Palo Alto Networks a NGFW leader with little to no competition today
March 06, 2019
Palo Alto Networks a NGFW leader with little to no competition today
Score 8 out of 10
Vetted Review
Verified User
Software Version
PA-7000 Series
Overall Satisfaction with Palo Alto Networks Next-Generation Firewalls - PA Series
Palo Alto Networks firewalls are replacing legacy port and protocol based firewalls to assist in implementing a security stack that includes layer7 application identification controls, user-based access, threat prevention, as well as zone based segmentation of networks and systems. We are also leveraging Palo Alto Globalprotect for remote-access VPN and testing the new web-based VPN features.
- Palo Alto Networks is a leader in zone-based firewall deployments.
- Palo Alto Networks domain integration makes them a leader in restricting access based on source user/AD group.
- Palo Alto is continuously developing their Application catalog to help restrict traffic on layer 7 apps not just ports/services.
- Palo Alto threat signatures and application signatures are not available to most customers, the black box method makes it hard to determine the root cause of issues in some cases.
- Some updates - especially for new OS releases are buggy and needs to be fully tested before deployment.
- Positive ROI - combining firewall technology with threat prevention/detection removing the need (in many cases) of a separate IPS/IDS
- Positive ROI - combining multiple firewalls into one where appropriate leveraging zone based firewalling
- Negative ROI - none discovered yet
Palo Alto beats all other current UTM/NGFW at this point in time. Palo Alto has a complete vision and is less buggy/requires less management overhead than other NGFW/UTMs on the market. They are currently developing a lot of products and I can see in the next 5 years, other vendors may catch up and possibly overtake Palo Alto networks.