Palo Alto Networks Advanced Threat Prevention Reviews

We implemented the IPS solution and the DNS sinkhole blocking. 

For us, the IPS is very valuable.

It is stable and reliable.

The solution has helpful support.

You can scale the product.

The initial setup is complex. 

We'd like more APIs to manage programmatically the IPS to orchestrate it and
avoid logging into the graphical user interface console. We'd like to have some robots to manage the solution's tasks.

I've been using the solution for about three years.

It's a stable solution. We've never had any issues with our environment. There are no bugs or glitches and it doesn't crash or freeze. 

We have about 30,000 servers using this solution. It's not for end-users; it's for computers, for servers. It can scale to meet your needs. 

Technical support is good. We've been happy with them so far. 

The initial setup was very complex as the solution does not have these APIs to facilitate the configuration. Therefore, we had to manage some scripts to perform the configuration.

Our deployment took, approximately, eight months.

We implemented the solution with the help of a reseller.

We pay for licensing on a yearly basis. You simply need to pay the licensing fee and there are no extra costs. 

We're a customer and end-user.

It's a pretty good solution. After three years, we haven't had any issues or concerns with our environment. The advice I can give is to implement it and to test it, as it's a really good solution.

I'd rate the solution eight out of ten.

We use it to upload, delete, and list what to publish on the net to block websites and even posts.

Recently, I blocked Adobe Acrobat Reader. When you install it on your PC, sometimes it contacts the internet and opens some posts. Thus, it can be easily hacked by a user on the internet. When you browse for this kind of list, you can easily upload it on Palo Alto without any difficulty.

It's very easy to use and configure.

What is nice about Palo Alto is that even if you don't understand how to use it, you can just click on upload and upload everything that needs to be blocked.

It also has signature-based prevention.

The interface is really user friendly. You can easily see what sites you have been blocking and their criticality. 

You can also capture packets from this tool, which is really nice.

The cost involves the price of the hardware, which is expensive. However, most of the Palo Alto solutions are expensive.

These devices cost a lot here in Mauritius, for example, one device can cost approximately $4,000. The cost for the license would be in addition to this.

I would rate this solution at ten on a scale from one to ten because I've never had any issues with it and have never been hacked.

I have been using Palo Alto Networks Threat Prevention for approximately 10 years.

The stability of Palo Alto Networks Threat Prevention is good.

I have found Palo Alto Networks Threat Prevention to be a scalable solution.

The support from Palo Alto Networks Threat Prevention is good.

Palo Alto Networks Threat Prevention could improve by having consistent pricing at system levels.

My advice to others would be to use Palo Alto Networks Threat Prevention for the perimeter of the network.

I rate Palo Alto Networks Threat Prevention a nine out of ten.

We are in financial environment so we put it on premises and in the cloud.

Everything has been okay with the solution. We are using all of the features. 

In terms of what needs improvement, the only thing I don't like is the support.

I have been using Palo Alto Networks Threat Prevention for eight years. 

Palo Alto is very stable. 

It is scalable. We haven't confronted any issues.

The deployment is easy.

Licensing is yearly-based.

The pricing is higher compared to their competitors. I think Palo Alto is has the highest price.

I would recommend Palo Alto to anybody looking for threat prevention. 

I would rate this solution an eight out of ten. 

The resource consumption should be addressed. The technology firewall anomaly network could stand improvement. 

The pricing could be better. 

We are currently using Palo Alto Networks Threat Prevention.

Our network and the stability are good. Authentication of the location is stable. Nothing is changed.

The solution is scalable. 

The pricing could be lower. 

I like the solution's interface.

The features are very easy to manage. The firewall is responsible for a host of tasks, as we use it for the monitoring of high power systems. The configuring of agents is easy. 

I rate Palo Alto Networks Threat Prevention as a ten out of ten. 

We primarily use this solution for general user security and protection. In our organization, there are around 250 users, using this solution.

Its simplified management interface, self-updating, and self-alerting systems require very little management overhead.

Edge protection is a valuable feature. Also, WildFire I think has been the most valuable active protection against a zero-day.

It's also very intuitive and user-friendly.

I have been using this solution for roughly five years.

Both the scalability and stability of this solution are fine for our needs.

The technical support is excellent; I would give them a nine out of ten — their response time could be better.

The initial setup was pretty straightforward. 

We had an SE help us with the installation.

The pricing has improved with the newer generation of their Firewalls, but the price could always be lower. In comparison with other solutions, I believe they're quite competitive.

If you're going to use this solution, you should have a professional set it up for you.

On a scale from one to ten, I would give this solution a rating of nine. They're cutting edge. They're one of the leaders in the industry, and they're continuously improving their product.

Our primary use cases for this solution is content fileting and threat prevention. 

The most valuable features are that it's:

• User-friendly 
• Has interesting features 
• URL filtering 
• Threat prevention. 

We use four Palo Alto solutions in stand-alone mode and but it's hard to use when I use it in Panorama. Palo Alto's maintenance needs to be improved. 

I have been using this solution for a year and a half. 

Palo Alto is quite stable. It's better than Cisco. We've had many issues with Cisco and experienced many bugs. 

We've contacted customer support. I would rate them a six out of ten. 

The deployment was straightforward. It wasn't difficult for us. 

We used a consultant for the deployment. They helped us to deploy the device. We were satisfied with their service. It's not as good as Cisco support. 

