Palo Alto Networks NG Firewalls Reviews

We use Palo Alto Networks NG Firewalls for cybersecurity and network security for our infrastructure for our districts, worldwide. 

The SIM's ability to analyze traffic and take appropriate action is the most valuable feature of this solution.

It is an extremely powerful solution as it provides visibility into all the network traffic, and offers a range of actions such as blocking websites or graphics, as well as load balancing. It's a great tool.

The solution's user-friendly interface and clear network visibility are highly valuable to us. It makes management easier, especially for those without extensive technical knowledge.

The benefit we derive from this solution is not only its ease of use but also how it enables collaboration among our team for special activities in our network.

Additionally, the reports that we can generate from the software are very valuable.

Using Palo Alto Networks NG Firewalls has helped us reduce downtime.

Compared to our previous solution, I believe it was Fortinet. It saves a lot of time, you know, especially running your reports and analyzing the traffic. I believe we save thirty to forty percent.

It provides a unified platform that natively integrates all security capabilities.

It has seamless integration with all our devices, including Mac and Windows, and also with our secret server. Moreover, it is even integrated with the Microsoft streaming application that we use.

The embedded machine learning functions seamlessly and can be easily accessed through the dashboard's dedicated tools. Its ease of use is impressive.

I believe it would be beneficial if the solution could integrate with Google Chrome, especially for students who use Chromebooks. However, as far as I know, the solution currently does not support Google Chrome.

I have been using Palo Alto Networks NG Firewalls for five years.

The solution is incredibly stable. 

We have installed patches and updates, and they have all gone smoothly without any issues.

We haven't fully used the capabilities of the firewall, but we purchased a larger scale to prepare for potential future growth.

The firewall is deployed across all six schools and the district office, protecting the entire infrastructure, including switches, access points, and other devices.

This is approximately 3,500 to 4,000 devices.

The technical support team is readily available and very helpful. They provide great assistance whenever we encounter any issues.

There are delays at times, but overall, they are great. I would rate them a nine out of ten.

Positive

Previously, we used Fortinet.

I was involved in the deployment.

We received assistance from the technical support team who helped us implement the project.

We have seen a return on our investment.

As previously mentioned, the firewall is easy to use and has helped us save a significant amount of time, approximately thirty to forty percent.

The cost is quite high.

We evaluated Fortinet as well as Cisco.

The firewall we use is recommended by our county office of education, which also uses the same application. 

This makes it easier for us to collaborate with the county and share reports between different departments.

I'm thoroughly impressed during my inaugural visit here. The array of products and the advanced technology showcased are truly exceptional. It's a great experience.

I plan to revisit it in the future.

Certainly, my attendance would have a significant impact on my cybersecurity-related buying choices as I would gain better insights into various vendors and their products available in the market. It would provide me with increased visibility and enable me to make informed purchasing decisions.

By attending the event and gaining insights into the different vendors and products available in the market, we can make informed decisions about which route to take in the future.

I would rate Palo Alto Networks NG Firewalls a nine out of ten.

For security purposes, we use Palo Alto Networks NG Firewalls for both the edge and data center.

The IT operations side provides us with more freedom as we don't have to worry about it as much due to the automated alerts and detection.

The DNS sync code in your filtering is the most valuable feature of the Palo Alto Networks NG Firewalls.

It helps us stay informed about the activities of our end users.

As I learn more about the unified platform, I see that Palo Alto is integrating well with other standards and are innovating, so the solution works effectively.

Maintaining a good security posture is important for our organization, particularly when it comes to threats like ransomware. ITM Security plays a vital role in this, and Palo Alto Networks equipped us well to be proactive in our approach. As a result, we prioritize the importance of ITM Security within our group.

Incorporating machine learning into the firewall's core to provide real-time attack prevention is highly beneficial, particularly with features like WildFire. We have had instances where it effectively stopped zero-day attacks on the first day, and we were one of the first to encounter the issue. Within a couple of hours, they notified us that it was a security issue, allowing us to take action promptly.

