Palo Alto Networks NG Firewalls Reviews

We have had use cases for defending our resources against external access or authenticating particular traffic or appropriate traffic for access.

The key factor here is reliability. In my previous company, we had a different vendor's firewall before switching to Palo Alto network devices. 

Unfortunately, during that time, our security team was on vacation and had to be called back urgently due to a severe incident. This experience led us to switch to a more dependable, reliable, and robust system, which turned out to be the Palo Alto network device. 

Fortunately, the transition from our old system to the new one was relatively seamless, and we now have a reliable and robust security infrastructure.

In my opinion, Palo Alto has consistently been one of the best firewalls for enterprise security. 

We have encountered numerous instances where we have observed threats and attacks targeting our systems, and Palo Alto has proven to be highly reliable in blocking any malicious activity.

I would like to see some Machine Learning because I have observed new types of attacks that are able to bypass existing security rules. It is possible that implementing some form of continuous learning or education could be beneficial in addressing this issue.

Some way to learn what is normal it isn't, you know, something like that, I think that would be probably the most beneficial thing to me.

To say it's a set-and-forget system wouldn't be entirely accurate, but it is an incredibly stable and reliable system. Once it's set up and configured properly, you really just need to keep an eye on it for any necessary updates or new rules. In my experience, it's one of the most reliable systems available.

The original installation we were considering was for a small organization, and we had to take into account the fact that we were going to expand the endpoints to our entire user base, not just a select few like marketing.

We were assured that the system would have no issues handling the additional workload as we added more devices or upgraded the device.

The firewall solution that I have referred to the most during this conversation is one that I have implemented for small to medium-sized organizations.

I found the initial setup very straightforward.

I recall that the setup process for the device was straightforward and could be completed quickly. However, while the device did come out of the box, it wasn't as secure as it could have been, and I had to go in and tighten up the security settings. Despite that, compared to other firewalls with complex and cryptic interfaces, Palo Alto's firewall interface was relatively easy to use and comprehend.

There were certainly benefits in terms of time-saving and ease of learning for the user. The straightforward setup process and user-friendly interface of the Palo Alto network devices made it easier and quicker to implement, thus saving time. Additionally, the easy-to-use interface also helped in reducing the learning curve for users, enabling them to become proficient in using the device more rapidly.

Using Palo Alto has reduced the amount of downtime considerably.

Determining the impact of blocking threats is not straightforward because it depends on the severity of the threat. For example, if a threat only affected one server, the downtime would be minimal. However, if it caused an outage in the entire environment, the impact would be much greater. It is challenging to quantify the amount of downtime prevented by blocking threats.

Usually, when setting up a new firewall, it's common to get around 80% of the work done within a few days. However, with the Palo Alto network device, I recall that we were able to achieve 95% to 99% completion within just a couple of days. The device's user-friendly interface and straightforward configuration process made it easier to accomplish more in less time.

Technical support was helpful during the deployment process.

During the deployment process, I thought they were great. I had no complaints they were very knowledgeable, and we were able to resolve everything very quickly.

The organization has seen a return on investment with Palo Alto firewalls as we haven't experienced any significant breaches.

When when we first looked at Palo Alto, it came in as the top recommendation from a source that we trusted. We didn't actually look at other vendors at that time. 

At the time, we had the full support of our CEO and team, who recognized the urgency of the situation as our entire system was down. This rare backing from everyone helped us to quickly implement a solution.

We frequently recommend Palo Alto to others as we believe it is a highly effective solution for network security. It is one of those things where if someone does not have a Palo Alto, we advise them to consider it as a worthwhile investment.

For those seeking the cheapest or quickest solution, I would advise that while it may seem like a good idea in the short term, you will likely encounter issues that will require you to replace the solution soon after. Investing in a reliable and reputable solution like Palo Alto Networks may require a larger investment upfront, but will ultimately save you time and money in the long run.

The biggest value that I gain from being here is networking and finding out what other products are out there without having to go to, like, a search engine and wait or rely on the results of the search engine. I can literally wander around. And if something catches my eye, I can be like, well, that's really cool. Let me go get some more information about that.