I would recommend this solution. It's stable and doesn't have many bugs. 

I would rate it an eight out of ten. 

In order to make it a ten, they should improve their technical support. 

Our primary use case is to have as a gateway.

The dimensions is one of the most valuable features. WildFire is the sandbox solution from Palo Alto. No other sandbox solution can match WildFire.

The documentation needs to be improved. I need better information about how to configure it and what the best practices are. 

We have been using Palo Alto Networks Threat Prevention for a year. 

I don't have any stability problems with Palo Alto. Palo Alto is one of the greatest products in terms of stability. Compared to other solutions, Palo Alto is the most stable. 

I think it's very scalable, but in terms of the firewall, you need to define first where the firewall is located. You can deploy it anywhere, but it really depends on the environment of the customer.

The initial setup was not so complex but not so simple. It depends on the requirements of the deployment. Sometimes it should be simple but sometimes you need more knowledge to connect the device.

The deployment can take around one month. Sometimes the project manager wants to extend the session with the customer and maybe upgrade the migration. Then he asks the customer if there are any problems or is there are any additional issues that come up after the migration. In terms of the configuration, it takes less than five days but in terms of the project, we saw more cases that took around a month.

We only need a project manager and engineer for the deployment. Some deployments require additional engineers. From our customer's side, we usually discuss the deployment with the security team. 

For those who want a next-gen firewall that's easy to configure and easy to operate, I think you should go for Palo Alto.

Palo Alto is a bit pricy compared to different models. Customers try to compare the price between other solutions, like Fortinet, Cisco, and Checkpoint. 

In the next release, I would like for Palo Alto to work on email protection. 

I would rate it a ten out of ten. 

There have been updates to the solution recently that have ramped up protection. Before this, we had a lot of hacks on the network, specifically in the cloud environment. After the proper implementation of that product, we've not had one hack attempt. The last six months have been very good.

The solution offers a feature to show which traffic is the highest on the network, and which traffic is the lowest. There's also a feature that scans incoming and outgoing traffic, and one feature that is able to flag a suspicious IP address. These are all valuable features. With the IP address flag, I was able to see that I was being hacked. The moment there was an interaction between somebody on my network and that IP, the solution was able to flag it, and we were able to protect ourselves.

The solution needs to improve Reverse DNS functionalities.

Right now, when you check the IP address, it tells all. It assumes that that IP address is locally available on the inside. When the request is going back to me it's supposed to do what we call rights. Instead of giving me the public IP address in my response, it's supposed to give me the private IP address or the local IP address so that I can reach the device locally. That's the challenge right now.

Sometimes when you want to group a set of ports, and communicate with Palo Alto, you cannot group TCP and UDP ports together. This needs to be adjusted.

The solution is stable.

The solution is quite scalable.

Apart from software updates, we've not had any reason to reach out to technical support, so I don't have much experience with them.

We've previously used Cisco, Salesforce, and Fortinet. We last used Salesforce, and we mainly switched due to the cost of the solution.

The initial setup is straightforward.

We handled the implementation ourselves.

We use both the cloud and on-premises deployment models.

I'd rate the solution eight out of ten.

We use this solution for the security of our organization. It protects the LAN and WAN traffic.

We have two boxes that have this solution for threat prevention. Some of our servers also have Palo Alto agents installed on them. 

We have an on-premises deployment.

This solution has more than just the threat prevention by itself. It's also a Firewall and many other components.

The most valuable features are the simplicity, transparency, and overall ease of management.

The price of licenses should be lowered to make it less costly to scale our solution.

I would like to see consolidated licensing for on-premises solutions. This would give us all of the features available for the one box.

This is a stable solution, and we have not had any issues.

For ten years we have had a high-availability network. There have been outages as the result of power, or our network, but nothing that is a result of this solution.

Scalability is not a problem from a technical standpoint. However, the price of this solution makes it hard to scale.

We have approximately one thousand users.

The initial setup was simple, but it's been ten years since then and we have grown. The migration has also been simple and straightforward.

You can have a network with thousands of machines with only a few security rules to migrate, or you can have a network with only a few machines and thousands of security rules that make it difficult to migrate.

If you want to have all of the good features then you have to pay extra for licensing.

Security in business is an important issue. There is a difference between the quote and the end price of the end product. Some vendors are impressed with the numbers they see on paper, then they start to use it and compare it and assess the ratio between the quote, security, and final price of the end product. It is important to consider the people who will maintain the solution. For example, if you don't have a large team in your organization, then one person is tasked with several duties, as opposed to having several departments with equal responsibilities. These are all things to consider when it comes to security.

Sometimes, when you have more than one security product running, they fight with each other and it can make things difficult. In the case of this solution, things have been very smooth.

So far, there have been no security issues and we are absolutely happy with Palo Alto Networks.

It is easy to test out a trial version, but there is a problem with that. In my experience, after paying for the solution, it takes time to get to know it. There are complex things that may take half a year to understand how they work. In some cases, it is simple testing at the beginning, but over time you might find problems. With Palo Alto, you can ask for extended trial licenses, which is not something that you get from a lot of vendors.

I have spent a lot of time in IT and I know that there is no such thing as an absolutely perfect solution. This one is easy to use and works well in our organization, but it might not be as suited to another organization. This is a product that I recommend, although it depends on the environment. Every product has pros and cons. Good planning and good testing is the best way to choose the product that best suits you.

I would rate this solution a nine out of ten.