I am not aware of anything that could be improved.

I think that they have been doing a good job at this point in time.

Technical support is an area that could be improved.

I have been working with Palo Alto Networks NG Firewalls for six years.

Our downtime has not been reduced by Palo Alto Networks NG Firewalls. We experienced a DSL firewall incident that resulted in a five-hour downtime while we discovered the bug, and although I cannot entirely blame the firewall, it was still a part of the issue. However, we have learned to deal with this inconvenience.

It's quite stable. We had one issue because of a bug. Aside from that, everything has been fine.

The scalability is excellent. We were able to enlarge the network and install additional firewalls. There haven't been many problems with that.

Technical support has fallen off. It was much better up front. The first four years were spectacular.

In the last couple of years, we're getting a lot of overseas support that seems to have little training. In the beginning, it was high, but now I would rate it a five out of ten.

Neutral

Previously, we used Cisco.

Compared to Cisco, Palo Alto Networks NG Firewalls are much better in terms of being more elegant and thorough, especially when it comes to navigating log files and similar tasks.

By the nature of coming from Cisco Firewall to Palo Alto Networks NG Firewall, there was complexity involved. But with the help of third-party resources, we were able to get it done pretty quickly.

We had assistance from a consultant. They were very helpful.

The pricing is competitive.

If someone is looking for the cheapest or the fastest option, I am not quite sure what other vendors are offering in terms of pricing. However, my recommendation would be to go with Palo Alto so that they don't have to worry about the security of their job.

After evaluating Cisco Firepower and Palo Alto, we decided to go with these two options. However, after trying out Firepower, we realized that it was not a good fit for us and we knew we didn't want to proceed with it.

Our current design is efficient as all our sites are routed to the Palo Alto firewall, allowing us to segregate VLANs and maintain communication between users. It's a great setup that simplifies a lot of our work.

I would rate Palo Alto Networks NG Firewalls a nine out of ten.

In my overall assessment, I would give the conference a seven out of ten. It seems like many presentations focus on industry trends, and there is some repetition across different companies covering the same three or four topics. However, I found that Palo Alto Networks NG Firewalls had some valuable insights into what the industry is doing.

It helps, as we are the ones making decisions.

We use the solution to protect our network environment. We use three versions: 230, 440, and 820. 

Palo Alto Networks NG Firewalls embed machine learning into the core of the firewall to provide real-time attack prevention, which is wonderful.

We check the machine learning logs to secure our networks against threats that are able to evolve more rapidly. 

I find the solution to be comfortable and easy to use. While I cannot completely authenticate my devices, I am able to distinguish between private devices and use them for authentication in some way, which is very helpful. The URL filtering feature is also helpful and I am very satisfied with the firewall delivery.

Palo Alto Networks NG Firewalls provide a unified platform that natively integrates all our security capabilities through Cortex XDR.

I give the solution's single-pass architecture for performance and security an eight out of ten.

There are many valuable features within the solution. This includes security, a user-friendly firewall, antivirus, and global protection.

Palo Alto Networks NG Firewalls' documentation, features, and user-friendliness are excellent.

The VPN has room for improvement.

I have been using the solution for two and a half years.

For the most part, the stability is good but we sometimes face problems with the VPN connections.

The solution is scalable. We have 150 people that use the solution.

We often don't have to open a ticket as the documentation provided is usually comprehensive, and we can usually resolve most issues on our own. The one time I submitted a ticket, the technical support was not able to resolve the issue.

Positive

I previously used Forcepoint Next-Generation Firewall which is cheaper than Palo Alto Networks NG Firewalls but I prefer Palo Alto because it is user-friendly and supports more devices and features. 

I was not involved in the initial setup but I did migrate the 820 to the 440 and it was straightforward. The migration took a few hours.

Palo Alto Networks NG Firewalls are expensive.

There is an additional cost for support.

I give the solution nine out of ten.

The maintenance consists of regular updates only.

Currently, we do not use Palo Alto Networks NG Firewalls across our entire network but we have plans to extend them in the future.

