What users are saying about
27 Ratings
27 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 9.2 out of 100
Top Rated
104 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 9.3 out of 100

Likelihood to Recommend

Snort

If a colleague was looking to tighten down their network I can easily recommend Snort to them. It gives you some more peace of mind knowing that its always scanning traffic for malicious looking code. Even things your major firewalls and security hardware might miss, Snort has picked up. Its an easy recommendation for me.
Anonymous | TrustRadius Reviewer

Next-Generation Firewalls - PA Series

The Palo Alto device is well suited for a direct replacement for any traditional or other firewall. There is little room for error on this device, it will do exactly what you have it configured for. Between security zones, security policies, nat policies, policy based forwarding, and everything in between, you have to keep your head on straight when making big or small changes.
The Palo Alto does have one overall issue our users report more than anything. The Palo Alto is a strict NAT device, so unless you have the ability to 1 to 1 map IP addresses for your users who need something beside strict NAT limitations, the Palo Alto will cause you grief.
Anonymous | TrustRadius Reviewer

Feature Rating Comparison

Firewall

Snort
Next-Generation Firewalls - PA Series
9.1
Identification Technologies
Snort
Next-Generation Firewalls - PA Series
9.2
Visualization Tools
Snort
Next-Generation Firewalls - PA Series
8.5
Content Inspection
Snort
Next-Generation Firewalls - PA Series
9.4
Policy-based Controls
Snort
Next-Generation Firewalls - PA Series
9.4
Active Directory and LDAP
Snort
Next-Generation Firewalls - PA Series
9.1
Firewall Management Console
Snort
Next-Generation Firewalls - PA Series
8.9
Reporting and Logging
Snort
Next-Generation Firewalls - PA Series
8.8
VPN
Snort
Next-Generation Firewalls - PA Series
8.6
High Availability
Snort
Next-Generation Firewalls - PA Series
9.6
Stateful Inspection
Snort
Next-Generation Firewalls - PA Series
9.6
Proxy Server
Snort
Next-Generation Firewalls - PA Series
8.7

Pros

Snort

  • Real Time updates for security signatures via Talos
  • Great signature blocking
  • Excellent reporting via syslog to our Security Analytics collectors.
Alan Matson, CCNA:S, MCP | TrustRadius Reviewer

Next-Generation Firewalls - PA Series

  • AppID is able to see what the actual internet traffic is. For instance instead of port 443 just being "Internet traffic" we can define access to Facebook-base or all the other facets of facebook.
  • UserID allows us to define policies based on group or user access and integrates with our Active Directory. This helps to configure a least access privilege and if we find misuse of the network we can tighten specific users to a stricter policy.
  • GlobalProtect VPN connection helps our employee's connect from home remotely. This provides a very secure connection with minimal configuration.
  • Wildfire provides very up-to-date information regarding global attack mitigations and stopping techniques.
Christopher St.Amand | TrustRadius Reviewer

Cons

Snort

  • Due to the extensive interface, it can be quite overwhelming to try and manage the product. There are many different places to go to set up individual items. It would be nice to simplify the interface down a bit
  • Upgrades can be somewhat hazardous. I think they are working to get the upgrade process streamlined, but currently moving major version (5.x to 6.x) there was a lot of additional work outside of the UI that if not done correctly can tank the system, requiring a fresh load or restore from backup
David Myers | TrustRadius Reviewer

Next-Generation Firewalls - PA Series

  • The CLI is a bit confusing, and it's difficult to find what you're looking for. Takes a lot of practice. Definitely not as good as the Cisco CLI.
  • Updating the firmware is often a very dangerous process, especially when jumping minor or major releases. More QA should be done to validate and ensure no issues during upgrades. I'll admit it's gotten better over time, but there is still room for improvement.
Anonymous | TrustRadius Reviewer

Likelihood to Renew

Snort

No score
No answers yet
No answers on this topic

Next-Generation Firewalls - PA Series

Next-Generation Firewalls - PA Series 10.0
Based on 1 answer
The PA5220s have far exceeded what we have expected out of them. It was a bit of a learning curve coming from another vendor, but everything falls into place now with ease. The capabilities of the solution still surprise us, allowing us to remove other costly hardware and providing a single point of management needed
Anonymous | TrustRadius Reviewer

Usability

Snort

No score
No answers yet
No answers on this topic

Next-Generation Firewalls - PA Series

Next-Generation Firewalls - PA Series 10.0
Based on 2 answers
In my opinion, the Palo Alto Firewall is the simplest firewall in terms of management interfaces; though it has more advanced options that apply to more advanced use cases. Configuring basic features on the firewall is nearly self-explanatory; configuring more advanced features can be met with very thorough vendor documentation.
Anonymous | TrustRadius Reviewer

Support Rating

Snort

No score
No answers yet
No answers on this topic

Next-Generation Firewalls - PA Series

Next-Generation Firewalls - PA Series 8.5
Based on 12 answers
We've run into a couple undocumented bugs, but that seems to happen with every brand and technology. Any time we've had to engage Palo Alto support they've always been professional, knowledgeable and prompt. In almost all cases we've been able to resolve our issues without having to escalate our tickets.
Paul Luchini | TrustRadius Reviewer

Alternatives Considered

Snort

Sourcefire vs. TippingPoint was a no-brainer for us at the time of deployment. Sourcefire has a more well-defined API using REST that can be leveraged for automating tasks. TippingPoint was just releasing an API that was limited. Also at the time, TippingPoint could not meet our 10Gbps network requirements as Sourcefire could with their 8350 appliances.
Alan Matson, CCNA:S, MCP | TrustRadius Reviewer

Next-Generation Firewalls - PA Series

I have used Cisco & Sonicwall primarily in most of my 23+ years of network security experience. Over the years all of these platforms have matured, but Palo Alto beats them all in terms of user interface.

The ability to run reports, get access to data immediately, and have the data be extremely accurate and granular is what sets Palo Alto apart from the others. Deployment of the VPN client(s) on multiple platforms is simple to manage and doesn't break other applications like many other VPN client software does. The performance of the firewall from a throughput and monitoring standpoint is second to none.
Anonymous | TrustRadius Reviewer

Return on Investment

Snort

  • Being open source, ROI on free is hard to beat for something that works.
  • I believe it greatly enhances the security of my network.
Curt Dickman | TrustRadius Reviewer

Next-Generation Firewalls - PA Series

  • Utilizing Panorama to manage all of our Firewalls Policies by creating device groups is a real time saver. We only need to configure policies once and push them to the appropriate firewalls saving a lot of time.
  • Having the added security feature protection is good peace of mind in an ever-increasing threat landscape.
  • Monitoring traffic by IP, URL or username provides excellent insight into our traffic.
Anonymous | TrustRadius Reviewer

Pricing Details

Snort

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

Next-Generation Firewalls - PA Series

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

Rating Summary

Likelihood to Recommend

Snort
9.0
Next-Generation Firewalls - PA Series
9.6

Likelihood to Renew

Snort
Next-Generation Firewalls - PA Series
10.0

Usability

Snort
Next-Generation Firewalls - PA Series
10.0

Support Rating

Snort
Next-Generation Firewalls - PA Series
8.5

Add comparison