Palo Alto Networks PA-Series Reviews

There are various use cases, particularly for desktop scenarios. One of them involves exploring contacts. Virtual firewall use cases revolve around different scenarios, such as transitioning to the cloud. For instance, when Barclays uses Azure or AWS, there's a focus on meeting security obligations and implementing threat prevention to comply with regulations like GDPR or PPA. This includes creating segmentation to align with regulatory standards. As part of this process, security features available in cloud platforms like virtual firewalls and threat prevention are incorporated.

After the implementation here, especially since I work in the data center, I've noticed the significance of security. For example, Veeam, CDL, and other aspects became crucial, especially during the COVID period when users started working from home. 

This situation led to numerous blocks, and user profiles were getting blocked due to issues with IP addresses ending up on blocklists. However, after implementing the 3M series virtual firewall, we were able to effectively manage security for our cloud applications, like those in AWS. This enabled us to monitor remote workers and take necessary actions, such as blocking problematic IP addresses. Consequently, we reduced the number of tickets raised with ISP providers.      

A valuable feature that we can consider is the deployment time, which is significantly reduced, almost 90% faster compared to other solutions. This leads to quicker deployment and less downtime.

I have found that the tool works well for me, but there are areas where security testing and protection could be improved, especially in virtual or cloud environments. However, in this project, once we deployed it, we haven't encountered any issues.

The cost is currently manageable, but as we migrate fully into the cloud, additional features like capacity upgrading and improvements to hardware resources will be necessary, especially since our equipment consists of older-generation switches and routers. I'm looking for additional capabilities in these areas.

I've been working on my current project for more than two years now.

I would rate it 9 out of 10. 

I would rate it 8.5 out of 10. 

The deployment is quite straightforward, and it's faster than it used to be. This means that the deployment process is quicker, and there is less downtime involved.

From my perspective, managing the price is important, especially because we're a small business. For larger organizations like Barclays, we provide our requirements to the client, and they place the order on BigFix. It's their responsibility to consider their budget and make decisions accordingly. We appreciate the features we get, but the cost-sharing still depends on the client.

The client needs to provide approval for the POCs used by our team; it's not within my control.

When evaluating options, we should consider team members who are knowledgeable in supporting next-generation firewalls like NGFW. We also need to factor in the specific product offerings. For instance, if we have options like the PA-440, PA-850, and PA-8350, we should compare their prices and features. It's important to make decisions based on the situation and the needs of the organization.

Considering factors like availability and the specific situation, I would rate this an eight. It's important to explore other potential cases as well.

Firewall implementation and firewall rule edition are the primary use cases.

It's very secure. It inspects the application. Compared to script-based or CLI-based firewalls, it's easier to use the GUI (graphical user interface) to implement the firewall. 

It has its own logging system. You can go to monitoring and check the logs to see if a connection is getting blocked. You can use multiple types of logs to check if a file or a port is getting blocked or if there are any TCP resets from the source or destination. It's easy to troubleshoot with the monitoring and logging it provides.

There seem to be some issues with TAC (Technical Assistance Center) or Palo Alto support. Anytime you open a case, a level one engineer joins, and then you have to escalate it to level two or three. The support system has changed in the past few years, and that's something they need to look into.

In future releases, I would add one feature where we can take a subnet or take an IP and create a list of rules that are for that IP. There is an option, but it's not as expansive as I would like. When you run a report, you have to run it for a hostname. And when you look at the report, you see the hostnames, but you don't see the IPs. Like, there is no additional column for seeing the IP of the hostname or the subnet of the hostname. So that creates an issue. You have to go into the file and take the export list of firewall rules, and then you have the hostname got have the IP, then you have to note down the IP addresses.

I have been working with this solution for more than eight years. 

It is a very stable product.

