Palo Alto Networks NG Firewalls Reviews

We use Palo Alto Networks NG Firewalls for security purposes and to mitigate risk.

Palo Alto Networks NG Firewalls enabled us to have better visibility overall.

The inline, real-time attack prevention provided by embedded machine learning is not bad.

Also, the firewalls are moderate in terms of securing data centers consistently across all workplaces, i.e., from the smallest office to the largest data centers.

We have been able to reduce downtime because we have better visibility. We're faster and can act preemptively.

Palo Alto Networks NG Firewalls do not provide a unified platform that natively integrates all security capabilities.

Customer support could be improved.

I've been using this solution for about one year.

Palo Alto Networks NG Firewalls are stable.

The firewalls' scalability is good.

I would rate Palo Alto's network support a six out of ten.

Neutral

We have seen a slight ROI, enough to justify the cost of the solution.

The cost is steep, but most firewalls cost a lot.

If you're looking for the cheapest and fastest firewall, I would not recommend Palo Alto NG Firewalls.

Overall, I would rate Palo Alto Networks NG Firewalls an eight out of ten.

I place a high value on attending the RSA Conference. I get a lot out of it because I'm able to learn about up-and-coming companies. I can see what options are available, whether someone's doing it better, and if I can get a cheaper option.

Attending RSAC does have an impact on my organization’s cybersecurity purchases made throughout the year.

We use Palo Alto Networks NG Firewalls for segmentation and basic routing. They are the gatekeepers for the network.

I like being able to investigate anonymous VPNs and also like to use traffic-capturing features. We've had some anonymous VPNs coming to our network, and we're trying to make sure that internal users are not able to use those to get past our security.

Palo Alto Networks NG Firewalls have a very nice interface for logging and monitoring. I find it easy to navigate and use, and the interface is organized as well. I can find answers within a couple of hours and have seen time savings.

We have Azure firewalls that are licensed through Palo Alto. It's super important that Palo Alto Networks NG Firewalls provide a unified platform that natively integrates all security capabilities because we are moving almost entirely to Azure. Thus, the more Azure integration we have, the better it's going to be for us long term.

These firewalls have been efficient at securing data centers consistently across all workplaces.

We haven't had many downtime issues with Palo Alto.

The customer-facing side needs to be improved in terms of the engagement and involvement of support staff.

My first exposure to this solution was about a year and a half ago.

The firewalls are relatively stable. We have a few that go up and down, but that has more to do with licensing issues than with the firewall itself.

Technical support needs to be improved with regard to the time to respond and the response itself. We've been getting the same responses over and over again. It would help us out a lot if the technical support staff were more engaged or involved.

From what I've heard from our firewall engineer, I would rate technical support a four out of ten.

Neutral

We utilize GlobalProtect and have seen a better return on investment with regard to security and peace of mind.

Licensing is a big issue for us because of the complexity and the lack of engagement from Palo Alto. It has been hard to talk with them as we don't get the best answers.

We are always evaluating other vendors and are currently looking at Cisco. Though both Palo Alto and Cisco firewalls are feature-rich and provide very good value, Cisco is better at customer engagement. They are easier to talk to as well.

Palo Alto Networks NG Firewalls are not the cheapest and fastest, but they are one of the top ones in terms of the most effective firewalls.

Overall, I would rate NG Firewalls an eight out of ten. They're definitely a top competitor.

I love the opportunity to see technical demos and take hands-on tours with some of the products at RSA conferences. They are the best part because I get to learn and gain exposure to new technology. It is particularly helpful when we want to look at other avenues.

We mainly use the solution for traditional firewall boundaries.

The solution helped us meet our security requirements.

The fact that the Next-Gen firewalls are integrated with identity is the best. It gives us the ability to track what an individual is doing and helps us provide access to only what they need in order to do their job.

Because we want to free up our operators from the routine tasks of investigations, it's important to us that Palo Alto Networks NG Firewalls embed machine learning in the core of the firewall to provide inline, real-time attack prevention.

Technical support could be improved. Palo Alto's technical support used to be great. Whenever I had a problem, I could pick up the phone and call and get answers. That's not the case any longer.

Palo Alto Networks NG Firewalls don't provide a unified platform that natively integrates all security capabilities. It's missing some features for geofencing and understanding locations.

These firewalls are primarily used for edge defense. In terms of securing data centers consistently across all workplaces, that is, from the smallest office to the largest data centers, Palo Alto Networks NG Firewalls don't have a strong zero trust model.

NG Firewalls have not helped us reduce downtime in our organization. Because of technical support issues, we've taken some hits.

I've been using Palo Alto Networks NG Firewalls for 20 years.

It's always been a stable product.

This solution is a firewall that's a hardware appliance, and that's not the direction the industry is heading. Everybody is going toward a software-defined perimeter. Palo Alto doesn't have a strong say on it. They took what they had for their hardware and just put it in the cloud without understanding what being cloud-centric is all about.

I would rate the technical support a three out of ten.

