Palo Alto Networks WildFire Reviews

We currently use a Palo Alto Networks WildFire solution. We are using a Palo Alto Networks WildFire XDR solution. I cannot answer questions to get feedback on Palo Alto Networks WildFire XDR right now. We are not looking for any other solutions alongside Palo Alto Networks WildFire now. That is the reason we already have two XDRs. We have the Microsoft free version, and that is for education purposes. Management does not want to go for any other solution. We have two solutions.

Regarding research, we only started to implement the Microsoft one now. Perhaps a call in two months would be more appropriate to discuss further.

The ease of setting up the solution involves dynamic and static policies. On the endpoint side, configuring is very simple compared to Microsoft and SentinelOne. The protection, prevention, detection, and prevention capabilities are very powerful.

It has powerful threat prevention capability with very few false positives. Once the policy is implemented, we usually do not touch that area. It takes care of everything from the prevention and detection side, and we do not see any false positives.

In terms of price, that is a concern for management only. It is a very good product. They might consider upgrading many features, as other vendors are doing, such as SentinelOne.

There are not any negative aspects; the only issue is the price when compared to others. The management is too focused on the pricing side.

I have been working with Palo Alto Networks WildFire for five years.

The solution is very stable. We have been running it for five years. Otherwise, we would have changed after one or two years. We do not have any issues. We do not have ransomware issues or any other problems. It performs filtering, malware blocking, and scanning. We randomly check various types of malware and verify whether the product is functioning properly as part of our routine.

The solution can be easily scaled. For example, we have 4,000 endpoints now. If we want to add another 500, we can arrange payment for the following year. They will increase immediately. Everything is based on Google Cloud. Being a SaaS solution, scaling can be increased based on requirements.

Their technical support is timely. When questions are asked, they respond immediately without delay. I work with firewalls and XDR, so I do not have any issues on the technical side. Whatever case I open, which is rare, I am satisfied. They solve issues as quickly as possible. Technical support is very powerful.

Positive

The setup is actually easy. I am the one who deploys the XDR. I did the POC myself. Then we purchased XDR. It is a simple solution, as almost all vendors provide a straightforward way of policy and profile creation.

Pricing is based on extensive R&D and improvements they are implementing. The pricing may be higher, but they might consider reducing it since there are many competitors entering the market. This is something for internal discussion.

It is a really good product in comparison to SentinelOne. However, SentinelOne has more features. SentinelOne is now positioned higher in the Gartner report compared to Palo Alto Networks WildFire.

Integration with third-party products is possible. For example, connecting a mail gateway with Palo Alto Networks WildFire allows them to handle prevention.

Palo Alto Networks WildFire is a cloud-based sandboxing solution. The firewall is connected to WildFire, and XDR performs sandboxing from the cloud. WildFire conducts malware scanning and emulation, then informs the firewall to block threats based on the response. It also generates reports regarding malware and other issues.

The sandboxing process involves sending sample files to the cloud for scanning, checking file authenticity, certificates, and detecting malicious code. WildFire performs multiple checks and informs the XDR agent about file status. This automatic process occurs within minutes or seconds. For unknown or suspicious files, immediate blocking occurs while samples are sent to WildFire for identification.

I rate Palo Alto Networks WildFire a 9 out of 10.

I am using Palo Alto Networks WildFire, or our company is using Palo Alto Networks WildFire firewalls. These are physical firewalls mainly. We have a 400 series and customers have various series. We have a 400 series in the office, and customers have various series ranging from 400 to 5,000.

For us as a company, Palo Alto Networks WildFire is not really important, but our customers, for example in the banking sector, are using Palo Alto Networks WildFire for checking incoming forms from their customers. They check with Palo Alto Networks WildFire to determine if the content is harmful or not.

I can tell only the customer's experience. If there is a process where customers need to fill up a form or send in a file or any document, it is very important to check if there is any suspicious code in the file or anything else which could be malicious. In this case, the Palo Alto Networks WildFire capability is very important and I would say very impressive.

Palo Alto Networks WildFire is one of the main points for using Palo Alto Networks WildFire. The marketing of Palo Alto Networks WildFire is focusing on zero-day threats as well. It is very important from the product point of view.

