We manage public or private cloud traffic, inspecting for security through various profiles. This includes managing traffic for southeast, east-west, inbound, and A access, applying security profiles to the traffic. I also work with the Check Point Next Generation Firewall and Palo Alto Firewalls.

The most effective features for threat prevention include the threat prevention signature level, the application filter capability, and the visibility provided by the firewalls. 

We use these tools to prevent all known and unknown threats using Palo Alto Networks' Wildfire and other data filtering tools to gather information, analyze traffic, manage malicious traffic, and offer visibility, control, and attack prevention.

When managing the firewall, it involves a Strata Cloud web browser that requires improvement to enhance deployment ease and call center efficiency. 

Additionally, focusing more on enhancing the Stata Cloud Manager would be beneficial.

I have used this solution for three years.

The solution is very stable and has been in the market for the last 16 weeks.

We are very much satisfied with the tool's scalability. 

It rates up to nine out of ten for scalability satisfaction.

The support is quite responsive, but the support quality could be improved. They should focus on enhancing the support provided.

Positive

The setup is easy; I would rate it ten out of ten for ease of setup.

Customers can see data within a week, indicating a quick return on investment.

The pricing is at a reach level. I'm not the person who deals with exact pricing details.

I recommend going with the VM series, as it integrates advanced technological standards on a single platform and supports Kubernetes and Docker, which other vendors often don't offer. 

I rate the overall solution ten out of ten.

The primary use case involves using next-generation firewalls, hardware, VM-Series, Prisma Access for SASE solutions, Prisma Cloud for cloud security posture management, and Cloud Workload Protection. It's used primarily for securing customers' virtualized data center environments as well as public cloud environments.

The additional visibility, which was lacking with cloud-native tools, has improved the organization's cloud security posture. Advanced enforcement and granular security controls help manage potential threats.

The most effective feature for threat prevention is the threat prevention model in the VM-Series. This is bundled with advanced URL filtering, decryption, and wildfire sandboxing.

If additional web application firewall capabilities could be integrated into the existing firewall, it would negate the need for additional products.

I've been working with Palo Alto VM-Series for at least five to six years now.

We haven't had challenges with failovers yet.

We've controlled the scalability via VMSS in Azure, using auto-scale groups in AWS. It's quite seamless, though there's room for improvement in cost management, especially during traffic spikes.

The technical support is great. We've had no challenges and there are established channels for customer success and professional services.

Positive

In the past, I used to work with Check Point, but haven't worked with them lately. Given the support from Palo Alto, there hasn't been a necessity to explore others.

The integration process involved using a Panorama setup for centralized firewall administration, transitioning from cloud-native firewalls to VM-Series.

We are primarily a consulting firm and reseller, so we've had significant involvement in the process.

The solution tends to add to costs especially when scaling, although measures like using large compute instances minimize the need for scaling.

Potential competitors mentioned are Check Point and Cisco but haven't been evaluated recently.

For straightforward firewall inspection and basic IPS, IDS requirements, native firewalls might suffice. For more advanced needs, using VM-Series or Palo Alto Firewalls is recommended.

I would rate it an eight out of ten.

I use it for two main reasons. In case there is a customer query, Palo Alto firewall is one of the vendors that we support for syslogs, rule management, change management, and traffic monitoring. 

Our product is used to query the firewall and provide a dashboard that raises alarms if any suspicious activity is detected. It involves the management of the firewall. We have a partnership with Palo Alto, and I have worked with VM-Series. 

When a customer encounters an issue with our product in accordance with Palo Alto, I analyze the problem and provide solutions. Additionally, I have constructed a lab with network devices for partner training. This lab uses Palo Alto firewalls for communication.

By using this firewall, we were able to address a lot of customer queries and answer to their VM-Series. This helped us retain our customers and gain confidence from them.

Palo Alto is easy to use. The UI is very easy to understand and does not require any certification or highly skilled technician to handle the firewall. It is very user-friendly and straightforward out of the box.

An area for improvement would be AI-related features, particularly in rule management or threat intelligence. Focusing on AI-based threat detection would be beneficial. 

Additionally, enhancing the ease of accessing technical support would be useful.

I have been using Palo Alto Networks VM-Series for about three to four years.

Stability is good. Once it is configured, it is stable, and I would rate it nine out of ten. I have not experienced any outages with Palo Alto, unlike other vendors like Sophos.

Scalability is good, and I would rate it eight out of ten. We use it for testing with a low load, and it works well. In production setups, I have observed it being used effectively with a large number of transactions per second.