I recommend Palo Alto Networks NG Firewalls to others.

We use this solution for perimeter security and security profile purposes.  This covers anti-virus and anti-spyware, as well as cyber security vulnerabilities through URL and file blocking.

We like the fact that this product can provide multiple layers of protection depending on our clients requirements, and can be configured to whatever level of protection and the specific protocols that they want.

We also like the fact that this solution has a wide range of features covering all types of system security, not focusing on just one area. Everything is geared into a single module, which means we no longer need several different devices.

As well as the single module functionality, this solution allows us to easily see the active sessions and how many users we have connected. Complete information, on one screen.

We would like to see the external dynamic list for this solution improved. The current version does not automatically block malicious IP addresses, which would be very useful.

We have been using this solution for the last seven years.

We have experienced 100% stability with this solution.

The scalability of this solution depends on the management CPU that is being utilized. To manage high level traffic, it requires high-specification hardware to be used, or performance can be affected.

This vendor not only provides a lot of very clear documentation, but also has a community center to allow for self-diagnosis and fixes.

However, if this does not resolve the issue, the technical support team are very responsive and quick to fix any problems we take to them.

Positive

The initial setup of this solution is straightforward, particularly when migrating from a different product and using their centralized management tool. This provides a configuration file that completes the majority of the setup automatically. All traffic is then automatically diverted through this firewall

The firewall is then registered in the providers portal, which allows for updates to be applied when they are released without the need for manual intervention.

We implemented this using one member of our in-house team, and the deployment took three days to complete.

However, there was some pre-implementation work to be done registering firewall serial numbers, connecting console cables etc, but this is all straightforward.

This solution is quite expensive because along with the license there is premium partner support that has to be purchased as a default addition. 

There is also a specific Threat Prevention License that has to be requested and purchased separately. However, licenses can be purchased for specific periods as opposed to just an annual offering.

We actually tested multiple solutions, and choose this one because it gave us the most benefits in one product.

We would advise organizations who are migrating from a different provider to inquire about the centralized management console, and to understand the full costs involved up front.

Also, despite the fact that this solution provides a lot of features, there will still be areas that aren't covered as this only works on perimeter level security.

I would rate this solution a 10 out of 10.

We use it to see and detect malware. It is also used for antivirus, anti-spyware, anti-malware, vulnerability, and Wildfire analysis. We support different kinds of authentication as well: Kerberos, LDAP, TACACS, and SAML. All in all, it is a security device that you can have anywhere on your network, as per the design considerations.

It is deployed in two different ways, either on-premises or on the cloud, which may require a different hypervisor. 

Nowadays, because of the pandemic, everyone is working from home or users are not sitting in the office to work. So, security has become a challenge. For that, we provide GlobalProtect, which is a VPN solution. This will connect to your organization's network, and then you can access anything that is required. This is the most widely used tool that we provide, and it is used worldwide. During the pandemic, it was a massive success for us.

Palo Alto NGFW provides a unified platform that natively integrates all security capabilities which is really important from the end customer point of view. If I have to set up an organization, I will go ahead and buy different devices or platforms. However, if I go ahead and buy Next-Generation Firewalls and put them on the edge of the network where I connect with ISPs, my Next-Generation Firewalls will take care of the security parameters. I don't need to worry about it that much anymore.

Its security profiles are a valuable feature. 

All the logs can be stored in a single place.

Panorama lets all the devices be managed centrally in a single place. This provides the best view for admins into any particular firewall, which decreases those admins' tasks because they can view everything in a single place. 

The machine learning tracks how many packets per second are coming into the firewall.

Any request coming in will go into the DNS sinkhole first, not to the user. We protect our users that way.

Within this one platform, you are getting everything that you want. This single device can provide you with antivirus, anti-spyware, volumetric protection, URL filtering where decryption is required, and file blocking with Wildfire analysis.

Palo Alto Networks NG Firewalls have a Single Pass Parallel Processing (SP3) Architecture, which has a different kind of code doing the work. It increases the packet processing rate. Whereas, without the SP3 Architecture, you are waiting for each job to complete, even if you have 100 jobs assigned.

