Try our new research platform with insights from 80,000+ expert users
reviewer1400883 - PeerSpot reviewer
Chief Architect at a recruiting/HR firm with 1,001-5,000 employees
Real User
Provides centralized visibility and control for security through a unified platform
Pros and Cons
  • "Palo Alto NGFW provides a unified platform that natively integrates all security capabilities, which is very useful. This prevents us from having to go to a lot of different systems, and in some cases, many different systems in many different regions, because we are a global company with 60 remote offices around the world in 30 different countries. Its centralized platform is really what we look for in all services, whether it be security or otherwise."
  • "When we looked at it originally, we needed to host the Panorama environment ourselves. I would prefer it if we could take this as a service. It might be that it is available, but for some reason we didn't choose it. The downsides of hosting are that we need to feed and water the machines. We are trying to move to a more SaaS environment where we have less things in our data centers, whether they be in our cloud data centers or physical data centers, which can reduce our physical data center footprint."

What is our primary use case?

It is a data center firewall solution and a centralized management for remote office firewall solutions. We have 30-odd remote offices where we are putting firewalls in to replace the standard routers that we used to have. This solution will give us a little bit of routing and firewall capabilities.

We are deploying the PA-440 Series in our remote offices.

How has it helped my organization?

Historically, DNS would have been from local providers. Now, having a centralized DNS allows us to make sure there are no issues of DNS cache poisoning and DNS exfiltration. 

The solution has definitely helped us with the security holes around visibility and uniform policy deployments across the estate. Unified, centralized configuration management definitely helps us reduce the risk by having a central place where we can create a policy, and it is deployed everywhere, without the risk of human mistakes creeping in, e.g., typo mistakes creeping into configurations.

What is most valuable?

The firewall feature is great because we didn't have specific firewall capabilities beforehand. The anti-malware features and the ability to plug into our mail scanning are valuable as well, so we can share data between our email antivirus scanning solutions. That integration has been quite useful.

Palo Alto NGFW embeds machine learning in the core of the firewall to provide inline, real-time attack prevention, which is another string to the bow of our layered security approach. So, it is important. It is not the big reason we bought it, but it is a useful component to our layered security approach. Security best practices push for a layered approach because there are so many different factors that you need to cover: 

  • Email threats
  • Malware
  • Viruses
  • Accidental human mistakes made internally to your network.
  • Malicious humans in your network and outside your network. 

Therefore, a multi-layered approach really is a security best practice way of attacking security. You can't just worry about the parameter; you need to worry about what's inside your network and how things come in.

The key thing is that we don't have to try and play Whac-A-Mole. The machine learning-powered firewalls do that for us. As a recruitment company, we can never have the necessary technologies available to us to try and do this ourselves, so leveraging the machine learning power from Palo Alto reduces the risk for us.

Palo Alto NGFW provides a unified platform that natively integrates all security capabilities, which is very useful. This prevents us from having to go to a lot of different systems, and in some cases, many different systems in many different regions, because we are a global company with 60 remote offices around the world in 30 different countries. Its centralized platform is really what we look for in all services, whether it be security or otherwise.

What needs improvement?

When we looked at it originally, we needed to host the Panorama environment ourselves. I would prefer it if we could take this as a service. It might be that it is available, but for some reason we didn't choose it. The downsides of hosting are that we need to feed and water the machines. We are trying to move to a more SaaS environment where we have less things in our data centers, whether they be in our cloud data centers or physical data centers, which can reduce our physical data center footprint.

Buyer's Guide
Palo Alto Networks NG Firewalls
June 2025
Learn what your peers think about Palo Alto Networks NG Firewalls. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
860,592 professionals have used our research since 2012.

For how long have I used the solution?

We started with a couple of firewalls about 18 months ago. We started them in our data centers and are just about to deploy them in our remote offices.

What do I think about the stability of the solution?

It has been very stable.

