What is most valuable?
I like the architecture because it separates the management plan process and the data plan process. When I perform something CPU-intensive on management configurations, it doesn't disturb the data plan.
On the data plan, it uses parallel processing. This makes the security process and network process is more efficient.
What needs improvement?
I think visibility can be improved. If I use the Panorama monitoring dashboard, it's still the same with or without Panorama. Even with monitoring, we don't get any valuable information.
If I am a customer, I will take many variables into considerations. If I choose to use Panorama, there should be a difference between when I use it and when I'm not. If I'm a customer who paid for Panorama even when I have many firewalls, I won't get good visibility of the information I need to easily monitor our security environment.
My customers have been attacked by ransomware. It's difficult to understand how the ransomware got through Palo Alto Panorama and Palo Alto dashboard monitoring from reporting. It makes it difficult to conclude what happened on the traffic which passed through Palo Alto. As such, I have to generate an all block report CSV file and analyze it through Excel.
For how long have I used the solution?
I've been using Palo Alto Networks NG Firewalls for about two years.
What do I think about the stability of the solution?
On performance and stability, I've never heard any complaints. The product is running well and easily maintained by an admin.
What do I think about the scalability of the solution?
I think scalability's the same as any other firewall. If we look to scale five years later, it will be scalable to perform the change. This model on Palo Alto makes it easy to add a new network, so Palo Alto offers more scalability.
How are customer service and technical support?
Technical support is still not good for me.
How was the initial setup?
The initial setup is so simple. We just needed to make a password and make it a point to point connection. I think it's that simple; make a point to point connection, access the web UI, perform initial configuration so the firewall can be managed through the network, and then we can manage everything through the web UI.
What's my experience with pricing, setup cost, and licensing?
The device is very expensive compared to Cisco and Fortinet. But many of my customers use Palo Alto as Palo Alto is the standard of their organization.
What other advice do I have?
I'd tell potential users of Palo Alto Networks NG Firewalls that their decision depends on their budget. If you have an adequate budget, then I recommend Palo Alto. If you have a limited budget, you need to consider your needs and look at Cisco ASA's price and Fortinet's price.
On a scale from one to ten, I would give Palo Alto Networks NG Firewalls an eight.
Which deployment model are you using for this solution?