It's really easy to just look at all the different vendors, looks at the various talks, looks at everything that's here, and get information tailored to what I wanna learn about.

I definitely can make recommendations on various products they get based on my experience, but I don't have a say in it directly.

I would rate Palo Alto Networks NG Firewalls a nine out of ten.

We use the solution to protect our network environment. We use three versions: 230, 440, and 820. 

Palo Alto Networks NG Firewalls embed machine learning into the core of the firewall to provide real-time attack prevention, which is wonderful.

We check the machine learning logs to secure our networks against threats that are able to evolve more rapidly. 

I find the solution to be comfortable and easy to use. While I cannot completely authenticate my devices, I am able to distinguish between private devices and use them for authentication in some way, which is very helpful. The URL filtering feature is also helpful and I am very satisfied with the firewall delivery.

Palo Alto Networks NG Firewalls provide a unified platform that natively integrates all our security capabilities through Cortex XDR.

I give the solution's single-pass architecture for performance and security an eight out of ten.

There are many valuable features within the solution. This includes security, a user-friendly firewall, antivirus, and global protection.

Palo Alto Networks NG Firewalls' documentation, features, and user-friendliness are excellent.

The VPN has room for improvement.

I have been using the solution for two and a half years.

For the most part, the stability is good but we sometimes face problems with the VPN connections.

The solution is scalable. We have 150 people that use the solution.

We often don't have to open a ticket as the documentation provided is usually comprehensive, and we can usually resolve most issues on our own. The one time I submitted a ticket, the technical support was not able to resolve the issue.

Positive

I previously used Forcepoint Next-Generation Firewall which is cheaper than Palo Alto Networks NG Firewalls but I prefer Palo Alto because it is user-friendly and supports more devices and features. 

I was not involved in the initial setup but I did migrate the 820 to the 440 and it was straightforward. The migration took a few hours.

Palo Alto Networks NG Firewalls are expensive.

There is an additional cost for support.

I give the solution nine out of ten.

The maintenance consists of regular updates only.

Currently, we do not use Palo Alto Networks NG Firewalls across our entire network but we have plans to extend them in the future.

I recommend Palo Alto Networks NG Firewalls to others.

We use it as an Internet-facing parameter firewall. In my environment, it has security and routing. It is on a critical path in terms of routing, where it does a deep inspection, etc.

There have been a lot of improvements from security to service.

It is critical that Palo Alto Networks NG Firewalls embeds machine learning in the core of the firewall to provide inline, real-time attack prevention. In my environments, we have an integration with a third-party vendor. As soon as there is new information about new threats and the destination that they are trying to reach on any of our network devices, that traffic will be stopped.

Setting up a VPN is quite easy. 

It gives you a lot of information when you are monitoring traffic. 

In terms of user experience, Palo Alto has very good user administration.

Machine learning is important. Although we have not exhausted the full capabilities of the firewall using machine learning, the few things that we are able to do are already very good because we have an integration with a third-party. We are leveraging that third-party to get threat intelligence for some destinations that are dangerous, as an example. Any traffic that tries to go to those destinations is blocked automatically. There is a script that was written, then embedded, that we worked on with the third-party. So, machine learning is actually critical for our business.

There is a bit of limitation with its next-generation capabilities. They could be better. In terms of logs, I feel like I am a bit limited as an administrator. While I see a lot of logs, and that is good, it could be better.

I wanted Palo Alto Networks engineering to look at the traffic log, because I see traffic being dropped that happens to be legitimate. It would be interesting for me to just right click on the traffic, select that traffic, and then create a rule to allow it. For example, you sometimes see there is legitimate traffic being dropped, which is critical for a service. That's when actually you have to write it down, copy, a rule, etc. Why not just right click on it and select that link since that log will have the source destination report number? I would like to just right click, then have it pop up with a page where I can type the name of the rule to allow the traffic.

I started using Palo Alto in 2015.

It is very stable. We had two outages this year that were not good. They were related to OSPF bugs. Those bugs affected our service availability. 

