Palo Alto Networks PA-Series Reviews

The primary use case for Palo Alto Networks PA-Series is for the previous firewall.

The most valuable feature of Palo Alto Networks PA-Series is that it is highly customizable. So far, it works well in terms of threat prevention capabilities.

The interface of Palo Alto Networks PA-Series should be made much more user-friendly.

I have used Palo Alto Networks PA-Series for five years.

I rate the stability of Palo Alto Networks PA-Series as nine.

I rate the scalability of Palo Alto Networks PA-Series around seven.

I rate the technical support from Palo Alto Networks as eight.

Positive

The initial setup of Palo Alto Networks PA-Series is very complicated.

The same device has been used for nine years and could be cost-effective.

The price of Palo Alto Networks PA-Series is expensive.

Although I would recommend Palo Alto Networks PA-Series to others, it would depend on budget and familiarity with the system. If they have the budget and know-how, it might be suitable. However, for users not accustomed to using Palo Alto, I would not suggest it. Overall, I rate this solution as an eight.

On-premises

It's our basic firewall, mainly web filtering and application filtering. We use it in a multi-site environment, especially with cloud-based firewalls.

Web filtering and application filtering are the most valuable features. 

The cloud-based aspect helps significantly. It integrates seamlessly with other Palo products like Prisma Cloud, offers robust VPN protection, and it's all in one convenient package.

The UI definitely needs work. In my opinion, the UI could be simpler and more user-friendly for the average user.

For example, I encountered complexities with policy management. Policy management is one of the areas where the UI is not intuitive, and managing policies can be quite complex.

I have been using this solution for one year. We work with all the technologies from Palo.

It is a stable product. I would rate the stability a nine out of ten. 

I would rate the scalability a ten out of ten because cloud deployment makes it incredibly easy to scale.

High-tech, multi-site, or multi-region companies, regardless of size, can benefit from Palo Alto. 

Faster response times would be more beneficial.

Positive

I have experience with Palo Alto's PA-Series and Fortinet FortiGate. 

However, my preference depends on the setup. If I'm looking at a single site, a straightforward deployment, I'd go with FortiGate. 

If I'm looking at multi-site, complex deployments and a cloud-based design, then Palo Alto.

The initial setup is fairly complex. There's a definite learning curve involved in setting it up correctly.

We require assistance from a third-party company for the setup.

The prices are pretty high, definitely on the upper end. They're among the highest in the pricing tier Firewall category.

In general, I'd rate this solution at least an eight out of ten. It has some room for improvement.

Public Cloud

There are various use cases, particularly for desktop scenarios. One of them involves exploring contacts. Virtual firewall use cases revolve around different scenarios, such as transitioning to the cloud. For instance, when Barclays uses Azure or AWS, there's a focus on meeting security obligations and implementing threat prevention to comply with regulations like GDPR or PPA. This includes creating segmentation to align with regulatory standards. As part of this process, security features available in cloud platforms like virtual firewalls and threat prevention are incorporated.

After the implementation here, especially since I work in the data center, I've noticed the significance of security. For example, Veeam, CDL, and other aspects became crucial, especially during the COVID period when users started working from home. This situation led to numerous blocks, and user profiles were getting blocked due to issues with IP addresses ending up on blocked lists. However, after implementing the 3M series virtual firewall, we were able to effectively manage security for our cloud applications, like those in AWS. This enabled us to monitor remote workers and take necessary actions, such as blocking problematic IP addresses. Consequently, we reduced the number of tickets raised with ISP providers.        

A valuable feature that we can consider is the deployment time, which is significantly reduced. It is almost 90% faster compared to other solutions. This leads to quicker deployment and less downtime.

I have found that the tool works well for me, but there are areas where security testing and protection could be improved, especially in virtual or cloud environments. However, in this project, once we deployed it, we haven't encountered any issues.

The cost is currently manageable, but as we migrate fully into the cloud, additional features like capacity upgrading and improvements to hardware resources will be necessary, especially since our equipment consists of older-generation switches and routers. So, I'm looking for additional capabilities in these areas.

