Skip to main content
TrustRadius
Next-Generation Firewalls - PA Series

Next-Generation Firewalls - PA Series

Overview

What is Next-Generation Firewalls - PA Series?

Palo Alto next-generation firewalls classify all traffic, including encrypted and internal traffic, based on application, application function, user and content. Users can create security policies to enable only authorized users to run sanctioned applications.

Read more
Recent Reviews

TrustRadius Insights

Users have praised Palo Alto Firewall for its advanced features, such as content filtering and application filtering, which effectively …
Continue reading
Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 11 features
  • Policy-based Controls (21)
    10.0
    100%
  • Content Inspection (21)
    9.9
    99%
  • Identification Technologies (21)
    9.9
    99%
  • Visualization Tools (21)
    9.0
    90%
Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is Next-Generation Firewalls - PA Series?

Palo Alto next-generation firewalls classify all traffic, including encrypted and internal traffic, based on application, application function, user and content. Users can create security policies to enable only authorized users to run sanctioned applications.

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

46 people also want pricing

Alternatives Pricing

What is Cisco Meraki MX?

Cisco Meraki MX Firewalls is a combined UTM and Software-Defined WAN solution. Meraki is managed via the cloud, and provides core firewall services, including site-to-site VPN, plus network monitoring.

N/A
Unavailable
What is Cisco Firepower 9300 Series?

The Cisco Firepower 9300 series is presented by the vendor as a carrier-grade next-generation firewall (NGFW) ideal for data centers and high-performance settings that require low latency and high throughput. With it, the vendor providdes, users can deliver scalable, consistent security to…

Return to navigation

Features

Firewall

A firewall is a filter that stands between a computer or computer network and the Internet. Each firewall can be programmed to keep specific traffic in or out

9.4
Avg 8.5
Return to navigation

Product Details

What is Next-Generation Firewalls - PA Series?

Palo Alto Network’s Next-Generation Firewalls is a firewall option integrated with other Palo Alto security products. NGFWs classify and monitor all traffic, including encrypted and internal traffic, based on application, function, user, and content. Palo Alto emphasizes the Zero Trust policy, through which users can create security policies to enable only authorized users to run sanctioned applications, reducing the surface area of cyber attacks across the organization.


Palo Alto’s NGFW provides in-firewall encryption and decryption, as well as data and application segmentation. It integrates with PA’s WildFire malware prevention service and supports easy adoption with an open-source tool for firewall migration. It encompasses on-premises and cloud environments for full-system security.

Next-Generation Firewalls - PA Series Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

Palo Alto next-generation firewalls classify all traffic, including encrypted and internal traffic, based on application, application function, user and content. Users can create security policies to enable only authorized users to run sanctioned applications.

Reviewers rate Policy-based Controls and Firewall Management Console and High Availability highest, with a score of 10.

The most common users of Next-Generation Firewalls - PA Series are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(163)

Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

Users have praised Palo Alto Firewall for its advanced features, such as content filtering and application filtering, which effectively prevent malicious traffic and unauthorized access. The IDS/IPS and advanced malware protection features have been commended for their deep scanning capabilities and sandboxing functionality. Palo Alto Firewall is chosen by customers with large organizations that prioritize deep security investments. It is commonly used to protect perimeter networks, provide VPN connectivity, and mitigate potential misuse of the internet and attacks from shady websites. Users have successfully achieved network security, URL filtering, application control, and prevention of known and zero-day attacks with Palo Alto NGFW. The firewall serves as a reliable perimeter defense product, providing threat assessment, web proxy, and SSL inspection. It effectively addresses the problem of external intrusions and offers both basic and advanced firewall features, including protection against application-level threats, VPN management, and dynamic block lists. Palo Alto Firewall has proven itself in securing data center resources while providing enhanced security and control. The Next-Generation Firewalls are also used to secure the organization's perimeter by providing application visibility and threat intelligence to mitigate risk. Users have reported that Palo Alto Next-Generation Firewalls and WildFire have played a crucial role in quickly identifying and isolating new security threats like WannaCry.

Intuitive User Interface: Users have consistently found the user interface of Palo Alto Networks Next-Generation Firewalls - PA Series to be intuitive, making it easy to configure the firewall and perform tasks quickly. Several reviewers have mentioned this as a standout feature.

Advanced Security Features: Many users have praised the advanced features of the firewall, such as application filtering, content filtering, and deep packet inspection. These features provide enhanced security and contribute to the effectiveness of the product in protecting against malware and ransomware.

Seamless Integration with Third-Party Tools: Reviewers have appreciated the seamless integration of Palo Alto Networks Next-Generation Firewalls - PA Series with third-party tools and systems. Specifically, they mention ClearPass from HPE Aruba for user authentication and syslog integration. This integration enhances overall functionality and allows for a more streamlined experience when working with multiple tools simultaneously.