It is quite scalable. I have been able to create a lot of zones to subinterfaces for a number of environments. I don't really have any issues regarding scalability. It meets my expectations.

Palo Alto Networks NG Firewalls technical support is very poor. Three or four months ago, I had a bug where the database of the firewall was locked. You cannot do anything with it. We looked for documentation, giving us a procedure to follow, but the procedure didn't work. We logged a complaint with Palo Alto Networks, and they gave us an engineer. The engineer relied on documentation that doesn't work, and we had already tested. In the end, the engineer gave us an excuse, "No, we need this account to be able to unlock it." This happened twice. The way out of it was just to restart the firewall. You can restart the firewall and everything goes back to normal. Therefore, I think the support that we got was very poor.

Neutral

I have used Check Point and Cisco ASA.

Initially, when I started with Palo Alto, we had Cisco ASA, but Palo Alto Networks beat ASA hands down.

We have a multi-vendor environment with different providers. Our standard is that we can't have the same firewall for each parameter, so there is some kind of diversity. 

We had ASA looking at one side of the network and Palo Alto Networks looking at the other side of the network. We also had Juniper looking at another side of the network. At the end of the day, ASA was very good, I don't dispute that. However, in terms of functionality and user experience, Palo Alto Networks was better. 

Palo Alto Networks beat ASA because it was a next-generation firewall (NGFW), while ASA was not.

When we bought Palo Alto, we had Juniper devices in our environment. We were told that it was a bit like Juniper, so we were happy. However, some people were a bit skeptical and scared of Juniper firewalls. Because of that, it took us a very long time to put them on the network. However, as soon as we did the implementation, we realized that we were just thinking too much. It was not that difficult. 

We deployed Palo Alto Networks as part of a project for data center implementation. The implementation of the firewall didn't take long.

We buy through a third-party. Our account is managed by IBM.

We have seen ROI. There is more visibility in the environment in terms of security. There was a time when we suspected a security breach, and this firewall was able to give us all the logs that we expected. 

Palo Alto is like Mercedes-Benz. It is quite expensive, but the price is definitely justified.

One thing is system administration. In our opinion, Palo Alto administration is easier compared to other vendors. I know other vendors who have Check Point. You have to manage Check Point, and it is a bit cumbersome. It is a very nice, powerful firewall, but you need more knowledge to be able to manage Check Point compared to Palo Alto. Palo Alto is very straightforward and nice to use.

In our environment, troubleshooting has been easy. Anybody can leverage the Palo Alto traffic monitoring. In Cisco ASA and Check Point, you also have these capabilities, but capturing the traffic to see is one thing, while doing the interpretation is another thing. Palo Alto is more user-friendly and gives us a clearer interpretation of what is happening.

One thing that I don't like with Palo Alto is the command line. There isn't a lot of documentation for things like the command line. Most documents have a graphic user interface. Cisco has a lot of documents regarding command lines and how to maneuver their command line, as there are some things that we like to do with the command line instead of doing them with the graphic interface. Some things are easy to do on a graphic interface, but not in the command line. I should have the option to choose what I want to do and where, whether it is in the command line or a graphic interface. I think Palo Alto should try to make an effort in that aspect, as their documentation is quite poor.

We would rather use Cisco Umbrella for DNS security.

I compared the price of Palo Alto Networks with Juniper Networks firewall. The Juniper firewall is quite cheap. Also, Palo Alto Networks is a bit expensive compared to Cisco Firepower. Palo Alto Networks is in the same class of Check Point NGFW. Those two firewalls are a bit expensive.

It gives us visibility. In my opinion, the first firewall that I would put on our network is Palo Alto Network and the second would be Check Point.

Palo Alto Networks NG Firewalls is a very good firewall. It is one of the best firewalls that I have used.

I would rate Palo Alto Networks as nine out of 10.

We use it to segregate traffic between different tenant instances and to manage secure access to environments, DMZ zones, and to communicate what the firewall is doing.

