Excellent Products

• By Satisfied Customer
• on 08/20/2016

The Palo Alto Networks products are excellent, and I've had no problems with them to date. You can run active-passive in two AZs if you want. Just create a Lambda function to monitor the firewall and change the AWS route table if the primary firewall fails. This is not a limitation of the PAN firewalls, but rather the way AWS works. Since AWS does not offer dynamic routing, you have to handle it in a different manner.