Palo Alto Networks NG Firewalls Reviews

We use it as a firewall. We have VPN, IPSec, or site-to-site VPN. We also protect our few internal web services. 

Everything is easy in Palo Alto Networks NG Firewall. It is very stable, easy to configure, and easy to upgrade. It is also very easy to create custom policies and applications. Everything can be done with the click of a button. 

It is also good for the protection of web services. Nowadays, they have a rather new DNS security feature, which is pretty good and functional. We did a one-month trial, and it is the best product for the firewall network.

Its price can be improved. It is expensive.

Other vendors have pre-configured policies for the protection of web servers. Palo Alto has an official procedure for protecting the web servers. Many people prefer pre-configured policies, but for me, it is not an issue. 

I have been using this solution for almost six years.

Our version is not scalable. The new version is scalable on the network interface. It comes with slots where you can put your SFP if you want a fiber or copper. 

We have almost 600 users who use it for accessing the internet. We have about 50 to 70 VPN connections.

I didn't contact them because I don't get any technical issues with any feature of the firewall. I didn't have the need to open a case. If I have any issue, I am able to resolve it by using my cell phone and taking help from the internet. 

I was using Check Point before Palo Alto. I am very disappointed with Check Point because I had to reboot power three to five times a week. Palo Alto Networks NG Firewall is comparatively very easy to manage and use. It has better logic for configuration than other firewalls.

The initial setup was straightforward. When I migrated from Check Point to Palo Alto Networks NG Firewall, it took about an hour and a half to reconfigure all policies and services.

I deployed it myself. The logic is very easy when you configure it. I did 90% percent of deployment on my own. For the remaining 10% deployment, I found the information on the internet. 

I am the only user working on this firewall. I am a system administrator.

It is a little bit expensive than other firewalls, but it is worth every penny. There are different licenses for the kinds of services you want to use. When we buy a new product, we go for a three-year subscription.

We have not had any issue with this solution. I really hope that we continue to use this solution. Its price is higher than other solutions, and the company might go for another firewall.

I would recommend this solution to other users. I would rate Palo Alto Networks NG Firewalls a nine out of ten.

We are using this solution for IDS, IPS, and VPN services.

Also, we are using it for gateway purposes. The development team accesses the data center, and the file intrusion prevention policy.

The most valuable features are the content ID, IPs, and the URL filtering service to enable protection. 

The structure is much faster and more sophisticated than Cisco.

Their cloud support is smart.

This solution is very stable, but Cisco devices are stable at the hardware level. Palo Alto hardware is not equal to the level of the Cisco Device.

The hardware is weak.

In the next release, I would like to see faster support and the integrated system a 5G network, a next-generation firewall, and endpoint security.

I would like a collaboration system and reporting ASA policy needs to be smarter.

It's definitely a stable solution.

For LAN purposes, we have 700 plus users.

The technical support is good enough.

We are using Cisco support and they are very good. 

The Palo Alto support is faster and their support is also good.

The initial setup is straightforward.

It takes a maximum of two days to deploy.

Two or three guys are enough to deploy and maintain it.

We used vendor support for the deployment.

We plan to continue the usage of this solution in the future and I would recommend it to others. 

The product is very good, I would rate Palo Alto Networks NG Firewalls a nine out of ten.

I'm a network security engineer and we are platinum partners with Palo Alto. 

Initially, there were no application controls offered in the legacy firewall. Now you can log each and every application. It provides valuable control and is the main feature in addition to the security features they're currently offering. All the firewalls - Fortinet, Cisco, Palo Alto -  provide complete visibility and control over your network which you didn't previously have. Now you have user ID and you can implement URL filtering as well, there is control over your network. End user logging is far better with Palo Alto than Fortinet or Cisco, and it helps you to troubleshoot. I'd rate Palo Alto on top. It's comfortable and that's my experience. Cisco and Fortinet provide good services, but Palo Alto offers a very good product.

