Palo Alto Networks VM-Series Review

Good control over traffic with an advanced packet inspection engine, but it needs to include a secure web gateway

What is our primary use case?

I am a firewall expert, although my job is not on the management side. I take care of the routing and switching aspects. We have approximately 1,000 firewalls in the company.

How has it helped my organization?

This product is a complete security system, wherein we provide direct internet access to our hub site.

What is most valuable?

The most valuable feature is that you can control your traffic flowing out and coming out, allowing you to apply malware and threat protection, as well as vulnerability checks.

It has an advanced engine that does parallel processing for packet and deep packet inspection. It also supports user authentication.

What needs improvement?

The disadvantage with Palo Alto is that they don't have a cloud-based solution that includes a secure web gateway. For example, if a person is working from home and you want a proxy then you have to rely on a secure web gateway. Palo Alto cannot do that because they don't have a cloud solution. So, if you want direct internet access and if you also want the proxies then Palo Alto is not a good choice.

For how long have I used the solution?

I have been working with the Palo Alto VM-Series for four years.

What do I think about the stability of the solution?

The stability is absolutely good and there is no problem with it.

What do I think about the scalability of the solution?

We have almost 3,000 branch offices set up across the globe.

Our intention is to increase usage of Palo Alto, adopting it for security in all of our future products.

How are customer service and technical support?

Technical support from Palo Alto is very good.

Which solution did I use previously and why did I switch?

We did not use another firewall product before this one.

How was the initial setup?

With any organization, if you want to change the firewalls that are being used in production then it's a hectic task. You have some rules and engines that can be used, but it's a step-by-step process.

Migrating from an existing solution to Palo Alto needs to be done in phases. Phase one would be installing the devices. Phase two is testing a lab setup and diverting traffic, then analyzing it. Finally, the third phase is to enable other features like threat protection, malware detection, and other advanced options.

Depending on the size of the organization, if a migration is well planned then it will take three to four months to complete.

The configuration is different between our branch offices in order to meet our requirements. Some use the hardware appliance, whereas others use the software version.

What about the implementation team?

We had a Palo Alto engineer who was assisting us, in-house, for our deployment. We also have support from our vendor, which provides LAN and WAN solutions.

Which other solutions did I evaluate?

We considered using Cisco ASA, but we chose Palo Alto because it can also act as a proxy for your hub site. Palo Alto is more advanced than the Cisco solution.

What other advice do I have?

This is definitely a product that I can recommend.

Overall, it is a good product, although it would be better if they offered a cloud proxy.

I would rate this solution a seven out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More Palo Alto Networks VM-Series reviews from users
...who work at a Financial Services Firm
...who compared it with Cisco Firepower NGFW Firewall
Learn what your peers think about Palo Alto Networks VM-Series. Get advice and tips from experienced pros sharing their opinions. Updated: July 2021.
523,431 professionals have used our research since 2012.
Add a Comment
ITCS user