With Palo Alto NG Firewalls, we can pass all compliance requirements. We trust it and we are building the security of our environment based on it. We feel that we are secure in our network.

It also provides a unified platform that natively integrates all security capabilities. It's very important because it gives us one solution that covers all aspects of security. The unified platform helps to eliminate security holes by enabling detection. It helps us to manage edge access to our network from outside sources on the internet and we can do so per application. It also provides URL filtering. The unified platform has helped to eliminate multiple network security tools and the effort needed to get them to work together with each other. In one appliance it combines URL filtering, intrusion prevention and detection, general firewall rules, and reporting. It combines all of those tools in one appliance. As a result, our network operations are better because we have a single point of view for our firewall and all related security issues. It's definitely a benefit that we don't need different appliances, different interfaces, and different configurations. Everything is managed from one place.

The most valuable features include the different security zones and the ability to identify applications not only by port numbers but by the applications themselves.

The DNS Security with predictive analytics and machine learning for instantly blocking DNS-related attacks works fine. We are happy with it.

And with the single-pass architecture, it provides a good trade-off between security and network performance. It provides good security and good network throughput.

The machine learning in Palo Alto NG Firewalls for securing networks against threats that are able to evolve and morph rapidly is good, in general. But there have been some cases where we get false positives and Palo Alto has denied traffic when there have been new updates and signature releases. Valid traffic gets blocked. We have had some bad experiences with this. If there were an ability, before it denies traffic, to get some kind of notification that some traffic is going to be blocked, that would be good.

In addition, there is room for improvement with the troubleshooting tools and packet simulator. It would help to be able to see how packets traverse the firewall and, if it's denied, at what level it is denied. We would like to see this information if we simulate traffic so we can predict behavior of the traffic flow, and not just see that information on real traffic.

I have been using Palo Alto Networks NG Firewalls for about three years.

The solution is pretty stable.

The scalability is good.

In terms of the extensiveness of use, it depends on business needs. Every communication from the company is going through this solution, so it's highly used and we are highly dependent on the solution. 

In terms of increasing our use of the solution, it all comes down to business needs. If the business needs it, and we get to the limit of the current appliance, we will consider updating it or adding more appliances. At this point, we're good.

We previously used Cisco. The switch was a business decision and may have had to do with cost savings, but I'm not sure what the driver was.

The initial setup was a little bit complex, but not terrible. The complexity was not related to the product. It was more to do with needing to prepare and plan things properly so that in the future the solution will be scalable. If there were some predefined templates for different use cases, that would help. Maybe it has that feature, but I'm not familiar with it.

The time needed for deployment depends on the requirements. We also continuously optimized it, so we didn't just deploy it and forget it.

Our implementation strategy was to start with allowing less access and then allowing more and more as needed. We made the first configuration more restrictive to collect data on denied traffic, and then we analyzed the traffic and allowed it as needed.

We have less than 10 users and their roles are security engineers and network engineers. We have three to four people for deployment and maintenance and for coordinating with the business, including things such as downtime and a cut-over. The network and security engineers work to confirm that the configuration of the solution is meeting our requirements.

We did it ourselves.

I'm not sure about pricing. I don't know if Palo Alto NG Firewalls are cheaper or not, but I would definitely recommend Palo Alto as an option.

If you need additional features, you need additional licenses, but I'm not aware of the cost details.

We evaluated Cisco, Sophos, Dell EMC SonicWall, and FortiGate. Cost and reputation were some of the key factors we looked at, as well as the flexibility of configuration. Another factor was how many users could comfortably work on the solution when publicly deployed.

The fact that Palo Alto NG Firewalls embed machine learning in the core of the firewall to provide inline, real-time attack prevention is important, but I still don't completely trust it. I haven't really seen this feature. Maybe it's somewhere in the background, but I haven't gotten any notifications that something was found or prevented. At this point, we still use traditional approaches with human interaction.

Overall, what I have learned from using Palo Alto is that you need to be very detailed in  your requirements.

We use this solution as our external firewall and VPN.

