Palo Alto Networks Advanced Threat Prevention Reviews

Our primary use cases for this solution is content fileting and threat prevention. 

The most valuable features are that it's:

• User-friendly 
• Has interesting features 
• URL filtering 
• Threat prevention. 

We use four Palo Alto solutions in stand-alone mode and but it's hard to use when I use it in Panorama. Palo Alto's maintenance needs to be improved. 

I have been using this solution for a year and a half. 

Palo Alto is quite stable. It's better than Cisco. We've had many issues with Cisco and experienced many bugs. 

We've contacted customer support. I would rate them a six out of ten. 

The deployment was straightforward. It wasn't difficult for us. 

We used a consultant for the deployment. They helped us to deploy the device. We were satisfied with their service. It's not as good as Cisco support. 

I would recommend this solution. It's stable and doesn't have many bugs. 

I would rate it an eight out of ten. 

In order to make it a ten, they should improve their technical support. 

Our primary use case is to have as a gateway.

The dimensions is one of the most valuable features. WildFire is the sandbox solution from Palo Alto. No other sandbox solution can match WildFire.

The documentation needs to be improved. I need better information about how to configure it and what the best practices are. 

We have been using Palo Alto Networks Threat Prevention for a year. 

I don't have any stability problems with Palo Alto. Palo Alto is one of the greatest products in terms of stability. Compared to other solutions, Palo Alto is the most stable. 

I think it's very scalable, but in terms of the firewall, you need to define first where the firewall is located. You can deploy it anywhere, but it really depends on the environment of the customer.

The initial setup was not so complex but not so simple. It depends on the requirements of the deployment. Sometimes it should be simple but sometimes you need more knowledge to connect the device.

The deployment can take around one month. Sometimes the project manager wants to extend the session with the customer and maybe upgrade the migration. Then he asks the customer if there are any problems or is there are any additional issues that come up after the migration. In terms of the configuration, it takes less than five days but in terms of the project, we saw more cases that took around a month.

We only need a project manager and engineer for the deployment. Some deployments require additional engineers. From our customer's side, we usually discuss the deployment with the security team. 

For those who want a next-gen firewall that's easy to configure and easy to operate, I think you should go for Palo Alto.

Palo Alto is a bit pricy compared to different models. Customers try to compare the price between other solutions, like Fortinet, Cisco, and Checkpoint. 

In the next release, I would like for Palo Alto to work on email protection. 

I would rate it a ten out of ten. 

There have been updates to the solution recently that have ramped up protection. Before this, we had a lot of hacks on the network, specifically in the cloud environment. After the proper implementation of that product, we've not had one hack attempt. The last six months have been very good.

The solution offers a feature to show which traffic is the highest on the network, and which traffic is the lowest. There's also a feature that scans incoming and outgoing traffic, and one feature that is able to flag a suspicious IP address. These are all valuable features. With the IP address flag, I was able to see that I was being hacked. The moment there was an interaction between somebody on my network and that IP, the solution was able to flag it, and we were able to protect ourselves.

The solution needs to improve Reverse DNS functionalities.

Right now, when you check the IP address, it tells all. It assumes that that IP address is locally available on the inside. When the request is going back to me it's supposed to do what we call rights. Instead of giving me the public IP address in my response, it's supposed to give me the private IP address or the local IP address so that I can reach the device locally. That's the challenge right now.

Sometimes when you want to group a set of ports, and communicate with Palo Alto, you cannot group TCP and UDP ports together. This needs to be adjusted.

The solution is stable.

The solution is quite scalable.

Apart from software updates, we've not had any reason to reach out to technical support, so I don't have much experience with them.

We've previously used Cisco, Salesforce, and Fortinet. We last used Salesforce, and we mainly switched due to the cost of the solution.

The initial setup is straightforward.

We handled the implementation ourselves.

We use both the cloud and on-premises deployment models.

I'd rate the solution eight out of ten.

We use this solution for the security of our organization. It protects the LAN and WAN traffic.

We have two boxes that have this solution for threat prevention. Some of our servers also have Palo Alto agents installed on them. 

We have an on-premises deployment.

This solution has more than just the threat prevention by itself. It's also a Firewall and many other components.

The most valuable features are the simplicity, transparency, and overall ease of management.

The price of licenses should be lowered to make it less costly to scale our solution.

I would like to see consolidated licensing for on-premises solutions. This would give us all of the features available for the one box.

This is a stable solution, and we have not had any issues.

For ten years we have had a high-availability network. There have been outages as the result of power, or our network, but nothing that is a result of this solution.

Scalability is not a problem from a technical standpoint. However, the price of this solution makes it hard to scale.

We have approximately one thousand users.

The initial setup was simple, but it's been ten years since then and we have grown. The migration has also been simple and straightforward.

You can have a network with thousands of machines with only a few security rules to migrate, or you can have a network with only a few machines and thousands of security rules that make it difficult to migrate.

If you want to have all of the good features then you have to pay extra for licensing.

