NGINX, a business unit of F5 Networks, powers over 65% of the world's busiest websites and web applications. NGINX started out as an open source web server and reverse proxy, built to be faster and more efficient than Apache. Over the years, NGINX has built a suite of infrastructure software products o tackle some of the biggest challenges in managing high-transaction applications. NGINX offers a suite of products to form the core of what organizations need to create…
N/A
Palo Alto Networks Next-Generation Firewalls - PA Series
Score 9.3 out of 10
N/A
Palo Alto next-generation firewalls classify all traffic, including encrypted and internal traffic, based on application, application function, user and content. Users can create security policies to enable only authorized users to run sanctioned applications.
$1.50
per hour per available zone
Pricing
NGINX
Palo Alto Networks Next-Generation Firewalls - PA Series
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
NGINX
Palo Alto Networks Next-Generation Firewalls - PA Series
Free Trial
Yes
No
Free/Freemium Version
Yes
No
Premium Consulting/Integration Services
Yes
No
Entry-level Setup Fee
Optional
No setup fee
Additional Details
—
Users may also choose to pay per gigabyte of data used starting at .065/GB. Note that prices listed here reflect installations via Amazon Web Services. Pricing may differ if other service providers are used.
More Pricing Information
Community Pulse
NGINX
Palo Alto Networks Next-Generation Firewalls - PA Series
Features
NGINX
Palo Alto Networks Next-Generation Firewalls - PA Series
Application Servers
Comparison of Application Servers features of Product A and Product B
NGINX
7.9
23 Ratings
2% below category average
Palo Alto Networks Next-Generation Firewalls - PA Series
-
Ratings
IDE support
7.111 Ratings
00 Ratings
Security management
7.919 Ratings
00 Ratings
Administration and management
7.119 Ratings
00 Ratings
Application server performance
8.019 Ratings
00 Ratings
Installation
9.920 Ratings
00 Ratings
Open-source standards compliance
7.117 Ratings
00 Ratings
Firewall
Comparison of Firewall features of Product A and Product B
NGINX
-
Ratings
Palo Alto Networks Next-Generation Firewalls - PA Series
8.7
23 Ratings
1% above category average
Identification Technologies
00 Ratings
9.523 Ratings
Visualization Tools
00 Ratings
7.523 Ratings
Content Inspection
00 Ratings
10.023 Ratings
Policy-based Controls
00 Ratings
10.023 Ratings
Active Directory and LDAP
00 Ratings
9.522 Ratings
Firewall Management Console
00 Ratings
9.023 Ratings
Reporting and Logging
00 Ratings
8.023 Ratings
VPN
00 Ratings
9.023 Ratings
High Availability
00 Ratings
9.522 Ratings
Stateful Inspection
00 Ratings
9.022 Ratings
Proxy Server
00 Ratings
5.011 Ratings
Best Alternatives
NGINX
Palo Alto Networks Next-Generation Firewalls - PA Series
Palo Alto Networks Next-Generation Firewalls - PA Series
Likelihood to Recommend
F5
[NGINX] is very well suited for high performance. I have seen it used on servers with 1k current connections with no issues. Despite seeing it used in many environments I've never seen software developers use it over apache, express, IIS in local dev environments so it may be more difficult to setup. I've also seen it used to load balance again without issues.
Palo Alto Networks Next-Generation Firewalls - PA Series are extremely versatile. Whether it be a one office location or multiple sites, the Panorama interface allows centralized management. I've found Palo Alto does a great job with their updates and supporting customers. As a cybersecurity professional, I like that Palo Alto's products offer a wide range of controls to support defense in depth. It is easy for security and network infrastructure teams to use the same consoles to deliver performance with security built in.
The PA handles VPN connectivity without missing a beat. We have multiple VPN tunnels in use for redundancy to cloud-based services.
The PA has great functionality in supporting failover internet connections, again with the ability to have multiple paths out to our cloud-based services.
The PA is updated on the regular with various security updates, we are not concerned with the firewall's ability to see what packets are really flowing across the network. Being able to see beyond just IP and port requests lets you know things are locked down better than traditional firewalls.
It is a great overall kit, with URL filtering and other services that fill in the gaps between other solutions without breaking the bank.
Customer support can be strangely condescending, perhaps it's a language issue?
I find it a little weird how the release versions used for Nginx+ aren't the same as for open source version. It can be very confusing to determine the cross-compatibility of modules, etc., because of this.
It seems like some (most?) modules on their own site are ancient and no longer supported, so their documentation in this area needs work.
It's difficult to navigate between nginx.com commercial site and customer support. They need to be integrated together.
I'd love to see more work done on nginx+ monitoring without requiring logging every request. I understand that many statistics can only be derived from logs, but plenty should work without that. Logging is not an option in many environments.
The PA5220s have far exceeded what we have expected out of them. It was a bit of a learning curve coming from another vendor, but everything falls into place now with ease. The capabilities of the solution still surprise us, allowing us to remove other costly hardware and providing a single point of management needed
Front end proxy and reverse proxy of Nginx is always useful. I always prefer to Nginx in overall usability when you have application server and database or multiple application servers and single database i.e. clustered application. Nginx provides really good features and flexibility which helps the system administrator in case of troubleshooting and also from the administration perspective. Also, Nginx doesn't delay any request because of internal performance issues.
The few aspects of the Palo Alto Networks Next-Generation Firewalls - PA Series that could use improvement - such as slow commit times, which I hear they have improved on in the newest models - are vastly outshined by everything else these appliances provide. We have been using the Palo Alto Networks Next-Generation Firewalls - PA Series appliances for more than 10 years and plan to continue using them for the foreseeable future.
Community support is great, and they've also had a presence at conferences. Overall, there is no shortage of documentation and community support. We're currently using it to serve up some WordPress sites, and configuring NGINX for this purpose is well documented.
We've run into a couple undocumented bugs, but that seems to happen with every brand and technology. Any time we've had to engage Palo Alto support they've always been professional, knowledgeable and prompt. In almost all cases we've been able to resolve our issues without having to escalate our tickets.
We have used Traffic, Apache, Google Cloud Load Balancing and other managed cloud-based load balancers. When it comes to scale and customization nothing beats Nginx. We selected Nginx over the others because
we have a large number of services and we can manage a single Nginx instance for all of them
we have high impact services and Nginx never breaks a sweat under load
individual services have special considerations and Nginx lets us configure each one uniquely
We are using Cisco ASA before in our environment but when it comes to deep scanning & layer 7 security it doesn't have that capability. After using Palo Alto Networks Next-Generation Firewall we are using sandboxing & advance malware protection that provides high-level end-user security. Also after implementing it we can easily monitor user-level traffic.
Nginx has decreased the burden of web server administration and maintenance, and we are spending less time on server issues than when we were using Apache.
Nginx has allowed more people in our company to get involved with configuring things on the web server, so there's no longer a single point of failure ("the Apache guy").
Nginx has given us the ability to handle a larger number of requests without scaling up in hardware quite so quickly.
Overall, even though the device is very expensive (both hardware and licensing), the product does produce a decent ROI, given that one (or HA pair) of devices can do so many things, such as anti-virus, anti-malware, URL filtering, SSL decryption, SSL VPN, routing, etc.
There will definitely be sticker shock when you're renewal comes up annually (or after 3 years), so be sure to look very carefully at the recurring costs of this product, with respect to licensing and hardware/software maintenance.
