1. Home
  2. Firewall Software
  3. Next-Generation Firewalls - PA Series Reviews
  4. User Review of Next-Generation Firewalls - PA Series
Palo Alto Review
March 17, 2017

Palo Alto Review

Jennifer Greulich, GSED, GSEC | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User

Software Version

PA-3000 Series

Overall Satisfaction with Palo Alto Networks PA-3000 Series

Palo Alto is used as our primary firewalls. It addresses the problem of outside intrusions and are configured with both basic and advanced firewall features. We are able to protect against application-level threats and it is also used to manage our VPN and MPLS networks. Many features such as dynamic block lists, DLP, web content filtering, advanced threat protection, wildfire, and DDoS protection are available and are in use with our company.
  • Protects against common threats such as unauthorized vulnerability scans
  • Protects against malware applications and ransomware such as Cryptowall
  • Allows very secure VPN connections for external users
  • The web content filtering is good, but could be improved
  • Wildfire can take a long time to analyze files
  • Alerts and logs could contain a little more information or intelligence to help narrow down a threat.
  • Dynamic protection against all types of threats
  • Excellent ROI by protecting from otherwise devastating attacks
  • Easy to use GUI reduces staff time for management and administration
Cisco ASA doesn't even compare to the Palo Alto firewalls. When using a Cisco ASA at another company, we were constantly dealing with malware that got past the firewalls because it didn't provide any layer 7 protection. The PA's provide next level protection against application and user-based threats as well as run of the mill malware, port scans, and DoS attacks.
Palo Alto is great for mid to large size businesses with 200 users or more. They provide amazing protection that is extremely customizable. Almost nothing gets a chance to get into the network for our endpoint protection to pick up. For smaller businesses, Palo Alto would be overkill. It can be complicated to configure and manage and might be too robust for small, simple networks.

Using Palo Alto Networks PA-3000 Series

This firewall is the most comprehensive firewall with the easiest interface I've ever used. The interface is also very intuitive and it's easy to figure out what features will or will not do if they're turned on or off. The logging and reporting features are also great. Easy to understand and to generate.
ProsCons
Like to use
Relatively simple
Easy to use
Well integrated
Consistent
Quick to learn
Convenient
Feel confident using
Familiar
None
  • Turning advanced features on or off
  • Blocking threats based on criticality
  • Maintaining whitelists.
  • Initial configuration can take some work
  • Maintaining specific ACL's for specific networks
  • SSL decryption can take some time to implement correctly