The fact that I can perform several security functions in one device at wire speed is a valuable feature. I don't have to slow down my business transactions, and I don't have to inconvenience my users with 16 different solutions. I can have it all in one box, and it protects my organization at wire speed.

Palo Alto Networks NG Firewalls catch a lot of things that other firewalls may not catch and support more current security practices. We get updates several times a day from WildFire, and the firewalls do a great job of keeping us protected.

Within their domain, Palo Alto Networks NG Firewalls provide a unified platform that natively integrates all security capabilities. This is critical because I don't want to deal with multiple devices. I want to do it all with as few devices as possible and have it all work successfully.

It's very important that these firewalls embed machine learning into their core because the only way to keep up with the changing threat environment is to keep learning about it.

Palo Alto Networks NG Firewalls are the gold standard right now for securing data centers consistently across all workplaces, and I'm using them across all of my locations. They provide a consistent experience for the management team as well as the end user.

Surfacing actionable intelligence right away could be better. You have to dig far to get some of the information. If the solution could surface the two or three things out of the 10,000 a day that we really need to deal with, it would be helpful.

I've been working with Palo Alto Networks NG Firewalls for about 20 years.

It is a rock-solid solution in terms of stability. You very rarely have to worry about it. If there's a problem, it's usually because a rule got configured incorrectly.

Across the product line, the NG firewalls scale very well. Within the individual units, however, there are some limitations. It's not always clear to resellers as to what those limitations are. Therefore, as your organization grows you may start to bump into those limitations unexpectedly.

Palo Alto's technical support is pretty good and is among the best. We have called them several times, and they've been on it. Sometimes, it can take a bit longer for them to understand an issue, but overall, I would rate technical support at eight.

Positive

We have used several firewalls including Cisco, Fortinet, and Check Point. We chose Palo Alto because it's the only one that brings it all together in one platform and lets me manage it. It also removes the complexity of what I have to manage and deal with.

The initial setup is fairly straightforward. You put the firewall in with whatever might be there right now in learning mode, and then you can figure out where the holes are.

Palo Alto Networks NG Firewalls have prevented a number of things from happening. We would not have been able to prevent those things from happening had we had other firewalls.

Palo Alto Networks NG Firewalls are the Cadillac standard, and you do pay Cadillac pricing. However, the protection is worth the steep price. 

If you're looking for the fastest firewall, Palo Alto needs to be on your list. They seem to be the only ones that perform at wire speed right now. If you want the cheapest firewall, you will be able to find cheaper options, but you won't find better options than Palo Alto Networks NG Firewalls.

Overall, I would rate Palo Alto Networks NG Firewalls a nine on a scale from one to ten.

The biggest value of RSAC is being able to see everything I don't know anything about. It helps me keep up with where the industry is going.

Also, attending RSAC impacts our organization’s cybersecurity purchases made throughout the year. I chat with my existing vendors when I attend and have conversations with those my team recommends. We then make purchasing decisions based on what I see at RSAC.

We use Palo Alto Networks NG Firewalls for cybersecurity and network security for our infrastructure for our districts, worldwide. 

The SIM's ability to analyze traffic and take appropriate action is the most valuable feature of this solution.

It is an extremely powerful solution as it provides visibility into all the network traffic, and offers a range of actions such as blocking websites or graphics, as well as load balancing. It's a great tool.

The solution's user-friendly interface and clear network visibility are highly valuable to us. It makes management easier, especially for those without extensive technical knowledge.

The benefit we derive from this solution is not only its ease of use but also how it enables collaboration among our team for special activities in our network.

Additionally, the reports that we can generate from the software are very valuable.

Using Palo Alto Networks NG Firewalls has helped us reduce downtime.

Compared to our previous solution, I believe it was Fortinet. It saves a lot of time, you know, especially running your reports and analyzing the traffic. I believe we save thirty to forty percent.

It provides a unified platform that natively integrates all security capabilities.

It has seamless integration with all our devices, including Mac and Windows, and also with our secret server. Moreover, it is even integrated with the Microsoft streaming application that we use.

