We just raised a $30M Series A: Read our story
2019-03-11T07:21:00Z

What is your experience regarding pricing and costs for Palo Alto Networks NG Firewalls?

269

Hi,

We all know it's really hard to get good pricing and cost information.

Please share what you can so you can help your peers.

ITCS user
Guest
4444 Answers

author avatar
Top 20Real User

Look at Palo Alto because it is a bit modular, so you can take the components that you need when you need them. You need something that will do the job. It doesn't matter if it's cheap and fast, if it quickly lets through vulnerabilities. You need something that will be reliable. We were very happy when they released the PA-440s. Previously, we had been looking at the PA-820s, which were a bit of overkill for us. Price-wise and capability-wise, the PA-820s hit the nail on the head for us. Go for a three-year deal, then Palo Alto will bring in some discounts. We also deployed them as HA Pairs to make sure we had resiliency.

2021-10-08T08:31:00Z
author avatar
Top 20Real User

Palo Alto is not a cheap solution but it is competitive when it comes to subscriptions. The hardware is something that you can buy all day long, regardless of the vendor. It's when you start adding in all of the subscriptions that it is either going to make or break the budget. All things considered, Palo Alto is comparable. There are several extra features available and what you use depends on what you want to do with the firewall, and how it's going to be deployed. AV is an option, the Threat Prevention app is extra, along with URL filtering, and WildFire. You won't have all of the options on all of the servers. For example, the internal servers won't be doing any web surfing, so the requirements are a little bit different. I'm more worried about my building to building, East-West traffic because I can't afford to put a Palo Alto in every building. Instead, I put a Palo Alto in front of me to deal with the North-South traffic.

2021-09-23T17:45:00Z
author avatar
Top 10MSP

I'm not sure about pricing. I don't know if Palo Alto NG Firewalls are cheaper or not, but I would definitely recommend Palo Alto as an option. If you need additional features, you need additional licenses, but I'm not aware of the cost details.

2021-08-10T22:10:00Z
author avatar
Top 20Real User

Definitely look into a multi-year license, as opposed to a single-year. That will definitely be more beneficial in terms of cost. We went with five-year licenses. After looking at the overall costs, we calculate that we're only paying for four years, because it works out such that the last year is negligible. If we were to be billed yearly, the last year's costs would be a lot more. With the five-year plan we're saving about a year's worth of licenses. Based on the quantity of devices we purchased, we found that the hardware price was actually cheaper than most of the other vendors out there. If a colleague at another company were to say, "We are just looking for the cheapest and fastest firewall," given my experience with Palo Alto's NG Firewalls, my answer would depend on the size of the company and how much traffic they're going to be generating. Palo Alto is definitely not the cheapest, but if you scale it the right way it will be very comparable to what's out there.

2021-07-30T07:40:00Z
author avatar
Real User

We are on an annual license for this solution. I am happy with the price and when comparing it to other solutions it is priced competitively.

2021-06-11T13:53:34Z
author avatar
Top 5LeaderboardReal User

We have five-year contracts with Palo Alto. I know the solution is on the expensive side but I'm not involved in licensing and don't have the numbers.

2021-05-22T11:03:49Z
author avatar
Real User

It has a yearly subscription.

2021-04-30T21:17:31Z
author avatar
Top 5LeaderboardReal User

The price of the solution is quite high, especially if you compare it to Cisco or Juniper. The solution is subscription-based. Users can pay monthly or yearly. We pay on a yearly basis.

2021-04-15T14:29:19Z
author avatar
Real User

This solution is quite expensive.

2021-03-05T06:06:57Z
author avatar
Top 5Real User

It is expensive.

2021-03-04T18:02:15Z
author avatar
Top 5Real User

Compared to other solutions, it's very expensive to set up and maintain.

2021-03-02T16:01:23Z
author avatar
Top 5LeaderboardReseller

After the hardware and software are procured, it is the AMC support that has to be renewed yearly.

2021-03-02T07:38:59Z
author avatar
Top 20Real User

The pricing is quite high on Palo Alto. On the lower end, it's likely to cost $15,000 for renovation and support.

2021-02-12T08:51:27Z
author avatar
Top 20MSP

With the licensing we pay for it annually, the price could be cheaper.