There is always scope for improvement on any particular device in any particular organization. For example, when there was change from IPv4 to IPv6, some of the firewalls still didn't support IPv6. In North America, we have seen most customers are using IPv6, as they are getting the IPv6 IPs from their ISPs. Sometimes, when they go through the firewall, it denies the traffic.

It has been almost three years.

From a stability point of view, the firewall is very stable because the PAN-OS version doesn't change very often. If a new PAN-OS version is out in the market, our engineering team checks it multiple times.

The network performance is never compromised.

It is scalable. We have small and big clients.

For small clients, there is the PA-220 device, which is very small but still very productive and secure. 

I have worked with one of the TACs, where there are almost 500 TAC engineers present. They have different rules for case priority when a customer opens something. If a customer is paying more to get support, then we have a dedicated engineer assigned to that particular customer. This is much easier for the customer, as they are getting one of the best engineers out there to troubleshoot their network. They never compromise on that.

Sometimes, due to some issues, tickets don't get assigned. Or, they assign the tickets manually if something goes wrong, which is a very odd case. Customers don't understand that. So, we always apologize to customers, and say, "How can we help you out?"

Support is 10 out of 10. 

Positive

We ask the end customer, whosoever has the legacy network in their organization, if they don't need all their extra devices in order to cut down on costs. We then do an IPSec tunnel on the cloud as a gateway. From there, they can route the traffic to the Internet or wherever they would like.

Palo Alto is a unified device with a very streamlined voice. I have worked on Cisco routers and ASA as well, where you have to do a lot of stuff through the CLI and Linux shell scripting. With Palo Alto, those things are streamlined and engineering takes care of everything.

The initial setup is pretty straightforward. It is very user-friendly. Everyone in an organization can learn the platform quickly. When we give training to our new candidates, they learn it very quickly. So, it is a streamlined device.

There is an interface type called V-Wire. You just connect it to your network. It will not disturb anything. You don't need to provide IPs. It doesn't need a separate Mac address. It just connects to a particular interface as a bump in the wire. It inspects your traffic, giving you an overall idea of what applications your organization is using and what user is doing what. If needed, you can deploy it in your network later on. This makes it very easy for our customer to deploy the product in their network before they buy it.

When it comes to installing a new PAN-OS version, it doesn't require you to go to Linux and write tons of commands in order to download and activate the latest PAN-OS version. You just have to download it, click the download tab, click the install tab, and then you are done. Therefore, it is hassle-free and super easy like Windows.

We have a very large team for deployment.

If you buy Palo Alto Next-Generation Firewalls, everything is in a single platform. You don't need to go and buy the Wildfire analysis to track zero-day attacks and lots of other things. Therefore, cost is cut down by 50% to 60% if you go for Palo Alto Next-Generation Firewalls.

If someone doesn't have a security platform in their network, then the following licenses will be required: antivirus, anti-spyware, vulnerability, and Wildfire analysis. There are also licenses for GlobalProtect and support.

Overall, Palo Alto Networks NG Firewalls is a market leader.

With other devices, you need a controller and console to manage them. That is not the case with Palo Alto Networks NG Firewalls, where most of the work is done through the GUI. If you want to deep dive, then you go to the CLI. 

Cisco ASAs give some information on the Nexus Firewall, but they are not streamlined. Whereas, Palo Alto Networks NG Firewalls is a streamlined device and easy to use.

If someone is in a routing and switching domain and wants to come up to a security domain, they should choose Palo Alto Network NG Firewalls.

We are happy to assist customers whenever support is missing. Over a period of time, we see customers raise tickets because they are looking for a particular feature that is not available on the platform. We don't say to our customers, "We don't support this." Instead, we take it as an opportunity, giving that information to our engineering team.

I would rate the solution as nine out of 10. I am leaving room for improvement.

I use Palo Alto Networks NG Firewalls to handle my perimeter security, which is the most critical point of my network.