The embedded machine learning functions seamlessly and can be easily accessed through the dashboard's dedicated tools. Its ease of use is impressive.

I believe it would be beneficial if the solution could integrate with Google Chrome, especially for students who use Chromebooks. However, as far as I know, the solution currently does not support Google Chrome.

I have been using Palo Alto Networks NG Firewalls for five years.

The solution is incredibly stable. 

We have installed patches and updates, and they have all gone smoothly without any issues.

We haven't fully used the capabilities of the firewall, but we purchased a larger scale to prepare for potential future growth.

The firewall is deployed across all six schools and the district office, protecting the entire infrastructure, including switches, access points, and other devices.

This is approximately 3,500 to 4,000 devices.

The technical support team is readily available and very helpful. They provide great assistance whenever we encounter any issues.

There are delays at times, but overall, they are great. I would rate them a nine out of ten.

Positive

Previously, we used Fortinet.

I was involved in the deployment.

We received assistance from the technical support team who helped us implement the project.

We have seen a return on our investment.

As previously mentioned, the firewall is easy to use and has helped us save a significant amount of time, approximately thirty to forty percent.

The cost is quite high.

We evaluated Fortinet as well as Cisco.

The firewall we use is recommended by our county office of education, which also uses the same application. 

This makes it easier for us to collaborate with the county and share reports between different departments.

I'm thoroughly impressed during my inaugural visit here. The array of products and the advanced technology showcased are truly exceptional. It's a great experience.

I plan to revisit it in the future.

Certainly, my attendance would have a significant impact on my cybersecurity-related buying choices as I would gain better insights into various vendors and their products available in the market. It would provide me with increased visibility and enable me to make informed purchasing decisions.

By attending the event and gaining insights into the different vendors and products available in the market, we can make informed decisions about which route to take in the future.

I would rate Palo Alto Networks NG Firewalls a nine out of ten.

Our primary use for the solution is as a perimeter device and firewall. 

Suppose a packet enters our organization with a new, unknown signature. In that case, the firewall can upload it to the primary database and generate user alerts to inform users of the malicious signature, blocking it if necessary.

The solution's most valuable feature is the robust firewall, which we can also use as a UTM device. 

The Wi-Fi analysis and zero-day threat prevention are very good features. 

The product defends our production, blocks files, and prevents data leakage. It's a complete package for advanced security, which is excellent for a firewall.

It's beneficial and vital to us that Palo Alto NGFW embeds machine learning in the firewall's core to provide inline, real-time attack prevention. Suppose it observes any abnormalities in our traffic. In that case, the product can detect that through machine learning and generate a lock so we can mitigate an attack or a vulnerability in the system.   

Palo Alto NGFW's machine learning works well to secure our network against threats that can evolve and morph rapidly. A particular strategy we encounter on our system is when a packet comes in and behaves abnormally. Palo Alto detects the abnormality, generates an alert, and responds based on our policies by blocking or discarding the package.   

We use the firewall's DNS security, and it's excellent for blocking DNS attacks thanks to the continuously updating Palo Alto threat database. For example, the product blocks users from accessing sites with a known malicious DNS.

The price could be more friendly, which would be good for Palo Alto and us. If the price were a little lower, then it would be a viable option for mid-level businesses, who may not be able to deploy at the current price point.

We've been using the solution for one and a half years. 

The solution is very stable and robust. 

The product is scalable and very easy to configure; we enjoy the configuration and operation of the firewall. 

We contacted Palo Alto technical support on several occasions, and they're excellent; they always try to resolve our issues as soon as possible. 

Positive

We previously used Cisco ASA and Check Point NGFW and switched to the Palo Alto solution because it offers more robust and complete protection and features.

The initial setup is straightforward, and it depends on the network configuration. If we want to make few network changes, we can deploy the firewall in Virtual Wire mode, and we don't have to mess with IP addresses and so on. If we want to deploy with a new configuration, we can do that in Layer 3 mode.

If we upload a pre-planned configuration to our network firewall, the deployment can take as little as 10-15 minutes. We have a team of nine engineers responsible for daily policies, troubleshooting, etc.

