Palo Alto Networks URL Filtering with PAN-DB Reviews

My primary use case is to ensure there's no need for a separate IDS or IPS solution.

The most valuable feature is that the product can do everything in a single device, including the firewall, rules, and the PBL. It also has good routing and switching.

An area for improvement would be the technical support, which can be slow.

I've been working with this solution for over five years.

This solution has pretty good stability.

The scalability of this solution is pretty good.

The support team is pretty quick when you first open a case but can be difficult to contact later on.

The initial setup was pretty simple.

This product is more expensive, but that's because it provides everything.

I would rate this solution as eight out of ten.

We are not using it for the general population, just for a select group of users in an isolated subnet. We are using it primarily as a whitelist with little reliance on the PAN-DB.

I cannot say that PAN-DB has provided any significant improvements, since we are using it primarily as a white list.

Being able to manage blacklists and whitelists easily is very useful, especially for internal access and limiting outbound access.

The biggest improvement is the categories per site. For hosting sites like Blogspot, they host sites that should be in different categories, but get lumped together in general. There needs to be more granularity or multiple categorizations.

We operate in the automotive industry. Internally we work with computing and networking equipment, concentrated on collecting, storing, processing, and distributing enormous amounts of data. Our company deploys this solution for internal web security purposes.

The Palo Alto solution has improved our organization by providing threat protection across a variety of internet connections. Our company also gets valuable insights regarding threat analysis.

One way Palo Alto can improve is by offering sandboxing. I don't know if they currently offer a sandboxing feature together with the firewall or not. They should provide secure sandboxing with the firewalls.

The stability of the solution is good.

The initial setup and configuration was straight-forward.

The solution was deployed by a small team of about five people in our facility. Their roles included end users, application developers, and system administrators, etc.

I would say it will take another three to four years to realize any significant returns on our investment.

I would recommend using this solution as an enterprise-class security, including a firewall and protection for Microsoft Edge. This solution can also be used as a data center or file storage tool for workloads (small or large).

I would rate this tool as a 7 out of 10.

We require a firewall to deploy URL filtering or to enforce this URL filtering solution to our users. It is actually cloud-based, deployed on a cloud, and is URL Filtering as a service, which requires a firewall. The firewall, therefore, will then enforce the URL filtering options on my users' traffic.

We are using this for preventing the user's access to malicious websites, or access to inappropriate adult websites or porn websites or even the P2P tunnels or tunnels or domains they should not access. This is our main priority and main use case.

The URL filtering is excellent. It ensures our users can't access certain sites. 

The multiple categorizations of URLs are quite helpful. For example, if a URL is, a social media website, such as facebook.com, it can be classified at a certain risk level - from high to low.  

The solution offers credential phishing, which is a helpful feature. 

The initial setup is easy.

The solution scales well, according to the firewall.

The stability is very good.

Everything that is available with the firewall is provided to the user.

It would be ideal if this solution could be a separate product rather than have to have it deploy through a firewall. If it was a separate product, many of our customers would be happier as most just require a URL filtering option. They do not require a firewall. They do not require any threat prevention or anything. 

If it was a separate product, we could deploy it to branch offices or any of our customer locations in which different firewalls are being used. 

The solution is a bit expensive.

We've been using the solution for more than three years at this point.

The stability is excellent. We've never had to raise any technical issues. There have been no bugs or glitches. It doesn't crash or freeze. 

The scalability depends on the firewall. The URL Filtering does not have any limitations. For example, any number of firewalls is supported. It is not dependent on that. It is just dependent on the firewall. Therefore, if a firewall supports 1,000 users, then it will provide support for protection for 1,000 users as well.

We have 700 users on the solution currently.

We do not plan to increase usage at this time.

We have never had a technical call raised to customer care or the tech team or anyone to resolve the URL Filtering issues. It's been so reliable we haven't really dealt so much with technical support. Any local issues have been small and have been handled by our internal team.

The initial setup is not complex. It's easy and pretty straightforward. There are no configuration options. You use it as it is. A company shouldn't have any issues with it. 

We pay a yearly licensing fee.

It's a bit expensive if I were to rate it from one to five, with one being the cheapest, I'd rate it at a four. That said, I would argue that it is worth the price.

We're Palo Alto partners.

There isn't an exact version number associated with the product. It's a SaaS.

I'd recommend the solution to other users and companies.

I'd rate the product at a ten out of ten.

Our primary use case of this solution is for both internal and external firewalls.

It's allowed us to have better visibility and protection from threats.

• Next generation rule set 
• Much more granular

Performance monitoring could use improvement. 

It's incredibly stable. 

Their technical support is very good. 

We were previously using Fortinet Fortigate.

The initial setup was very straightforward. The deployment took five minutes. Our implementation strategy was to build everything out using existing data. 

We implemented with ANM. They were good. 

Pricing and licensing are excellent.

We also looked at Cisco Firepower.

Demo this first and then other competitors and you'll quickly see what's the right fit and which is the superior product. 

I would rate this solution a ten out of ten.