On the maintenance side, we haven't increased our team at all. One of the great things that we have been able to improve is the capability of our team without increasing the number of heads who are using Palo Alto.

What do I think about the scalability of the solution?

It is scalable with what we need. I am not looking at thousands and thousands of devices, so it is well within what we need for our few hundred devices.

We often didn't deploy tools because it was too hard to try and manage them with our small team. This solution has enabled our small team to be way more effective than they were before. It gives us the visibility and control that we need.

We have a senior network administrator and about five operational guys. There are also some service desk-level guys and about 12 of them have visibility into activities, but they don't actually change things. Change control is quite closely guarded.

We have deployed the solution in a couple of data centers. We are deploying it across 30 offices this year and plan to do the next 30 to 30-ish offices in the next 12 to 18 months, as some of their hardware retires or has expired. We are not pushing it out too fast. We are going with the cadence of the business.

How are customer service and support?

The technical support is very good. We had some nasty questions, but they were sorted out quite quickly. The problem that we had, because it was live, was it took us a little bit of time to deploy stuff. We also have a good relationship with their pre-sales engineers who offered advice and guidance, specifically as part of the deployment.

Which solution did I use previously and why did I switch?

We previously had Cisco ASA Firewalls in some locations and Cisco Security PAK Routers in other locations that gave us a base level of firewall. So, we didn't previously have any next-generation firewalls. These are our first real next-gen firewalls.

We switched solutions because we didn't have enough of the network security covered. Also, we wanted centralized visibility and control, which was key for us.

When we did some red team testing, we found that there was a way to get some data out through our existing DNS environment. We knew we had to fix the centralized DNS management, visibility, knowledge of the DNS queries, and the visibility of the DNS queries as a result of some testing that we did. Whereas, before they were all geographically disparate, having a centralized place to look at to be able to do some analysis and visibility really are the key things for us.

How was the initial setup?

The initial setup was not simple, but it is simplified. What was really good was the free training beforehand. As an architect, I don't get my hands that dirty, but I was able to go through a number of the free courses beforehand, or workshops, that were done online. Their training platform was very useful in helping me get an understanding of the product and how we would deploy it in our own environment. The actual deployment, as with anything network-related, is fairly complex because we have a very connected network with a lot of different entry points. While it takes time, it was very useful to get the training beforehand.

The deployment took about three months, but it was in the midst of a data center migration. It probably only took us a month to deploy it properly, but then we had to migrate services over, which took another six months. Again, this was part of our data center migration project. To actually get the solution installed was very quick, it took only a couple of days to get it up and running. However, to move services onto it, you need to be a bit careful when you start to move the live services onto it.

Our implementation strategy was really focused around our data center migrations and moving stuff out of one data center into another. As we moved services from one data center to the other, we brought them onto Palo Alto's in the new data center rather than onto the existing old routers and firewalls. So, it was really governed by the business, applications, and what we could move when.

What about the implementation team?

We used Palo Alto directly for the deployment. Our experience with them was great.

To deploy it, we didn't employ any more staff. We did send a few people out remotely. With COVID, travel is a little bit tricky. So, we have some remote agreements with some suppliers who will go out for a day, plug a device in, and help us with the initial out-of-the-box config. That is normally two to three hours per site that we have to do, which is what I would expect from this kind of device.

What's my experience with pricing, setup cost, and licensing?

Look at Palo Alto because it is a bit modular, so you can take the components that you need when you need them. You need something that will do the job. It doesn't matter if it's cheap and fast, if it quickly lets through vulnerabilities. You need something that will be reliable.

We were very happy when they released the PA-440s. Previously, we had been looking at the PA-820s, which were a bit of overkill for us. Price-wise and capability-wise, the PA-820s hit the nail on the head for us.

Go for a three-year deal, then Palo Alto will bring in some discounts. We also deployed them as HA Pairs to make sure we had resiliency.

Which other solutions did I evaluate?