Layer 3 and Layer 4 are part of the core functionality of any firewall, but this firewall brings more information into the inspection via Layer 7. Thus, the entire threat landscape has changed for us as a company.

We can integrate all the Palo Alto firewalls to have a single insight experience across all firewalls.

On a major scale, Palo Alto NGFW can be helpful in eliminating some security tools. It doesn't eliminate all of our other security tools, but it does bring down the dependency on some tools.

Security and network performance are of equal importance to us. This solution doesn't compromise your network's performance for security, which is a good trade-off.

The most valuable features are application inspection and sandboxing. Application inspection decides where traffic is transmitted. If I have a perimeter report for a particular service, then other services or malicious services cannot use an open port. In this way, application inspection is doing a fantastic job. We also have a very good sandbox with almost no rate limit. It will inspect any file that comes in and goes out in a dedicated patch to identify malware. Therefore, these two things help me to protect our organization from any bad actors.

It is extremely important for me that Palo Alto Networks NG Firewalls embeds machine learning in the core of the firewall to provide inline, real-time attack prevention. The way that they handle the traffic is very useful for us. The firewall creates a benchmark of known traffic patterns that every endpoint would have using machine learning. Machine learning creates a baseline of how the traffic goes in and out. When there is a deviation in the normal behavior, it gives me a threat indication via a reporting feature that shows us how the current traffic has deviated from the usual traffic. This is a very good feature, which is important for my organization to have on a daily basis.

It gives me a better experience when handling security holes. 

Our upgrades brought some rule reviewing features by default, without having to depend on third-party tools to perform the rule reviewing. That has been a good feature.

I would like them to bring in some features that would encourage traffic shaping or bandwidth routing, like other UTM firewalls, because the solution should be capable of limiting the bandwidth for rules.

If Palo Alto Networks could bring in session tracking, like FortiGate, then we can remove another cybersecurity tool. If they could say "This is user-based, not IP-based," using user attribute-based rules, then that would be helpful for a small- or medium-scale company because they could use a single device instead of two or three devices.

I have been using it for four years.

The stability is very good. After the upgrade, every other process was smoother. We haven't often seen bugs or operational hazards in terms of the device. 

Scalability is always available. If you are ready to invest the money, then you can add another box. Every device has its limitations though. NGFW has its own limitations, where it cannot scale beyond a certain point. Those limitations have already been published and users need to be aware of them when they are planning to buy a firewall.

The size of my environment is 3,000 to 4,000 users. We are a larger organization with 60 to 80 VLANs. There are approximately 3,600 endpoints accessing them. Day in, day out, we have a lot of network access change requests coming in that need to be performed. 

In terms of maintaining the firewalls for our space and cost, there are about 15 team members. It is a huge environment with 10 different clusters of Palo Altos. From our operational perspective, we need 15 team members.

On a practical scale, it depends on the size of your organization. If it is a small organization, I think two to three members should be sufficient enough to handle the solution. When you have a smaller organization with a maximum of 20 different VLANs, where there is a size limit of 50 to 100 users/employees, then two or three members would be sufficient enough to handle it. However, it all depends upon the number of endpoints that are the nodes and how many nodes the firewall is protecting.

The technical support is good. I would rate them as 10 out of 10. 

They are able to support me and the issues that have arisen, which have been very minimal. For cases where we break something in the configuration or any bug that is out of control, they are good in understanding and analyzing our issues as well as providing a solution for them. That is why I rated them as 10.

Positive

The initial setup was straightforward, not complex. We migrated from a different vendor to this platform. We had our goals and objectives in front of us. So, we had a good project plan before migrating everything.

I have multiple clusters. For the largest cluster, the migration took three to four weeks.

We used an integrator for the deployment.

We are monitoring the metrics. We have certain metrics to find ROI, e.g., it could be zero-days, the number of inclusions that this solution has blocked successfully, or the amount of malware that it has stopped. We identify this information via the sandboxing feature, which determines what other normal firewalls would have let in. We consider the amount of data that we process and the regulatory fines that would have arisen, if not for this solution. That is how our return of investment is calculated.

