A huge improvement over traditional layer 2/3 firewalls.
March 11, 2019

A huge improvement over traditional layer 2/3 firewalls.

Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User

Software Version

PA-5200 Series

Overall Satisfaction with Palo Alto Networks Next-Generation Firewalls - PA Series

We started implementing Palo Alto a year or two ago to increase our security posture and increase segmentation between our infrastructure services, shared services, and client networks. By utilizing the Palo Next-Generation Firewalls and WildFire we're able to much more quickly identify and isolate new security threats. They played an integral part in keeping WannaCry from becoming a major problem for us.
  • Ease of use.
  • Fast response to new security threats (WildFire).
  • Application aware firewall (App-ID).
  • Logging is fantastic and easy to see what's being blocked/allowed basically in real time.
  • Durability/reliability is surprisingly good, only issue we've had is a couple issues with faulty power supplies, but all our units have redundant power supplies so it was a non-issue.
  • Support is surprisingly good.
  • Cost, these firewalls are awesome, but not cheap.
  • Easier to train employees to use.
  • Provides a programmable network security platform that we can integrate with other automation workflows.
  • Less hardware faults/replacements mean that engineers have a better work life balance while maintaining service availability.
I've been really happy with our Palo Alto [solutions] and we're replacing a good chunk of our ASAs with Palo Alto. As far as firewalls go the Palo Alto firewalls are significantly better in my opinion, but we still use ASAs as VPN devices in a few scenarios and they work just fine for that, but when looking for the best firewall I'd go with Palo Alto in most cases.
Cisco ASA, Juniper SRX, Cisco Application Centric Infrastructure, Ansible, Oracle Exadata Database Machine, Cisco Catalyst Switches, Cisco Catalyst 3650 Series Switches, Palo Alto Networks URL Filtering PAN-DB, Palo Alto Panorama, Palo Alto Networks Virtualized Next-Generation Firewalls - VM Series, Palo Alto Networks WildFire, Cisco Ethernet Switches, Mellanox Switches, Cisco FabricPath, Cisco Nexus, Cisco Meraki MS Switches, Cisco Routers, Cisco SSL VPN, Apple Remote Desktop, VMware ESXi, VMware Fusion, VMware NSX, VMware Workstation, NetApp FAS series, NetApp SnapMirror
If you have the money there really isn't anything better on the market. The Palo Alto [solutions] have a web UI that is easy enough to use that most people are comfortable using them within a day or two. Whereas our Cisco ASAs, ACI, Routers and firewall service modules can take a while for people to get the hang of and feel comfortable using them. About the only place that I can think of where I wouldn't use Palo Alto would be small branch office where budgets are generally much tighter.