We looked at Cisco and Fortinet. The reason that we went with Palo Alto was they were fairly cost-effective. They were also a bit easier to manage. The central management and control of Palo Alto was a little bit nicer than the Cisco side of things. I think everyone achieves the same things in slightly different ways. The way Palo Alto achieves their centralized management and control resonated a bit better with us and our requirements.

What other advice do I have?

We haven't actually deployed Palo Alto NGFW’s DNS Security yet, but we will be doing that.

It is great that 100% of the tested attacks were blocked in the NSS Labs Test Report from July 2019 about Palo Alto NGFW. It is a great story, but I never trust 100% because that's why we have layered security. However, it definitely provides a great level of comfort in our security structure.

I never give anyone a 10, so I will give the solution a nine (out of 10).

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
reviewer2509914 - PeerSpot reviewer
Chief Information Security Officer at a tech vendor with 1-10 employees
Real User
Top 5
Great firewall with excellent features and helpful configuration capabilities
Pros and Cons
  • "Technical support is proactive in letting us know when there are updates that need to be made to the system."
  • "We haven't had any issues so far."

What is our primary use case?

The solution is to provide protection for our cloud-based server resources.

How has it helped my organization?

We don't have to spend as much time monitoring or configuring the solution. We just feed the alerts into our stock and we don't have to manage it regularly.

What is most valuable?

The configuration and stability are great. The solution offers many good features. Palo Alto has by far the best firewall in the world.

Palo Alto NG Firewalls embed machine learning into the core of the firewall to provide real-time attack prevention. Of course, that's just expected these days. Anyone worth considering is doing this. Low-end firewall devices out there do not provide that. However, they're not enterprise-ready.

The machine learning in Palo Alto's Next-Generation Firewalls is excellent for securing our networks against threats that are able to evolve and morph rapidly. It's a ten out of ten.

The product provides a unified platform that natively integrates all the security capabilities. That's very important to us.

The product has zero-day signature features implemented.

There are no trade-offs between security and network performance with Palo Alto.

What needs improvement?

We haven't had any issues so far.

For how long have I used the solution?

I've used the solution for the last three years, although the company has used it for longer. 

How are customer service and support?

Technical support is proactive in letting us know when there are updates that need to be made to the system. We've not had any issues with any of the maintenance activities.

How would you rate customer service and support?

Positive

What other advice do I have?

We are customers of Palo Alto.

I'd rate the solution ten out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Buyer's Guide
Palo Alto Networks NG Firewalls
June 2025
Learn what your peers think about Palo Alto Networks NG Firewalls. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
860,592 professionals have used our research since 2012.
reviewer2186784 - PeerSpot reviewer
Network Engineer at a computer software company with 5,001-10,000 employees
Real User
The solution uses machine learning embedded in the core of the firewall to provide in-line, real-time attack prevention
Pros and Cons
  • "I like the remote access and URL filtering features that are available on global products."
  • "The analysis of the ITS ID by Palo Alto Networks NG Firewalls could be improved."

What is our primary use case?

We use Palo Alto Networks NG Firewalls to protect our end-to-end environment.

How has it helped my organization?

Palo Alto Networks NG Firewalls use machine learning embedded in the core of the firewall to provide in-line, real-time attack prevention.

Palo Alto Networks NG Firewalls use predictive analytics and machine learning to instantly block DNS-related attacks. The data for attacks or prevention is based on a segmented mask. Palo Alto Networks also keeps signatures updated on a holiday and on the Palo Alto Network and cloud. This helps to prevent signature leaks and secures dynamic web applications.

The solution is able to detect and resolve the initial tunneling attack.

Palo Alto Networks NG Firewalls are constantly being updated with new feature packages, and the improvements are the best we have seen compared to any other product in the industry. This is due to the company's deep knowledge of technology and the field.

The solution provides a unified platform that natively integrates all security capabilities. The ability to integrate all of the capabilities is good because it is ready to use right out of the box. Additionally, it is an ECPU. The security is quite robust.

