The use case varies. I use it as a gateway, and others use it for microsegmentation in the cloud. Additionally, some deploy it on-premises to protect specific environments. Most of the use cases are in cloud environments.
VM-Series Next-Generation Firewall Bundle 1 [VM-300]
Palo Alto NetworksExternal reviews
181 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Rock-solid perimeter security with unmatched application visibility
What do you like best about the product?
Palo Alto’s App-ID and Threat Prevention engines give us granular control over traffic we never had with our previous stateful firewall. We can write policies around business apps instead of IP/port combos, then verify exactly what was allowed/blocked in the detailed logs. WildFire zero-day analysis has already caught two pieces of unknown malware in the last quarter, and the cloud signatures hit our gateways within minutes. Centralized management in Panorama is another highlight one commit pushes our rules to three sites, so audit time dropped from hours to minutes.
What do you dislike about the product?
Licensing is pricey and can be confusing (Threat Prevention, WildFire, DNS Security, etc.). The web UI occasionally lags when committing large rule-set changes, and the learning curve for first-time admins is steep expect to spend time in the docs or take the EDU-210 course. Support is generally solid, but faster response requires the higher-tier contract.
What problems is the product solving and how is that benefiting you?
Before we moved to Palo Alto, we juggled a traditional port-based firewall, a separate IPS, and far too many manual rules. That setup left gaps: users could tunnel apps over random ports, malware sometimes slipped past signature updates, and every audit felt like a scavenger hunt through spreadsheets.
The PA NGFWs solved three big headaches at once:
1. App-based policy instead of IP/port juggling. With App-ID we now write 15 clean rules around business apps rather than dozens of port rules. Audits take minutes, not hours.
2. Built-in threat and zero-day protection. WildFire and DNS Security catch phishing callbacks and unknown executables before they land on endpoints. Since go-live we’ve seen a \~70 % drop in malware tickets and zero ransomware scares.
3. Unified visibility and management. Panorama pushes configs to HQ and branches in one commit, and the detailed logs make troubleshooting a two-minute task instead of a war-room event.
Bottom line: fewer security incidents, cleaner audits, and a lot more time for the team to focus on strategic projects instead of constant rule-tweaking.
The PA NGFWs solved three big headaches at once:
1. App-based policy instead of IP/port juggling. With App-ID we now write 15 clean rules around business apps rather than dozens of port rules. Audits take minutes, not hours.
2. Built-in threat and zero-day protection. WildFire and DNS Security catch phishing callbacks and unknown executables before they land on endpoints. Since go-live we’ve seen a \~70 % drop in malware tickets and zero ransomware scares.
3. Unified visibility and management. Panorama pushes configs to HQ and branches in one commit, and the detailed logs make troubleshooting a two-minute task instead of a war-room event.
Bottom line: fewer security incidents, cleaner audits, and a lot more time for the team to focus on strategic projects instead of constant rule-tweaking.
A Comprehensive and Reliable NGFW Solution We Trust
What do you like best about the product?
What I appreciate most about Palo Alto Networks Next-Generation Firewalls is their robust and granular control over network traffic. The ability to identify applications, users, and content (App-ID, User-ID, Content-ID) is unparalleled, allowing us to create highly specific security policies that go far beyond simple port and protocol blocking. The threat prevention capabilities, including WildFire for zero-day threat analysis, are top-notch and have significantly improved our security posture. I also find the centralized management interface (PAN-OS itself, and Panorama for larger deployments) relatively intuitive for such a powerful device, making administration and monitoring efficient. The visibility it provides into network activity is crucial for troubleshooting and incident response.
What do you dislike about the product?
The primary downside, for us and many others, is the cost. Palo Alto Networks firewalls are a premium product, and the initial investment plus ongoing subscription and support costs can be substantial, especially for smaller organizations. While powerful, the sheer number of features and configuration options can also present a steep learning curve for new administrators who aren't familiar with the PAN-OS ecosystem. We've also found that some advanced feature licensing can be a bit complex to navigate, and sometimes troubleshooting very specific or niche issues can require deep dives into documentation or support tickets, which, while generally helpful, can take time.
What problems is the product solving and how is that benefiting you?
Palo Alto Networks NGFWs are solving several critical security challenges for our organization. Firstly, they provide robust protection against a wide array of cyber threats, from common malware to sophisticated zero-day attacks, thanks to features like Threat Prevention subscriptions and WildFire. This significantly reduces our risk of breaches and data loss. Secondly, the App-ID feature gives us unparalleled visibility and control over the applications running on our network, allowing us to block unsanctioned or risky apps and enforce granular policies. This has helped us curb shadow IT and improve overall network performance. Thirdly, User-ID integration allows us to tie security policies to actual users and groups rather than just IP addresses, which is essential in our dynamic environment. This has simplified policy management and improved our security posture by ensuring appropriate access levels. The overall benefit is a much stronger, more intelligent security framework that adapts to evolving threats and business needs.
Palo alto Networks NGFW is the best firewall in performance.