There will always be room for improvement. On a daily basis you get patches for everything. They build new features, apply new technologies and new applications which need to be integrated and with that you get bugs. There are always issues, whether it's hardware or software. 

I've been using this solution for five years. 

The product is generally stable but with each new update you need to get the OS bug fix. Any security device has a vulnerability which a hacker can exploit and you have to keep on patching.

I work on the system integrator side and work with multiple customers, and this is a scalable solution. 

The support level is good, but it depends on the region you're working from. In some countries, the support flexibility is very good. For others, you have different strategies. I'm in Pakistan and Palo Alto has a different strategy here in that they don't directly provide support. You have to add another vendor in between and open a case with them and if they can't resolve your query they activate to Palo Alto. In some countries, Palo Alto directly provides support and in others they can't be contacted directly. In a couple of scenarios, we got involved with an R&D team and told them there was a bug for our end users. Palo Alto escalated that case to an R&D team and they got it fixed in the following patches.

The initial setup is a very smooth process integrated with initial configuration. It's very easy. 

You could say that the cost is higher for Palo Alto, but they are a better product compared to the other principals. 

I work with Fortinet as well as Palo Alto. Palo Alto has very extensive logging that Fortinet doesn't offer. To get that with Fortinet you need to purchase FortiAnalyzer for reporting. The logging is so extensive in Palo Alto that you can generate a report and get an analysis on the same firewall. You don't need to procure anything else. The documentation of both Fortinet and Palo Alto is up to standard. They both have very extensive documentation for their products. Both of them offer the same level of knowledge base for their customers and are up to the mark. In terms of support, Fortinet and Cisco allow you to directly open a case and get an engineer on the line. Cisco follows the same model. I'm unable to do that with Palo Alto from Pakistan. 

I would rate this solution an eight out of 10.

We are a solution provider and this is one of the firewall solutions that we implement for our customers. We present this product to customers and also handle the onsite installation.

Our clients use it to secure their network infrastructure.

The most valuable feature is WildFire, which blocks sophisticated attacks and distinguishes it from other traditional firewall functions.

I would like to see better third-party orchestration so that it is easier for the team to work with different products. 

Improvements should be made in the Cortex module.

I worked with this next-generation firewall for about four months as I rotated between departments.

We have had no complaints about stability.

Scalability has not been a problem. Our customers for this firewall are large companies in industries such as banking.

I have not been in contact with technical support.

The initial setup is quite straightforward compared to other brands of firewalls. The deployment takes about one month.

Our in-house team handles the deployment and maintenance for our customers.

My advice for anybody who is considering this product is that it is a useful firewall and high-ranking compared to others.

I would rate this solution an eight out of ten.

We resell products by Palo Alto and Cisco, and this next-generation firewall by Palo Alto is one of the products that we are familiar with.

The most valuable features are web filtering and application filtering.

The IPS functionality is very good.

The performance is good.

The price is expensive and should be reduced to make it more competitive.

Information about Palo Alto products is more restricted than some other vendors, such as Cisco, which means that getting training is important.

The traps should be improved.

I would like to see better integration with IoT technologies. Having a unified firewall for OT and IT would be very good.

We have been working with Palo Alto for about one year.

This is a stable firewall and you don't have a lot of surprises. The performance, throughput, and decryption are all good. It is important to remember that at the end of the day, it depends on the configuration.

For special functionality, you are going to have some exceptions. However, for the well-known functionality, it is stable.

It is scalable in that the performance is good and you don't need a large cluster to operate it.

The technical support is good. The team is responsive and they gave us the right information at the right time to solve the difficulties and complexities that we were experiencing.

We also sell products by Cisco and there are some differences between them. Palo Alto is more expensive and the performance is better. With Cisco, the documentation is better and it is easier to install. There is a lot more information available for Cisco products.

This is an expensive product, which is why some of our customers don't adopt it.

My advice for anyone who is implementing the Palo Alto Next-Generation firewall is to take the training that is available. This will allow them to better work with the technology.

