What is our primary use case?
We use this firewall as part of our overall security solution. It is used to protect our perimeter on the internet side. We have the on-premises version installed for our offices and the cloud-based version for our cloud offerings. For our cloud setup, we use both Azure and AWS.
What is most valuable?
The most valuable feature is the security provided by the ATP. It is definitely better than the security provided by other firewalls.
The API is available for integration with tools for automation and AI, which is very good.
What needs improvement?
The interface contains some decentralized tools, so simplifying it would be an improvement.
I would like the option to be able to block the traffic from a specific country in a few clicks.
Some of the implements under artificial intelligence should provide better visibility in terms of my traffic, such as where it originates and where it is going.
Better integration with industry tools would allow me to do quicker automation and reduce my operational costs.
For how long have I used the solution?
We have been using the Palo Alto Next-Generation firewall for almost five years.
What do I think about the scalability of the solution?
This solution is definitely not scalable. Although it is a next-generation firewall, it has its limitations in terms of policies. At one point in time, it becomes the bottleneck, which is something that we have to optimize.
We are using this firewall at between 10 and 15 locations.
How are customer service and technical support?
We have been in contact with technical support and we are satisfied with the service.
Which solution did I use previously and why did I switch?
We also use FortiGate VDOM, although this is for internal protection. The FortiGate interface is simpler in design than Palo Alto.
Prior to Palo Alto, we were using the Cisco ASA platform. When it was through with its lifecycle, we switched. Seeing the next-generation firewall competition in the market, Cisco definitely has a larger portfolio, but it is not as competitive in the security domain. Solutions from Palo Alto and Fortinet are better in this space.
How was the initial setup?
It is easy to install and we did not find the initial setup complex at all. The basic firewall can be set up, and then it takes a little time for the hardening. In total, the deployment can usually be completed within two or three hours.
What's my experience with pricing, setup cost, and licensing?
The pricing is competitive in the market.
What other advice do I have?
Palo Alto NG is definitely a firewall that I recommend for the right size of deployment.
I would rate this solution an eight out of ten.
Which deployment model are you using for this solution?