Cisco Meraki MX Firewalls is a combined UTM and Software-Defined WAN solution. Meraki is managed via the cloud, and provides core firewall services, including site-to-site VPN, plus network monitoring.
$595
per appliance
Palo Alto Panorama
Score 8.3 out of 10
N/A
According to the information provided by the vendor, Palo
Alto Panorama is a network security management solution that intends to
simplify and enhance cybersecurity processes for businesses. The product's
primary objective is to offer various features, including unified policy
management, centralized visibility, automated threat response, simplified
configuration, unrivaled scalability, and rapid security adoption. It claims to
assist organizations in efficiently managing their firewalls and…
Cisco Meraki MX is great for a short term deployment. An all in one model can combine a cellular router, wireless access point, 10 port switch (with POE). Having a cellular model means seamless failover with a wired link. An included SFP slot on the MX68 series would be beneficial. Maybe in a newer model.
I think Palo Alto Panorama is suited for administrators of all levels because certain things can be locked down to certain permission levels. But there are executive dashboards all the way down to the weeds for the highest of administrators. This truly is a single pane of glass tool because you never have to go into the individual firewalls for anything.
It provides a really good single pane of glass so you can really easily identify end to end, what is going on in your environment.
It provides the ability for someone that doesn't necessarily need a really deep level of knowledge to be able to operate and maintain it. I think that's probably a big selling point, but I think definitely for the people that I'm selling the products who just having a dashboard and being able to log onto it and see if things are good or bad is quite key. So it does that really well.
If you need to push a setting or config to multiple firewalls Panorama can do that flawlessly.
Panorama has its logging centralized and this makes it easy to locate and reviews logs compared to having to get logs from each device.
I love how the interface matches the interface on the firewall. This makes the learning curve less steep.
Adding new firewalls to Panorama is super easy and not complex. Panorama can push a lot of the config and settings so you don't have to manually do it.
The ability to push out OS updates could be improved in Panorama. It has the abilities, but the use is not intuitive, to the point that we generally connect directly to the firewalls to download the OS updates directly.
Scheduling. It would be nice to be able to schedule jobs to run at certain times. Pushing out updates, like OS updates mentioned above, can require significant bandwidth. So being able to schedule that work for hours that would not directly affect the users would be a welcome addition.
The list of devices in the Templates tabs should be sorted the same way that he devices are grouped in the Device Group tab, rather than just alphabetical. If there was a way to chose the order of the devices, maybe by tag, that would work as well.
As we have it in place now, we will continue to keep it at our remote sites. Future expansion is something we are reviewing, and may well start with some of the larger switches as they seem to offer good performance and management at a reasonable price. Wireless is also something we're investing in and their devices are great for that.
Panorama has given us much more than we expected and the support for the product, by Palo Alto Networks has been great. We would like to see some improvements that I mentioned in another review, like scheduling changes, but overall Panorama has provided a very capable product and we are very happy with it.
The Cisco Meraki MX series is very easy to use. Setting up user VPN access, site to site VPN to tie multiple locations together and managing all your devices. You can even download the latest firmware and install without ever leaving the dashboard. Meraki is the very definition of easy to use
You can do anything via the GUI without going to the CLI. High real time security as every five minutes, it updates the list of phishing websites. High protection as the firewall communicates with the cloud, a machine running artificial intelligence helps to detect malware or other threats.
I haven't ever had a bad experience with Meraki support. On the few occasions where I wasn't understanding the UI or needed some clarification about what a setting actually would do, I contacted them and they were very quickly able to provide help. Returns are simple and fast, too. We had to return a defective device one time and they shipped the replacement before we had even un-racked the one that was faulty. Unlike many other vendors, they didn't ask use to a do long list of scripted diagnostics, they just took my word for it that the device was broken and sent out a replacement immediately
Palo Alto has a very nice customer support. People are very nice and were quick to reply, whenever we had an issue with the subscription or the blacklist tool. There is also a great deal of information on their website that covers each and every detail about the uses and the threat signatures. The community keeps on updating their information very frequently. Small issues are easily solved from the documentation, and for other issues, the customer support service is always present. However, on Fridays it becomes a little delayed as per my observation.
Compared to the regular Cisco devices, the greatest thing will always be the ease of configuration that the Cisco Meraki MX gives by having a dashboard to eliminate a command line that can be difficult for some beginners, it is easier to identify if you make mistakes and fix them since everything is saved and visually you can see something that is not so good.
Palo Alto Panorama and Junos Space Security Director have many similar features but Palo Alto Panorama excels in almost all of them. The monitoring tools in Palo Alto Panorama are easy to use and give more in-depth insight into what is going on in your network. Palo Alto's security is ranked much higher and the Web Application Security is also superior to that of the Junos counterpart.
Scalability is pretty decent. We run into some issues with the more hubs we create. We've had to tune out the deployment between whether something's a hub or a spoke regionally. So as long as not everything is a hub in this environment and you're creating spokes that talk directly to hubs, that takes a lot of the CPU utilization off of anything that's deemed a hub.
I'm going to say positive impact. The biggest thing is especially coming from having a third party taking care of our network to us doing it ourselves. The ease of this with the overall high level visual that we can get as to how our day is starting and running reports to see how many outages have we had, what areas have they actually been in running these reports and being able to gather if it's a certain service provider that's causing an issue in a general area, maybe we need to switch service providers for ISP. So it's been great in that mannerism for us. Ease of manage, I mean, we have a limited number of staff, we have a lot of different offices across the country. And then this is relatively new for us because we did have a previous provider doing all of this for us.
At a previous company, I deployed Palo Alto firewalls to a data center, and 12 branch locations. This allowed us to replace MPLS links with IPSec tunnels between the sites. This resulted in significantly more throughput and soft savings of increased productivity. However, the estimated net of $220,000 in hard savings over five years is what is most impressive. I could not have effectively managed all those devices without Palo Alto Panorama.