The unified platform helps to eliminate security holes in our organization by providing multiple layers of security. This is important because it can help to prevent any attack.

The unified platform helps eliminate the need for multiple network security tools and the effort required to get them working together. If we are filtering traffic using any other firewall, we will be using different processing methods. However, when we use a firewall or a third-party tool, it then has access to the restriction using the firewall. We can then use this feature to centralize and combine with this.

The zero-delay signature feature handles Wi-Fi. It analyzes each file type that is downloaded during a session and then sends the file analysis signature to the file cloud. This has made our network more secure.

Palo Alto Networks NG Firewalls' single pass architecture provides greater security and performance because all security functions are consolidated into a single device.

What is most valuable?

I like the remote access and URL filtering features that are available on global products. There are also other features, such as application-based access, that allow us to provide user IDs based on the type of access needed.

What needs improvement?

The analysis of the ITS ID by Palo Alto Networks NG Firewalls could be improved.

For how long have I used the solution?

I have been using Palo Alto Networks NG Firewalls for six years.

What do I think about the stability of the solution?

Palo Alto Networks NG Firewalls are stable.

What do I think about the scalability of the solution?

Palo Alto Networks NG Firewalls are scalable. We have around 10,000 users.

How are customer service and support?

The technical support is generally good, but it can be difficult to get the right person on the phone.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup is moderate. We can deploy within an hour or two. The deployment requires two people. Four to five people can handle the maintenance.

What about the implementation team?

We implement the solution for our clients. 

What was our ROI?

Our clients have seen a return on investment with the solution.

What's my experience with pricing, setup cost, and licensing?

Palo Alto Networks NG Firewalls are expensive compared to other firewalls such as FortiGate Next-Generation Firewall.

What other advice do I have?

I give Palo Alto Networks NG Firewalls a nine out of ten.

Organizations that require network security should not choose a firewall based on cost. I recommend Palo Alto Networks NG Firewalls to harden security posture.

I definitely recommend Palo Alto Networks NG Firewalls for medium and large organizations.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
reviewer2169336 - PeerSpot reviewer
Head Of CERT at a logistics company with 10,001+ employees
Real User
Is easy to deploy, has good technical support, and integrates well with other components in our network
Pros and Cons
  • "Compared to other firewalls from Check Point, Fortinet, and Cisco, for example, Palo Alto Networks NG Firewalls use the most advanced techniques. They have sandbox integration and others in the orchestrator. Palo Alto's security features are at a higher level than those of the competitors at the moment."
  • "Palo Alto needs to provide more support during the design phase and with proposals. They need to be more proactive, try to anticipate issues, and then help us to implement the transformation quickly."

What is our primary use case?

We protect certain applications in the data center with Palo Alto Networks NG Firewalls.

What is most valuable?

Application layer security and integration with other components that we have in our networks are valuable features.

Compared to other firewalls from Check Point, Fortinet, and Cisco, for example, Palo Alto Networks NG Firewalls use the most advanced techniques. They have sandbox integration and others in the orchestrator. Palo Alto's security features are at a higher level than those of the competitors at the moment.

It's very important that we be able to integrate all security capabilities within the firewall. This is one of the key reasons why we chose to go with Palo Alto Networks NG Firewalls.

We are heavily investing in technology that uses machine learning. Thus, it is important for us that Palo Alto Networks NG Firewalls embed machine learning in the core of the firewall to provide inline, real-time attack prevention.

What needs improvement?

Palo Alto needs to provide more support during the design phase and with proposals. They need to be more proactive, try to anticipate issues, and then help us to implement the transformation quickly.

For how long have I used the solution?

I have been using Palo Alto Networks NG Firewalls for five years now.

What do I think about the stability of the solution?

We have not had any issues with stability. I have not heard from our SOC about issues with devices either.

What do I think about the scalability of the solution?

The scalability has been good. We are the biggest bank in Italy with 100,000 employees.