The solution scales easily. For example, when we did a migration, we brought in more than 14,000 firewall rules from Juniper into our Palo Alto. After importing, obviously, that's a huge number. But, after doing that, the CPU went really up because we have so many rules. And after having to talk with Palo Alto, they told us to get a better model. We have the 5500 model. So, we were asked to replace the Palo Alto with a bigger or better model. That's what we're gonna be doing.

We can absolutely update the firewalls with a better GPU and CPU. With a better CPU, it can handle more connections. Especially when the environment grows, adding new data centers and more applications. So, after a year or two, there is a need to either bring in more firewalls or upgrade the existing ones you have.

Currently, there are around 12 end users using this solution in our organization.

There are certain issues when we open a ticket with TAC (Technical Assistance Center), the issue goes to engineering, and then they inform us that the fix for the issue we're having will be included in the next software update. 

So, there are some issues in the backend or with new features that don't work correctly. We usually open tickets for that, and then usually, they assure us that this issue will be fixed in the next update.

Neutral

Juniper environment we had was reaching the end of life. That's why, rather than bringing in new Juniper devices, the enterprise architecture team decided to go with Palo Alto.

The initial setup was easy. I was migrating from the Juniper SLX firewall to Palo Alto, so I had to move a lot of firewall groups and create a script on the engine tool to facilitate the move. There were some hurdles. But, personally, it was pretty smooth. The transition was pretty smooth.

So we have physical on-premises, and also instances on the cloud, AWS Cloud.

I would recommend using this product , but it's important to have whiteboard sessions with the network and another team to give them information on exactly how to check the BGP settings. You need to go over with the team the things they need to do on the GUI and on the CLI. So, you definitely need to educate the team before using it.

Overall, I would rate the solution an eight out of ten. It's very stable. There are some tools for pushing the rules to Panorama, pushing the rules to the device, especially if you're working with a team, if you're working on a rule and someone pushes to Panorama, or if they want to push your firewall rules. Someone could push you if you have set up something for a change and you need to the changes at a certain time, if another member comes in and puts a change, you definitely need to have your changes or your pushes to the device or to Panorama, you need to have good communication between the team. So there are some good and bad things with Panorama. As you work on it, you adjust.

In our network security architecture, we utilize the PA-Series firewalls by integrating them seamlessly. Migration from Cisco to PA-Series was surprisingly easy, and we have centralized management using Panorama.

The most effective features for threat prevention in the PA-Series are its integration with Cortex and the use of machine learning AI for advanced threat detection. These capabilities, especially present in the newer generation firewalls like the PA-4000 series, enhance our security posture significantly.

Migrating from old to new Palo Alto Networks firewalls can sometimes encounter hiccups, and there is room for improvement in streamlining this process for smoother transitions.

I have been working with Palo Alto Networks PA-Series for nine years.

I would rate the stability of the product as a nine out of ten. We have not faced any issues with it.

I would rate the scalability of the product as a nine out of ten. We have approximately 3,000 end users.

I have had a great experience with Palo Alto Networks technical support. Response time and quality have been excellent, especially for RMA cases. Any issues, whether for functionality or hardware, were resolved quickly. I would rate the support as a nine out of ten.

Positive

Palo Alto Networks stands out from other solutions because they consistently strive to innovate and stay ahead of the curve. Their user-friendly interface and customizable security options make them a top choice. Additionally, they offer a wide range of security solutions without forcing you to invest in unnecessary features, similar to SecurePoint's approach with blades.

The initial setup of Palo Alto Networks PA-Series was straightforward, especially with prior network and security knowledge and a helpful training course. The intuitive web UI made the process comfortable, and overall, Palo Alto Networks seems to be heading in the right direction with user experience improvements.

I have experience deploying and managing PA-Series firewalls in a multi-site environment, including international locations connected via MPLS. We use them for perimeter security and have centralized management through Panorama. Deploying and managing them across sites has been straightforward and effective which makes Palo Alto Networks a preferred choice for our network security needs.

