Palo Alto Networks IoT Security Reviews

I use it for one of my customers, and my role is to help my customer with the solution. They use it for their IoT devices in the field, and they have a lot of sensors out there for their heating equipment and air conditioning systems.

One of the favorite features is that they can plug in a device and update it without being on the network, so you can perform an offline update.

If all the IoT devices in the field can provide a single pane of glass and management through that platform in a controlled fashion, that would be really beneficial.

One thing I communicated to them is that they need to provide a managed update for their IoT devices.

I would say over five years.

The stability is pretty good; it's a very solid solution, so if customers are looking for an IoT/OT solution, they should consider Palo Alto Networks IoT Security.

The platform is definitely built for scalability, so if you start small and you want to scale up to thousands of devices, you can easily do so by just getting more modules.

I had to call the support because there were some devices that were not showing up.

I had to call because some workflows were not working properly.

It was pretty good; I was impressed.

Positive

I have worked with various solutions, especially Palo Alto Networks IoT Security.

I would say it was of medium difficulty.

It took a couple of days.

One person can do it.

Maintenance is not that difficult; you can easily manage it from the platform.

The pricing is not that bad.

Palo Alto Networks IoT Security does require you to manage the system.

The pricing is not that bad. I would rate this solution an 8 out of 10.

We deploy Palo Alto IoT Security for various clients who utilize a range of applications, products, and versions depending on their specific needs. While the deployed solutions vary, clients primarily utilize the Palo Alto Strata platform.

Many clients are switching to Palo Alto from other vendors because it offers better security and cost-efficiency, allowing them to centralize more features in a single, reliable appliance.

Experienced engineers often find Palo Alto highly intuitive and easy to learn, thanks to its user-friendly interface and well-structured documentation.

Palo Alto’s IoT Security solution offers considerable visibility, even with basic licensing. While advanced features enhance the depth of insights, the standard package still provides valuable information about connected devices and their activities. Although it may not deliver a comprehensive view of the entire network, it effectively highlights critical details specific to IoT security.

Palo Alto is widely recognized for its GlobalProtect feature, offering robust security options such as user ID mapping and VPN capabilities. Clients also value the flexibility of its firewall deployment, which adapts well to diverse environments.

Palo Alto Networks IoT Security provides granular zero-trust least-privilege policy recommendations, ensuring enhanced security tailored to specific needs. The speed of creating zero-trust policies depends on the complexity of the desired outcome, but for straightforward objectives, the process is efficient. When the desired outcome is well-documented, creating policies becomes simpler, as the required steps are clearly outlined. From there, it’s a matter of configuring details and implementing changes, making the process relatively straightforward in such scenarios.

Customers also appreciate the seamless integration of Palo Alto’s IoT Security with platforms like Cisco ISE and other Cisco tools, including user identification systems. This flexibility, combined with Prisma Access integration, provides comprehensive security across varied environments and ensures interoperability with existing infrastructure.

IoT Security's risk assessment features offer valuable guidance for aligning with best practices, which is crucial for engineers making adjustments or managing new deployments. This ensures compliance with industry standards and facilitates informed decision-making.

Palo Alto Networks IoT Security leverages its next-generation firewall as a sensor, eliminating the need for additional hardware. While this multi-functional approach is advantageous, it’s important to recognise that the firewall may not address every security layer effectively. Relying solely on it for all security needs might not be ideal, so a layered security approach is recommended.

The product could improve by offering more comprehensive network visibility and expanding beyond IoT-specific activities to provide a holistic view of the entire network. This would allow administrators to better contextualize IoT device behaviour within overall network traffic. Additionally, while the next-generation firewall's role as a sensor is beneficial, addressing its limitations in handling all security layers would enhance its effectiveness and reliability for broader security needs.

In future releases, incorporating advanced analytics for proactive threat detection, automated response mechanisms for IoT-related incidents, and improved scalability for managing diverse and growing IoT ecosystems would significantly enhance the product. Enhanced integration with third-party platforms and tools could also improve interoperability and streamline security management across complex environments.

It would be beneficial if Palo Alto IoT Security could integrate with Let's Encrypt for free SSL certificates.

I have been working with Palo Alto IoT Security for about three years.

We have not experienced any stability or performance issues with Palo Alto IoT Security.

Palo Alto IoT Security is scalable.

The technical support is good.

Positive

I have experience with both Cisco Firepower and Palo Alto, and Palo Alto is a more user-friendly and adaptable platform. It offers greater flexibility and consistency, resulting in a more reliable experience than Cisco Firepower.

