TrustRadius Insights
Users have praised Palo Alto Firewall for its advanced features, such as content filtering and application filtering, which effectively …
Overview
What is Next-Generation Firewalls - PA Series?
Palo Alto next-generation firewalls classify all traffic, including encrypted and internal traffic, based on application, application function, user and content. Users can create security policies to enable only authorized users to run sanctioned applications.
Recent Reviews
Awards
Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards
Popular Features
- Policy-based Controls (21)10.0100%
- Content Inspection (21)9.999%
- Identification Technologies (21)9.999%
- Visualization Tools (21)9.090%
Pricing
N/A
Unavailable
What is Next-Generation Firewalls - PA Series?
Palo Alto next-generation firewalls classify all traffic, including encrypted and internal traffic, based on application, application function, user and content. Users can create security policies to enable only authorized users to run sanctioned applications.
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Would you like us to let the vendor know that you want pricing?
47 people also want pricing
Alternatives Pricing
What is Cisco Meraki MX?
Cisco Meraki MX Firewalls is a combined UTM and Software-Defined WAN solution. Meraki is managed via the cloud, and provides core firewall services, including site-to-site VPN, plus network monitoring.
N/A
Unavailable
What is Cisco Firepower 9300 Series?
The Cisco Firepower 9300 series is presented by the vendor as a carrier-grade next-generation firewall (NGFW) ideal for data centers and high-performance settings that require low latency and high throughput. With it, the vendor providdes, users can deliver scalable, consistent security to…
Features
Return to navigation
Product Details
- About
- Tech Details
- FAQs
What is Next-Generation Firewalls - PA Series?
Palo Alto Network’s Next-Generation Firewalls is a firewall option integrated with other Palo Alto security products. NGFWs classify and monitor all traffic, including encrypted and internal traffic, based on application, function, user, and content. Palo Alto emphasizes the Zero Trust policy, through which users can create security policies to enable only authorized users to run sanctioned applications, reducing the surface area of cyber attacks across the organization. Palo Alto’s NGFW provides in-firewall encryption and decryption, as well as data and application segmentation. It integrates with PA’s WildFire malware prevention service and supports easy adoption with an open-source tool for firewall migration. It encompasses on-premises and cloud environments for full-system security. |
Next-Generation Firewalls - PA Series Technical Details
| Operating Systems | Unspecified |
|---|---|
| Mobile Application | No |
Frequently Asked Questions
Palo Alto next-generation firewalls classify all traffic, including encrypted and internal traffic, based on application, application function, user and content. Users can create security policies to enable only authorized users to run sanctioned applications.
Reviewers rate Policy-based Controls and Firewall Management Console and High Availability highest, with a score of 10.
The most common users of Next-Generation Firewalls - PA Series are from Enterprises (1,001+ employees).
Comparisons
Compare with
Reviews and Ratings
(163)
Community Insights
TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!
- Business Problems Solved
- Pros
- Cons
Users have praised Palo Alto Firewall for its advanced features, such as content filtering and application filtering, which effectively prevent malicious traffic and unauthorized access. The IDS/IPS and advanced malware protection features have been commended for their deep scanning capabilities and sandboxing functionality. Palo Alto Firewall is chosen by customers with large organizations that prioritize deep security investments. It is commonly used to protect perimeter networks, provide VPN connectivity, and mitigate potential misuse of the internet and attacks from shady websites. Users have successfully achieved network security, URL filtering, application control, and prevention of known and zero-day attacks with Palo Alto NGFW. The firewall serves as a reliable perimeter defense product, providing threat assessment, web proxy, and SSL inspection. It effectively addresses the problem of external intrusions and offers both basic and advanced firewall features, including protection against application-level threats, VPN management, and dynamic block lists. Palo Alto Firewall has proven itself in securing data center resources while providing enhanced security and control. The Next-Generation Firewalls are also used to secure the organization's perimeter by providing application visibility and threat intelligence to mitigate risk. Users have reported that Palo Alto Next-Generation Firewalls and WildFire have played a crucial role in quickly identifying and isolating new security threats like WannaCry.
Intuitive User Interface: Users have consistently found the user interface of Palo Alto Networks Next-Generation Firewalls - PA Series to be intuitive, making it easy to configure the firewall and perform tasks quickly. Several reviewers have mentioned this as a standout feature.
Advanced Security Features: Many users have praised the advanced features of the firewall, such as application filtering, content filtering, and deep packet inspection. These features provide enhanced security and contribute to the effectiveness of the product in protecting against malware and ransomware.
Seamless Integration with Third-Party Tools: Reviewers have appreciated the seamless integration of Palo Alto Networks Next-Generation Firewalls - PA Series with third-party tools and systems. Specifically, they mention ClearPass from HPE Aruba for user authentication and syslog integration. This integration enhances overall functionality and allows for a more streamlined experience when working with multiple tools simultaneously.