I've been working on my current project for more than two years now.

I would rate the stability a nine out of ten. 

I would rate the scalability an eight and a half out of ten. 

The deployment is quite straightforward, and it's faster than it used to be. This means that there is less downtime involved.

From my perspective, managing the price is important, especially because we're a small business. For larger organizations like Barclays, we provide our requirements to the client, and they place the order on BigFix. It's their responsibility to consider their budget and make decisions accordingly. We appreciate the features we get, but the cost-sharing still depends on the client.

The client needs to provide approval for the POCs used by our team; it's not within my control.

When evaluating options, you should consider team members who are knowledgeable in supporting next-generation firewalls like NGFW. We also need to factor in the specific product offerings. For instance, if we have options like the PA-440, PA-850, and PA-8350, we should compare their prices and features. It's important to make decisions based on the situation and the needs of the organization.

Considering factors like availability and the specific situation, I would rate this an eight. It's important to explore other potential cases as well.

I would rate the solution a nine out of ten. 

On-premises

My company operates at multiple sites. My company has multiple work-related departments, and for each department, we have multiple servers along with multiple printers and other devices. My organization has to restrict certain accesses based on company policies. Generally, my company has to look after what accesses are to be allowed and which are not to be allowed, based on source and destination. If some business cases require some access, then our company allows access for those on the firewall.

Palo Alto Networks generally offers some very good features, like antivirus, DLP, URL filtering, and dynamic blocking. All the attributes offered by Palo Alto Networks are quite good and fall under the next-generation firewall features.

With Palo Alto Networks, every two or three months, there are some updates or bug fixes that happen. Everything is good with Palo Alto Networks.

With Palo Alto Networks PA-Series, I find that the support team takes a long time to resolve the issues that a user may face during the use of the product. You need to keep describing your issues to the support team since Palo Alto Networks usually provides you with a few engineers who then connect you with another set of engineers, making it a long process. When it comes to the support offered by Palo Alto Networks, our company has seen that we need to escalate an issue to senior management, which takes a lot of time. The support part of the product can improve a little bit.

I have experience with Palo Alto Networks PA-Series. My company has a partnership with Palo Alto Networks. I use the solution's recent version, which is PAN-OS 10.0.

It is a stable solution. Stability-wise, I rate the solution a ten out of ten.

Scalability-wise, I rate the solution an eight and a half out of ten.

More than 5,000 people in our company use Palo Alto Networks PA-Series.

I rate the technical support an eight out of ten.

Positive

Earlier, my company was involved with Cisco ASA Firewall and Check Point Software.

The product's initial setup was easy.

The solution is deployed on an on-premises model.

If you are involved in the initial configuration part, then the deployment process related to the product may take around two or three hours.

I rate the overall tool a nine out of ten.

On-premises

In our network security architecture, we utilize the PA-Series firewalls by integrating them seamlessly. Migration from Cisco to PA-Series was surprisingly easy, and we have centralized management using Panorama.

The most effective features for threat prevention in the PA-Series are its integration with Cortex and the use of machine learning AI for advanced threat detection. These capabilities, especially present in the newer generation firewalls like the PA-4000 series, enhance our security posture significantly.

Migrating from old to new Palo Alto Networks firewalls can sometimes encounter hiccups, and there is room for improvement in streamlining this process for smoother transitions.

I have been working with Palo Alto Networks PA-Series for nine years.

I would rate the stability of the product as a nine out of ten. We have not faced any issues with it.

I would rate the scalability of the product as a nine out of ten. We have approximately 3,000 end users.

I have had a great experience with Palo Alto Networks technical support. Response time and quality have been excellent, especially for RMA cases. Any issues, whether for functionality or hardware, were resolved quickly. I would rate the support as a nine out of ten.