The PA-Series has consistently helped us prevent cyber-attacks through its threat prevention and vulnerability profiles. By configuring security profiles effectively, including antivirus and threat prevention, we have successfully mitigated various threats.

Overall, I would rate Palo Alto Networks PA-Series as a nine out of ten.

In my role as a tech, I provided support for various firewalls, including the PA, PM, and virtual series. It wasn't limited to a specific product like the PA-800 series, PA-1000 series, PA-9000 series, PA-7000 series, or PA-5000 series. We received training for all firewall types.

Palo Alto gives proper training for the product, not cutting corners over that. They don't assume you have previous knowledge and experience and start working directly, which happens in most companies. 

So, they provide product training very thoroughly. This helps the support system to have the necessary knowledge, not just before starting to work or troubleshoot. 

In the 11 months, we were initially trained on various OS versions and given tools like vSphere because we didn't have access to the Palo Alto environment. 

Later, when we got access, we were given a tool to design our own networks, study them, and, if needed, raise concerns about issues. 

The engineers or senior engineers would then study and guide us. They trained us for new upgraded versions of the OS regularly. Even as a third party, we had complete access to the Palo Alto Networks domain, tools, database, knowledge base, and everything. 

This gave us the opportunity to build our skills and understand what Palo Alto requires us to do. We could troubleshoot it properly with customers. 

There are constant updates for the operating system. It is a nice thing also, but it has its own disadvantages. Continuous updates are there. The users face issues like, how often do I need to update that? 

Within a period of five months, I'm updating it two or three times. It gives them a feeling that they are not confident about their product and have to update it so frequently. 

Plus, there are certain bugs, like in the 10.1 version, it's had some bugs. Then, they are upgrading it to the 10.2 version. They are updating that for the bugs. But the time duration between the two is less than the others. 

If we go for Cisco, they don't have their OS upgrades frequently as parallel to us. So that's the disadvantage.  

I was working on a project outsourced from Palo Alto to a company. I was employed in that company for 11 months. During that time, I received guidance and training directly from Palo Alto Networks. I served as a tech engineer for the entire duration. It was quite recent, about three or four months ago.

It is stable. It's just the thing about the frequent updates. So that's the only issue there. So if they somehow reduce that frequency, all these will be easy.

It is scalable. But that depends on what model you are using.

However, other PA-Series models, such as the device on the APAC, are highly scalable and support other vendors.

Moreover, within the network, the device is scalable. 

The customer service and support are really good. And they continuously ask the support team to go through some training updates. So, continuously, we have these updates on the KPIs on a knowledge basis. And the last time, we had this training on the latest version upgradation. So they continuously give the training.  

I was physically present during the setup processes because many times, customers come saying, "I have purchased this new product, but I don't know how to install it." 

There were two teams: the sales team was there, and they had their own engineers. They used to provide the customers. 

But at times, we also had to get involved in case there were any technical glitches or issues because the sales engineers did not do troubleshooting. 

So for that, some of our engineers got involved. At that time, we used to give the setup, whether it was a VM, a cloud, or a physical device. 

At times, customers lack the knowledge of installing and deploying it into the system. So, we used the knowledge base to supply them with articles on the basic level. But even if the customer couldn't understand that, then we used to set it up ourselves directly.

The setup and everything was pretty much given in the KB articles in the knowledge base. So that was pretty much good. And if the customer is not able to understand, then I used to do that.

I supported both the cloud version, which is a VM version and the physical device.

For the cloud deployment of this product, you don't need to buy physical hardware, a modular device from Palo Alto, which is cost-effective and cost-efficient. It can be deployed in AWS or Azure, any cloud provider.

However, the disadvantage or the downside, I can say, is that it is on another network and it is software-based. It is not 100% under your control because it is mostly connected to the AWS or Azure environments. Some controls are not 100% with the user.

If I deploy a VM on the Azure network, then I have to define something compatible with the Azure network. That is the con for cloud deployment. But if the user needs cost-effective solutions, they can go for the cloud.