How are customer service and support?

Palo Alto's technical support is extremely good and responsive. The ticketing system, however, is a little bureaucratic especially when you are in a hurry or are dealing with an emergency. On a scale from one to ten, overall, I would rate technical support a nine.

How would you rate customer service and support?

Positive

How was the initial setup?

The deployment was quite easy.

What was our ROI?

We have seen a return on investment in general. Our company is moving to the cloud and toward digital transformation in the financial sector. Palo Alto plays a key role in this return on investment.

What other advice do I have?

My advice to you, if you're looking for the cheapest and fastest firewall, is that the cheapest firewall is not the best for security.

We use firewall solutions from multiple vendors, and from a security point of view, Palo Alto Networks NG Firewalls are one of the best in comparison. Also, you get the best value from Palo Alto with application layer security, machine learning, and integration.

Overall, I would rate Palo Alto Networks NG Firewalls a nine out of ten.

I find it valuable to attend an RSA Conference because I get the opportunity to participate in several seminars, share, and learn from other people as well.

Attending RSAC also impacts our purchasing decisions because what I see at the conference will end up in the budget the following year or the year after that.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Ishan Kumara - PeerSpot reviewer
Manager Data Servicers at Union Bank of Colombo
Real User
Top 20
Performs well and protects our internal network from external threats
Pros and Cons
  • "The performance of Palo Alto Networks NG Firewalls is the most valuable feature."
  • "The analytics could be improved."

What is our primary use case?

We use the solution to protect our internal network from external threats.

Up until recently we were not using multilayer firewalls and were using several solutions that are combined in Palo Alto Networks NG Firewalls.

How has it helped my organization?

We are required to provide our network test results to our central bank, and Palo Alto Networks NG Firewalls offer a robust report for this purpose that would otherwise be a cumbersome human task.

What is most valuable?

The performance of Palo Alto Networks NG Firewalls is the most valuable feature.

What needs improvement?

The analytics could be improved. I would like to have a unified analysis tool within Palo Alto, as we currently use Perimeter 81 and Fortinet FortiGate, which makes the analysis process take a long time.

For how long have I used the solution?

I have been using the solution for almost four years.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

The solution is scalable. We have three people that monitor the solution and maintain it.

How was the initial setup?

The initial setup is straightforward. We had to secure our parameter network. We required two engineers from a reseller and two from our organization.

What about the implementation team?

The implementation was completed with the help of a partner.

What's my experience with pricing, setup cost, and licensing?

The solution is worth the price, as it can be utilized without the need for high-processing CPUs and resources, thus saving us overall.

Which other solutions did I evaluate?

I evaluated Check Point and decided to use Palo Alto because of its performance. Palo Alto can be used with fewer CPUs. 

What other advice do I have?

I give the solution a nine out of ten.

Before using Palo Alto Networks NG Firewalls you must first know what our requirements are.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
reviewer2134368 - PeerSpot reviewer
Security and IT Infrastruture Senior Manager at a retailer with 1,001-5,000 employees
Real User
Helps to eliminate security holes and enables us to manage our firewall security in-house
Pros and Cons
  • "The technical support is great."
  • "There is a tradeoff between security and network performance, as security is always top-notch, but performance can sometimes lag and has room for improvement."

What is our primary use case?

We use the solution as a firewall for our network. We can manage our traffic between internal traffic and external traffic handling. The solution protects the traffic and we manage the standard firewall issues.

How has it helped my organization?

The solution's embedded machine learning in the core of the firewall that provides in-line real-time attack prevention is important and provides good insight for us. The machine learning actions and learning activities provide some useful information. 

The solution's machine learning for securing our networks against rapidly evolving threats is good. We utilize an IoT tool that comprehends IoT devices, such as webcams, and can therefore interpret their behavior and send information on their activity. The tool also applies appropriate firewall rules to these devices, taking into account the clearance level of each device based on its traffic.