We deployed via an in-house team; we have a big team, so we deploy ourselves whenever possible.

The solution is worth the money for organizations operating in critical environments with lots of sensitive data and information. Data leaks can lead to broken trust with clients and a suffering reputation in the business community, including brand damage.

Palo Alto NGFW is relatively expensive compared to the competition.

I rate the solution 10 out of 10.

Palo Alto NGFW provides a unified platform that natively integrates all security capabilities, which is an important feature. It provides a robust kind of security counter at the perimeter level.  

The solution's unified platform helps eliminate security holes. For example, the firewall can easily block attempted SQL injections with the help of App-ID. 

Palo Alto NGFW's unified helped to eliminate multiple network security tools and the effort needed to get them to work with each other. The solution provides vulnerability assessment and protection, antivirus prevention, data leak prevention, file blocking, site blocking, and application blocking, all in one product. It's an excellent firewall device and very useful for our network. 

We have the zero-delay signatures feature implemented with our firewall, and it's essential because attack signatures are updated immediately. Attackers are trying to find new ways to harm our network daily, and the zero-delay feature makes it so that the network is updated in seconds, and the first user to see a new threat is the only one to experience first exposure. This functionality improved our security.   

To a colleague at another company who says they are looking for the cheapest and fastest firewall, it depends on their environment. I recommend Palo Alto or Check Point if they are a financial institution. If they are a mid-level non-financial institution, I recommend Cisco Secure Firewall because it's also a good firewall.

To someone looking to use Palo Alto NGFW for the first time, analyze the packet flow of your organization and understand which types of packets you're getting and which type of services you are providing in your data center or enterprise. Multiple data centers require a high security level, so I recommend activating the Layer 7 feature.

The biggest lesson I learned from using the solution is the importance of following all the steps in the operation manual when upgrading or updating. 

We use Palo Alto Networks NG Firewalls for segmentation and basic routing. They are the gatekeepers for the network.

I like being able to investigate anonymous VPNs and also like to use traffic-capturing features. We've had some anonymous VPNs coming to our network, and we're trying to make sure that internal users are not able to use those to get past our security.

Palo Alto Networks NG Firewalls have a very nice interface for logging and monitoring. I find it easy to navigate and use, and the interface is organized as well. I can find answers within a couple of hours and have seen time savings.

We have Azure firewalls that are licensed through Palo Alto. It's super important that Palo Alto Networks NG Firewalls provide a unified platform that natively integrates all security capabilities because we are moving almost entirely to Azure. Thus, the more Azure integration we have, the better it's going to be for us long term.

These firewalls have been efficient at securing data centers consistently across all workplaces.

We haven't had many downtime issues with Palo Alto.

The customer-facing side needs to be improved in terms of the engagement and involvement of support staff.

My first exposure to this solution was about a year and a half ago.

The firewalls are relatively stable. We have a few that go up and down, but that has more to do with licensing issues than with the firewall itself.

Technical support needs to be improved with regard to the time to respond and the response itself. We've been getting the same responses over and over again. It would help us out a lot if the technical support staff were more engaged or involved.

From what I've heard from our firewall engineer, I would rate technical support a four out of ten.

Neutral

We utilize GlobalProtect and have seen a better return on investment with regard to security and peace of mind.

Licensing is a big issue for us because of the complexity and the lack of engagement from Palo Alto. It has been hard to talk with them as we don't get the best answers.

We are always evaluating other vendors and are currently looking at Cisco. Though both Palo Alto and Cisco firewalls are feature-rich and provide very good value, Cisco is better at customer engagement. They are easier to talk to as well.

Palo Alto Networks NG Firewalls are not the cheapest and fastest, but they are one of the top ones in terms of the most effective firewalls.

Overall, I would rate NG Firewalls an eight out of ten. They're definitely a top competitor.

I love the opportunity to see technical demos and take hands-on tours with some of the products at RSA conferences. They are the best part because I get to learn and gain exposure to new technology. It is particularly helpful when we want to look at other avenues.