Prisma SD-WAN ION Virtual Appliance (BYOL)
Palo Alto NetworksReviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
63 reviews
from
External reviews are not included in the AWS star rating for the product.
Prisma SD-WAN: A Certified Engineer’s Executive Review — Strengths and Trade-Offs
What do you like best about the product?
Application-defined steering and SLA management, single-pane orchestration at scale, and deep integrations with Prisma Access and CloudBlades for policy automation and security consistency.
designed for hub/cloud-centric topologies so validate full-mesh or complex east-west requirements early; ION branch appliances emphasize connectivity over NGFW feature parity so plan for security insertion (Prisma Access or on-box PAN-OS) accordingly; and teams will experience an operational learning curve shifting from traditional MPLS/firewall models.
Strongly recommended for customers that have embraced an internet-first SASE approach and require automatic application-based routing and centralized operations; confirm full-mesh and branch security requirements before a broad rollout.
designed for hub/cloud-centric topologies so validate full-mesh or complex east-west requirements early; ION branch appliances emphasize connectivity over NGFW feature parity so plan for security insertion (Prisma Access or on-box PAN-OS) accordingly; and teams will experience an operational learning curve shifting from traditional MPLS/firewall models.
Strongly recommended for customers that have embraced an internet-first SASE approach and require automatic application-based routing and centralized operations; confirm full-mesh and branch security requirements before a broad rollout.
What do you dislike about the product?
As a certified practitioner, what I dislike about Prisma SD-WAN can be summarized in a few pragmatic concerns: it has a clear hub-and-cloud bias that makes full-mesh or complex east-west fabrics harder to design and operate, so you must validate topology fit early and often; the ION branch appliances prioritize connectivity and steering over full NGFW parity, meaning branches that need deep inspection will require Prisma Access or supplemental firewalls; the operational model demands a mindset shift — app-centric policies, CloudBlades and overlay behaviors introduce a learning curve for teams used to traditional MPLS/firewall operations, which calls for upfront training and scripted runbooks; licensing and feature modularity (many capabilities behind add-ons) complicate cost forecasting and procurement, so build detailed cost models and negotiate bundles; reliance on a cloud control plane, while generally resilient, creates another availability surface to plan for test control-plane failure modes and ensure local failover is rock solid; the platform produces a high volume of telemetry that can overwhelm teams unless filtered and integrated into observability systems; hardware and firmware heterogeneity across ION SKUs can make lifecycle management and upgrades fiddly, so standardize SKUs and automate patching; deep integration with Palo Alto’s SASE ecosystem risks vendor lock-in for organizations that need multi-vendor flexibility — where possible preserve standard protocol interop; SD-WAN steering can’t fix poor ISP last-mile so customers sometimes have unrealistic expectations, which requires ISP diversity and SLAs in the design; and finally, while Prisma is strong broadly, very niche edge features or specialized routing behaviors may be better served by competitors, so pilot and bake-off critical functions before a wide rollout.
What problems is the product solving and how is that benefiting you?
Prisma SD-WAN addresses several concrete problems, high MPLS costs and rigid topologies, poor SaaS and real-time app performance over unmanaged internet paths, fragmented branch security and inconsistent policy enforcement, limited application visibility and telemetry, and slow, manual branch provisioning and troubleshooting, and I’ve personally benefited from those fixes: application-aware SLA steering consistently improved SaaS and VoIP UX while allowing me to offload expensive MPLS bandwidth to cheaper broadband, centralized cloud management and rich APIs cut deployment time and reduced human error during config rollouts, comprehensive telemetry and topology maps shrank mean-time-to-identify for performance incidents, integration with Prisma Access and CloudBlades let me enforce consistent security policies without shoehorning NGFWs into every site, and automation reduced operational overhead so my team can focus on architecture and policy rather than repetitive device maintenance; the net effect for me has been lower recurring network costs, faster troubleshooting and change cycles, more predictable application experience for users, and the ability to move toward an internet-first SASE posture, while still needing to plan for control-plane dependence, branch NGFW gaps, and an initial ops learning curve.