Almost every setup has the Palo Alto Networks WildFire feature. The Advanced Threat Prevention feature is also in use in general. URL filtering, DNS, and Advanced DNS Security are utilized. GlobalProtect, or maybe it is called Prisma Access nowadays, are also valuable features.

One of our customers tested it, and we were happy with it. There were physical appliances and physical Palo Alto Networks WildFire appliances, and the integration and working with third-party solutions was very seamless and smooth.

I would say the setup and putting together the hierarchy within the devices was not straightforward. There were many reboots and reconfigurations while the optimal setup was established. However, we were happy with the device.

The setup process could be easier to establish the cluster. It should be easier to establish the Palo Alto Networks WildFire cluster between the devices. We had some difficulty with it, but it was not catastrophic. The operation and usability itself is what I was happy with.

I would say three years.

Palo Alto Networks WildFire is absolutely stable.

The on-premises version is expensive to scale as it might need an additional device to be installed in the setup. I do not have much experience with the cloud version, so I cannot comment on that.

Unfortunately, the support is getting worse. I would rate it a seven out of ten.

We have had some open tickets for months, maybe half a year, and there is no real answer. I feel as though the support does not even know what could be the issue. The support is not as effective as it was before.

Positive

I purchased directly from the vendor or from the official reseller or distributor.

The setup and putting together the hierarchy within the devices was not straightforward.

I deployed only on-premises. I activated the Palo Alto Networks WildFire license in the firewall and then deployed hardware appliances on-premises.

There were no issues with the implementation team.

Unfortunately, I am not using Cortex XDR, XSOAR, or Cortex Cloud. I am offering these to customers, but I do not work with these products.

I do not have a sophisticated setup, and I did not work with it, so I cannot comment on that. My overall review rating for Palo Alto Networks WildFire is nine out of ten.

Wildfire is integrated with our NG firewall appliance for handling cybersecurity scenarios. Its purpose includes sandboxing suspicious files or locations that may pose a zero-day threat.

The most valuable feature of Wildfire is its sandboxing capability for examining suspicious files or locations. Wildfire is highly effective in controlling DNS issues, blocking malicious sites, spamming, as well as command and control threats. It is an integral part of our cybersecurity setup.

Improvements are needed in the UI part. The dashboard should provide better visibility, especially in showing how many files are sent to Wildfire and their findings. This information should be integrated with the Dashboard so that system admins can see what is happening. 

Furthermore, technical support needs a lot of improvement, particularly in terms of responsiveness and adhering to service level agreements.

I have been using Wildfire for the last one year.

The stability of Wildfire is very good. I would rate it nine out of ten for stability.

Wildfire is highly scalable. I'd rate its scalability nine out of ten.

The customer service and support I received was extremely disappointing. There is a lack of SLA adherence, and third-party partners do not provide prompt responses. This is not acceptable for such a critical device.

Negative

Previously, I was using Cisco and before that, Cyberoam UTM. We switched from Cisco to Palo Alto for better security features. However, I found the Cyberoam UTM to be excellent in terms of user experience and support.

The initial setup took approximately a week to install and integrate Wildfire with the next generation firewall. The vendor handled the implementation.

Implementation was supported by one person onsite with a team from the vendor working remotely. Overall, around five to six people were involved.

The setup is not cheap. Wildfire is priced at a high rate for the features it provides, making it a challenge for small organizations to afford.

Wildfire has excellent features and offers some of the best security measures available, although it requires a significant budget. 

The general product is very good, and I would recommend it for organizations serious about enhancing their security. However, better support is crucial.

I'd rate the solution nine out of ten.

First of all, I use WildFire for zero-day malware detection. WildFire is a threat intelligence platform that collects threat information and provides that information not only for the WildFire service yet also acts as a source for other security services such as URL filtering and antivirus protection.

I value the massive usage of artificial intelligence and machine learning technologies. WildFire can protect different environments, including Windows, Mac, Linux, Android, and iOS, which significantly impact the product's capabilities. Its ability to detect threats quickly and inform security devices to block malware is also a highlight.

