TrustRadius Insights
Users have praised Palo Alto Firewall for its advanced features, such as content filtering and application filtering, which effectively …
Overview
What is Next-Generation Firewalls - PA Series?
Palo Alto next-generation firewalls classify all traffic, including encrypted and internal traffic, based on application, application function, user and content. Users can create security policies to enable only authorized users to run sanctioned applications.
Recent Reviews
Awards
Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards
Popular Features
- Policy-based Controls (21)10.0100%
- Content Inspection (21)9.999%
- Identification Technologies (21)9.999%
- Visualization Tools (21)9.090%
Pricing
N/A
Unavailable
What is Next-Generation Firewalls - PA Series?
Palo Alto next-generation firewalls classify all traffic, including encrypted and internal traffic, based on application, application function, user and content. Users can create security policies to enable only authorized users to run sanctioned applications.
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Would you like us to let the vendor know that you want pricing?
47 people also want pricing
Alternatives Pricing
What is Cisco Meraki MX?
Cisco Meraki MX Firewalls is a combined UTM and Software-Defined WAN solution. Meraki is managed via the cloud, and provides core firewall services, including site-to-site VPN, plus network monitoring.
N/A
Unavailable
What is Cisco Firepower 9300 Series?
The Cisco Firepower 9300 series is presented by the vendor as a carrier-grade next-generation firewall (NGFW) ideal for data centers and high-performance settings that require low latency and high throughput. With it, the vendor providdes, users can deliver scalable, consistent security to…
Features
Return to navigation
Product Details
- About
- Tech Details
- FAQs
What is Next-Generation Firewalls - PA Series?
Palo Alto Network’s Next-Generation Firewalls is a firewall option integrated with other Palo Alto security products. NGFWs classify and monitor all traffic, including encrypted and internal traffic, based on application, function, user, and content. Palo Alto emphasizes the Zero Trust policy, through which users can create security policies to enable only authorized users to run sanctioned applications, reducing the surface area of cyber attacks across the organization. Palo Alto’s NGFW provides in-firewall encryption and decryption, as well as data and application segmentation. It integrates with PA’s WildFire malware prevention service and supports easy adoption with an open-source tool for firewall migration. It encompasses on-premises and cloud environments for full-system security. |
Next-Generation Firewalls - PA Series Technical Details
| Operating Systems | Unspecified |
|---|---|
| Mobile Application | No |
Frequently Asked Questions
Palo Alto next-generation firewalls classify all traffic, including encrypted and internal traffic, based on application, application function, user and content. Users can create security policies to enable only authorized users to run sanctioned applications.
Reviewers rate Policy-based Controls and Firewall Management Console and High Availability highest, with a score of 10.
The most common users of Next-Generation Firewalls - PA Series are from Enterprises (1,001+ employees).
Comparisons
Compare with
Reviews and Ratings
(163)
Community Insights
TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!
- Business Problems Solved
- Pros
- Cons
Users have praised Palo Alto Firewall for its advanced features, such as content filtering and application filtering, which effectively prevent malicious traffic and unauthorized access. The IDS/IPS and advanced malware protection features have been commended for their deep scanning capabilities and sandboxing functionality. Palo Alto Firewall is chosen by customers with large organizations that prioritize deep security investments. It is commonly used to protect perimeter networks, provide VPN connectivity, and mitigate potential misuse of the internet and attacks from shady websites. Users have successfully achieved network security, URL filtering, application control, and prevention of known and zero-day attacks with Palo Alto NGFW. The firewall serves as a reliable perimeter defense product, providing threat assessment, web proxy, and SSL inspection. It effectively addresses the problem of external intrusions and offers both basic and advanced firewall features, including protection against application-level threats, VPN management, and dynamic block lists. Palo Alto Firewall has proven itself in securing data center resources while providing enhanced security and control. The Next-Generation Firewalls are also used to secure the organization's perimeter by providing application visibility and threat intelligence to mitigate risk. Users have reported that Palo Alto Next-Generation Firewalls and WildFire have played a crucial role in quickly identifying and isolating new security threats like WannaCry.
Intuitive User Interface: Users have consistently found the user interface of Palo Alto Networks Next-Generation Firewalls - PA Series to be intuitive, making it easy to configure the firewall and perform tasks quickly. Several reviewers have mentioned this as a standout feature.
