2019-03-03T11:18:00Z

What needs improvement with Palo Alto Networks Threat Prevention?

Miriam Tover - PeerSpot reviewer
  • 0
  • 24
PeerSpot user
18

18 Answers

Mirko Minuzzo - PeerSpot reviewer
Real User
Top 5Leaderboard
2023-12-01T10:58:13Z
Dec 1, 2023

There could be some firewalls with fiber optics interfaces.

Search for a product comparison
VG
Real User
Top 20
2023-10-20T15:58:45Z
Oct 20, 2023

The application’s pricing and dashboard need improvement. It could be user-friendly.

RB
Real User
Top 20
2023-09-27T08:07:02Z
Sep 27, 2023

The installation was complicated.

Prasanth Kailasam - PeerSpot reviewer
Real User
Top 5Leaderboard
2023-05-03T07:46:24Z
May 3, 2023

Palo Alto Networks Threat Prevention could improve the commercial offing. Other solutions, such as Fortinet provide better commercial features.

Carlos Bracamonte - PeerSpot reviewer
MSP
Top 5
2023-03-15T21:37:13Z
Mar 15, 2023

We are attempting to improve the use of URL filtering beyond threat protection. I'm not sure what the remaining threat protection features are off the top of my head. But beyond that, we use URL filtering. We have three approved cases for using external dynamic lists that are stored in a bucket repository. Then, for each URL site that needs to be whitelisted, we add it to the external dynamic list in order to gain access to this email. I would like Wildfire to be implemented. We use the equivalent in Cisco is the integration policies. We have the Wildfire but we are not currently implementing it. We don't have the license to use it, but we are not currently implementing it until we present the use cases that the company gives some value to and they approve the use of it.

RG
Real User
Top 20
2022-12-08T17:33:32Z
Dec 8, 2022

The granularity of the signature could be improved. Mission learning techniques on firewalls are good but should continue to expand and detect unknown threats on the fly. The capability seems to be a bit limited on certain types of traffic. The solution should include a checkbox to select or bypass the profile on a firewall or policy. The option to customize signature fields or allow feeds from other tools or environments would be interesting.

Find out what your peers are saying about Palo Alto Networks, Darktrace, Check Point Software Technologies and others in Intrusion Detection and Prevention Software (IDPS). Updated: March 2024.
765,234 professionals have used our research since 2012.
Leandro Soares Costa - PeerSpot reviewer
Real User
Top 5
2022-05-19T10:46:42Z
May 19, 2022

The initial setup is complex. We'd like more APIs to manage programmatically the IPS to orchestrate it and avoid logging into the graphical user interface console. We'd like to have some robots to manage the solution's tasks.

M.
Real User
2021-08-13T08:48:54Z
Aug 13, 2021

The resource consumption should be addressed. The technology firewall anomaly network could stand improvement. The pricing could be better.

GG
Real User
2020-03-30T07:58:00Z
Mar 30, 2020

We use four Palo Alto solutions in stand-alone mode and but it's hard to use when I use it in Panorama. Palo Alto's maintenance needs to be improved.

RS
Real User
2020-03-29T08:27:00Z
Mar 29, 2020

The documentation needs to be improved. I need better information about how to configure it and what the best practices are.

SA
Consultant
2019-10-06T16:38:00Z
Oct 6, 2019

The solution needs to improve Reverse DNS functionalities. Right now, when you check the IP address, it tells all. It assumes that that IP address is locally available on the inside. When the request is going back to me it's supposed to do what we call rights. Instead of giving me the public IP address in my response, it's supposed to give me the private IP address or the local IP address so that I can reach the device locally. That's the challenge right now. Sometimes when you want to group a set of ports, and communicate with Palo Alto, you cannot group TCP and UDP ports together. This needs to be adjusted.

MV
Real User
Top 20
2019-09-29T07:27:00Z
Sep 29, 2019

The price of licenses should be lowered to make it less costly to scale our solution. I would like to see consolidated licensing for on-premises solutions. This would give us all of the features available for the one box.

TS
MSP
2019-09-29T07:27:00Z
Sep 29, 2019

I think they can use some improvement on FID. There are lots of false positives and those can be eradicated. Sometimes you can't identify a 10-year-old doc, but they can probably update those signatures and false positives, so it would be helpful and save us a lot of time.

VG
Real User
Top 20
2019-09-08T09:50:00Z
Sep 8, 2019

The IPS can be improved on the solution. The itineration, for example. Also, if additional features, like SD Wan, etc. can be added. This would be helpful. Other additional features that could be added include Individual Traps. In terms of enhancement for overall protection, we would like more Traps or other solutions that are developing within the firewall. The solution needs to improve its local technical support services. There is no premium support offered in our market.

PW
Consultant
2019-09-03T08:57:00Z
Sep 3, 2019

It's not so easy to set up a test environment because it's not so easy to get the test license. The vendor only gives you 90 days for a test license; it's a tough license to get.

it_user810594 - PeerSpot reviewer
Real User
2019-04-11T10:03:00Z
Apr 11, 2019

The organization mail security solutions could be improved. There is no mail security solution available.

SA
Real User
2019-04-11T10:03:00Z
Apr 11, 2019

In most areas, Palo Alto Threat Prevention is a fine choice. The application is very good. The most important feature we find to be the NCR Reader. It is best for application security. I don't know how they could improve it more. The application is already working fine with good results. Support is really good with Palo Alto and we are resellers of the software to our customers. They will let us know how they find it valuable after we implement it. Most of our customers have found Palo Alto Threat Prevention very good to use. We have a number of customers in the market. Everybody is happy with the product. Overall, Palo Alto Threat Prevention doesn't need much more. From a general point of view, you get everything. If it is content filtering, it should be no problem.

AS
Real User
2019-03-03T11:18:00Z
Mar 3, 2019

Right now we are focusing on email. If Palo Alto can increase the features related to email filtering and the new malware, it would help us protect our systems.

Intrusion Detection and Prevention Software (IDPS)
What Is an Intrusion Detection System? Intrusion detection systems (IDSes) analyze network traffic for signatures of known attackers. The systems can be hardware devices or software solutions. An IDS can mitigate existing malware, such as backdoors, rootkits, and trojans.The goal of an intrusion detection system is to detect an attack as it occurs. The system starts by analyzing inbound and outbound network traffic for signs of known attackers. Some activities an IDS performs...
Download Intrusion Detection and Prevention Software (IDPS) ReportRead more