It is a difficult question. Honestly, I don't have any immediate suggestions for improvement. However, perhaps an anti-spam feature could be considered.

I have been using this solution for about eight years.

I would rate the stability as a ten out of ten. It is a very stable product.

WildFire is a cloud-based service, so it is able to scale automatically depending on needs. There are no issues with bottlenecks or similar problems. I would rate it a ten out of ten.

The service response times are aligned with standards, responding within a few hours based on the problem's criticality. I would rate the technical support as an eight out of ten.

Positive

The service generates a low rate of false positives, reducing the overhead of managing false positive events. It dynamically adapts controls based on the threat landscape, lessening my workload in configuring and tuning the product.

I'm not familiar with the economic aspects of the product. It is aligned with the competition. I would rate it an eight out of ten in terms of affordability.

I absolutely recommend WildFire because it dramatically reduces response times against zero-day attacks. Overall, I rate the product a nine out of ten.

WildFire is a centralized intelligence service that updates its database with the latest information about real-time threats worldwide. This allows it to update firewall licenses in the cloud in real time. When it detects new attacks or vulnerabilities, it immediately pushes real-time firewall updates for remediation. This capability enables WildFire to protect against zero-day attacks.

WildFire has default licenses for threat prevention. It updates its cloud-based database in real-time, and its dedicated team analyzes threats to provide remediation and prevention measures. Once tested, updates are pushed to all firewalls licensed with WildFire, continuously updating based on real-time vulnerabilities.

The license is limited. Suppose you have a firewall with a WildFire license but haven't enabled the security profile. In that case, your firewall could be vulnerable to threats. WildFire could improve by enabling the firewall to update its security profile database, even if the security profile itself isn't active. This way, it could block threats not associated with WildFire as a first line of defense.

If Wi-Fi can be improved to offer real-time security profiling and updates, it can prevent traits unrelated to Wi-Fi.

I have been using Palo Alto Networks WildFire for over two and a half years.

The product is stable.

Till now, we did not have any issues with respect to Wildfire. It should be fine.

Positive

For deployment, you must go to the support portal, register your firewall using its serial number, and obtain all the licenses. WildFire is one of the licenses. You can download it and manually import it into your firewall. Alternatively, if your firewall is registered on the support portal, you can fetch it directly using the Internet. Configuring the license is easy.

If you use WildFire along with the bundle, you save some money. If you work for a prime customer or client and they are using the Palo Alto Networks firewall on the external perimeter of their network, having this kind of feature that offers real-time threat prevention capability could be a showstopper. It's a really good solution for day-zero threat prevention.

We purchased a license bundle with all the threat prevention features, antivirus capabilities, and a WildFire license. Because WildFire is part of the firewall bundle, it might be a bit cheaper than purchasing individual WildFire licenses. We update the license bundle every three years. So, in terms of cost savings, we benefit because we purchase a bundled license for all our firewalls. However, customers who purchase individual licenses might incur higher costs than our bundled license.

Once you install the license, you don't have to do anything else. Just ensure you are updating your real-time updates.

WildFire offers advanced firewall capabilities, including protection against zero-day threats and proactive prevention. 

Overall, I rate the solution a ten out of ten.

Palo Alto Networks WildFire acts as a sandboxing or intrusion prevention solution. It is used to prevent malicious attacks depending on predefined detection. The on-premises detection engine or cloud-based WildFire can be licensed on the firewall to send all traffic to the cloud to be analyzed. It then sends feedback (good or not good) that can mitigate against malware attacks. It basically analyzes this with an Android traffic engine.

WildFire can filter for us if it finds any attacks with a predefined signature in its database. It can fire against this attack and stop it. If the attack is new or zero-day, we may put it in all these nodes and send it to the cloud to be analyzed. Depending on the output, we make the product decision. But the main addition of state intent is to prevent against attacks before the server is infected, to protect the critical zone.

This is important for your servers, assets, and data center, so threat prevention will be effective in this position. WildFire has multiple techniques; it can execute against a predefined attack in its database, and if it finds a new attack, it can analyze it in its own engine or send it to the cloud to be analyzed and send feedback.