Before implementing Palo Alto, we had to rely on a management company to handle our firewall security. However, now that we have Palo Alto, we can manage our firewall security in-house.

Palo Alto Networks NG Firewalls unified platform helped to eliminate security holes.

The zero-delay signature feature helps keep our security updated against new attacks.

What is most valuable?

Palo Alto Networks NG Firewalls provides a unified platform that natively integrates all security capabilities which is important to our organization.

Palo Alto Networks NG Firewalls' zero-delay signature feature is important, and it receives daily updates.

What needs improvement?

At times, server capacity can result in issues. While Palo Alto is a top firewall company, it's crucial to properly size the firewall to meet our needs. In the case of larger attacks, the capacity of our current firewall may not be adequate, requiring us to obtain more advanced and expensive versions to ensure network protection.

There is a tradeoff between security and network performance, as security is always top-notch, but performance can sometimes lag and has room for improvement.

The cost of the solution has room for improvement.

For how long have I used the solution?

I have been using the solution for one year.

What do I think about the stability of the solution?

I give the stability an eight out of ten.

What do I think about the scalability of the solution?

The solution is not very scalable. We need to define our requirements and purchase the correct product for our needs.

We are an enterprise company with over 3,000 people. All the network traffic goes through the solution but we have five people that work directly on the solution.

How are customer service and support?

The technical support is great.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We previously used Check Point NGFW and switched to Palo Alto Networks NG Firewalls because of the stability.

How was the initial setup?

I give the initial setup a five out of ten. The deployment took one month.

What about the implementation team?

Implementation was completed in-house by a consultant.

What's my experience with pricing, setup cost, and licensing?

Compared to other firewall solutions, this is an expensive solution.

What other advice do I have?

I give the solution an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
reviewer2171682 - PeerSpot reviewer
Compliance Analyst at a international affairs institute with 11-50 employees
Real User
The ability to provide secure access to people without having to carry an additional device around really benefits us
Pros and Cons
  • "Prisma Access is the most valuable feature of Palo Alto Networks NG Firewalls."
  • "In my opinion, the training provided is satisfactory, but there is certainly room for improvement. It would be great to have more comprehensive training at a lower cost, or even for free."

What is our primary use case?

We use Palo Alto Networks NG Firewalls to protect small businesses that work within the defense industrial base.

How has it helped my organization?

By using Prisma Access, we can easily connect to our network from different locations around the world without having to deploy multiple firewalls. This not only makes it more convenient but also saves us a lot of expenses.

What is most valuable?

Prisma Access is the most valuable feature of Palo Alto Networks NG Firewalls.

The ability to provide secure access to people without having to carry an additional device around really benefits us in the defense industrial base.

What needs improvement?

The training provided is satisfactory, but there is certainly room for improvement. It would be great to have more comprehensive training at a lower cost, or even for free.

I would say that Palo Alto Networks NG Firewalls provide a unified platform for many, but not all.

Having everything in one pane of glass is important to me because I have a lot of responsibilities. It would be really nice to have everything in one place, so I don't have to switch around between different applications and can stay focused on one platform.

It's important to have machine learning embedded, but it's equally important to not solely rely on it. We still need human interaction to ensure proper security measures. Nonetheless, machine learning is a vital component of our security strategy.

For how long have I used the solution?

I have been using Palo Alto Networks NG Firewalls for five years.

What do I think about the stability of the solution?

Palo Alto Networks NG Firewalls have been instrumental in reducing our downtime as we moved away from less robust devices. By implementing Palo Alto firewalls, we have significantly improved our network stability.

If I had to estimate, it has saved us 10 to 15 hours per year.

Palo Alto Networks NG Firewalls is a very stable solution.

What do I think about the scalability of the solution?

I haven't encountered the need to scale the solution yet. Our current setup meets our requirements and has been working well for us. Given that we are a small company, we have not felt the need to look into scaling it at this point.

How are customer service and support?