Negative

Our ROI is that the firewalls have been used quite a few times for investigations. We've gathered the evidence we needed to act upon an issue.

These firewalls are not cheap, but they have a reasonable licensing model.

If you are considering attending an RSA Conference, note that you won't gain enough information by attending one conference. However, when you attend year after year, go through the expo, and talk to vendors, you will begin to see trends. You'll see that what's hype one year is no longer a reality another year. Thus, the experience with RSA is a multiple-year experience.

Attending RSAC has made an impact on our organization’s cybersecurity purchases. We've brought products back into our infrastructure based on what we discovered from talking to vendors at the RSAC.

Overall, I would rate Palo Alto Networks NG Firewalls a seven out of ten.

We are resellers. We're testing this solution in our network and learning about the scalability, how to set up the firewall, and the rules. It's a layer 7 firewall, so we want to know about the capabilities and detection.

The solution is deployed on-premises.

The most important feature is the firewall. We can make rules to filter the application layer of traffic. It's a very helpful feature.

The interface is user-friendly. It minimizes clicks and the need to type comments. With the GUI, we just have to drag and drop. It's quite helpful. For those who don't have a lot of experience with Palo Alto, there's a lot of good documentation.

The machine learning is very good. From our tests, the detection is quite good. I would rate the machine learning a nine out of ten.

I would like to see more integration.

I have used this solution for about eight months.

I'm a consultant and appliance tester. My job is to test the network and know how it works.

The stability is good.

I don't know about the scalability because we only have one appliance, which we haven't upgraded.

I haven't contacted technical support, but all of the answers to my questions are available in the documentation.

We previously used Fortinet.

The installation is straightforward. It's just a simple button. The deployment took less than two hours.

We used four people for testing the capabilities and for the deployment. There were also three or four people outside my team who were involved.

I would rate this solution a nine out of ten. 

To those who are interested in using this solution, what I would first say is that Palo Alto is a leader in Gartner. I would give them recommendations about the technical side, what we have done in our testing, the protection rate, the benefits, and how quickly and accurately the firewall can detect threats.

We have implemented our own private cloud where we host different services for a number of internal companies that are part of a group. We have financial companies, hospitality, and construction companies; a large variety. We use Palo Alto to provide security protection for all these companies.

Previously, with our old firewalls, we did not have any visibility. The application layer was zero. We didn't have any visibility there. And we also didn't have any reports. Now, we have good visibility and we are able to get reports and we can monitor the network much better. That's a big change for us and a big help.

There are a lot of helpful features

• monitoring
• reporting
• WiFi.

You can easily integrate it with Active Directory, and you can use the GlobalProtect VPN for internal and external purposes. The URL Filtering is also clear and the application filtering is a plus. The application filtering is much better when you compare it to FortiGate or other firewall vendors.

Also, the fact that Next-Gen Firewalls from Palo Alto embed machine learning in the core of the firewall to provide inline and real-time attack prevention is very important. Nowadays, all the modern attacks, hackers, and bad people are becoming more intelligent and automating attacks. Embedding AI is a good idea.

We have complete visibility through the logs and the alerting. It depends on how you configure the firewall. You can configure it to get alerts whenever there's an attack or whenever something is happening. That's how we can assess if the firewall is doing the job correctly or not. We are happy with the way the firewall does its job.

There has been a recent change in the graphical interface. For the monitoring part, they could have a better UI.

We have been using Palo Alto Networks NG Firewalls since 2012.

The big firewalls, like the PA-300 and the PA-3020, are very good, stable, and performant. They are very reliable. The smaller models are reliable, but the performance on their management plane is a bit slow. Even the management plane of the PA-850 is a bit slow when you compare it to some of the bigger models.

Scaling is easy. We currently have about 1,000 endpoints.

We haven't worked with their technical support.

We replaced a Cisco ASA Firewall with Palo Alto, and then we started replacing all our other firewalls with Palo Alto. Cisco ASA was not a next-generation firewall at that time. And no firewall could beat the traffic monitoring and the visibility that we had on Palo Alto.

We did a PoC before going to Palo Alto. We placed the Palo Alto in virtual wire mode, meaning a transparent mode. Without changing our existing network infrastructure, we were able to plug the Palo Alto into our network where we could see all the incoming and all the outgoing traffic. Without creating any policies or any blocking, we were able to see all the traffic and we were impressed with that part and we decided to switch to Palo Alto.

The first deployment was very complex. I was not the one who implemented it, it was an integrator, but it was a headache due to some difficulties. After that, things became easy. We have implemented six or seven Palo Altos, and things are easy because of our familiarity with the whole deployment process. The first time we were using this firewall we were not at ease with the product. After that, we got used to it and it became easier.

Because of the issues with the first one, it took one week for the deployment, for the complete transition from Cisco ASA to Palo Alto. Since then, all the deployments have been done in one day.

We have seen ROI as a result of the visibility and reporting. These are two things we didn't have, and now that we have the visibility, we can ensure  that our network is secure.