Reaching technical support is challenging, and I may not be eligible for direct support since I'm not a customer. It involves multiple channels. I would rate their technical support seven out of ten.

Neutral

I previously used Cisco ASA, an older version, due to its market leadership at the time. We moved to Palo Alto due to multiple customer requests for other solutions like Sophos, FortiGate, SonicWall, and WatchGuard.

The initial setup was very easy and can be rated nine out of ten. It is straightforward to configure, and the UI is simple.

I did everything myself. One person is sufficient for the deployment and maintenance of five to seven firewalls.

The return on investment is seen in customer retention and addressing their queries rather than in revenue.

I'm not the right person to give a rating for pricing, as I use a not-for-sale license provided by Palo Alto for testing.

We evaluated Cisco ASA, but due to diverse customer demands and requests for vendors like Sophos, FortiGate, SonicWall, and WatchGuard, we extended our support to Palo Alto as well.

For software application firewalls, this is the best solution. If you are using it in a cloud or as an application firewall, then Palo Alto Networks VM-Series is the best one for you.

I would rate it an eight out of ten.

We use Palo Alto Networks VM-Series to offer services to our customers as a managed security service provider. We provide solutions and services to our customers across the globe. For example, if I want to host a firewall in the cloud or somewhere where the physical appliance is not a possibility, we provide that image of the firewall on virtual machines.

It helps in offering advanced protection against malware and anti-spyware, which is based on customer feedback stating the product has very good threat prevention capabilities.

Very good reliability and feature set, such as advanced protection against malware, anti-spyware, and Wildfire. It also has good VPN capabilities and integration capabilities.

The scalability could be improved further. The virtual instances of the firewall are not as scalable as their hardware firewalls.

We have been using Palo Alto Networks VM-Series firewalls for over five years.

I find the solution to be a good, stable product.

The virtual instances are not as scalable as the hardware firewalls.

A separate team handles implementation. I am mostly involved in the designing aspect of the product.

It is hard to get into the ROI aspect. Generally, ROI can be determined by comparing a physical appliance-based firewall versus a virtual instance of a firewall.

Pricing can be an issue when competing with products like Fortinet, which often offer similar functionality at a lower cost.

There are many competitors like Fortinet offering similar functionality.

I'd rate the solution nine out of ten.

All the PwC offices in Pakistan use Palo Alto in their environment. It is a global solution.

Palo Alto is a good product. The features are up to the mark. No other product can compete with Palo Alto’s features. The filtering feature is good. We can block the traffic and examine the report easily. The blocking functionality works very well compared to other firewalls. I rate the ability of the tool to keep up with the trends in firewalls an eight out of ten.

The product must create some awareness in Pakistan. People are less aware of Palo Alto. Everyone knows about Fortinet and Cisco. Very few vendors are promoting the tool.

I have been using the solution for four to five years.

The stability is fine. I rate the stability a seven out of ten.

I rate the product’s scalability an eight out of ten. We have 2500 users. We use the tool daily. All our traffic passes through it.

I rate the ease of setup a seven out of ten. The setup is moderately easy. The product is deployed on the cloud. The deployment takes two to three days since it has global rules.

The tool was deployed in-house.

We have seen an ROI of 60% to 70%.

Companies in Pakistan have limited budgets. Palo Alto is more expensive than other products. So, people are reluctant to put Palo Alto in their environment. It's too costly compared to other tools. I rate the pricing a nine out of ten.

We had deployed the solution in 2018. We used a different product before, but my organization switched to Palo Alto. It was the management’s decision. Overall, I rate the tool an eight out of ten.

Our company sometimes uses a data center edge firewall from Cisco, Fortinet, Forcepoint, or any other vendor, and the solution is used to cover apps and data. 

The threat prevention and WildFire features are the most valuable features. DNS is another good feature of the product. 

The flexible throughput in Palo Alto Networks VM-Series can be improved. The customers of our organization demand 500 meg throughput and the payment also depends on it. The basic firewall from Palo Alto has the size of one gig, and it isn't logical for a customer to buy for one gig when just 500 meg is required. Palo Alto Networks VM-Series should become a more flexible firewall. 

VM management in an environment is difficult with Palo Alto Networks VM-Series, but it can be smoothly managed through Panorama. The vendor can work on enhancing and processing that will not affect the server itself or the VM firewall protection. In our company, we have multiple VMs implemented on the same server, and the Palo Alto Networks VM-Series is used to protect these VMs completely. The tools being used should not affect the operations between VMs. 