The reasons for switching include the need for more advanced threat detection, enhanced visibility into network traffic, or a desire for a more integrated approach to security. Palo Alto's focus on next-generation firewalls, user-friendly interfaces, and comprehensive features like GlobalProtect and IoT Security often makes it an appealing choice for organizations seeking improved performance, scalability, and ease of use.

The initial setup requires planning and proper sequencing to prevent issues. The setup becomes straightforward with the right knowledge and experience, but it can be complex at first.

Usually, one or two people handle the implementation. The deployment involves interviewing the client to understand their expectations and determine whether Palo Alto Networks IoT Security would best suit their needs. Based on their goals for deploying the firewall within their network, we'll develop a high-level plan and submit it for client approval. Once approved, we'll create a detailed implementation plan. After the client reviews and approves this detailed plan, we'll proceed with the deployment.

The deployment time for Palo Alto Networks IoT Security varies based on client needs, network complexity, the number and connection methods of devices, and other factors. For a college with around 1,200 users migrating from another vendor, the estimated time frame, including project initiation, requirements gathering, device deployment, and final delivery, would likely range from 30 to 45 days.

Customers transitioning from Cisco to Palo Alto are benefiting from competitive pricing on high-quality products. As Palo Alto partners, we provide not only competitive pricing but also exceptional service, which has been met with overwhelmingly positive feedback. The growing trend of successful migrations underscores Palo Alto's superior cost-benefit ratio for firewall solutions.

I would rate Palo Alto IoT Security nine out of ten.

Palo Alto IoT Security requires regular maintenance, including firmware and patch upgrades, which may occasionally cause planned outages for firewall restarts. While these updates are generally straightforward, they involve some inherent risk.

When considering Palo Alto, compare its features and integration capabilities with those of other vendors. Look at its ability to manage layers from two to seven within the same device, which not all firewalls can do. Consider Palo Alto's ease of management compared to other firewalls.

We are an insurance-based company, and we had some regulatory requirements that needed to be fulfilled. We've used Palo Alto primarily for our network security needs. It was part of our infrastructure for over three years before being replaced.

The visibility is precise, allowing us to identify the location and cause of IoT-related incidents, such as wildfires. This feature enables effective sandboxing and follow-up, allowing for targeted ticket creation and evaluation of execution status.

Initially, when we deployed Palo Alto, we noticed significant improvements in network response times. Our users experienced a better internet experience and improved access to DMZ resources.

The risk assessment information is comprehensive but comparable to other brands. However, Palo Alto's fabric and assessment are far superior at identifying network risks and threats due to their extensive research. In a zero-day attack, Palo Alto will most likely recognize it or its pattern and flag suspicious activity. Otherwise, all firewalls offer similar capabilities.

I find Palo Alto Networks IoT Security to be highly responsive, and its separate management and data planes are a major advantage. As an insurance company in the financial sector, we must meet strict regulatory requirements, and Palo Alto has proven to be an excellent solution. Its management is straightforward, the dashboards and reporting are comprehensive, and most importantly, it functions exactly as described in the documentation. For example, when we needed to block YouTube on our network, Palo Alto successfully blocked access while our Cisco firewall failed to block access on iPhones. This highlights the inconsistency we've experienced with different firewalls, whereas Palo Alto has consistently performed as expected.

Improvement areas include enhancing integration capabilities and making policy creation less cumbersome. The process involves navigating multiple windows, which could be streamlined.

Palo Alto Networks IoT Security's reporting capabilities are less comprehensive and robust than those provided by Cisco.

I used Palo Alto for approximately three years before switching to another solution five months ago.

The technical support from Palo Alto was excellent, providing responsive and effective solutions to our issues. Their support staff expertly guided us through the warranty process, ensuring timely resolution of all problems.

Positive

Before Palo Alto, we used Cisco Firewalls. We switched due to Cisco's limitations with layer three visibility and Palo Alto's offering of layer seven visibility, allowing us better control and insight.

The initial setup of Palo Alto was relatively easy and a significant improvement over ASA. Moving from ASA, which only provided Layer 3 visibility, to Palo Alto's comprehensive Layer 7 insight was a significant upgrade.

The deployment took one month.

The deployment involved our entire team, with six to seven people, including two to three from the vendor side and three from our in-house team.

While Palo Alto's capabilities are strong, the cost, especially for renewals, did not offer a good ROI. The renewal cost was high compared to newer Fortinet solutions, which provided better economic value.

Palo Alto is too expensive. The initial investment is substantial, but the renewal costs make it financially unsustainable. When compared with other firewalls, the cost-benefit ratio is less favourable.

