Cisco Meraki MX Firewalls is a combined UTM and Software-Defined WAN solution. Meraki is managed via the cloud, and provides core firewall services, including site-to-site VPN, plus network monitoring.
$595
per appliance
Palo Alto Panorama
Score 8.7 out of 10
N/A
According to the information provided by the vendor, Palo
Alto Panorama is a network security management solution that intends to
simplify and enhance cybersecurity processes for businesses. The product's
primary objective is to offer various features, including unified policy
management, centralized visibility, automated threat response, simplified
configuration, unrivaled scalability, and rapid security adoption. It claims to
assist organizations in efficiently managing their firewalls and…
So most use cases, this product fits. There aren't that many situations where it doesn't, and I've put it inside of banks. I've used it inside of schools, I've used it at normal businesses, big, bigger, and or small, but very small use cases where it has not, and we could not lead with it was at some banks. They did require NetOver VPN when communicating with higher-fed entities. If in the future Meraki could include NetOver VPN, then this would just be an auto-include for most of our deployments.
I think Palo Alto Panorama is suited for administrators of all levels because certain things can be locked down to certain permission levels. But there are executive dashboards all the way down to the weeds for the highest of administrators. This truly is a single pane of glass tool because you never have to go into the individual firewalls for anything.
If you need to push a setting or config to multiple firewalls Panorama can do that flawlessly.
Panorama has its logging centralized and this makes it easy to locate and reviews logs compared to having to get logs from each device.
I love how the interface matches the interface on the firewall. This makes the learning curve less steep.
Adding new firewalls to Panorama is super easy and not complex. Panorama can push a lot of the config and settings so you don't have to manually do it.
The ability to push out OS updates could be improved in Panorama. It has the abilities, but the use is not intuitive, to the point that we generally connect directly to the firewalls to download the OS updates directly.
Scheduling. It would be nice to be able to schedule jobs to run at certain times. Pushing out updates, like OS updates mentioned above, can require significant bandwidth. So being able to schedule that work for hours that would not directly affect the users would be a welcome addition.
The list of devices in the Templates tabs should be sorted the same way that he devices are grouped in the Device Group tab, rather than just alphabetical. If there was a way to chose the order of the devices, maybe by tag, that would work as well.
As we have it in place now, we will continue to keep it at our remote sites. Future expansion is something we are reviewing, and may well start with some of the larger switches as they seem to offer good performance and management at a reasonable price. Wireless is also something we're investing in and their devices are great for that.
Panorama has given us much more than we expected and the support for the product, by Palo Alto Networks has been great. We would like to see some improvements that I mentioned in another review, like scheduling changes, but overall Panorama has provided a very capable product and we are very happy with it.
The Cisco Meraki MX series is very easy to use. Setting up user VPN access, site to site VPN to tie multiple locations together and managing all your devices. You can even download the latest firmware and install without ever leaving the dashboard. Meraki is the very definition of easy to use
You can do anything via the GUI without going to the CLI. High real time security as every five minutes, it updates the list of phishing websites. High protection as the firewall communicates with the cloud, a machine running artificial intelligence helps to detect malware or other threats.
I haven't ever had a bad experience with Meraki support. On the few occasions where I wasn't understanding the UI or needed some clarification about what a setting actually would do, I contacted them and they were very quickly able to provide help. Returns are simple and fast, too. We had to return a defective device one time and they shipped the replacement before we had even un-racked the one that was faulty. Unlike many other vendors, they didn't ask use to a do long list of scripted diagnostics, they just took my word for it that the device was broken and sent out a replacement immediately
Palo Alto has a very nice customer support. People are very nice and were quick to reply, whenever we had an issue with the subscription or the blacklist tool. There is also a great deal of information on their website that covers each and every detail about the uses and the threat signatures. The community keeps on updating their information very frequently. Small issues are easily solved from the documentation, and for other issues, the customer support service is always present. However, on Fridays it becomes a little delayed as per my observation.
I have used Sonicwall and Meraki, and they are very similar and functional, but they go about it in different ways. Meraki is a little more user-friendly with less of a learning curve, but it comes at a little steeper price. I do like the online dashboard of Meraki better, though.
Palo Alto Panorama and Junos Space Security Director have many similar features but Palo Alto Panorama excels in almost all of them. The monitoring tools in Palo Alto Panorama are easy to use and give more in-depth insight into what is going on in your network. Palo Alto's security is ranked much higher and the Web Application Security is also superior to that of the Junos counterpart.
Every network we create will allow us to automatically be attached in the mesh network. The ability for the automatic VPN connections is very convenient and allow us to focus on other configuration points without having to worry about if the VPN will work or not. The GUI showing the VPN is kind of confusing, but as long as it has direct connection to the other Meraki MX units, it will be up.
At a previous company, I deployed Palo Alto firewalls to a data center, and 12 branch locations. This allowed us to replace MPLS links with IPSec tunnels between the sites. This resulted in significantly more throughput and soft savings of increased productivity. However, the estimated net of $220,000 in hard savings over five years is what is most impressive. I could not have effectively managed all those devices without Palo Alto Panorama.