Complicated Implementation: Implementing the product into an existing network has proven to be a challenge for many users. Several reviewers have mentioned that they found it complicated and time-consuming to integrate the product with their current network infrastructure.
Difficult Packet Flow Understanding: Beginners have struggled with understanding the packet flow in Palo Alto's product. Some users have expressed frustration at the complexity of the packet flow, finding it difficult to grasp how data is processed within the system.
Expensive Compared to Competitors: The cost of Palo Alto's product is a common concern among users. Many reviewers feel that the price is high compared to other available solutions in the market. Some users believe that similar features can be obtained from competitors at a lower cost.
Attribute Ratings
Reviews
(1-25 of 37)Companies can't remove reviews or game the system. Here's why
April 30, 2022
Powerful and Easy Firewall - For Enterprise Companies
Watchguard is recommended in Midsize Companies. It hasn't a real L7 feature for policies pfSense is powerful and open-source but L7 feature missing so it's impossible to goal our objectives
The Palo Alto Networks Next-Generation Firewalls - PA Series are much easier to configure than both Checkpoint and Cisco, in my opinion. From Security policy management and traffic inspection standpoints, there is no comparison.
March 30, 2022
Palo Alto Networks Next-Generation Firewalls Review
Score 9 out of 10
Vetted Review
Verified User
Palo Alto NGFW is quite stable and able to perform most of the security features. It is also have real-time updates for the latest signatures which helps to identify and prevent threats efficiently. The overall deployment is straight forward and easy to implement. User interface is simple and easy to adapt by the administrators.
August 30, 2021
Palo Alto - Networks Next-Generation Firewalls Review
Fortinet - faster than Palo Alto, but features are less.
Cisco ASA
Palo Alto Single Pass gathering all [of] the data in a series of logs is the best among other firewalls. It is very clear in inspection and providing you insight [into] data [that] is passing through the network.
Cisco ASA
Palo Alto Single Pass gathering all [of] the data in a series of logs is the best among other firewalls. It is very clear in inspection and providing you insight [into] data [that] is passing through the network.
August 04, 2021
Palo Alto Networks Next-Generation Firewalls - features of a ML based firewall that you need to know!
Score 10 out of 10
Vetted Review
Verified User
On other firewalls creating the policy is a bit complex, but with the Palo Alto Next-Generation Firewalls, it can be done with ease as it provides the best user-friendly GUI. It provides complete protection from both signature-based and signature-less attacks both. With its sandboxing feature and Wildfire solutions, protection can be enriched.
Cisco Firepower only has basic functionality, URL filtering always create problems also GUI is very bad that's why most organization [are] using Palo Alto rather than Cisco Firepower.
May 29, 2021
Most powerful firewall - Palo Alto
I don't think we can compare other firewalls with this powerful firewall device. All have less features as compared to this device.
May 28, 2021
Palo Alto for Deep Scanning
We are using Cisco ASA before in our environment but when it comes to deep scanning & layer 7 security it doesn't have that capability. After using Palo Alto Networks Next-Generation Firewall we are using sandboxing & advance malware protection that provides high-level end-user security. Also after implementing it we can easily monitor user-level traffic.
No one can say any other companies in this time is better than Palo Alto Networks Next-Generatoin Firewalls. Palo Alto offers very advanced features which protect you[r] organization. Advanced malware protection, anti spam, lots of other threats.
May 12, 2021
Why you should go with Palo Alto
Palo Alto has a user-friendly GUI and it comes with a single console from where you can manage all the policies and routing. It has advanced capabilities to prevent APT (Advanced Persistent Threat) attacks. Cisco Firepower lacks in capabilities with Palo Alto if we compare it.
December 28, 2020
Best NGFW product I have ever worked with
Score 9 out of 10
Vetted Review
Verified User
- Cisco ASA and Check Point 4000 Appliances
Biggest reason to select Palo Alto Networks Next-Generation Firewalls - PA Series over these products is for the performance during traffic inspection via various engines like UID, AppID, and ContentID. Another factor was both the other products were not very capable of providing such a strong URL filtering which Palo Alto Networks Next-Generation Firewalls - PA Series is providing during our POC. Also, administration can be done via GUI console completely with Palo Alto Networks Next-Generation Firewalls - PA Series, while in other two products, you have to play with CLI commands most of the time.
February 29, 2020
Palo Alto PA Series firewalls deliver tons of features and straightforward management
At first we continued using Check Point as our port-based firewall while using Palo Alto for content/URL filtering and threat prevention. However, we soon realized the Palo Alto did everything the Check Point did, plus quite a bit more. Hence, it made sense to consolidate all functions on the Palo Alto instead of splitting them between the two. The Palo Alto was also quite a bit more advanced as far as routing and policy-based routing goes.