The technical support provided by Palo Alto Networks is excellent. Although I have only needed to contact them a few times, they have always been quick to respond, and their team is very knowledgeable.

I would rate the technical support a nine out of ten.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Before, we used SonicWall, but we decided to switch to Palo Alto Networks NG Firewalls because they offer a much better solution and are leading the market.

How was the initial setup?

I was part of the deployment team, but since I was new to Palo Alto devices, the deployment process was more complex for me. That's where the training came into play.

I had to familiarize myself with their user interface and terminologies since I was used to using a different system. It took some time for me to learn and compare it with what I've used before.

What about the implementation team?

We purchased from a reseller.

It was a straightforward process. We made the purchase online and they shipped it to us. After that, it was a matter of getting it up and running.

What was our ROI?

It's difficult to determine. When looking at the ten to fifteen hours a year, it's unclear whether or not I would consider that as part of the return on investment. It's a bit challenging to assess from an IT perspective.

What's my experience with pricing, setup cost, and licensing?

Reducing costs is important, especially since Prisma can be expensive. It would be great if it were more affordable.

Although the hardware can be expensive, the quality of Palo Alto Networks NG Firewalls is excellent. While a lower cost would be desirable, we recognize the value of investing in a reliable and effective solution.

Which other solutions did I evaluate?

When we were moving away from SonicWall, we evaluated FortiGate and Meraki's solutions.

In my opinion, I was impressed with FortiGate's system on a chip. It was really fast compared to Palo Alto's, but I think Palo Alto has a better feature set and interface. As for SonicWall, we had several reasons for leaving. Regarding Meraki, I find their management interface not suitable for my needs, and they seem to be more of a consumer-grade or prosumer-grade product.

What other advice do I have?

I am not in a position to comment on the solution's ability to secure data centers consistently across all workplaces, from the smallest office to the largest data centers since I have only used their smaller solutions.

My advice to those who are seeking a firewall solution is not to prioritize the cheapest or the fastest options, as it could be risky. Instead, it is important to invest in the best quality firewall that is within your budget. This is something that I have experienced with Palo Alto Networks, which provides a high-quality solution that is worth the investment.

I would rate Palo Alto Networks NG Firewalls a nine out of ten.

The experience has been amazing, with a few sessions resulting in new services that I can offer my company directly. The best part is that I can do it without having to invest in an expensive tool that costs hundreds of thousands of dollars.

It does impact the purchases we will make throughout the year.

If I can perform 95% of the work at a lower cost, we are unlikely to consider Mandiant and spend a significant amount of money. 

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
reviewer2171643 - PeerSpot reviewer
IT Specialist at a government with 501-1,000 employees
Real User
Robust security infrastructure, user-friendly, and intuitive
Pros and Cons
  • "In my opinion, Palo Alto has consistently been one of the best firewalls for enterprise security."
  • "I would like to see some Machine Learning because I have observed new types of attacks that are able to bypass existing security rules."

What is our primary use case?

We have had use cases for defending our resources against external access or authenticating particular traffic or appropriate traffic for access.

How has it helped my organization?

The key factor here is reliability. In my previous company, we had a different vendor's firewall before switching to Palo Alto network devices. 

Unfortunately, during that time, our security team was on vacation and had to be called back urgently due to a severe incident. This experience led us to switch to a more dependable, reliable, and robust system, which turned out to be the Palo Alto network device. 

Fortunately, the transition from our old system to the new one was relatively seamless, and we now have a reliable and robust security infrastructure.

What is most valuable?

In my opinion, Palo Alto has consistently been one of the best firewalls for enterprise security. 

We have encountered numerous instances where we have observed threats and attacks targeting our systems, and Palo Alto has proven to be highly reliable in blocking any malicious activity.

What needs improvement?

I would like to see some Machine Learning because I have observed new types of attacks that are able to bypass existing security rules. It is possible that implementing some form of continuous learning or education could be beneficial in addressing this issue.