Optimized WAN edge solution
What do you like best about the product?
Prisma SD-WAN makes the network consistent performance, reliability and self-optimizing. It provides the single solution for all problems occuring in any organization relating networking and security.
What do you dislike about the product?
with the advantages of Prisma SD-WAN there are some drawbacks also which includes the complexity of the plateform comparing other sites. Also it is costly and heavy-appliance.
What problems is the product solving and how is that benefiting you?
Prisma SD-WAN is solving the MPLS complexity issues by eliminating MPLS. It has better cloud and SaaS performance as compared to others. It also provides built-in security.
Palo Alto Prisma
What do you like best about the product?
I find the Admin interface and product options a very good toolbox to enable a secure SASE solution, the tenant setup is quick and easy, support documentation ease to follow and integration points also well documented.
What do you dislike about the product?
The pricing model for certain options can start to add up and eat into modest budgets, careful planning and phased deployments may need to be taken into consideration here.
What problems is the product solving and how is that benefiting you?
Allowing us to track and monitor User internet traffic, and also deploy data loss prevention measure were too major advantages we identified early in the selection process.
Prisma world
What do you like best about the product?
Prisma SD-WAN has been a game-changer. The biggest win for us is definitely the centralized management – having that "single pane of glass" view, especially with our existing Palo Alto firewalls, is incredibly valuable. It makes troubleshooting so much faster and more intuitive. I also love how it dynamically steers traffic based on real-time conditions. We've seen a noticeable improvement in application performance, and the lag that used to frustrate our team has pretty much disappeared.
What do you dislike about the product?
One thing that took some getting used to was the terminology and how policies are structured within the orchestrator. It's powerful, but there's a definite learning curve to fully grasp its intricacies. The UI, while functional, could also use a bit of polish in certain areas. Sometimes, navigating between different policy layers or trying to find specific logs feels like it requires more clicks than it should. And I've heard some folks mention that the documentation could be more robust – luckily, we haven't hit too many roadblocks that required deep dives into it, but it's something to consider.
What problems is the product solving and how is that benefiting you?
Prisma SD-WAN addresses several key challenges:
- High WAN Costs and Complexity: It reduces reliance on expensive MPLS by intelligently utilizing cheaper broadband and LTE/5G connections, lowering operational costs and simplifying network setup.
- Poor Application Performance: It ensures critical applications (especially SaaS) always have the best path, dynamically routing traffic to minimize latency and packet loss, leading to a significantly improved user experience.
- Limited Network Visibility and Manual Management: It provides centralized, deep visibility into network and application performance, and automates many operational tasks through AI/ML (AIOps), reducing manual effort and speeding up troubleshooting.
- Inconsistent Branch Security: It integrates security natively, often as part of a SASE (Secure Access Service Edge) strategy, ensuring consistent security policies across all locations and for all users and devices.
For me, this translates to cost savings, better application performance for our users, and a vastly simplified network management experience. We spend less time troubleshooting and more time on strategic initiatives.
- High WAN Costs and Complexity: It reduces reliance on expensive MPLS by intelligently utilizing cheaper broadband and LTE/5G connections, lowering operational costs and simplifying network setup.
- Poor Application Performance: It ensures critical applications (especially SaaS) always have the best path, dynamically routing traffic to minimize latency and packet loss, leading to a significantly improved user experience.
- Limited Network Visibility and Manual Management: It provides centralized, deep visibility into network and application performance, and automates many operational tasks through AI/ML (AIOps), reducing manual effort and speeding up troubleshooting.
- Inconsistent Branch Security: It integrates security natively, often as part of a SASE (Secure Access Service Edge) strategy, ensuring consistent security policies across all locations and for all users and devices.
For me, this translates to cost savings, better application performance for our users, and a vastly simplified network management experience. We spend less time troubleshooting and more time on strategic initiatives.