If the cost is your main priority, Palo Alto would be a bit high. However, if you are ready to hear about return of investment, then I would convince you to go for Palo Alto.

I am using three or four firewalls from different vendors. I know their capabilities as well as the strengths and weaknesses of each vendor. 

We have evaluated different firewalls and found Palo Alto best suited for boundary networks. Fortinet handles our user-facing firewalls. Between FortiGate and Palo Alto, there is Cisco.

We did a SWOT analysis on all the firewalls. We determined the best firewalls based on their throughput and protection suites. For example, a user-facing firewall doesn't need to be jam-packed with security features. However, a perimeter firewall is between the trusted and untrusted networks, so more security features are needed.

We are using a different DNS Security solution, so we haven't used Palo Alto NGFW’s DNS Security.

Explore the features that the solution offers. There are a lot. If you can use the features to their fullest potential, that would be best. 

If you are just doing an L3 and L4 inspection, then Palo Alto Networks might not be best suited for that environment. If you are going to use the features of an NGFW, then I would tell you about the solution's features and return of investment based on what you are protecting. 

We basically use it to protect our network from various malicious activities out there. We have two subscriptions. We have the WildFire subscription, which is similar to DNS filtering. We also have Threat Protection, which allows the firewall to inspect traffic up to Layer 7. It inspects applications as well as unknown applications, quarantining and stopping things. So, you are not always chasing, "What applications should I be running on this device?" It does a good job of all of that. The management of it is a little tricky, but that is how it goes.

We are running the PA-3250s. We have two of them. They operate in Active/Passive mode. Therefore, if one fails, then the other one takes over. 

It is pretty important to have embedded machine learning in the core of the firewall to provide inline, real-time attack prevention, because all these different attacks and threats are constantly evolving. So, you want to have something beyond just hard pass rules. You want it to learn as it is going along. Its machine learning seems pretty good. It seems like it is catching quite a few things.

There is a web-based GUI to do management, but you need to know how the machine or firewall operates. There are hundreds of different menus and options. I have used other firewalls before. Just implementing or designing a policy with Palo Alto, if you want a certain port to be open to different IP addresses, then that could take 20 to 25 clicks. That is just testing it out. It is quite complex to do. Whereas, with other places, you tell it, "Okay, I want this specific port open and this IP address to have access to it." That was it. However, not with Palo Alto, which is definitely more complex.

The VPN is only available for Windows and Mac iOS environments. We have a variety of iPads, iPhones, and Android stuff that wouldn't be able to utilize the built-in VPN services.

I would like easier management and logging. They can set up some profiles instead of having you create these reports yourself. However, you should be able to set it up to give you alerts on important things faster.

We have had this in place for four years. I have been at the school for almost a year and a half. So, this is my second year here at the school, so my experience with it has probably been a year and change. I use other firewall solutions, but I have gotten pretty comfortable with the Palo Alto solution.

It is very stable. We have never had any issues with any failures on it.

I haven't felt any performance lags on it. It has been handling everything just fine.

We purchased it a few years ago. Since then, we have had a lot more clients on our network, and it has handled all that fine. You go into it and just have to scale it higher. Palo Alto doesn't give you too many choices. There is not a medium; it is either very small or very big. So, you don't have a choice in that.

We have never had to call Palo Alto. Secure Works does all our support maintenance on it.

I have been here for a year and a half. Before, the firewall that they were using (Barracuda) was barely adequate for what we were doing. We got new ones simply, not because we had a software/hardware-type attack, but because we had a social engineering attack where one of the folks who used to work for us went on to do some crazy things. As a result, the reaction was like, "Oh, let's get a new firewall. That should stop these things in the future."

The initial setup was pretty complex because they did not do it themselves. They actually hired some folks who put it in. 

We use Secureworks, which is a big security company. They actually send an alert when there are problems with the firewall or if there are security issues. They handled the deployment. 

We also use another company called Logically to monitor the firewall in addition to all our other devices.