There are multiple features like management, intrusion prevention (IPS), URL filtering, anti-spam, and antivirus.

If it is between one vendor and another vendor. I've also had to use threat prevention, but just to have an IP access list and intrusion prevention. 

It depends on the decision of the firewall itself. Because when we're talking about the edge firewall, we are talking about web traffic. So you are filtering based on encryption, IP addresses, threat prevention, spam, ransomware, and so on.

And in that center firewall, we need intelligence as a core function. So we don't need any more URL filtering licenses in the center because the customer or users don't usually access the Internet. So the center is used to defend against internal attacks or any DoS/DDoS attacks, not for filtering any websites.

I see that the latest release of Palo Alto enabled our features to develop and make it easy to configure over all features in the firewall based on the AI engine. So I did AI Firewall with AI 3.0.

The analytical features require improvement.

I've been working with Palo Alto Networks WildFire for more than ten years.

I would rate the stability a nine out of ten. 

In terms of scalability, it's at the Global Correlation Group. This is based on IOCs (Indication of Compromise), which are based on attacks that happen in other countries. The global correlation offers free code based on attacks that happen for global governments, and any malicious IOC can enrich the firewall by preventing IP attacks.  All threat prevention has its own IOCs. 

So, when dealing with threat prevention, there are multiple common routing and group IDs, and so on. And, for WildFire, every group has its own IOCs based on its own detection and analytics of attacks happening in their products all over the world. So you can create multiple feeds, and you can enrich your environment or your security controls to defend against the attacks before they happen in your environment.

There are about 500 users. I work with a system integration company. I'm not with a customer company. I proposed this solution to my customers. I've proposed it to different organizations, like banking, financial, and public sector companies. So I work for almost all vendors and have a market share here in Egypt. And it depends on the tests that I've already supported.

I would rate the scalability a nine out of ten. 

We have opened tickets. It's very good as we expect it, especially compared to other vendors.

Neutral

It's easy to install, but you need to be willing to learn. It takes from two to four weeks to analyze all traffic. And then you get the device for the node. So it is not easy to deploy.

The installation is easy, but the time duration of being in active or inline mode takes longer. It should take two weeks to finish the learning mode and to apply the recommendations based on the analytics that are in the environment.

The on-prem WildFire appliance can be used as a license on the firewall. To be proposed to our customer, it is aligned with Palo Alto Networks.

The integration is almost not easy because it depends on the vendor. It's easy to integrate WildFire with another Palo Alto Networks firewall. With another vendor, there are a lot of milestones. I think you can use this tool in proof of concept; that is a very good use case for it. There are integrations with other tools like Trend Micro, and McAfee Network Security. The integration with Trend Micro is difficult and very sophisticated, and in most cases, we cannot integrate with Check Point. So integration is not easy with other vendors; not all vendors have dual integration.

In my company, there are about nine implementation engineers under my supervision.

Financial cost depends on operational costs. We have an operations team that works with this.

It depends on what you are defending against. Because I'm dealing with the banking sector, it has a lot of daily attacks.

WildFire is a core security control in any environment because you can't defend against malicious attacks without it. Every stage in your environment should have a security control that defends against these attacks. We have multiple layers, like the application layer, network layer, and endpoint layer. 

While WildFire is in this position, its ability is not evenly distributed because it defends against real-world attacks. It can mitigate your environment with new attacks.

I would rate the pricing a six out of ten, with ten being expensive. The pricing is the biggest issue. Palo Alto is very high-priced compared to others, but you get sophistication because it's almost higher tech than other vendors.

When dealing with banking, we focus on technology, not price, so we can easily propose Palo Alto to these customers. But when dealing with the commercial or public sector, the major component is price. So WildFire may not be the appropriate solution because it's too high. It depends on the sector's priorities. If the focus is on security, you need Palo Alto to get the knowledge.

I recommend WildFire. It has a huge database and a global coalition group. You can enrich your own IOCs (Indication of Compromise) with multiple situations. The big data engine of analytics is very effective, and Palo Alto is very intelligent and can respond to any attack very effectively. They have good and educated security engineering back end, which can analyze and detect attacks. They also provide proper proof of concept for your environment. 