With the physical device or hardware, it is under your control. You can manage it properly and get excellent tech support directly from Palo Alto, unlike the cloud, where support has to be from both ends.

Sometimes, this creates confusion or complexity, but not always, but it may create complex support. In the case of the physical device, it does not because it is provided by one single vendor.

The disadvantage is that Palo Alto devices are costlier than other devices in the market, like Fortinet or CheckPoint. However, Palo Alto has an advantage in continuously striving to provide better support and upgrading their software or operating system.

On average, the time taken to deploy the solution actually depends on what the environment is and what other vendors are connected to it. So, if it is a Cisco router, where is it connected with what else is in the environment? It actually depends on that. 

And it also depends on how much the customer has, like network knowledge. So, if they need to have some policies to block or allow, IP addresses, and more, if they have all that handy, then it is like two hours or something, not more than that. So it's pretty well done. It is a faster thing. But if the customer is not that handy, then it makes it difficult for us.

Maitaince is not required unless there is some issue, like a manufacturing defect once or twice. It wasn't, of course, too many times. 

But sometimes, it occurs because the device gets old or there is a manufacturing defect. It was a hardware replacement directly. So,  it was pretty much good. That process was a piece of cake. 

Palo Alto Networks has a program that allows customers to transfer their device licenses to another company. This means that if you have purchased a Palo Alto Networks firewall and you no longer need it, you can sell it to another company, and they will be able to transfer the license to their name. But for that, I need to go to Palo Alto and first discuss it with them. So they have this other team. So they check and verify everything.

This is something that I have never encountered with any other vendor.

The pricing is a bit on the higher side but it is reasonable because they give that kind of level of support and everything else.

Overall, I would rate the solution an eight out of ten. The one con is that it's a little more expensive than others. But the pros here are that it has good support.

Overall, it is a good product, and you can definitely have it with other vendors. So it doesn't have any issue. If you only have Palo Alto, you cannot have others in the environment. You can definitely have others connected there. There is no issue. 

And the technical support team is also there to guide you. It's a very good team. So you can always go ahead and purchase Palo Alto. It's a little bit pricier than others. But it is worth it because you'll get other support and everything is very good.

We use Palo Alto Networks firewalls for our perimeter security defense.

We use it for threat prevention in our networks. Check permission, advanced URL filtering, and DNS security. There are different subscriptions, and we are actually using them all. 

We are really satisfied with the firewall's throughput and its threat prevention performance regarding network traffic. We can easily decrypt our SSL traffic and thanks to the technology named App-ID, it recognizes network protocols without relying on port numbers.

It operates at Layer 7, and its ability to recognize protocols even if they use a default port for another protocol is impressive. It alerts you to such anomalies. 

The single-pass architecture technology is particularly noteworthy because it allows for the addition of new functions to existing hardware without any performance degradation, even when all modules, like self-encrypted encryption, malware protection, threat protection, and industrial filtering, are enabled. This results in outstanding performance.

That's why we use Palo Alto Networks in our IT firm and recommend their devices to all our customers.

We also have functions related to network visibility and control. We use Panorama controllers, which operate in a geographically distributed architecture, allowing us to easily control, configure, and manage network devices. 

With single-touch provisioning, you can effortlessly add new files to your Panorama VM. It offers extensive features that we currently use.

Panorama is a Palo Alto Networks product optimized for firewalls. As for integration, we can easily integrate the PA-Series with popular brands, switches, and routers like Cisco, Extreme Networks, or HP Aruba across your local area network's switches and routers, enhancing application-based policy enforcement.

It offers  application-based policy enforcement. Palo Alto Networks firewalls help us recognize protocol anomalies, contrasting with other vendors that may require policies based on port numbers. 

