I have worked with Palo Alto Industrial OT Security as a presales engineer. I am the distributor. I have a partnership with Palo Alto, and my customers are System Integrators.
Comprehensive security features with integral network communication view
What is our primary use case?
What is most valuable?
Real-time monitoring and proactive threat prevention offered by Palo Alto Industrial OT Security is a key feature of the product, which is distinctive since many other security solutions for industrial plant environments are basically able to detect - not protect. They need to be integrated with other security components, making the deployment more complex as more products and solutions need to be integrated. In Palo Alto, we have a single device that does everything.
These features contribute to maintaining oversight over my Industrial networks or my customers' networks, and it's very important. It is a way to detect any change in the field, even if changes are made outside the proper control processes.
The capability of Palo Alto Industrial OT Security to map network flows and understand asset interdependencies is especially important in complex environments. In smaller environments, which are the most common in my country, the industrial plants usually change very slowly, so this kind of discovery feature is interesting at the beginning but not critical after the first deployments.
The positive impact of Palo Alto Industrial OT Security on my organization brings benefits such as a constant view of the intercommunication and connection between different areas of the networks.
What needs improvement?
The area for improvement in Palo Alto Industrial OT Security is the coverage of the different types of devices that can be connected, which is a common complaint or request from the end user as everyone has something that is different from the others. Therefore, the solution must always be able to detect any new device that can be connected to the infrastructure.
The reason I do not rate it higher than eight out of ten is that the device coverage is always a concern.
For how long have I used the solution?
I have been learning Palo Alto Industrial OT Security for at least half a year.
What do I think about the stability of the solution?
I have no negative feedback regarding the stability of Palo Alto Industrial OT Security in terms of performance issues; it always works flawlessly.
What do I think about the scalability of the solution?
Palo Alto Industrial OT Security is a scalable solution; depending on the needs, I can always add new firewalls to the infrastructure, and those firewalls feed their information to the cloud engine, which simply expands the capabilities. From the point of view of the license, it means that I need to consider the OT license on the new firewall devices deployed.
How are customer service and support?
It's hard to rate the support for Palo Alto Industrial OT Security. I have never been involved in or informed about the support tickets related to IoT security in the last years.
How would you rate customer service and support?
Positive
How was the initial setup?
It's easy to install Palo Alto Industrial OT Security. It is simply a license on a Palo Alto firewall, but the problem is the integration of the firewall inside the production network, which is usually tricky because those networks were not developed with security in mind.
I probably spent one or two days on the deployment process of Industrial OT Security, counting all the opportunities that I had as POCs. I have not utilized the Anomaly Detection feature in Palo Alto Industrial OT Security. I had the opportunity to test the detailed asset discovery and inventory management feature.
We need to do extra activities or periodic discovery scans. Maintenance of Palo Alto Industrial OT Security requires regular updates of the version of the operating system on the Palo Alto boxes, and to properly operate the firewall, it needs to have constant connectivity to the internet to access the cloud engines of the IoT security for discovery.
What was our ROI?
Because I work as a presales engineer for this type of solution, I am not seeing such visibility on return on investment or any metrics from my customers.
What's my experience with pricing, setup cost, and licensing?
The pricing, setup costs, and licensing allow customers to save and reduce costs. The licensing is based not on the number of protected devices. It's based on the type of firewall that is installed to apply the controls. This gives a clear view of the investment and the total cost of ownership since the price and cost do not change based on the number of devices connected, which is a difference with the other competitors.
Which other solutions did I evaluate?
I have never evaluated any other solutions before choosing Palo Alto Industrial OT Security; I had no opportunity to use other solutions.
What other advice do I have?
I am just starting to learn Cortex XDR. The deployment model is mandatory on-premises.
I would rate the product in general as eight out of ten.
Which deployment model are you using for this solution?
On-premises