While Palo Alto Networks firewalls generally offer superior specifications and capabilities compared to Fortinet FortiGate, their higher cost often results in a less favourable ROI. Fortinet FortiGate, with its more competitive pricing, typically provides a better ROI, making it a more cost-effective solution for some organizations.

I would rate Palo Alto Network IoT Security eight out of ten.

We used Palo Alto firewalls for approximately three years, having purchased them in early 2021 with a three-year license. However, due to the high renewal cost and insufficient return on investment for our needs, we replaced them with Fortinet firewalls. Despite the Palo Alto hardware having a lifespan of four to five years according to our policy, we found the Fortinet dashboard more suitable and cost-effective.

My experience and that of my administrators in traditional methods have led us to prioritize manual oversight within our 24/7 operation. Due to the potential for significant impact from any past adverse incidents, we minimize reliance on automation. We focus on ensuring the functionality of existing systems and policies, favoring manual implementation for greater control and reliability than automated tools.

Deploying Palo Alto firewalls takes a similar amount of time as it did migrating from Palo Alto to Fortinet. During my experience deploying Cisco firewalls, I encountered an issue where companies failed to share information effectively. A seamless transition between platforms could be achieved if vendors provided tools to translate configuration files. However, this is often not the case, especially for IoT devices, leading to manual configuration, which is time-consuming and dependent on available resources and the specific network environment. In my experience, migrating between firewall platforms takes a considerable amount of time regardless of the vendors involved.

I recommend enhancing integration capabilities and making policy creation easier. Better integration and streamlined policy processes could significantly enhance user experience.

Neutral

We use Palo Alto Networks IoT Security. The on-premises firewalls send logs to the customer's Cortex Data Lake. The IoT solution collects these Cortex Data Lake logs to suggest security policies for the firewall automatically. We provide an automated security posture by integrating artificial intelligence and Cortex Data Lake data.

The real-time monitoring capabilities have improved our security posture.

Palo Alto Networks IoT Security is remarkably user-friendly. Once we learn how to use it, it is a great hands-on product.

Palo Alto Networks IoT Security offers exceptional visibility into scanning reports by integrating XOR and Cortex Data Lake.

The risk assessment information that Palo Alto IoT provides is excellent. We get a lot of information.

Automating device visibility and policy creation has saved me and my staff time by eliminating the need to verify policies, services, and user quarantine status manually. The system automatically suggests appropriate actions, making my job easier.

Palo Alto Networks IoT Security has saved us 10 percent of our time.

Machine learning technology has adapted to the evolving threats in Palo Alto Networks IoT Security. The machine learning algorithm deployed in the next-generation firewall helps identify and predict the probabilities of viruses. Based on that log, cloud antivirus inspection engines and a machine learning antivirus engine are integrated with the IoT whenever a firewall cannot understand a signature. This is where machine learning significantly contributes to IoT security.

I like the Cortex Data Lake integration with security automation. They also integrate with SIEM, Cisco ISE, and third-party systems, which is great because it's interoperable across vendors. IoT will collect XOR logs from the XOR engine; third-party integration is a big plus. It also integrates with Cisco wireless LAN, Aruba wireless LAN, and others. This allows for endpoint protection, IP address management, and many other integrations so that the IoT cloud can have visibility into asset management, endpoint management, IP address management, wireless LAN management, network access control integrating with Cisco ISE, and then scanning all the networks by collecting all that data. These are the things I like about Palo Alto Networks IoT Security.

The primary problems are firewalls unable to reach the cloud or port issues between the Cortex Data Lake and the IoT servers. If these issues occur, IoT data collection will fail. If IoT data collection fails, automatic security pushes, and other intakes will also be impacted.

It would be great to incorporate SD-WANs into our network infrastructure. This would enable us to maintain centralized coordination directly from the IoT devices. Essentially, this solution focuses on data analysis and cannot perform any physical actions.

I have been using Palo Alto Networks IoT Security for almost three years.

I would rate the stability of Palo Alto Networks IoT Security seven out of ten. It is getting better but has room for improvement.

I would rate the scalability of Palo Alto Networks IoT Security eight out of ten.

The technical support is helpful. They have strong SLAs, and our support level will increase based on the service we purchase.

Positive

The initial deployment was neither straightforward nor simple. We contacted the sales team for an estimate, and they assisted us with IoT security. The deployment process lasted approximately one to two months.

I would rate Palo Alto Networks IoT Security eight out of ten.

We have around 30 users in our organization.

It is crucial for us that the Palo Alto Networks IoT Security firewall acts as a sensor requiring no extra hardware to deploy or manage.