Disappointing Experience with Prisma SD-WAN
What do you like best about the product?
The cloud-native model is interesting, the policy-based approach is conceptually modern, and the integration with Palo Alto’s broader ecosystem is definitely a plus
What do you dislike about the product?
Complex and unintuitive management interface – The console is not user-friendly, and many configurations require a steep learning curve, even for teams already familiar with other SD-WAN solutions.
Lack of stability – We experienced instability in tunnels and failovers that weren’t always timely. In critical environments, this is a serious concern.
Limitations in complex scenarios – The product seems to perform better in standardized deployments. When dealing with advanced configurations or integration with existing systems, options are often rigid or require workarounds that feel like temporary fixes.
Support needs improvement – Response times are not always fast, and we frequently had to re-explain the same issue to multiple support engineers. Additionally, the available documentation is scattered and, in some cases, outdated.
Lack of stability – We experienced instability in tunnels and failovers that weren’t always timely. In critical environments, this is a serious concern.
Limitations in complex scenarios – The product seems to perform better in standardized deployments. When dealing with advanced configurations or integration with existing systems, options are often rigid or require workarounds that feel like temporary fixes.
Support needs improvement – Response times are not always fast, and we frequently had to re-explain the same issue to multiple support engineers. Additionally, the available documentation is scattered and, in some cases, outdated.
What problems is the product solving and how is that benefiting you?
Prisma SD-WAN is designed to solve challenges related to traditional WAN architectures, such as complex site-to-site configurations, inefficient use of bandwidth, and lack of visibility or centralized control. Its cloud-delivered model aims to simplify branch connectivity, improve application performance, and provide granular policy enforcement across distributed networks.
In our usage is reducing the dependency from Service Provider MPLS networks
In our usage is reducing the dependency from Service Provider MPLS networks
Evaluating Prisma SD-WAN
What do you like best about the product?
What I like best about Prisma SD-WAN is how intelligent and automated the path selection is.
It constantly monitors the performance of all WAN links and dynamically steers traffic based on real-time conditions like latency, jitter, and packet loss — which has significantly improved application performance without me needing to manually intervene.
I also like the management over cloud which is easy to control.
It constantly monitors the performance of all WAN links and dynamically steers traffic based on real-time conditions like latency, jitter, and packet loss — which has significantly improved application performance without me needing to manually intervene.
I also like the management over cloud which is easy to control.
What do you dislike about the product?
One thing I dislike about Prisma SD-WAN is that the initial learning curve can be a bit steep, especially if you're coming from a traditional networking background. The terminology and the way policies are structured in the orchestrator take some time to get used to.
Lastly, the UI — while functional — could be a bit more hard in some areas. For example, navigating between different policy layers or finding certain logs sometimes takes more clicks than it should.
That said, these are mostly usability issues, and once you're familiar with the platform, they’re manageable.
Lastly, the UI — while functional — could be a bit more hard in some areas. For example, navigating between different policy layers or finding certain logs sometimes takes more clicks than it should.
That said, these are mostly usability issues, and once you're familiar with the platform, they’re manageable.
What problems is the product solving and how is that benefiting you?
The biggest one being reliable and efficient connectivity across multiple sites. Before, we were dealing with complex routing setups, inconsistent performance across WAN links, and limited visibility into application traffic.
With Prisma SD-WAN, we now have dynamic path selection based on real-time network conditions, which means critical applications like VoIP and video conferencing always get the best possible link. That’s directly improved user experience and reduced complaints from remote offices.
With Prisma SD-WAN, we now have dynamic path selection based on real-time network conditions, which means critical applications like VoIP and video conferencing always get the best possible link. That’s directly improved user experience and reduced complaints from remote offices.