2021-02-11T11:33:05Z
author avatar
Top 20Real User

Paul Alto is the most expensive solution in this category. The subscriptions and support are also expensive, but everything is included in the hardware, including the subscriptions. If a customer is price-sensitive, I will go for Fortinet without a second thought. If customers are willing to invest in their data centers, I might go with Palo Alto and Cisco.

2021-02-11T00:50:07Z
author avatar
Top 5Reseller

It is an expensive solution.

2021-02-04T21:54:27Z
author avatar
Top 20Real User

We find the cost of the solution to be very high. It's quite expensive, and one of the most expensive on the market. The pricing is related to the complexity of the environment. The more complex the company's requirements, the more it will cost.

2021-01-31T06:58:32Z
author avatar
Top 5Real User

The pricing is very high.

2021-01-28T10:33:01Z
author avatar
Top 5Real User

The device is very expensive compared to Cisco and Fortinet. But many of my customers use Palo Alto as Palo Alto is the standard of their organization.

2021-01-27T10:49:16Z
author avatar
Top 20Real User

This is an expensive product, as are the others of this type.

2021-01-27T09:19:49Z
author avatar
Top 20Real User

The licensing is paid on a yearly basis. The pricing could be better, however, the cost depends on the sizing of the product. The pricing, therefore, varies from company to company for the most part.

2021-01-15T20:15:01Z
author avatar
Top 5Real User

Palo Alto is more affordable than some competing products, such as Check Point.

2021-01-12T15:26:56Z
author avatar
Top 20Consultant

Its price can be better. Licensing is on a yearly basis.

2021-01-04T10:46:56Z
author avatar
Top 5LeaderboardReal User

This is an expensive product and there is a subscription cost.

2020-12-16T11:18:08Z
author avatar
Top 5LeaderboardReal User

The NG firewall is an expensive solution.

2020-12-08T16:55:47Z
author avatar
Top 20Real User

It is a little bit expensive.

2020-11-18T17:49:17Z
author avatar
Top 20Real User

It is a little bit expensive than other firewalls, but it is worth every penny. There are different licenses for the kinds of services you want to use. When we buy a new product, we go for a three-year subscription.

2020-11-16T18:30:20Z
author avatar
Top 20Real User

You could say that the cost is higher for Palo Alto, but they are a better product compared to the other principals.

2020-11-10T17:19:34Z
author avatar
Top 20Real User

Palo Alto is more expensive in comparison to Fortinet and other firewalls. It's okay because they do provide quality.

2020-11-06T21:14:58Z
author avatar
Top 20Reseller

This is an expensive product, which is why some of our customers don't adopt it.

2020-07-23T07:58:37Z
author avatar
Top 10Consultant

The pricing is competitive in the market.

2020-07-13T06:55:57Z
author avatar
Top 5Reseller

The pricing of the solution is quite high. It's too expensive, considering there's so much competition in the space. There aren't extra costs on top of the standard licensing policy. Still, Palo Alto seems to be adding some premium costs that competitors just don't have.

2020-07-05T09:37:56Z
author avatar
Top 20Real User

I know the solution is not inexpensive. It depends on what you ultimately sign up for or whether you just want the warranty on the hardware.