Maintenance is required because Palo Alto Networks IoT Security relies on updates to function effectively.

Our primary use case for Palo Alto Networks IoT Security is for the operational technology (OT) network. We have industrial systems, referred to as ICS or Industrial Control Systems, to control manufacturing devices. The IoT subscription is necessary for various compliances, such as ICS compliance or SCADA compliance. For that, we have Palo Alto Networks Firewall and IoT Security ensuring adequate security is in place.

The deductions from application protocols and application signatures are very important. Once visibility is obtained, it is possible to discuss with the team and take action. This visibility is crucial.

It is simple to use. We just need to enable features and then configure IoT policies. We can take a call on whether to block or allow something. It is pretty simple.

It is not very comprehensive in terms of visibility. When we tested, multiple application signatures were not available with Palo Alto. Fortinet, Claroty, and Nozomi had more application signatures and visibility protocols. More application signatures are required. Claroty and Nozomi also have more automated solutions and more straightforward options to integrate through APIs, etc.

Palo Alto should also look into level 0, level 1, and level 2 Purview models. 

Its risk assessment is okay. It is not bad or good. When it comes to risk assessment, we should get more intel in terms of device identification, the type of device, the operating systems, and the application traffic. With all these together, we get better information.

I have been using Palo Alto Networks IoT Security for five and a half to six years.

The stability of Palo Alto Networks IoT Security is normal.

Palo Alto Networks IoT Security is scalable. They are doing well in this area.

They are very process-oriented. They should be more flexible in supporting customers.

Positive

We used Forescout before switching to Palo Alto Networks IoT Security. Forescout was more focused on the network level rather than the perimeter level. For perimeter level, options include Palo Alto, Fortinet, or Check Point.

Its implementation is simple. There is not much work to do. Because it does not have so many features, the work is less. It provides basic security, making it simple to configure.

In terms of maintenance, we have to regularly look into it and alter the configurations. Regular maintenance is required.

The deployment involved two people from our team. Although a reseller was present, the implementation was done in-house.

There is not much return on investment. It is primarily a compliance and security requirement rather than a solution offering direct ROI.

The pricing for Palo Alto Networks IoT Security is a bit high.

It is very important for the next-generation firewall to act as a sensor, eliminating the need for extra hardware deployment or management, and allowing seamless communication with the external world.

Palo Alto Firewall does not have an inbuilt system for Zero Trust. They have a separate solution called Prisma Access that can be integrated, whereas Fortinet Firewall has an inbuilt system, so the Fortinet Firewall can act as a zero-trust data capture gateway. Palo Alto Firewall requires a separate solution, so there are additional system requirements.

I would rate Palo Alto Networks IoT Security an eight out of ten.

Our customers want to manage the security of their cameras and endpoints such as servers. If there is any malware or a security risk on a device such as a camera, they can monitor the IoT logs and just quarantine the device.

We have good visibility over the network and all devices that are connected with IoT Security. We have malware risk assessment and inventory information.

It provides granular Zero Trust least privilege policy recommendations. The coverage depends upon the customer's use and risk rating. If they have a high risk, the policy has to be created or changed accordingly. It depends upon the risk and the customer. Policy creation is 10% faster because of these recommendations.

Our customers get an inventory as well as information about all the threats and risks. It is very useful for operations. IoT devices are very critical for the operations of the company, and it makes operations easy.

It does risk assessment at the backend, and based on its threat intelligence, it gives us the threats.

It is fast and it gives proper results. It works properly. There has been about a 20% time savings.

I like the threat information, and we can share the logging data with Cortex Data Lake. If you have a Cortex subscription, you can integrate all logs with Cortex Data Lake. It is a good option, and it is very useful for all the customers. We recommend this integration with Cortex Data Lake to our customers for security.

The dashboard is good. I like the organization and navigation of the dashboard. They have an executive summary and information about security and inventory. They have put the thumbnails properly. That is a very good feature. I like the management aspect of the dashboard.

It is very easy to use. Palo Alto always provides good documentation. The configuration part is clearly explained in the Palo Alto documentation. There are no complications. It is very useful.

There can be more automation in terms of security and detection. It is already good. We have been using it only for a year, and it has been good. Over the next couple of years, we will get more details about what more they can implement into IoT Security.

I have been working on Palo Alto support for the last five years, and I have been working with Palo Alto Networks IoT Security for the last one year.

It has only been a year. At this time, I would rate it a seven out of ten for stability.

Its scalability is very good.

I would rate their support an eight out of ten.

Positive

We have not used any other solution before.