What do you like best about the product?
What I love about PAN NGFW, it is resilent in performance and It enhances performance by processing traffic efficiently. Also It detect and blocks zero-day threat in real-time without affecting the firewall performance.
What do you dislike about the product?
Our customers complain about, It's very expensive and some of our customers mention that support is inconsistent, even for premium plans. Desipite those there is nothing to complain about.
What problems is the product solving and how is that benefiting you?
PAN NGFW is solving our customers in giving advanced security features like AI-driven threat prevention, deep visibility into encrypted traffic and automated security updates without affecting the performance of the firewall it self and the normal traffic flow.
Palo Alto Networks!
What do you like best about the product?
Palo Alto Networks Next-Generation Firewalls stand out for their deep visibility and granular control over network traffic, allowing precise policy enforcement. Their integration of threat intelligence with real-time updates through WildFire enhances zero-day protection. The unified management interface simplifies administration across distributed environments. Additionally, their strong application awareness and user identification features make them especially effective for securing modern, hybrid networks.
What do you dislike about the product?
One downside is the steep learning curve, especially for teams new to Palo Alto’s ecosystem. Licensing and subscriptions can also be complex and expensive, which may be a barrier for smaller organizations. Additionally, software updates occasionally introduce bugs that require careful testing before deployment.
What problems is the product solving and how is that benefiting you?
Palo Alto Networks NGFWs are solving problems related to advanced threat detection, application visibility, and secure access control. By identifying and blocking malware, ransomware, and unauthorized applications in real time, they significantly reduce our exposure to cyber risks. The ability to create granular policies based on users and apps, not just IPs and ports, enhances both security and operational efficiency. This has helped us streamline compliance efforts and reduce incident response times.
It's really good at protecting my data.
What do you like best about the product?
The thing I liked the most is the pricing and policies that is based on the user activities. So, it means your are actually protecting our data. Which is also a drawback sometimes because we don't need all the security every time but should be enabled.
What do you dislike about the product?
I didn't face any issues but, your high end security level. that is enabling everything even if we don't use it all the time leads to slowing system and delays tasks, especially for low end systems.
What problems is the product solving and how is that benefiting you?
Palo Alto Networks Next-Generation Firewalls are solving a lot of problems related to visibility and control over our network traffic. Before using them we had a tough time identifying what applications were being used and blocking unwanted traffic. With the App-ID feature we can now see and control apps no matter what port or protocol they're using. This has helped us reduce shadow IT and apply more accurate security policies. Another big issue was dealing with threats and malware, the integration with WildFire really helps by detecting and stopping threats in real time before they spread across the network. We also benefit from the User-ID feature which ties traffic to specific users not just IP addresses making auditing and policy enforcement a lot more precise. Overall it has made our network more secure and easier to manage even if the setup was a bit tricky in the beginning.
Enhance security with robust DNS and threat prevention features
What is our primary use case?
What is most valuable?
The most valuable features are the DNS security and threat prevention capabilities. The DNS security significantly enhances security through visibility and detection, allowing control over crucial traffic like DNS, which is often exploited by ransomware. Additionally, threat prevention and URL security are crucial licenses I recommend to customers, raising the security level substantially.
What needs improvement?
There are continuous developments with many new features coming every year. Although I receive feature requests from customers, I don't have any particular areas for improvement in mind right now.
For how long have I used the solution?
I have been working with Palo Alto Networks VM-Series for more than ten years.
What was my experience with deployment of the solution?
Setting up the VM-Series is usually very easy. The firewall can be deployed and set up within half an hour, though it depends on the complexity of the configuration.
What do I think about the stability of the solution?
In terms of stability, I would rate it eight out of ten. Perfection is unlikely as the dynamic nature of traffic and constant changes can result in occasional bugs despite regular updates. Perfection in stability remains challenging for any vendor.
What do I think about the scalability of the solution?
I rate the scalability of Palo Alto Networks VM-Series ten out of ten. It is easy to use with an excellent graphical user interface and extensive documentation, which contributes to its high scalability.
How are customer service and support?
I conduct most of the support myself and rate the overall support a nine out of ten. However, sometimes cases take longer to resolve, and there's always room for improvement, especially in terms of response time from higher support levels.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup is straightforward and easy. The process involves registering and configuring the software, and with flex mode, it is easy to scale by purchasing additional credits for more CPU and RAM without needing new hardware.
What's my experience with pricing, setup cost, and licensing?
The pricing is more on the expensive side, but it is justified due to its functionality, reliability, and throughput, even with all features enabled. In comparison to FortiGate, Check Point, and Cisco, the performance does not degrade significantly. Although I rate the cost six out of ten, the features justify the higher expense.
What other advice do I have?
Overall, I rate Palo Alto Networks VM-Series an eight out of ten. While no product is perfect, I am satisfied with its performance and value.
Adaptation
What do you like best about the product?
I appreciate the flexibility—Palo Alto Networks firewalls adapt well to various environments while offering strong, intelligent, and reliable protection.