Palo Alto is a leader in the latest framework by Gartner and has a big data engine on-premises or in the cloud. This input helps me recommend it to any customer. By the way, Palo Alto is a leader and has a market share of the banking tech industry. Every bank that is very successful must have Palo Alto and/or WildFire. It is a leader in the whole industry.

Overall, I would rate it an eight out of ten. 

We have integrated Palo Alto Networks WildFire with our existing security infrastructure to improve threat detection. Our primary use case is to engage Palo Alto Networks WildFire along with IDS and IPS to prevent intrusions and filter different types of traffic. We work with different clients to implement this solution.

The Intrusion Prevention System (IPS) and Intrusion Detection System (IDS) are the most effective features in enhancing our network security. These features provide significant monitoring capabilities after configuration and help in identifying and removing untrusted traffic. Integrating Palo Alto Networks WildFire with various security protocols similar to a firewall has significantly improved the overall threat detection capabilities in our organization.

The support could be improved, as it takes a while to get assistance from the vendors.

I have been working with Palo Alto Networks WildFire for two and a half years.

I rate the stability of the product at eight and a half or nine out of ten.

Palo Alto Networks WildFire is scalable, and I give it a nine for scalability.

The support is quite difficult to access promptly. I rate it as seven out of ten.

Neutral

The initial setup did not take a long time. Configuring Palo Alto Networks WildFire took about three to four hours because the client's requirements were not fully prepared beforehand.

We engaged the professional service from the vendor for the deployment. Our team included administrators and engineers from our colleagues and the client side.

I am not sure about the pricing as I am a technical engineer and not involved in sales. There are no extra expenses for features after purchasing the license.

I recommend Palo Alto Networks WildFire to other companies due to its simplicity in deployment. I provide an overall rating of eight for this product.

We use the product to enhance threat detection and response. We utilize it as part of a broader security ecosystem to monitor and block potential cyber threats. Our environment includes multiple financial clients and has tailored rules for specific needs, such as anti-fraud measures. The solution integrates seamlessly with our firewalls and incident response systems, vital for our security operations.

The platform's most valuable feature is its seamless automation within the broader Palo Alto ecosystem. Its ability to function autonomously, with automatic updates and integration with tools like Panorama, significantly reduces manual intervention. Additionally, its threat detection capabilities allow us to respond quickly to potential incidents, and the system is self-sufficient, managing itself once configured.

The product's user interface for investigations needs enhancement. While it's already efficient for professionals who know how to use it, further interface refinement could make it more intuitive during complex forensic work.

I have been using Palo Alto Networks WildFire for quite some time, ensuring I am current with the latest version. The solution is updated weekly, and we promptly apply those updates as they are delivered.

It's a reliable solution that integrates seamlessly with our network and firewalls, maintaining consistent performance without significant downtime or disruptions.

The solution is designed to adapt to the needs of larger networks, and as long as the proper infrastructure is in place, it can handle increased loads without issue. It's versatile and can be tailored to different network environments, providing consistent performance.

Palo Alto provides solid customer service, and we rate them highly for their responsiveness and expertise. When we've had specific queries or issues, we've been quick to assist and resolve them efficiently.

Positive

The initial setup was straightforward because we had the necessary knowledge and trained professionals. Palo Alto offers training and certification programs, which helped our team understand the deployment process and get the system running smoothly. 

We handled the implementation in-house, as we have a highly skilled team trained in Palo Alto's tools. However, for clients who don't have different levels of internal expertise, I strongly recommend using Palo Alto's professional services, which are excellent and ensure the setup process is completed without issues.

Setup costs and licensing for WildFire are comparable to other enterprise solutions.

We have evaluated various solutions in the past, including Cisco, Fortinet, and others. However, WildFire was selected due to its superior integration capabilities within the Palo Alto ecosystem and its automation features, which streamlined our operations compared to other tools.

WildFire is an excellent choice for organizations looking for robust security solutions that integrate well into an automated ecosystem. However, as the system is designed for professionals, it's crucial to have a knowledgeable team in place. Proper training is essential to ensure the solution is utilized fully.

Overall, I rate it a ten out of ten. 

