A huge improvement over traditional layer 2/3 firewalls.
March 11, 2019
A huge improvement over traditional layer 2/3 firewalls.
Score 10 out of 10
Vetted Review
Verified User
Software Version
PA-5200 Series
Overall Satisfaction with Palo Alto Networks Next-Generation Firewalls - PA Series
We started implementing Palo Alto a year or two ago to increase our security posture and increase segmentation between our infrastructure services, shared services, and client networks. By utilizing the Palo Next-Generation Firewalls and WildFire we're able to much more quickly identify and isolate new security threats. They played an integral part in keeping WannaCry from becoming a major problem for us.
- Ease of use.
- Fast response to new security threats (WildFire).
- Application aware firewall (App-ID).
- Logging is fantastic and easy to see what's being blocked/allowed basically in real time.
- Durability/reliability is surprisingly good, only issue we've had is a couple issues with faulty power supplies, but all our units have redundant power supplies so it was a non-issue.
- Support is surprisingly good.
- Cost, these firewalls are awesome, but not cheap.
- Easier to train employees to use.
- Provides a programmable network security platform that we can integrate with other automation workflows.
- Less hardware faults/replacements mean that engineers have a better work life balance while maintaining service availability.
- Cisco ASA and Juniper SRX
I've been really happy with our Palo Alto [solutions] and we're replacing a good chunk of our ASAs with Palo Alto. As far as firewalls go the Palo Alto firewalls are significantly better in my opinion, but we still use ASAs as VPN devices in a few scenarios and they work just fine for that, but when looking for the best firewall I'd go with Palo Alto in most cases.