Palo Alto Wildfire - premium product but at a premium price
July 28, 2016

Palo Alto Wildfire - premium product but at a premium price

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Overall Satisfaction with Palo Alto Networks WildFire

We are using the WildFire cloud services across the organization to detect and block malware discovered by others for near-zero-day protection, as well as to upload files that haven't been seen in the wild for examination in case a new or unique threat enters our organization.
  • Quick definition downloads and updates. Version 7.1 can do one every 5 minutes. Zero day protection within 5 minutes is a huge plus.
  • Quick manual or automatic examination of files. Palo Alto's wildfire site supports API uploads or manual uploads that provide more detailed information than a Virustotal, for example.
  • Would be helpful if they supported more file types.
  • Would be helpful if they supported uploads of larger files.
  • We've had one or two malware files that were blocked by Wildfire. We use it occasionally to check unusual or unexpected files. Hard to monetize ROI, because we don't know what the impact would have been if the file made it through.
  • We pay significantly for the Wildfire licenses, but given the potential impact to our business, we feel it is worthwhile. Figure costs are somewhere around $1,500 per year per firewall for a mid-range model. Can be higher or lower for different sized firewalls. Onsite appliance was somewhere between $50-100K, which was too much for us, so we use the cloud model.
We wanted a single device to handle numerous jobs, such as antivirus, antimalware, vulnerability detection, url filtering, etc. Palo Alto provides this, while TippingPoint IPS is a more dedicated product. Caveat: I used TippingPoint over 5 years ago, so things may have changed.
It is well suited for organizations where zero-day exploits are likely or the impact will be large. Palo Alto Networks Wildfire can be relatively expensive, so smaller or extremely cost-sensitive organizations might not be able to justify the cost vs. waiting for daily antivirus updates that contain the intraday wildfire rollups.