Active/Passive mode is very redundant, but they require you to buy all the associated licensing for both firewalls, which is kind of a waste of money because you are really only using the services on one firewall at a time.

I would suggest looking at your needs, because this solution's pricing is very closely tied to that. If you decide that you are going to need support for 1,000 connections, then make sure you have the budget for it. Plan for it, because everything will cost you.

If another school would call and ask me, I would say, "It's not the cheapest. It's very fast, but it's not the cheapest firewall out there."

I have been looking at different firewalls because our service and maintenance contracts are up on it. We have two different outsourced folks who look at the firewall and help us do any configurations. My staff and I lack the knowledge to operate it. For any change that we need to make, we have to call these other folks, and that is just not sustainable.

We are moving away from this solution because of the pricing and costs. Everything costs a lot. We are moving to Meraki MS250s because of their simplicity. They match the industry better. I have called the bigger companies, and Meraki matches the size, then the type of institution that we are.

If someone was looking for the cheapest and fastest firewall product, I would suggest looking at the Meraki products in the educational space. I think that is a better fit.

Its predictive analytics and machine learning for instantly blocking DNS-related attacks is doing a good job. I can't be certain because we also have a content filter on a separate device. Together, they kind of work out how they do DNS filtering. I know that we haven't had any problems with ransomware or software getting installed by forging DNS.

DNS Security for protection against sneakier attack techniques, like DNS tunneling, is good. I haven't had a chance to read the logs on those, but it does pretty well. It speaks to the complexity of the firewall. It is hard to assess information on it because there is just a lot of data. You need to be really good at keeping up with the logs and turning on all the alerts. Then, you need to have the time to dig through those because it could be blocking something, which it will tell you.

I haven't read the NSS Labs Test Report from July 2019 about Palo Alto NGFW, but it sounds interesting. Though it is a little bit of snake oil, because the worst attacks that we had last year were purely done through social engineering and email. I feel like this is an attack vector that the firewall can't totally block. So, before you put something in, like Palo Alto Firewalls, you need to have your security policy in place first.

I would rate this solution as eight out of 10. Technically, it is a good solution, but for usability and practicality, I would take points off for that.

We use Palo Alto Networks NG Firewalls as a gateway for our data center and server files because they are a reliable and robust device, and the best in the security field. We also use their threat intelligence and threat protection services, which are like brass fittings.

Palo Alto enables telemetry and enriches their systems to protect our network against threats, which is why machine learning helps us secure our network.

Palo Alto Networks NG Firewalls have enhanced our security by around 20 percent.

The solution provides a unified platform that natively integrates all of our security capabilities.

Palo Alto Networks NG Firewalls help eliminate security holes by stopping all the known and unknown vulnerabilities that we are seeing in our network.

The single-path architecture has improved performance and latency.

The application awareness feature that recognizes application IDs and vulnerability protection are Palo Alto Networks NG Firewalls' most valuable features.

The price is high and has room for improvement.

We have Elite Plus partner support, which means we always have to speak to a partner to open a case. However, not all of the partners are knowledgeable or helpful.

I have been using Palo Alto Networks NG Firewalls for two years.

Palo Alto Networks NG Firewalls are stable.

When it comes to virtual machine editions or the cloud, I think they are more scalable than hardware. 

We have three administrators, 1,000 end users, and up to 400 servers that use Palo Alto Networks NG Firewalls.

We previously used Fortinet FortiGate firewalls but switched to Palo Alto Networks NG Firewalls for their superior performance. We also chose Palo Alto Networks because Gartner's reviews of their firewalls have consistently been better than those of Fortinet.

The initial setup is straightforward. However, enabling the security features and starting traffic inspection can be complex. The physical installation is easy.

The deployment for one device takes one day.

We have seen a return on investment in the two years that we have been using the solution.

Palo Alto Networks NG Firewalls' price is expensive.

I give Palo Alto Networks NG Firewalls a nine out of ten.

I recommend Palo Alto Networks NG Firewalls.