It is deployed on the cloud. Its deployment is straightforward. It is not complicated.

A new deployment takes about one week because we have to collect all the device information. It depends on the customer's requirements and environment. It depends on their network and how many devices they have, but usually, one week is enough for deployment.

Me and my colleague work on the deployment. Most of our clients are medium enterprises. 

In terms of maintenance, we generally do not require any maintenance window. Only for a reinstallation, we need the maintenance window.

I can recommend it to others. I do not know about other products or vendors, but when it comes to Palo Alto Networks IoT Security, there is good management of IoT devices. Palo Alto manages all the products perfectly.

It is not complicated. By referring to Palo Alto documentation, you can use the product very well. There are no complications. It will definitely protect all your devices.

I would rate Palo Alto Networks IoT Security an eight out of ten.

We use Palo Alto Networks IoT Security for firewall protection to keep our client's data safe.

Palo Alto Networks' IoT Security has bolstered our defenses with its advanced features, providing a significant improvement to our overall security posture.

Palo Alto Networks IoT Security provides granular zero-trust privilege policy recommendations. The zero-trust policy recommendations help speed up policy creation. For example, we can block Facebook using any firewall but if we wanted to block Facebook but enable the chat feature, it can only be done using Palo Alto.

Automating device disability settings and policy creation with a user-friendly SaaS service has significantly improved our efficiency, freeing up valuable time.

The key strength of Palo Alto firewalls lies in their application-based approach, offering a much finer level of control compared to traditional firewalls.

The larger, data center-sized Palo Alto firewalls we're deploying are proving difficult to install and manage, highlighting an area for improvement.

While Palo Alto Networks IoT Security offers a functional solution, there's room for improvement in user-friendliness. While not overly complex, its usability could be enhanced, making it a more intuitive experience for everyone.

I have been using Palo Alto Networks IoT Security for two and a half years.

I would rate the stability of Palo Alto Networks IoT Security nine out of ten.

I would rate the scalability of Palo Alto Networks IoT Security ten out of ten.

The technical support is good.

Positive

While Palo Alto Networks IoT Security might cost more than some competitors, its features and effectiveness justify the price tag.

I would rate Palo Alto Networks IoT Security ten out of ten.

For those with network knowledge, Palo Alto Networks IoT Security is easy to use and for those without network knowledge, the learning curve is not steep.

We have around 450 users.

In our organization, we use the product "PA 3220" for Security and NAT policy configuration to block unwanted traffic. We can create different zones in our network, such as trusted, untrusted, DMZ. advance threat protection, and anti-malware protection. 

We can create site-to-site and remote site VPNs as per users' requests. With the help of the SP3 engine, we can allow traffic with a high level of performance. We are able to configure the high availability as Active-Active or Active-Passive to load balance the traffic on the firewall interface. A vulnerability assessment is also done.

All the applications are classified on the basis of their features and functions.

The Sp3 Engine has helped us. Whenever any packet comes to the Palo Alto then a parallel process and single-pass activity are there. A fast packet forwarding mechanism is used here. 

Single-pass traffic processing enables very high throughput and low latency. Single-pass software and parallel processing hardware are completely unique in network security.

We take advantage of a user behavior monitor and threat protection.

The Sp3 Engine is helpful. Single Pass software and Parallel Processing hardware are completely unique in network security.

This significantly reduces the amount of processing overhead required to perform multiple functions in one security device.

SP3 engine is most suitable for Next-Generation Firewalls.

All the features are good here as compared to other Next-Generation firewalls, however, some steps of configuration are complex and require hiring experienced staff. The cost is still high and licensing is still complex.

The current version Pan OS v10.0 is a more stable version now - most of the bugs and issues are fixed.

There's no need to add any points from my side about this product. It's a very good Next-Generation Firewall in our current environment.

I've used the solution for around the last three years.

We offer IoT devices for applications such as fleet management solutions. When developing these devices, we want to explore security tools that can safeguard these types of device management solutions.

From a security standpoint, it provides a comprehensive range of standard security features that align with our requirements. The IoT security tool we selected has a distinct advantage in terms of its feature set as it allows us to perform security scans on a per-device basis and obtain comprehensive results for all our devices.

It would be beneficial to have a more centralized and user-friendly platform that could consolidate all the necessary information, which proved challenging during the initial POC phase. We would rate the comprehensiveness and visibility as a four out of five because certain challenges need to be addressed and improved.

I have been using it for a year now.

The initial setup was a smooth experience and it only took us a day or two to complete it.

We deployed approximately twenty devices solely for the purpose of the POC.

Overall, I would rate it seven out of ten.