Palo Alto Networks K2-Series Review

Until recently, most of my time was spent implementing this product and our company still does that. As a security solutions architect, I'm now more focused on the architecture and that side of things. We're partners with Palo Alto. 

It's a very good product, simple to use. The visibility is very, very important, and that's good with Palo Alto. The solution has simple integrations with the domain controllers and other inventories, which the endpoint traps by cloud which is very important. It's an easy firewall, very easy to configure, to monitor, and to use. It's easier than Forte, for example. 

The solution could be improved with more dedicated reporting about the user's context. For example, if I need to have a summarized report that includes uses as well as consolidating the user's activities, threads and applications on the endpoint machine, Palo Alto does not have the visibility for the endpoint in their firewalls. If I want to have a report from the firewall that summarizes user application from the user side, rather than the server side, Palo Alto software does not have that information.

Other vendors, such as Cisco, have that in their profile. You can generate a report from Cisco firewall and it will tell you that you're using the internet, and using Firefox or Google Chrome. Palo Alto doesn't have that extended visibility to the end point. 

It would be the same for additional features - I need to have the visibility of the endpoint application, endpoint context. It's an innate feature in Cisco firewalls. I don't like the style of Forte, for example. It has email spam over the firewall. I don't like this feature, and I don't like to have features that are not really good for out of the box. What Forte does have that is good is an explicit proxy capability and Palo Alto could include that.

I've been using this solution for more than 10 years. 

Palo Alto is stable. They used to have some issues but now they're good. All software has a vulnerability, but stability here is fine.

It never used to be scalable but they've recently added a cluster mechanism so you can scale as much as you need. I've spoken to them and they're going to make an announcement about it later in the month if they haven't already. 

Palo Alto support is good, I contact them all the time. They have two kinds of support: Premium, which allows you to contact the vendor directly, they open the case, and you communicate with Palo Alto and they'll help you on the spot. There is also Partner support. I would not recommend that to anyone. 

Palo Alto is the easiest solution in this field to implement. 

Implementation depends on the use case. For example, if you implement on the edge, or you implement on-prem, or you implement on the internet, it's different from implementing to the data center. It's generally a quick process. It might take around two weeks, depending on the number of applications in the data center. If you're using solutions like Forte or Cisco, they will take longer. 

The number of people required to implement also varies depending on how you plan to implement - whether over the internet or if you deploy through the application theme. It requires communication between all parties. 

It's a good product. I would suggest people think about the design, the architecture, what they have and the applications. If they have a different kind of firewall, if they have an internet firewall, they can use the Palo Alto tool. Or they can use something else depending on what they have on their network.

I recommend Palo Alto because it's a platform as well as a firewall and it has a lot of features. I would suggest testing the features and trying to get all the benefits of all the functions in the box. 

I would rate this solution a seven out of 10.