Positive

Palo Alto Networks stands out from other solutions because they consistently strive to innovate and stay ahead of the curve. Their user-friendly interface and customizable security options make them a top choice. Additionally, they offer a wide range of security solutions without forcing you to invest in unnecessary features, similar to SecurePoint's approach with blades.

The initial setup of Palo Alto Networks PA-Series was straightforward, especially with prior network and security knowledge and a helpful training course. The intuitive web UI made the process comfortable, and overall, Palo Alto Networks seems to be heading in the right direction with user experience improvements.

I have experience deploying and managing PA-Series firewalls in a multi-site environment, including international locations connected via MPLS. We use them for perimeter security and have centralized management through Panorama. Deploying and managing them across sites has been straightforward and effective which makes Palo Alto Networks a preferred choice for our network security needs.

The PA-Series has consistently helped us prevent cyber-attacks through its threat prevention and vulnerability profiles. By configuring security profiles effectively, including antivirus and threat prevention, we have successfully mitigated various threats.

Overall, I would rate Palo Alto Networks PA-Series as a nine out of ten.

The resolution of the Palo Alto is very good. It is a well-known product in protection from an outside perspective. We use the solution for major or minor attacks. Also, it provides defence, security, and URL filtering. It is excellent in terms of security. It assures me against network threats.

Palo Alto should integrate artificial intelligence for security purposes in the background for well-known threats and new risks coming to the market.

Additionally, they could introduce a central dashboard where we can centrally monitor and mitigate all the risks automatically.

I have been using Palo Alto Networks PA-Series for six to eight years.

The product is stable.

I rate the solution’s stability a ten out of ten.

More than 300 users are using this solution.

I rate the solution’s scalability a nine out of ten.

We used Sony Firewall, but later on, we switched to Palo Alto because it is a popular security brand.

The initial setup depends on many policies, but it is not very difficult because we have been using it for more than eight years. It is not very complicated, but you need expertise for security.

I rate the product’s pricing an eight out of ten, where one is expensive and ten is cheap.

We have third-party support for the Palo Alto equipment. We call the implementation partner only whenever we need configuration information or changes. They make changes for us. We have not been directly involved with OEM for any support.

Overall, I rate the solution a nine out of ten.

On-premises

We use the solution for Internet Security and VPN. The product is a complete UTM Box, so we also use it for IDS, IPS, advanced security and enabling GlobalProtect service. 

It has a three-layer architecture, and it helps customers to deploy the solution quickly. The product also has an easy-to-use dashboard and user-friendly wizards. So the solution allows easy configuration and monitoring. 

The solution provides good reports in addition to great stability and hardware. Managing this solution is not challenging and doesn't need any expert appointment. The product can be fully managed on your own with some basic knowledge. 

The product's gateway services can be improved. Along with the firewall, if a user wants to work with a VPN and if you want to check the posture of your endpoint, that service needs to be separately purchased. They have this feature, but if this service is clubbed with the solution, it will be very useful for the end users. 

For Mac OS and Apple products, there remains some challenge for VPN; it requires an SSL certificate to be installed separately, and this can be improved. 

I have been using the solution for two years. 

The solution is very stable, has no bugs and the product is up to date. The support team of this solution is also great, and they are up to the mark, so your money won't go to waste. 

The solution is absolutely scalable for us, as an SMB.

I would rate the customer support a nine out of ten. 

Positive

The solution is easy and fast to deploy. The product can be deployed within a day and requires only one engineer or architect. Maintenance of this product is very easy and user-friendly. This solution can be maintained with basic knowledge and the user doesn't need to be certified like Check Point. This solution can be easily managed with the help of the provided white papers and can also be used very well for analysis. 

This solution can definitely provide a good ROI. 

In comparison to market competition, the price of this solution is great. When compared to Check Point, this product has an affordable and reasonable price. 

I have also used CrowdStrike, Check Point and Cisco. Palo Alto Networks PA-Series is better than them, but this solution's role is different from the other solutions I use. This solution is completely used by us for Internet Security, Check Point is also there for the same purpose, but I was not happy with that product. 

