Palo Alto Threat Prevention Review

A scalable, stable solution that has effective suspicious IP protection


How has it helped my organization?

There have been updates to the solution recently that have ramped up protection. Before this, we had a lot of hacks on the network, specifically in the cloud environment. After the proper implementation of that product, we've not had one hack attempt. The last six months have been very good.

What is most valuable?

The solution offers a feature to show which traffic is the highest on the network, and which traffic is the lowest. There's also a feature that scans incoming and outgoing traffic, and one feature that is able to flag a suspicious IP address. These are all valuable features. With the IP address flag, I was able to see that I was being hacked. The moment there was an interaction between somebody on my network and that IP, the solution was able to flag it, and we were able to protect ourselves.

What needs improvement?

The solution needs to improve Reverse DNS functionalities.

Right now, when you check the IP address, it tells all. It assumes that that IP address is locally available on the inside. When the request is going back to me it's supposed to do what we call rights. Instead of giving me the public IP address in my response, it's supposed to give me the private IP address or the local IP address so that I can reach the device locally. That's the challenge right now.

Sometimes when you want to group a set of ports, and communicate with Palo Alto, you cannot group TCP and UDP ports together. This needs to be adjusted.

For how long have I used the solution?

I've been using the solution for five years.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

The solution is quite scalable.

How are customer service and technical support?

Apart from software updates, we've not had any reason to reach out to technical support, so I don't have much experience with them.

If you previously used a different solution, which one did you use and why did you switch?

We've previously used Cisco, Salesforce, and Fortinet. We last used Salesforce, and we mainly switched due to the cost of the solution.

How was the initial setup?

The initial setup is straightforward.

What about the implementation team?

We handled the implementation ourselves.

What other advice do I have?

We use both the cloud and on-premises deployment models.

I'd rate the solution eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email