palo Alto product.

We are an integrator. We also work with some other vendors.

WildFire has improved our customer's security posture and reduced costs overall.

It's not hard to configure as it connects to the firewall. After integration, you don't need much configuration and don't waste too much time, so the return on investment is very rapid.

In general, all Palo Alto products are a little bit higher in price compared to competitors.

I recommend it, but mostly the cloud version.

I recommend it to any company who needs sandboxing or this kind of file analysis. But they must be careful if they have to use on-premise, because of the stability issues.

Overall, I would rate the solution an eight out of ten.