I have been using Palo Alto Networks VM-Series for almost four years. 

I would rate the stability of the product a nine out of ten. I am facing multiple stability issues with other competitor tools in our company. 

I would rate the scalability a seven out of ten. I would've rated Palo Alto Networks VM-Series more if the flexible throughput was better. I would rate the scalability of other competitor tools a four out of ten. Palo Alto Networks VM-Series is suitable for businesses of every size or scale. 

The vendor provides two support modules: backline and premium support. If you need to open a case directly with Palo Alto to solve a problem, you must purchase premium support.

Premium support is highly expensive—almost five times the cost of availing backline support. Local distributors of the product manage the backline support and have extended response time, and the team might not have mature knowledge to solve issues. 

The solution's initial setup process is very easy. A hybrid deployment model is available for Palo Alto Networks VM-Series. Panorama can manage the solution's VM, physical, and cloud versions, making it an impressive monitoring tool. 

A more mature and enhanced tool can be used in integration to migrate from other competitor solutions to Palo Alto Networks VM-Series. For instance, if a customer has a legacy firewall from Cisco or Fortinet and there is a need to migrate to Palo Alto, I will require a mature migration tool that will make the process easier for engineers to migrate the rules, policies, and application IDs.  

The licensing model should be improved. Palo Alto Networks VM-Series is the most expensive tool among competitors. 

Palo Alto Networks VM-Series and the competitor products provide multiple series of bandwidth, features, implementation models and capable management tools. But Palo Alto Networks VM-Series is the most stable compared to all other competitor tools. The signature or behavior of the database is more mature in Palo Alto Networks VM-Series than others. 

Palo Alto Networks VM-Series allows you to analyze the behavior of any traffic or probable attack. 

The solution easily integrates with the client's cloud security architecture. If in our company, we get a customer who's depending on the container, then security is required for the container from OpenShift or any other vendor, I use Prisma to secure the environment instead of traditional firewalls. 

The solution's sizing and architecture are highly expensive. It's an effective and stable firewall that detects all attacks. Palo Alto Networks VM-Series can adapt quickly to an organization's changing security or policy needs. Overall, I would rate the product an eight out of ten. I will definitely recommend Palo Alto Networks VM-Series to other users. 

The most effective features for threat prevention are application-based prevention and WildFire. These features cover various threats, such as ransomware, malware, etc. They provide real-time visibility. By applying appropriate policies, threats can be blocked.

The solution needs to improve its visibility. It's not straightforward to use. Understanding the policies, authorizations, and initializing features requires careful review. The product needs to offer proper training. 

I have been working with the product for three to four months. 

I rate Palo Alto Networks VM-Series' stability as ten out of ten. 

The main issue with the tool's support is the delayed response time, ranging from one to two hours. This delay can impact customers who are waiting for support. Additionally, partners may become busy. 

Positive

The tool's improvement in cloud security posture depends on the features used and the licenses purchased. Different suites are available, such as Professional, Core, and Enterprise, each offering various features for endpoint.

Competitors such as Fortinet and Check Point also offer similar features, but I don't know much about their offerings. However, Palo Alto Network VM-Series stands out with its application deployment capability, iOS zone protection, and features like application ID, user ID, and device ID identification. These features enable policy application and on-premises protection, which may not be available in competing solutions.

I rate the overall product a nine out of ten. 

I've mainly worked with the VM-Series, and a few features have been really effective for threat prevention in our networks, like McAfee training, Accountant ID, and apps ID. These features integrate well with our existing environments and tools, such as Panorama. 

 The VM-Series scalability is fast and easy to implement, improving our security posture as our Azure network grows. The only minor issue we've faced is with the apps ID configuration, which requires specific matching for application filtering. Tools like Loopback help us identify open or denied flows between two firewalls and manage the servers effectively. The Palo Alto system easily identifies rules and objects within roles, making maintenance straightforward.

No other major concerns, just the specific issue with Apps ID configuration. Otherwise, overall stability, VPN, IPSec, VRF, and flow management with the VM-Series have been very stable and reliable.

I have been using Palo Alto Networks VM-Series for 2 years.

I've had a positive experience with Palo Alto's support. They usually respond within a few hours, which is satisfactory

Positive

In my experience, Palo Alto and Fortinet offer similar quality and high-level security compared to other vendors like Cisco and Forcepoint. They stand out in terms of reliability and security features. Other vendors may not match their level of performance and security.

It is easy to maintain because we have various tools to manage and monitor the system. 