2020-06-30T08:17:31Z
author avatar
Top 5MSP

Palo Alto is a little expensive compared to every other solution, but you get what you pay for. The question I have been asking customers since I became a solutions architect is what the best in security is worth. The problem with people seeking security solutions is thinking that all solutions are the same, thinking the newest technology solutions are best and thinking cost-first. A better way to think about it would be how expensive a break-in is. If I am shopping around for a firewall solution and I see I have to pay a lot per year for Palo Alto and I see Meraki is a much lower price, I might be attracted by the less expensive product. When it is deployed, we get broken into and lose $10 million worth of design documents. It may be quite possible that break-in could have been avoided by paying more for a better security solution. Because I went the cheap route, I lost many times what I 'saved.' For possibilities like this alone, it is hard to put a price on security. Take a deeper look at what happens when you try to save money on security. Meraki does SD-WAN (Software-defined Wide Area Network). That is touted as fantastic because the client is going to save a whole lot of money because they don't need MPLS (Multi-Protocol Label Switching) anymore. But the reality behind it is, there is absolutely no application acceleration, no data deduplication, and no forward error correction. Forward error correction is extremely important when you're using a device between points. But Meraki sells its devices for nickels or pennies on the dollar in comparison to other security solutions. Only then you only learn the lesson of what happens when you go cheap. Your network gets broken into more easily because of the inherent exposure in SD-WAN and it goes down a lot. If you have sales offices and those sales offices have Meraki firewalls, the device may observe a problem out on the internet. When it does, the Meraki's failover results in an outage. With Meraki, failover to a better link takes 30-seconds. Whether it is a 30-minute failover or 30-second failover, you can drop a call. If you are cold calling and you dropped a call, you don't get a second chance. It is impossible to say how much money you might lose. For example, if my company sells microchips and that call was going to develop into a $40 million sale, that sale is gone. It is gone because of the small comparative cost savings in security and the instability of the solution you chose to use. But a 30-second outage every single time a route is withdrawn across the internet means your phone is going to ring if you are the IT Director, and you will eventually lose your job. The costs for Palo Alto are structured in a similar way to other products. With Palo Alto you can do one, two, three and five years contracts. It is the same thing with Fortinet and Meraki. Hardware cost is very different than the application license. The hardware maintenance agreement is separate. With all of the firewall solutions, you will pay for a hardware maintenance agreement. That protects the hardware itself. That is an annual billing and separate from the software in all cases. Nobody bills for firewalls on a monthly basis. Even the VM version of the Palo Alto is billed per year. Using that license, you can build up a VPN that forces all default traffic to a particular device before it goes out to the internet. It is comparatively pretty cheap in practice, and it works. It works well because you only need one piece of hardware. Build the server and start slicing out VMs. Then it becomes possible for everybody in a network to be protected by Palo Altos security at a lower cost.

2019-12-04T05:40:00Z
author avatar
Top 20Real User

If you have some network experience then you can set it up on your own, with no setup costs. Don't buy a device with more power than you really need, because licensing depends on the cost of the box you have.

2019-07-01T11:17:00Z
author avatar
Consultant

I think, if you compare, they're a little costly next to Cisco of Check Point, but they offer a lot of other additional features to look at. The licensing is annual, and there aren't any additional fees on top of that.

2019-07-01T07:58:00Z
author avatar
Real User

It will be worth your time to hire a contractor to set it up and configure it for you, especially if you are not very knowledgeable with PA firewalls.

2019-06-26T20:18:00Z
author avatar
LeaderboardReal User

In terms of pricing, every model has a license. For example a small model, the license around 1,000 USD. The next one around 2,000 USD. The next range is 11,000 USD to 13,000 USD. It's expensive compared to PaloAlto competitors.

2019-06-26T05:25:00Z
author avatar
Real User

I would advise anyone to go ahead and understand exactly what they need. It's not because Palo Alto's cost is a little less. Depending on use, it's expensive. So they should understand the requirements first, before going with Palo Alto.

2019-06-26T05:25:00Z
author avatar
Consultant

Licensing is on a three year basis. Customers prefer one to three years. Licencing is pretty expensive. Check Point is cheaper than Palo Alto. There's also an international license. If a customer wants to control different things, they will need an extra license.

2019-06-26T05:25:00Z
author avatar
Real User

It's a bit pricey.

2019-06-26T05:25:00Z
author avatar
Real User

At our company, we sell the solution for another vendor, and they sell to another vendor. So our pricing is more expensive than other vendors.

2019-06-26T05:25:00Z
author avatar
Real User

Pricing is yearly, but it depends. You could pay on a yearly basis or every three years. If you want to add a device or two, there would be an additional cost. Also, if you want to do an assessment or another similar add-on you have to pay accordingly for the additional service.

2019-05-15T05:16:00Z
author avatar
Real User

Annually, the licensing costs are too much.

2019-03-11T07:21:00Z
Learn what your peers think about Palo Alto Networks NG Firewalls. Get advice and tips from experienced pros sharing their opinions. Updated: November 2021.
552,305 professionals have used our research since 2012.