With Palo Alto Networks, the port number isn't a constraint because their devices handle protocol traffic at Layer 7, allowing for accurate identification of protocol usage and port numbers.  They can identify which protocol actually uses which port. So, if there's an unplanned issue, like, for example, a hacker trying to create a DNS tunnel using a non-standard port (like 1536 instead of the usual 53), Palo Alto's Endpoint UI will easily detect it and allow you to take measures.

PA-Series includes built-in network packet brokers, a valuable feature as it allows SSL traffic to be decrypted just once. If you need to inspect this decrypted traffic further, there's no need for a third-party solution—Palo Alto Networks firewalls handle it themselves. 

In future releases, maybe Palo Alto can enhance and enlarge their portfolio with SIEM solutions. They already have an endpoint protection solution, SOAR solution, that's fine. 

But when it comes to standalone IDS/IPS solution or email security solution, for example, we don't have any product in that category for Palo Alto.

I have been using it for two years. 

It's very reliable. Even if you have only one firewall, failures are rare. Moreover, the high availability feature allows two firewalls to sync with each other for continuous operation, ensuring stability.

The customer service and support are good. Both local and global support teams are readily accessible and they report back in a short period. I've never encountered any issues with their support.

Positive

The setup's ease depends on your experience and the resources at hand, like Palo Alto Networks' documentation. With the right information, it's not a problem.

For me, the deployment took around 30 minutes. 

Many people think Palo Alto firewalls are expensive, but I don't feel that way. Let's compare it with Fortinet firewalls.

With Fortinet, every two or three years, the firewall generation changes, and they have limited support for older devices. But with Palo Alto, you still get support from the vendor for seven or eight years.

Also, many vendors prepare data sheets for their firewalls with most features disabled. For example, they might say their firewall has 20 gigabit throughput, but they don't mention if threat prevention or service encryption is on or off. With Palo Alto, even when you enable all the modules, it still provides the exact throughput they advertise.

If you're buying two firewalls, one from Fortinet and one from Palo Alto, both rated at 20 gigabit throughput, and you enable all the modules on the Fortinet one, it might downgrade to 10 or even 5 gigabit throughput. But with Palo Alto and all security modules enabled, you still get the full 20 gigabit throughput.

That's the key difference. That's why customers trust Palo Alto, and that's why it's a big player in network security.

Overall, I would rate the solution a ten out of ten. 

Our clients primarily utilize the Palo Alto Networks PA-Series as a VPN concentrator and next-generation firewall, particularly at the internet perimeter in Serbia. This setup effectively shields them from online threats and grants control over end-user activities, including website access.

The PA-Series has significantly enhanced our company's cybersecurity stance by providing us with comprehensive control over users and applications. With advanced inspection capabilities, we effectively scrutinize all network traffic, allowing only known users and applications to pass through the firewall.

When discussing threat prevention, key features essential for effective protection include thorough threat inspection, including virus and malware detection, as well as functioning as an Intrusion Prevention System. With comprehensive threat inspection, all potential threats are thoroughly analyzed, ensuring maximum security. Integrating Palo Alto Networks' Cortex XDR on endpoints further enhances threat prevention capabilities. This combination enables centralized analysis of security events from both the firewall and endpoints, facilitating a more comprehensive threat analysis and response strategy.

The benefits we've observed in Secure Traffic Management using the PA-Series are significant. Palo Alto Networks revolutionized firewalls with the invention of next-generation firewalls. Unlike other vendors who added this functionality to existing firewalls, Palo Alto Networks built their user interface from scratch, resulting in an exceptionally intuitive interface. Administrating the PA-Series is straightforward and user-friendly, requiring minimal time for users to become accustomed to it. Additionally, having everything accessible from one console enhances efficiency and streamlines management processes.

Security features like threat prevention, URL filtering, and DNS traffic inspection are crucial components of our setup. We also implement LightFire sandboxing for analyzing unknown files. Encryption of traffic is enabled, with careful consideration given to which traffic should be decrypted for inspection.