If you compare Palo Alto with other firewalls, it's a bit expensive.

At that time, Palo Alto was the leader and I think it was the only next-gen firewall.

We have looked into other firewalls since then. In 2017 or 2018, we decided to replace one Palo Alto with a Forcepoint Next-Gen Firewall. We placed that in the network but, after six months, we replaced it with Palo Alto.

If someone is looking for the cheapest and fastest firewall, I would say the fastest is good, but not cheapest. Palo Alto Firewalls are not cheap.

Normally, we use our firewall at the perimeter level. We are using Palo Alto Networks NG Firewalls as a firewall as well as using a few of their functionalities like the Vulnerability Protection, its IPS module. Additionally, we have remote VPN's on those firewalls, like GlobalProtect. So we are using all the features which are provided by Palo Alto.

The feature that I like the most is its IPS model, the WildFire model. I really like how the whole threat protection model functions, including the vulnerability and anti-spyware aspects. That is really awesome.

In terms of what could be improved, comparatively the price is very high. That would be the one thing. But technically-speaking, it's perfect.

I have been working with Palo Alto Networks NG Firewalls for around five years.

In terms of scalability, normally, we procure the devices based on the future perspective, so there should be a lot of scalability. We never face scalability issues with Next Generation Palo Alto Firewall - it comes with the scalability.

We have around 11,000 to 12,000 users across the globe.

Technical support is pretty good. We get a timely response. There will be plus/minus where we do not getting a response, but not regularly, just one or two cases among, let's say, 20 or 30. As far as my experiences with the tech support go, it's pretty good, very straightforward support. It's not like they're playing on the call and taking their time. It is really straightforward.

The initial setup depends on the office locations of the data center. If that particular firewall is part of the data center, then yes, it is a complex design as well as a complex traffic flow. But for normal office locations, it is pretty straightforward. So it is a mix depending on the location of where the particular firewall is going to be put.

I would recommend Palo Alto Networks NG Firewalls. If a company has the budget and wants to have the next generation of firewalls then they should go for the Palo Alto, because whatever state of features they provide, it's pretty awesome. But if there is a budget constraint there are several other products which give you similar kinds of features but with less cost.

On a scale of one to ten, I would give Palo Alto Networks NG Firewalls an 8.

Nothing is perfect. There are features that they should add. One of the features that I'm looking at is when it comes to the Vulnerability Protection. We are blocking the threats which are, by default, updated by the Palo Alto Threat Engine. Currently, there is no scope of manually adding the external database to the firewall so the firewall will convert that database to their own. This is currently not functional with the current version. There are a few functions that they could add that are available with other vendors. That's why I am giving the 8.

The most valuable features of this solution are all of the services it provides. 

The application layer to the hardware Layer is good, as are all layers it offers.

It's a very comprehensive solution.

The features should be built into the system. For example, it generates many logs with a lot of information that can be converted into security and business information and shown to the user. This is a time-consuming job.

I would like to see it provide us with intelligent information from the data that it captures, within the same cost.

I have been using this solution for two years.

It's a very stable product, so far.

It's very scalable. We have 300 users in our company.

Technical support is very good.

We have worked with various firewalls such as Check Point, Sophos, Cisco, and some unknown product names as well.

There are several things to consider before recommending a solution. It depends on the business requirements, the budget, and the complexity of the security needs.

I believe that Palo Alto is the best one, then Check Point and Sophos. Those are my three preferences.

Palo Alto and Check Point would be rated an eight out of ten and the others would be a seven out of ten.

The initial setup is complex, but it can be done.

The rollout takes a couple of weeks but you have to keep improving it every day.

Part of the setup was completed by me, with some help externally.

We have a subcontractor for maintenance.

This is an expensive product, as are the others of this type.

Know your business requirements, the features, the ease of use, and know what type of budget you have. These are the types of requirements to know before you use this product.

I would rate this solution an eight out of ten.

The solution is to provide protection for our cloud-based server resources.

We don't have to spend as much time monitoring or configuring the solution. We just feed the alerts into our stock and we don't have to manage it regularly.

The configuration and stability are great. The solution offers many good features. Palo Alto has by far the best firewall in the world.

Palo Alto NG Firewalls embed machine learning into the core of the firewall to provide real-time attack prevention. Of course, that's just expected these days. Anyone worth considering is doing this. Low-end firewall devices out there do not provide that. However, they're not enterprise-ready.

The machine learning in Palo Alto's Next-Generation Firewalls is excellent for securing our networks against threats that are able to evolve and morph rapidly. It's a ten out of ten.

The product provides a unified platform that natively integrates all the security capabilities. That's very important to us.

The product has zero-day signature features implemented.

There are no trade-offs between security and network performance with Palo Alto.

We haven't had any issues so far.

I've used the solution for the last three years, although the company has used it for longer. 

Technical support is proactive in letting us know when there are updates that need to be made to the system. We've not had any issues with any of the maintenance activities.

Positive

We are customers of Palo Alto.

I'd rate the solution ten out of ten.