January 13, 2020
Palo Alto PA Series Review
I did not originally choose Palo Alto as our core firewall appliance. It has already been purchased when I came on board. However, I did recently choose to purchase new Palo Alto firewalls to replaced our older models. I have had experience working with Cisco ASAs and SonicWall appliances in other jobs, and we have a CheckPoint stack stood up in our lab here at the resort we compared to the Palo Altos. None of the others could compare in features and management. SonicWall did not have the features we had grown accustomed to having already used the Palo Altos. And with their recent purchase and then spun back out cycle the company had been thru we were reluctant. My engineers and I have use ASA in the past. They are good products, but still very "old school". Checkpoint we did not feel treated as well as a company and we took them off the potential list.
December 06, 2019
Palo Alto - Security in a box
I've been using NGFW since 2014. When it really was the main player in the new term "Next Gen Firewall". I'm sure the bar is pretty matched across the board with Fireeye and other niche players and even Juniper/Cisco etc. Eventually there will be equilibrium. I chose Palo Alto because I am comfortable with them, I know the product fairly well from my time using them at Raytheon/(Websense/Forcepoint). I would certainly choose them over a Sophos UTM or Forcepoint Firewalls at the moment. I say this with extreme caution, if PA cannot get their update quality resolved in the future, I may be forced to look at other products that may spend more time QA'ing their updates.
A prime example is in the upgrade/iupdate stream, there are newer versions out that are not stable or recommended by support, but yet there is no indication from the "Update Software" if that release is GA, ED, or Beta/Alpha. There needs to be more visual communication to [system administrators] whether a release is GA or no from within the update options in the firewall.
A prime example is in the upgrade/iupdate stream, there are newer versions out that are not stable or recommended by support, but yet there is no indication from the "Update Software" if that release is GA, ED, or Beta/Alpha. There needs to be more visual communication to [system administrators] whether a release is GA or no from within the update options in the firewall.
October 14, 2019
Palo Alto NGFW
The main competitor I can compare Palo Alto to is the FortiGate series of devices by Fortinet. FortiGates are capable UMTs and also less expensive than Palo Altos. That being said, category filtering on FortiGates is less effective, and they are not as feature-rich as Palo Altos. My suggestion would be to use FortiGate for simpler deployments and Palo Altos for more demanding ones.
October 14, 2019
TOP GUNS of Next-Generation Firewalls
- Cisco Firepower Management Center (FMC series appliances)
Palo Alto Networks Next-Generation Firewalls outperform and better security model for HQ and remote offices.
October 09, 2019
Palo Alto NGFWs a success story waiting for you
We previously used Cisco 5585 ASAs with firepower. We wanted a more holistic solution than what the Cisco ASA was providing for us. In this situation, we needed to have consistency in how rules were applied across multiple types of traffic, while also knowing what kind of traffic was being sent. The inspection capabilities alone sold us on the Palo Alto, and we have reaped significant other benefits as well.
October 09, 2019
Palo Alto Networks Next-Generation Firewalls
We put Palo Alto in place over Cisco ASA as a product set. Until a few years ago, Cisco didn’t have a next-generation firewall, primarily meaning their appliances didn’t have application identification or control. Since their acquisition of
Sourcefire, however, they’ve reintroduced the X series with FirePOWER, which includes these features. FirePOWER has been nothing but a pain to implement, install, maintain, and upgrade. I would highly suggest this not be your solution if you want anything other than firewalling and VPN.
August 07, 2019
Palo Alto Security Gateways are Simply Secure
In my opinion, Palo Alto provides the most easily managed firewall on the market, with the most options for device management. Compared to other vendors it's very obvious that Palo Alto focuses on their firewall technologies and supporting them. The monitoring and visibility features are the simplest to implement and clearest to observe.
July 04, 2019
Implimentation is easy with unique SP3 Architecture.
Score 7 out of 10
Vetted Review
Verified User
1.Good Technical support with strong expertise
2.Easy to deploy
3.Good features like APP ID and CONTENT ID.
2.Easy to deploy
3.Good features like APP ID and CONTENT ID.
Palo Alto has the ability to secure public cloud which none of the vendors have currently. With Palo Alto VM series you can deploy firewall VM in minutes and secure your public cloud.
March 16, 2019
Palo Alto Networks Next Generation.
PA was cheaper than the managed services I would be purchasing with Sonicwall.
March 11, 2019
A huge improvement over traditional layer 2/3 firewalls.
- Cisco ASA and Juniper SRX
I've been really happy with our Palo Alto [solutions] and we're replacing a good chunk of our ASAs with Palo Alto. As far as firewalls go the Palo Alto firewalls are significantly better in my opinion, but we still use ASAs as VPN devices in a few scenarios and they work just fine for that, but when looking for the best firewall I'd go with Palo Alto in most cases.
March 09, 2019
PAN: It costs a lot, but it's worth it!
Why did we choose PAN? The number of exploits written for PAN devices are much smaller than ASA. It's much simpler to manage than the checkpoint. It includes web filtering module with the product. Quite simply, it was just the best bang for the buck. Our management consistently requires that we use network devices for 5-7 years, so these units fit the bill.