Comprehensive logging is essential for monitoring and analysis purposes. For remote users, the firewall can be configured as a VPN concentrator, with VPN policies defined within the firewall settings.

C Palo Alto Networks firewalls can be somewhat complex due to the various options available. They offer different devices and subscription models, including standalone firewalls and bundled options. Utilizing these features as a unified solution can require additional setup, particularly when incorporating Panorama for centralized management, which may involve extra costs.

I have been working with it for over ten years.

Stability is crucial when considering which version of the operating system to use for Palo Alto Networks devices. Recommendations provided on the Palo Alto webpage suggest opting for the most stable version available. Users often refrain from immediately adopting new releases due to potential instability. Instead, they wait until the release has proven its stability, a practice commonly observed with other vendors as well. Therefore, it is advised not to constantly pursue the latest release but to prioritize stability when making decisions.

Scalability with hardware firewalls is limited, as increased user numbers or higher throughput may push the firewall close to its maximum capacity. In such cases, purchasing a new device becomes necessary, as there is no inherent scalability. However, with virtual firewalls, scalability is simpler as additional credits can be purchased without new hardware. For instance, our customers typically upgrade to newer models every four years.

For technical support, I would rate it a solid ten. Our support team in Serbia is highly regarded and often considered one of the best in Europe. We provide exceptional support services, and even for the most challenging cases, Palo Alto Networks is deeply involved, ensuring that complex issues are addressed effectively. Our commitment to providing top-notch support ensures our customers receive the assistance they need, contributing to our reputation for excellent support services. For example, certain issues are not directly related to Palo Alto Networks' products. They often stem from users employing various solutions from different vendors, resulting in integration challenges and overall system malfunctions. In such cases, Palo Alto Networks' support assists in identifying whether the issue originates from their products or other vendors' solutions. The focus lies in troubleshooting the entire integrated setup to pinpoint the source of the problem accurately.

Positive

The deployment process is generally straightforward, but its ease can vary depending on the complexity of the customer's network and specific requirements. While deployments for institutions like banks may be more intricate and time-consuming, deployments for typical companies are relatively simple. I would rate it nine out of ten.

In our cloud network infrastructure, we maximize efficiency by deploying the PA-Series focusing on redundancy and advanced security measures. Typically, we set up two devices in a high-availability configuration to ensure uninterrupted operations. This setup synchronizes sessions between devices, eliminating single points of failure within the network. Some users with budget constraints opt to purchase a spare device without licenses. In the event of a failure in the primary device, they can quickly switch configurations to the backup device, although this process may take some time. On the network perimeter, we prioritize next-generation firewall features such as user identification, achieved through integration with Active Directory. This enables us to create policies based on user groups rather than IP addresses. Additionally, we utilize Palo Alto's application recognition capabilities to control application usage, allowing only approved applications while blocking others.

Maintenance is straightforward and can be handled adequately by a single individual.

The PA-Series includes various subscriptions such as URL filtering, sandboxing, and DNS security. The Alto license is also bundled with the device, simplifying the purchasing process. Other optional licenses include GlobalProtect for remote VPN access and an IoT license for managing internet of things devices.

Licensing is now simplified with Palo Alto Networks offering bundles of licenses, available for purchase over the past few years. These bundles, typically priced around forty percent lower than individual licenses, include essential features such as threat prevention, URL filtering, DNS security, LightFire, and SD-WAN. Users can easily acquire the device, bundle subscriptions, and support package, comprising support and device warranty. Some users opt for additional licenses like GlobalProtect, which may not be included in the bundle. Licensing options range from one to three years, with easy renewal upon expiration. The cost varies depending on the device model, with entry-level firewalls priced around $1,300 to $1,500, while higher-end models can reach prices of several hundred thousand dollars. Ultimately, the cost is influenced by factors such as the number of users and specific requirements.

Overall, I would rate it ten out of ten.

I use the solution in my company to protect our networks.

