Likelihood to Recommend When we are asked by local partners which security equipment we use we always recommend our Cisco security products. The Firepower firewall is no exception and we can easily recommend this to others who need a fast, secure, and well built system that integrates well with all your existing hardware and software.
Read full review Malware that doesn’t leave files behind has become widely available. Anyone who can afford to reverse this trend should purchase technology. Application whitelisting isn’t for everyone, and Palo Alto Networks Traps can help. Enterprises looking for a low-affected, next-generation solution with high protection should consider it. PAN Traps is a great product at a reasonable price, and I highly recommend it.
Read full review Pros Policy management in the GUI. I'm old-school, and still create ACLs in the CLI, but using the GUI for this is very nice. Event monitoring and reporting is great, and you can get very granular when it comes to what information you are viewing. I really like the troubleshooting features that are built in, especially the packet tracer and the ability to generate and download a troubleshooting package to review or send to TAC. Read full review Direct Access to devices via Live Terminal which provides operations with scripting, triage, and preservation of artifacts. Behavioral Indicators of Compromise which provides alerts on events regarding groups of hosts and their signatures. Querying complex data sets involving a variety of devices for network connections, hashes, DNS, etc. Read full review Cons When deployed as Firepower Threat Defense, configurations cannot be made within the device itself. Troubleshooting can be difficult if the Cisco Firepower 4100 Series firewall is managed by the Cisco Firepower Management Center. There are two operating systems in Cisco Firepower 4100 Series, firmware upgrade process will take a long time. Read full review Traps doesn't seem to function as a traditional A/V very well, so it's better as another layer to your endpoint protection Traps can cause issues with some legacy or custom programs, so exceptions may have to be made Traps falsely identifies things as malicious at times, this is not often though Read full review Usability Day to day, Cortex is easy to use when you have no alerts and when an agent upgrade doesn't go south. Alerts are far too "clicky", there's too many steps to drilling down to what actually happened to trigger an alert. Investigating alerts in Cortex takes about 5x longer than it should.
Read full review Support Rating The support we receive from Palo Alto is one of the best aspects of Traps. It is very easy to recommend their support. It seems much easier to connect directly with someone with a deep understanding of the product rather than other companies where you basically have to make an airtight case that it is some kind of non-standard issue that can't be solved with existing documentation. Palo Alto digs deep and helps with advanced troubleshooting to get things working.
Read full review Alternatives Considered As I mentioned before, the Fortigates have better failover. I think the Cisco interface is easier to use that that of the
FortiGate . My only criticism would be that with multiple CLIs, it can get a bit confusing when you are trying to configure something or troubleshoot from the CLI.
Read full review Traps is the slickest interface, easy to use and intuitive rule making, and the rest just didn't quite stack up to the performance level of Traps.
McAfee and Kaspersky just hog processor and RAM power. I didn't like the interface and functionality of
SentinelOne as much as Traps. Palo Alto really put a lot of time into the development of this software, and had some of the founding fathers of IT Security heading the development process. Can't beat that.
Read full review Return on Investment Positive impact would be our increased security network wide. Another positive would be the increased processing power, saving us time and [from] needing more equipment. A negative impact would be the increased need for having to learn a new interface. Read full review After putting Palo Alto Networks Cortex XDR on a user's system, users came back with a positive response that there are no performance issues now. We are able to track and control granular suspicious and malicious activities. Web controls are missing, which if they would have been there would have been very helpful. Read full review ScreenShots