Some way to learn what is normal it isn't, you know, something like that, I think that would be probably the most beneficial thing to me.

What do I think about the stability of the solution?

To say it's a set-and-forget system wouldn't be entirely accurate, but it is an incredibly stable and reliable system. Once it's set up and configured properly, you really just need to keep an eye on it for any necessary updates or new rules. In my experience, it's one of the most reliable systems available.

What do I think about the scalability of the solution?

The original installation we were considering was for a small organization, and we had to take into account the fact that we were going to expand the endpoints to our entire user base, not just a select few like marketing.

We were assured that the system would have no issues handling the additional workload as we added more devices or upgraded the device.

The firewall solution that I have referred to the most during this conversation is one that I have implemented for small to medium-sized organizations.

How was the initial setup?

I found the initial setup very straightforward.

I recall that the setup process for the device was straightforward and could be completed quickly. However, while the device did come out of the box, it wasn't as secure as it could have been, and I had to go in and tighten up the security settings. Despite that, compared to other firewalls with complex and cryptic interfaces, Palo Alto's firewall interface was relatively easy to use and comprehend.

There were certainly benefits in terms of time-saving and ease of learning for the user. The straightforward setup process and user-friendly interface of the Palo Alto network devices made it easier and quicker to implement, thus saving time. Additionally, the easy-to-use interface also helped in reducing the learning curve for users, enabling them to become proficient in using the device more rapidly.

Using Palo Alto has reduced the amount of downtime considerably.

Determining the impact of blocking threats is not straightforward because it depends on the severity of the threat. For example, if a threat only affected one server, the downtime would be minimal. However, if it caused an outage in the entire environment, the impact would be much greater. It is challenging to quantify the amount of downtime prevented by blocking threats.

Usually, when setting up a new firewall, it's common to get around 80% of the work done within a few days. However, with the Palo Alto network device, I recall that we were able to achieve 95% to 99% completion within just a couple of days. The device's user-friendly interface and straightforward configuration process made it easier to accomplish more in less time.

What about the implementation team?

Technical support was helpful during the deployment process.

During the deployment process, I thought they were great. I had no complaints they were very knowledgeable, and we were able to resolve everything very quickly.

What was our ROI?

The organization has seen a return on investment with Palo Alto firewalls as we haven't experienced any significant breaches.

Which other solutions did I evaluate?

When when we first looked at Palo Alto, it came in as the top recommendation from a source that we trusted. We didn't actually look at other vendors at that time. 

At the time, we had the full support of our CEO and team, who recognized the urgency of the situation as our entire system was down. This rare backing from everyone helped us to quickly implement a solution.

What other advice do I have?

We frequently recommend Palo Alto to others as we believe it is a highly effective solution for network security. It is one of those things where if someone does not have a Palo Alto, we advise them to consider it as a worthwhile investment.

For those seeking the cheapest or quickest solution, I would advise that while it may seem like a good idea in the short term, you will likely encounter issues that will require you to replace the solution soon after. Investing in a reliable and reputable solution like Palo Alto Networks may require a larger investment upfront, but will ultimately save you time and money in the long run.

The biggest value that I gain from being here is networking and finding out what other products are out there without having to go to, like, a search engine and wait or rely on the results of the search engine. I can literally wander around. And if something catches my eye, I can be like, well, that's really cool. Let me go get some more information about that.

It's really easy to just look at all the different vendors, looks at the various talks, looks at everything that's here, and get information tailored to what I wanna learn about.

I definitely can make recommendations on various products they get based on my experience, but I don't have a say in it directly.

I would rate Palo Alto Networks NG Firewalls a nine out of ten.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Buyer's Guide
Download our free Palo Alto Networks NG Firewalls Report and get advice and tips from experienced pros sharing their opinions.
Updated: June 2025
Product Categories
Firewalls
Buyer's Guide
Download our free Palo Alto Networks NG Firewalls Report and get advice and tips from experienced pros sharing their opinions.