My company provides Palo Alto Networks PA-Series to our customers. My company takes care of the product's integration part for our customers.

The most valuable features of the solution are its areas like performance and stability.

The product is perfect, in my opinion. The product's high prices are an area of concern where improvements are required.

I have been using Palo Alto Networks PA-Series for seven years. My company operates as a system integrator for Palo Alto Networks. My company also has a partnership with Palo Alto Networks.

Stability-wise, I rate the solution a nine out of ten.

Scalability-wise, I rate the solution a nine out of ten.

The product is suitable for enterprise-sized companies.

I have contacted the solution's technical support. I rate the technical support an eight and a half out of ten.

Positive

I have deployed the product in a multi-site environment.

The product's initial setup process was simple.

The product's deployment and configuration phases are easy.

The solution is deployed on an on-premises model.

Not too much time is required to deploy the product.

The product is offered to users at high prices compared to the pricing model of the other vendors in the market.

I feel that Palo Alto Networks PA-Series offers better performance when compared to the other vendors in the market.

I don't have many details about the product's application control and visibility features since I had to deal with a lot of features in the tool during the deployment of the solution for our company's customers.

The tool is good enough to deal with cyberattacks and meet the requirements of our company's customers.

Considering the product's usability and user interface, I would say that it is easy to use the tool.

I recommend the product to those who plan to use it.

I rate the tool a nine out of ten.

There are various use cases, particularly for desktop scenarios. One of them involves exploring contacts. Virtual firewall use cases revolve around different scenarios, such as transitioning to the cloud. For instance, when Barclays uses Azure or AWS, there's a focus on meeting security obligations and implementing threat prevention to comply with regulations like GDPR or PPA. This includes creating segmentation to align with regulatory standards. As part of this process, security features available in cloud platforms like virtual firewalls and threat prevention are incorporated.

After the implementation here, especially since I work in the data center, I've noticed the significance of security. For example, Veeam, CDL, and other aspects became crucial, especially during the COVID period when users started working from home. This situation led to numerous blocks, and user profiles were getting blocked due to issues with IP addresses ending up on blocked lists. However, after implementing the 3M series virtual firewall, we were able to effectively manage security for our cloud applications, like those in AWS. This enabled us to monitor remote workers and take necessary actions, such as blocking problematic IP addresses. Consequently, we reduced the number of tickets raised with ISP providers.        

A valuable feature that we can consider is the deployment time, which is significantly reduced. It is almost 90% faster compared to other solutions. This leads to quicker deployment and less downtime.

I have found that the tool works well for me, but there are areas where security testing and protection could be improved, especially in virtual or cloud environments. However, in this project, once we deployed it, we haven't encountered any issues.

The cost is currently manageable, but as we migrate fully into the cloud, additional features like capacity upgrading and improvements to hardware resources will be necessary, especially since our equipment consists of older-generation switches and routers. So, I'm looking for additional capabilities in these areas.

I've been working on my current project for more than two years now.

I would rate the stability a nine out of ten. 

I would rate the scalability an eight and a half out of ten. 

The deployment is quite straightforward, and it's faster than it used to be. This means that there is less downtime involved.

From my perspective, managing the price is important, especially because we're a small business. For larger organizations like Barclays, we provide our requirements to the client, and they place the order on BigFix. It's their responsibility to consider their budget and make decisions accordingly. We appreciate the features we get, but the cost-sharing still depends on the client.

The client needs to provide approval for the POCs used by our team; it's not within my control.

When evaluating options, you should consider team members who are knowledgeable in supporting next-generation firewalls like NGFW. We also need to factor in the specific product offerings. For instance, if we have options like the PA-440, PA-850, and PA-8350, we should compare their prices and features. It's important to make decisions based on the situation and the needs of the organization.

Considering factors like availability and the specific situation, I would rate this an eight. It's important to explore other potential cases as well.

I would rate the solution a nine out of ten.