Advanced Security Features: Many users have praised the advanced features of the firewall, such as application filtering, content filtering, and deep packet inspection. These features provide enhanced security and contribute to the effectiveness of the product in protecting against malware and ransomware.
Seamless Integration with Third-Party Tools: Reviewers have appreciated the seamless integration of Palo Alto Networks Next-Generation Firewalls - PA Series with third-party tools and systems. Specifically, they mention ClearPass from HPE Aruba for user authentication and syslog integration. This integration enhances overall functionality and allows for a more streamlined experience when working with multiple tools simultaneously.
Complicated Implementation: Implementing the product into an existing network has proven to be a challenge for many users. Several reviewers have mentioned that they found it complicated and time-consuming to integrate the product with their current network infrastructure.
Difficult Packet Flow Understanding: Beginners have struggled with understanding the packet flow in Palo Alto's product. Some users have expressed frustration at the complexity of the packet flow, finding it difficult to grasp how data is processed within the system.
Expensive Compared to Competitors: The cost of Palo Alto's product is a common concern among users. Many reviewers feel that the price is high compared to other available solutions in the market. Some users believe that similar features can be obtained from competitors at a lower cost.
Attribute Ratings
Reviews
(1-1 of 1)Companies can't remove reviews or game the system. Here's why
October 09, 2019
Palo Alto NGFWs a success story waiting for you
As with any organization, ours org needed to replace existing infrastructure. At the time we were strictly a Cisco shop top down, but we were open for other bids as well. After a demo, we purchased Palo Alto 5220 based firewalls, with the intent to use it as the central point of authority for all network traffic for our campus. The Palo Alto (PA) firewall is used as the gateway device for all traffic within our organization.
- The PA handles VPN connectivity without missing a beat. We have multiple VPN tunnels in use for redundancy to cloud-based services.
- The PA has great functionality in supporting failover internet connections, again with the ability to have multiple paths out to our cloud-based services.
- The PA is updated on the regular with various security updates, we are not concerned with the firewall's ability to see what packets are really flowing across the network. Being able to see beyond just IP and port requests lets you know things are locked down better than traditional firewalls.
- It is a great overall kit, with URL filtering and other services that fill in the gaps between other solutions without breaking the bank.
- Documentation that is available for solutions from Palo Alto is great. If you find yourself in a situation where something has not been previously documented or implemented, you will have to find out solutions yourself.
- The ability to use the API for push/pull information with the firewall was a major selling point. However, some items a person would expect to be readily available through the API do not exist, so either you have to go without or do extensive amount of work to put together, sort, and clean the data from multiple sources (I am looking at you dhcp logs).
95.45454545454545%
9.5
- Prior to the purchase of Palo Alto NGFW firewalls, we used various other technologies along with our prior firewalls. After the purchase of the PA5220s, we were able to sunset these other technologies. Retired tech, along with a single pane of glass provides us with more resources to move forward with on other areas. Positive impact for our organization with the purchase of our PA-5220s.
We previously used Cisco 5585 ASAs with firepower. We wanted a more holistic solution than what the Cisco ASA was providing for us. In this situation, we needed to have consistency in how rules were applied across multiple types of traffic, while also knowing what kind of traffic was being sent. The inspection capabilities alone sold us on the Palo Alto, and we have reaped significant other benefits as well.
2100
All business functions for a university flow through the PA5220, along with student traffic. Any and every business system and application is passing through the firewall. All types of Internet traffic as well, including general Internet traffic, IaaS, SaaS, and other cloud-based systems are moving without issue across the PA5220 firewalls deployed.
2
For the Palo Alto PA5220 deployment, we have one main administrator and another authorized user supporting the hardware and configuration changes. We have multiple logs writes going out via syslog into a SIEM tool for the better overall management of all alert types, which is also administrated by one of these individuals. The firewall is very capable; your administrators need to be as well.
- Inspection
- Internet Gateway
- VPN
- Direct Connect (BGP)
- Security Rules
- Active/Active internet connection failovers
- BGP routing for AWS Direct Connect with VPN connectivity for redundancy
- Always looking to increase usage of the available API for more automated task creation/closing