What do you dislike about the product?
The initial setup can be complex, and there’s a noticeable learning curve before fully leveraging the full range of advanced features and capabilities.
What problems is the product solving and how is that benefiting you?
It protects against advanced threats, secures apps and users, and prevents data breaches—helping us stay compliant, safe, and efficient across our network.
Enhance cybersecurity for large enterprises using advanced threat management
What is our primary use case?
Our primary use case involves working with TVS Group of companies in India, a large automobile manufacturer. We take care of their entire cybersecurity system. We implement Palo Alto Networks VM-Series firewalls along with third-party vendors and support them remotely for their day-to-day issues. We use these solutions to enhance cybersecurity and provide protection against various security threats.
What is most valuable?
The VM-Series firewalls are described as useful for security posture, offering next-generation features such as Unified Threat Management, app-centric capabilities, and threat intelligence. The firewalls use sandboxing and behavioral analysis to allow or quarantine new traffic. They help in identifying legitimate domains and instruct admins if approval is needed. This set of features is very helpful in daily tasks.
What needs improvement?
An improvement could be the integration of security intelligence with Palo Alto cloud via APIs. This would allow IOCs, domains, and hash values to be automatically entered, reducing manual entry. Integration with CSIRT across all use levels would make it easier for administrators to stay updated on the blocked entities without manual intervention.
For how long have I used the solution?
I have been working with Palo Alto Networks VM-Series firewalls for about four to five years.
What do I think about the stability of the solution?
Generally, the VM-Series firewalls are stable. I would rate the stability as eight out of ten.
What do I think about the scalability of the solution?
The solution is scalable and can easily handle an increase in the number of users.
How are customer service and support?
I have worked with Palo Alto technical support for over two years. They are responsive and provide high-quality assistance. Previously, I have raised tickets, and they were efficiently handled by the technical team. My experience has been positive overall.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup of the VM-Series firewalls is quite easy compared to traditional firewalls. It is manageable with fewer administrators required. On a scale of one to ten, I would rate the setup as nine for its ease of implementation.
What about the implementation team?
I am directly involved in the implementation of these firewalls. It typically takes around two to three hours to deploy the firewalls in a single environment.
What other advice do I have?
The solution is user-friendly and easy to manage within an environment. As a VM, it requires no physical space and can be managed with one or two admins. It's also 99.9% secure, according to cloud security standards. Overall, I give Palo Alto Networks VM-Series a rating of nine out of ten.
User-friendly CLI and efficient dashboard streamline operations with robust security features
What is our primary use case?
We usually recommend Palo Alto Networks VM-Series for BFSI companies.
What is most valuable?
I find Palo Alto Networks VM-Series easy to deploy, and none of my customers have had significant complaints. My customers have high certifications provided by Palo Alto Networks. The friendly dashboard and the ability to easily command and use the CLI make Palo Alto Networks VM-Series a better product. It offers robust solutions, making it valuable to my customers.
What needs improvement?
It may be beneficial if the firewall can monitor all internal elements like VMs pulling from HP servers. Consolidating these insights into a single dashboard would be advantageous.
For how long have I used the solution?
I have been familiar with Palo Alto Networks for four or five years.
What do I think about the stability of the solution?
The performance of VM instances has some limitations in terms of threshold and throughput compared to appliances.
What do I think about the scalability of the solution?
I would rate scalability as eight out of ten.
How are customer service and support?
Palo Alto Networks offers better technical support, maintaining SLA efficiently, and resolving issues promptly.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
In some cases, I have migrated from Cisco to Palo Alto Networks VM-Series smoothly.
What's my experience with pricing, setup cost, and licensing?
Pricing for Palo Alto Networks is higher than other OEMs, but considering the robustness and features, it gains customer trust. Technical configuration is a focus area due to its high commercial profile.
Which other solutions did I evaluate?
I consider Check Point alongside Palo Alto Networks, as well as Cisco for wireless solutions.
What other advice do I have?
When evaluating, consider the customer’s environment and pain points since both Check Point and Palo Alto Networks have their advantages. Overall, I rate Palo Alto Networks VM-Series eight out of ten.
AI-Powered Threat Detection and Autonomous Real-Time Protection
What do you like best about the product?
By employing preemptive thread detection and autonomous real-time protection, Palo Alto Networks' Next-Generation Firewalls empower organizations to promptly identify and neutralize potential security breaches. This empowers them to optimize performance by prioritizing critical processes during startup, leading to significantly faster boot times. It also enables AI-driven analysis of system behavior right from the start.
What do you dislike about the product?
While the AI integration offers numerous benefits, a potential drawback is the lack of transparency. It's challenging to understand why traffic is blocked or threats flagged, creating a 'black box' effect, hindering trust and making auditing difficult.
What problems is the product solving and how is that benefiting you?
Palo Alto Networks Next-Generation Firewalls use Malware Analysis and Sandboxing to identify and prevent malicious software from harming our systems. This saves our business time and money by preventing data breaches and other security incidents.
showing 11 - 20