Palo Alto Networks WildFire is used as a firewall for its multiple security features. The solution helps our organization segregate varying DMCs and gateways in the data center. Our company does not use the core appliances as Layer 3 switches. Entire Layer 3 capabilities are present on the firewall in our organization. 

The local support and resources provided by the vendor are excellent, allowing our organization to have a seamless user experience.  

Palo Alto Networks WildFire is acting as a firewall at the data centers to secure the parameters. The solution handles DSD segregation and monitors the gateways. Our company uses Trend Micro XDR for endpoint and email security across the cloud. 

There are proxy or DNS issues with Palo Alto Networks WildFire. For instance, if there are more than 80 branches physically scattered across the globe, for an office in Sri Lanka if a user want's to browse, all the traffic gets reverted to the main office from where its managed. The solution should be locally accessible. 

The security implemented in our organization's data center today is necessary, but all the traffic using the solution should go directly to the local ISP of Sri Lanka rather than reverting to the head office location. The system uptime data is unavailable on Palo Alto Networks WildFire's dashboard. The solution's dashboard can also be improved.

For instance, if our company management wants to check the system or network uptime for the last month, it cannot be presently checked using the solution. In our company, we have AI integrated into our SDN network, which provides advanced reports, not only with the root cause of issues but also with possible recommendations. 

I have been working with the solution for more than 15 years. 

I would rate the stability an eight out of ten. 

I would rate the scalability an eight out of ten. 

Our organization remains connected to the support team, and I would rate them as eight out of ten. 

Positive

The solution is worth its price as far as all the security parameters are fulfilled. I would rate the pricing a seven out of ten. In terms of quality and pricing, Palo Alto Networks WildFire is better than the Check Point solution. 

Palo Alto Networks WildFire remains integrated with our organization's existing security infrastructure for malware protection in the data centers. In our company, we haven't faced any integration obstacles in the solution and we have superior visibility on the data packets and all email activities. 

I would recommend others use Palo Alto Networks WildFire because our organization has used the solution for more than ten years, and we haven't faced any major service outage, downtime or security issues. Our company is satisfied with the product's performance in mitigating security threats, so we are not looking for an alternative. I would overall rate Palo Alto Networks WildFire an eight out of ten. 

I use the tool in my company for advanced threat protection and for configuring the firewall policy. I also use GlobalProtect VPN, along with IPsec.

it is helping us to protect our network 

url filtering, vpn, bgp 

The product fails to offer protection when dealing with high-severity vulnerabilities, making it an area of concern where improvements are required.

I have experience with Palo Alto Networks WildFire, but I don't use it much. My company has been a customer of the product since 2016 or 2017.

It is a stable solution.

It is a scalable solution. Scalability-wise, I rate the solution an eight out of ten.

Around 1,000 people in my company use the product.

The solution's technical support is good, but my company prefers to use vendor support, which is not that much useful. My company plans to receive direct support from Palo Alto Networks.

juniper srx, because there was no proper visibility. 

The product's initial setup phase was easy.

The solution can be deployed in a day.

Palo Alto Networks WildFire is a product with a high price. My company pays separately to use Palo Alto Networks WildFire. The cost of the product is very high, but my company is okay with it.

My company had evaluated other products in the market before choosing Palo Alto Networks WildFire. My company chose Palo Alto Networks WildFire since it is very compatible with the firewall we use from Palo Alto Networks, making it an easy solution for us to implement in our environment.

Though the product has improved the ability to detect and respond to genuine threats, it is not very useful in our company's environment.

The tool's capability to deal with malicious files and block URLs has benefited our organization. The tool also helps my company deal with scripts that are not required.

Palo Alto Networks WildFire is only for the users who use hardware or products from Palo Alto Networks. I am not sure whether Palo Alto Networks WildFire can be integrated with other products. If you use a firewall from Palo Alto Networks, then Palo Alto Networks WildFire is useful since it allows you to stay protected from malware.

Only the reporting part is proper in the product, but the action setting is an area that needs to be taken care of by Palo Alto Networks. If the product is capable of blocking threats, then it will be very useful for our company.

I rate the overall tool an eight out of ten.