Prisma SD-WAN Made Our Network Smoother — A Few Bumps, But Totally Worth It
What do you like best about the product?
honestly, I was bracing for a headache, but it just clicked right into place. Once it was running, everything felt smoother; our apps worked better, and the lag that used to frustrate the team pretty much disappeared. On top of that, knowing our network is more secure with all these new devices popping up everywhere is such a relief. Plus, saving money every month doesn’t hurt! It’s those little wins that make it feel like a smart, no-nonsense upgrade.
What do you dislike about the product?
honestly, tweaking the analytics dashboards to fit what we need feels way more complicated than it should be and What bugs me most is that sometimes video calls get choppy, which is really annoying when you’re trying to stay professional.
What problems is the product solving and how is that benefiting you?
Prisma SD-WAN fixed our slow apps and security worries, especially with more devices from hybrid work. Everything runs smoother now, the team’s happier, and it saved us money—which is a big relief.
Interesting solution for sd-wan
What do you like best about the product?
The compatibility with a lot of enviroments because we some time we need to communicate cloud with onprem and the configurations we need to follow are so easy to configurate
What do you dislike about the product?
1. Complex initial setup – The onboarding process can be complex, especially for teams without deep networking experience.
2. Steep learning curve – The interface and configuration options are powerful but may feel overwhelming at first.
3. Documentation gaps – Some users report that documentation is either too generic or lacks real-world deployment examples.
4. UI performance – The web interface can sometimes be slow or unintuitive, especially when navigating large configurations.
5. Licensing and cost – Pricing models may not be straightforward, and costs can grow with scale.
6. Integration quirks – Integration with legacy systems or third-party solutions may require manual workarounds.
2. Steep learning curve – The interface and configuration options are powerful but may feel overwhelming at first.
3. Documentation gaps – Some users report that documentation is either too generic or lacks real-world deployment examples.
4. UI performance – The web interface can sometimes be slow or unintuitive, especially when navigating large configurations.
5. Licensing and cost – Pricing models may not be straightforward, and costs can grow with scale.
6. Integration quirks – Integration with legacy systems or third-party solutions may require manual workarounds.
What problems is the product solving and how is that benefiting you?
Prisma SD-WAN helps solve the challenge of managing and optimizing connectivity across multiple branch locations. Traditional WAN architectures relying on MPLS were costly, rigid, and hard to scale. With Prisma SD-WAN, we can use broadband and LTE links efficiently, while still maintaining high availability and performance.
Filling in the Gap
What do you like best about the product?
I think the main points that the SD-WAN focuses on, are the best things.
The ease of integration in my companies network was something I did not expect, it's pretty easy to use and I haven't had to use the customer support for the system yet even with the frequency of use but I heard it's good. My favorite feature is probably the Ai Ops aspect, while not original, they do it well. The implementation is somewhat of a learning curve but more efficient when you know it.
The ease of integration in my companies network was something I did not expect, it's pretty easy to use and I haven't had to use the customer support for the system yet even with the frequency of use but I heard it's good. My favorite feature is probably the Ai Ops aspect, while not original, they do it well. The implementation is somewhat of a learning curve but more efficient when you know it.
What do you dislike about the product?
I think the worst things about the Prisma is that the price of the system is pretty high, I think being such a new product that is to be expected but still harder to convince people to buy it because of that.
What problems is the product solving and how is that benefiting you?
Prisma is more making these more efficient rather than solving problems, like the whole multi-cloud thing. I also think the interface is great epically when comparing to cli systems
Prisma SD-WAN Review
What do you like best about the product?
Theres some things i really enjoy about prisma, first, the excellent user experience, it is very intuitive to use, another thing i like is the integration with the palo alto ecosystem so it is not difficult to implement or setup
What do you dislike about the product?
The price is not really attractive, of course, it is totally worth it because of the solution quality, but its not easy to convince directives to pay for it.
What problems is the product solving and how is that benefiting you?
Some of our core business partners have problems making sure their network is not only available and performs well, but also secure. So prisma's access control and network segmentation features are great tools to help bring security to our partners networks.
showing 1 - 10