This is an ambitious company with a good security roadmap. The product is being continuously developed and they are professionals who are focused in this area of technology. It is the firewall that I personally recommend.

I would rate this solution a seven out of ten.

Our primary use case was for perimeter protection.

Innovative, advanced threat protection is the most valuable feature. 

I don't see any specific room for improvement.

The user interface is probably not as slick as it could be.

I have been using Palo Alto for three years. 

We're on-premises primarily at the moment, but also a cloud product. 

The stability is generally pretty good. I haven't heard any complaints from our customers around Palo Alto's stability. It's one of the reasons why they're the leaders in this space.

We've got our own team for maintenance. My company is a large multinational with 20,000 employees.

I have contacted their support once. It's very good support. They help me to fix our problem quickly.

The initial setup was complex. It's not very intuitive. You need to know what you're doing for the initial setup, you need to be a Palo Alto expert.

If you compare it to their competitor Fortinet, Fortinet's FortiGate product is a lot easier to install, if you're not an expert.

The time it takes to deploy depends on how complex the deployment needs to be for the client. If it's a basic deployment, is going to take around two days. 

My advice would be to make sure the firewall is configured properly.

I would rate it an eight out of ten. Not a ten because you have to be really excellent before you get a ten out of me.

In the next release, I would like to have the ability to auto-generate rule and policy, based on known traffic, based on the baseline. That is a feature that I think Palo Alto should be able to have in some form or fashion to auto-generate and propose a policy and rules set, after putting the file into a learning mode for some period.

Our primary use case was to configure our PSAs for our customized configuration. 

I like that it has high security. 

The whole performance takes a long time. It takes a long time to configure. 

I have been using Palo Alto for six years. 

I contact Palo Alto by email or by phone. Their support is good. 

I have previously worked with Cisco ASA. Palo Alto is a lot easier especially in regards to security. It is a well-integrated software.

The difficulty of the deployment depends on our clients' environment and their requests.

We require a two-member team for support. 

In terms of how long it takes to deploy, again, it depends on the customers' environment. If the request is easy, it can take around two weeks.

I would rate Palo Alto a nine out of ten. 

In the next release, they should simplify the deployment process. 

The solution has many great features. I don't know if there's one single one that stands above and beyond everything, however.

The application visibility is excellent. There is no other solution that does it quite as well. Palo Alto definitely has an edge in that sense.

The ability of the security features to adapt is also very good. They offer great DNS protection.

They include everything from a network point of view and a security perspective. For the most part, the endpoints are great.

The interface and dashboards are good.

The GSW needs some improvements right now.

The endpoints could use improvement. The solution is mostly a cloud solution now, and there are a lot of competing solutions that are playing in the space and may be doing things a bit better.

The pricing could be improved upon.

We've been dealing with the solution for the last four or five years at least.

The stability of the solution is good. It's quite reliable. I haven't experienced bugs or glitches that affect its performance. It doesn't crash.

If you size everything appropriately, you shouldn't have any issues with scaling. It's quite good. Users can scale it up if they need to.

I'd say that technical support is excellent. They are very helpful. We've quite satisfied with the level of support we got from the company.

I've never dealt with Huawei, however, our company has worked with Cisco, Dell, and HP among other solutions.

The pricing of the solution is quite high. It's too expensive, considering there's so much competition in the space.

There aren't extra costs on top of the standard licensing policy. Still, Palo Alto seems to be adding some premium costs that competitors just don't have.

While we mainly deal with on-premises deployment models, occasionally we also do hybrid deployments.

We're not a customer. We're a systems integrator. We're a reseller. We sell solutions to our clients.

Palo Alto is very good at policymaking. It's like they have a single policy that you can use. Other solutions don't have single policy use, which means you have to configure everything. There may be many consoles or many tasks that you'll have to worry about other solutions. Multiple task configuration should not be there, and yet, for many companies, it is. This isn't the case with Palo Alto. Palo Alto is easy compared to Fortinet. 

It's overall a very solid solution. I would rate it nine out of ten.