Security in business is an important issue. There is a difference between the quote and the end price of the end product. Some vendors are impressed with the numbers they see on paper, then they start to use it and compare it and assess the ratio between the quote, security, and final price of the end product. It is important to consider the people who will maintain the solution. For example, if you don't have a large team in your organization, then one person is tasked with several duties, as opposed to having several departments with equal responsibilities. These are all things to consider when it comes to security.

Sometimes, when you have more than one security product running, they fight with each other and it can make things difficult. In the case of this solution, things have been very smooth.

So far, there have been no security issues and we are absolutely happy with Palo Alto Networks.

It is easy to test out a trial version, but there is a problem with that. In my experience, after paying for the solution, it takes time to get to know it. There are complex things that may take half a year to understand how they work. In some cases, it is simple testing at the beginning, but over time you might find problems. With Palo Alto, you can ask for extended trial licenses, which is not something that you get from a lot of vendors.

I have spent a lot of time in IT and I know that there is no such thing as an absolutely perfect solution. This one is easy to use and works well in our organization, but it might not be as suited to another organization. This is a product that I recommend, although it depends on the environment. Every product has pros and cons. Good planning and good testing is the best way to choose the product that best suits you.

I would rate this solution a nine out of ten.

I find the malware protection very handy. The solution has many features that save me time. 

I think they can use some improvement on FID. There are lots of false positives and those can be eradicated. Sometimes you can't identify a 10-year-old doc, but they can probably update those signatures and false positives, so it would be helpful and save us a lot of time. 

I think the stability can improve.

We haven't used the technical support yet because we have our own team of experts.

We used an expert to help us with the initial setup and installation.

It is an expensive solution and I would like to see a drop in price.

On a scale of one to ten, I rate this solution a nine. In the next version, I would like to see a drop in price and more stability.

The primary use is for application control and encryption.

The application control and vulnerability protection are the most valuable features.

The IPS can be improved on the solution.  The itineration, for example. Also, if additional features, like SD Wan, etc. can be added. This would be helpful.

Other additional features that could be added include Individual Traps. In terms of enhancement for overall protection, we would like more Traps or other solutions that are developing within the firewall.

The solution needs to improve its local technical support services. There is no premium support offered in our market.

The solution is very stable. We've used it a number of years and never had any problems. However, only just recently, we found a bug on the model 2220. Other than that, the solution is quite stable.

The scalability of the solution is very good. In our company, we have about 2,000 users.

Technical support is okay, but we have an issue here in terms of local support and company support. Palo Alto doesn't provide premium support directly. It forces us to use third-party support and local distributors. Sometimes it's difficult for us to communicate and get support.

One of the reasons that our clients choose Palo Alto is because they have complex networks, therefore the setup is typically also complex.

Compared to other security offerings, Palo Alto is very expensive. Palo Alto also doesn't offer many discounts. They may discount as much as 15%. However, in comparison, Cisco can give a discount of up to 85%.

We work with the public and private cloud as well as the on-premises deployment models. Our role is to implement security solutions at our customer's premises. The deployment depends on the infrastructure.

I would rate the solution seven out of ten. As a next-generation IPS, it's a very good firewall. I would recommend it.

We primarily use the solution as a firewall.

It's not so easy to set up a test environment because it's not so easy to get the test license.

The vendor only gives you 90 days for a test license; it's a tough license to get.

The stability of the solution is quite good.

So far, scalability is okay, but you don't really need too much scalability in a firewall solution.

Technical support is good. We do get some support from the reseller.

We do have other solutions that we run in parallel, but it isn't like we had one solution and then we switched to Palo Alto.

The initial setup was straightforward. It's quite easy. Deployment took one to two weeks.

The pricing is a bit higher than the competition, but it's okay. The cost seems cheaper than Cisco's Firepower.

We use the on-premises deployment model.

The solution is very good, especially compared to other solutions. I would rate it nine out of ten. It also offers re-instruction detection and prevention software, which we also use in conjunction with the Threat Prevention solution.

Our primary use case for Palo Alto Threat Prevention is related to the placement of files in a laboratory test environment. We use Palo Alto Threat Prevention for network testing.

I can't give an example of how Palo Alto has improved our organization because we are using this product in test networks.

The most valuable feature of Palo Alto Threat Prevention for our company is the next generation firewall.

The organization mail security solutions could be improved. There is no mail security solution available.

Palo Alto Threat Prevention is naturally stable in operations.

I don't see a problem with Palo Alto Threat Prevention in scalability. Because it's a testing product for use it only for test alignment.

We have maybe 10 or 12 engineers dedicated to the solution. Only engineers are using this product. For deployment and maintenance, only one staff.

We use Palo Alto Threat Prevention just for testing.

Palo Alto's technical support is very good.

The setup of Palo Alto Threat Prevention is very easy and straightforward. From initial configuration to deployment, it took maybe one day.

We did not use an integrator, re-seller, or consultant for the deployment.

I would rate Palo Alto Threat Prevention a nine out of ten overall. I would prefer better mail security features.