The pricing for Palo Alto is quite high compared to FortiGate, which is more affordable. I don't have the exact figures as my manager handles that, but from my research, Palo Alto's licensing costs are significantly higher.

I would rate Palo Alto Networks VM-Series as an eight overall. My recommendation for others considering this tool would be to ensure they have the budget for it, as it can be expensive compared to alternatives like FortiGate. Also, they should be prepared to understand and document their application metrics thoroughly to implement the firewall correctly. 

I use the solution in my company to block threats, detect vulnerabilities, and protect the organization's internal network.

The most valuable feature of the solution stems from the fact that its UI is good since it offers options. In terms of being compliant with the firewall security standards, the product falls in the first or second place. The product can also be considered as NGFW. In general, the product is user-friendly.

The reporting part of the product is an area of concern where improvements are required. Compared to Palo Alto Networks VM-Series's reports, FortiGate NGFW provides users with reports that are easy to understand.

I have been using Palo Alto Networks VM-Series for three to four years.

The product's stability is good. Considering the cloud availability, I can say that the product is 99.99 percent stable. The firewall functions properly on the cloud, and there has been no downtime in the last couple of years. Unless the cloud services from Microsoft Azure go down, the firewall works properly.

My company has 1,000 users of the product, but not all of them are connected to the product all the time since my company has three different fire products running in the cloud. I would say there are around 600 Palo Alto Networks VM-Series users.

The technical support for the solution is very good.

The product's deployment phase is not complex. The tool is easy to deploy.

The solution is deployed on the cloud.

There is a need to make payments toward a yearly subscription-based model in which you need to add modules that you want to use in your company.

I can't elaborate on how the product was deployed in our company's existing infrastructure since the product was not deployed by our company, as the vendor handled it. The product can be deployed on the cloud platform you want to use. If you are using Azure's cloud services, then we select VM-Series, take care of the configurations, and upload the required details to get the product.

In terms of the product's ability to improve our company's network security posture, I see that the tool keeps our systems protected since all the network traffic is routed through the tool. The tool provides protection against any malicious traffic that attempts to get into the company network as such networks get blocked and quarantined by the firewall. Been blocked on the firewall network. Malicious components in the network don't enter our company's internal network, so the users are protecting the systems attached to the internal traffic.

My company has not integrated the product with any third-party software.

Speaking about the benefits of dynamic scalability, I would say that my company has not used the product's scalability features. I don't think there is anything wrong with the tool's scalability functionalities.

The tool is good for enterprise-level organizations because it has many options for users in its office. The product also comes with a lot of add-ons. If you can leverage the benefits of everything the product offers, then it can be useful. It is easy if you want to integrate the tool or connect it with other applications or third-party software, and you can do cloud monitoring and SIEM. The tool also works with XDR products. In general, the tool has its pros and is good software.

I have not encountered any issues with policy management in the product.

The product helps find vulnerabilities in the system, especially opened ports and unwanted ports that are open. If there are any issues, you can explore your system further with Nmap and with the help of a given IP address.

I rate the tool an eight out of ten.

The most valuable feature of the solution is the zero-trust security architecture.

The solution's licensing could be improved, and training should be included before installation.

I have been using Palo Alto Networks VM-Series for four years.

There are always glitches in every product, but the solution is reliable overall.

I rate the solution a nine out of ten for stability.

I haven’t faced any issues with the solution’s scalability. Our clients for the solution are large corporate or global customers.

The solution’s technical support is very good.

Positive

The solution's initial setup is easy if you have training and know what to do. The solution's deployment time depends a lot on the customer's requirements. It takes around half an hour to install the solution.

The smaller firewalls, like the PA-400 Series, are very good priced. Some of the challenges come with licensing and support on the larger boxes. Sometimes, it's cheaper to buy a new firewall with licensing instead of renewing the licenses of an old firewall.

Suppose you have a PA-3000 Series firewall. By the time of its renewal, Palo Alto will come up with the PA-1400 Series with better performance than the old PA-3000 Series. If the customer had one of the older ones, it would be cheaper for them to buy a new firewall on a lower tier and then get the licenses.

The solution is deployed both on-premises and on the cloud. Palo Alto Networks VM-Series helps in securing our public cloud infrastructure. It is easy to integrate Palo Alto Networks VM-Series with other solutions. We have integrated the solution with Aruba ClearPass Policy Manager. It is easy to maintain the solution.

It is very important for users to get the solution implemented properly in the customer's network.

Overall, I rate the solution ten out of ten.