I would definitely recommend others to go for this solution. I would rate the solution a ten out of ten. 

We use Palo Alto Networks firewalls for our perimeter security defense.

We use it for threat prevention in our networks. Check permission, advanced URL filtering, and DNS security. There are different subscriptions, and we are actually using them all. 

We are really satisfied with the firewall's throughput and its threat prevention performance regarding network traffic. We can easily decrypt our SSL traffic and thanks to the technology named App-ID, it recognizes network protocols without relying on port numbers.

It operates at Layer 7, and its ability to recognize protocols even if they use a default port for another protocol is impressive. It alerts you to such anomalies. 

The single-pass architecture technology is particularly noteworthy because it allows for the addition of new functions to existing hardware without any performance degradation, even when all modules, like self-encrypted encryption, malware protection, threat protection, and industrial filtering, are enabled. This results in outstanding performance.

That's why we use Palo Alto Networks in our IT firm and recommend their devices to all our customers.

We also have functions related to network visibility and control. We use Panorama controllers, which operate in a geographically distributed architecture, allowing us to easily control, configure, and manage network devices. 

With single-touch provisioning, you can effortlessly add new files to your Panorama VM. It offers extensive features that we currently use.

Panorama is a Palo Alto Networks product optimized for firewalls. As for integration, we can easily integrate the PA-Series with popular brands, switches, and routers like Cisco, Extreme Networks, or HP Aruba across your local area network's switches and routers, enhancing application-based policy enforcement.

It offers  application-based policy enforcement. Palo Alto Networks firewalls help us recognize protocol anomalies, contrasting with other vendors that may require policies based on port numbers. 

With Palo Alto Networks, the port number isn't a constraint because their devices handle protocol traffic at Layer 7, allowing for accurate identification of protocol usage and port numbers.  They can identify which protocol actually uses which port. So, if there's an unplanned issue, like, for example, a hacker trying to create a DNS tunnel using a non-standard port (like 1536 instead of the usual 53), Palo Alto's Endpoint UI will easily detect it and allow you to take measures.

PA-Series includes built-in network packet brokers, a valuable feature as it allows SSL traffic to be decrypted just once. If you need to inspect this decrypted traffic further, there's no need for a third-party solution—Palo Alto Networks firewalls handle it themselves. 

In future releases, maybe Palo Alto can enhance and enlarge their portfolio with SIEM solutions. They already have an endpoint protection solution, SOAR solution, that's fine. 

But when it comes to standalone IDS/IPS solution or email security solution, for example, we don't have any product in that category for Palo Alto.

I have been using it for two years. 

It's very reliable. Even if you have only one firewall, failures are rare. Moreover, the high availability feature allows two firewalls to sync with each other for continuous operation, ensuring stability.

The customer service and support are good. Both local and global support teams are readily accessible and they report back in a short period. I've never encountered any issues with their support.

Positive

The setup's ease depends on your experience and the resources at hand, like Palo Alto Networks' documentation. With the right information, it's not a problem.

For me, the deployment took around 30 minutes. 

Many people think Palo Alto firewalls are expensive, but I don't feel that way. Let's compare it with Fortinet firewalls.

With Fortinet, every two or three years, the firewall generation changes, and they have limited support for older devices. But with Palo Alto, you still get support from the vendor for seven or eight years.

Also, many vendors prepare data sheets for their firewalls with most features disabled. For example, they might say their firewall has 20 gigabit throughput, but they don't mention if threat prevention or service encryption is on or off. With Palo Alto, even when you enable all the modules, it still provides the exact throughput they advertise.

If you're buying two firewalls, one from Fortinet and one from Palo Alto, both rated at 20 gigabit throughput, and you enable all the modules on the Fortinet one, it might downgrade to 10 or even 5 gigabit throughput. But with Palo Alto and all security modules enabled, you still get the full 20 gigabit throughput.

That's the key difference. That's why customers trust Palo Alto, and that's why it's a big player in network security.

Overall, I would rate the solution a ten out of ten. 

On-premises