Complicated Implementation: Implementing the product into an existing network has proven to be a challenge for many users. Several reviewers have mentioned that they found it complicated and time-consuming to integrate the product with their current network infrastructure.

Difficult Packet Flow Understanding: Beginners have struggled with understanding the packet flow in Palo Alto's product. Some users have expressed frustration at the complexity of the packet flow, finding it difficult to grasp how data is processed within the system.

Expensive Compared to Competitors: The cost of Palo Alto's product is a common concern among users. Many reviewers feel that the price is high compared to other available solutions in the market. Some users believe that similar features can be obtained from competitors at a lower cost.

Attribute Ratings

Reviews

(1-2 of 2)
Companies can't remove reviews or game the system. Here's why
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Our network uses the Palo Alto PA-Series firewall as an internet edge facing security gateway, focusing on traditional firewalling, SSL decryption, URL-filtering, and threat mitigation. There are two departments that use the firewall, which are the Security team and the Network Engineering team. Our main goal is to ensure that access to internal networks is secured and access to external networks is limited to appropriate sites.
  • Simple Policy Management
  • Easy-to-read Documentation
  • On-Board Troubleshooting Tools
  • URL-Filtering rules are complex
  • Some Cryptic Error Messages
  • Undocumented software bugs
The Palo Alto PA-Series firewall is well suited to a standards based network environment. Any network that utilizes standards-based protocols in lieu of proprietary (e.g. Cisco EIGRP) would do well to utilize a Palo Alto firewall, especially if that network were concerned about central management of security. A scenario that would be less appropriate for a Palo Alto firewall is one that isn't well versed in different security technologies.
Firewall (11)
78.18181818181819%
7.8
Identification Technologies
80%
8.0
Visualization Tools
80%
8.0
Content Inspection
70%
7.0
Policy-based Controls
100%
10.0
Active Directory and LDAP
80%
8.0
Firewall Management Console
90%
9.0
Reporting and Logging
90%
9.0
VPN
70%
7.0
High Availability
100%
10.0
Stateful Inspection
100%
10.0
Proxy Server
N/A
N/A
  • Improved Security
  • Better Web-Access Control
  • Improved Throughput
In my opinion, the Palo Alto Firewall is the simplest firewall in terms of management interfaces; though it has more advanced options that apply to more advanced use cases. Configuring basic features on the firewall is nearly self-explanatory; configuring more advanced features can be met with very thorough vendor documentation.
I've called customer support for Palo Alto on several occasions, and every time I've been met with courteous, quick help that answered all of my questions or solved the issue at hand. The support team at Palo Alto is knowledgeable and responsive. When not dealing with the support personnel directly, I've found that the vendor documentation and regular software upgrades are very handy as well.
In my opinion, Palo Alto provides the most easily managed firewall on the market, with the most options for device management. Compared to other vendors it's very obvious that Palo Alto focuses on their firewall technologies and supporting them. The monitoring and visibility features are the simplest to implement and clearest to observe.
March 17, 2017

Palo Alto Review

Jennifer Greulich, GSED, GSEC | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Palo Alto is used as our primary firewalls. It addresses the problem of outside intrusions and are configured with both basic and advanced firewall features. We are able to protect against application-level threats and it is also used to manage our VPN and MPLS networks. Many features such as dynamic block lists, DLP, web content filtering, advanced threat protection, wildfire, and DDoS protection are available and are in use with our company.
  • Protects against common threats such as unauthorized vulnerability scans
  • Protects against malware applications and ransomware such as Cryptowall
  • Allows very secure VPN connections for external users
  • The web content filtering is good, but could be improved
  • Wildfire can take a long time to analyze files
  • Alerts and logs could contain a little more information or intelligence to help narrow down a threat.
Palo Alto is great for mid to large size businesses with 200 users or more. They provide amazing protection that is extremely customizable. Almost nothing gets a chance to get into the network for our endpoint protection to pick up. For smaller businesses, Palo Alto would be overkill. It can be complicated to configure and manage and might be too robust for small, simple networks.
  • Dynamic protection against all types of threats
  • Excellent ROI by protecting from otherwise devastating attacks
  • Easy to use GUI reduces staff time for management and administration
Cisco ASA doesn't even compare to the Palo Alto firewalls. When using a Cisco ASA at another company, we were constantly dealing with malware that got past the firewalls because it didn't provide any layer 7 protection. The PA's provide next level protection against application and user-based threats as well as run of the mill malware, port scans, and DoS attacks.
  • Turning advanced features on or off
  • Blocking threats based on criticality
  • Maintaining whitelists.
  • Initial configuration can take some work
  • Maintaining specific ACL's for specific networks
  • SSL decryption can take some time to implement correctly
No
This firewall is the most comprehensive firewall with the easiest interface I've ever used. The interface is also very intuitive and it's easy to figure out what features will or will not do if they're turned on or off. The logging and reporting features are also great. Easy to understand and to generate.
Return to navigation