VM-Series Next-Generation Firewall Bundle 1 [VM-300]
Palo Alto Networks | PAN-OS 8.1.25-h1Linux/Unix, Other PAN-OS 8.1.25-h1 - 64-bit Amazon Machine Image (AMI)
External reviews
External reviews are not included in the AWS star rating for the product.
The best of breed for your next generation firewall
What do you like best about the product?
Palo Alto provides a complete and comprehensive solution to secure your in office, in datacenter, and in cloud presence. The security modules alone set this solution so far apart from all of the others. The visibility into the traffic, the integration of rules, and the power behind the physical and virtual appliances are beyond expectations.
What do you dislike about the product?
You get what you pay for. Palo Alto pricing is not for the feint at heart; it is expensive. The UI is powerful, and in some ways that is a draw back because you need to have expertise with it in order to be effective at standing it up. If you are doing a conversion, definitely utilize a VAR's resources to implement a new build out or you will fail.
What problems is the product solving and how is that benefiting you?
The appliances we replaced were straight up firewalls. Typical rule creation, exception handling, etc. The Palo Alto does so much more than that. The threat modules are dynamic, the intelligence on the appliances is amazing, and using Panaroma as a central management console hooks them all together to simplify management.
We realized very quickly what really is happening on our network with the instant visibility, and we were able to take instant action. The visibility on the network and the ability to act automatically to mitigate threats is so powerful.
We realized very quickly what really is happening on our network with the instant visibility, and we were able to take instant action. The visibility on the network and the ability to act automatically to mitigate threats is so powerful.
Recommendations to others considering the product:
Be sure you completely understand your requirements. Document them. Do your homework. Palo Alto can do so much. Don't go into it thinking you will turn everything on and it will all go wonderfully. The Palo Alto is a powerful device that can, if not configured correctly, take down your entire network.
- Leave a Comment |
- Mark review as helpful
A Perfect Next Gen Firewall for all the Needs
What do you like best about the product?
Palo Alto's APP ID feature is the best I like about this firewall. It allows us configure absolutely granular application control policies. Also it a very stable and secure Firewall which allows all types of security hardening.
What do you dislike about the product?
Palo Alto GUI has so many features that it doesn't require CLI at all. But it is a bit complex GUI and makes it difficult to make configurations for a Beginner.Also Two Factor Authentication requires integration with RSA, DUO or similar TFA Tools.
What problems is the product solving and how is that benefiting you?
We are solving following problems with Palo Alto Next Gen Firewall:-
1. URL Filtering
2. Application Control and Filtering
3. Threat Prevention
4. Sand Boxing ( Wildfire )
5. Intrusion Detection and Prevention
6. Site to Site VPN
7. Client to Site VPN (For Work From Home)
8.
1. URL Filtering
2. Application Control and Filtering
3. Threat Prevention
4. Sand Boxing ( Wildfire )
5. Intrusion Detection and Prevention
6. Site to Site VPN
7. Client to Site VPN (For Work From Home)
8.
Recommendations to others considering the product:
All I want to say for anyone evaluating Palo Alto Next Generation Firewall is:-
1. It's an amazing, scalable, secure and fully featured next generation firewall.
2. It is highly capable of meeting all your business needs.
3. It a product you must go for, without any second thoughts as the security it offers is vast.
4. In-House Implementation could be difficult, hence consulting a Certified Systems Integrator would be a better decision.
5. If you are already using Forescout Network Access Control and than Palo Alto Next Gen Extended module makes Blocking very effective on your perimeter or internal segmentation Palo Alto Firewall.
1. It's an amazing, scalable, secure and fully featured next generation firewall.
2. It is highly capable of meeting all your business needs.
3. It a product you must go for, without any second thoughts as the security it offers is vast.
4. In-House Implementation could be difficult, hence consulting a Certified Systems Integrator would be a better decision.
5. If you are already using Forescout Network Access Control and than Palo Alto Next Gen Extended module makes Blocking very effective on your perimeter or internal segmentation Palo Alto Firewall.
Rock Solid and Ready for Business
What do you like best about the product?
Palo Alto's versatility, it has the power to handle high volumes of connections while protecting against a multitude of different types of threats.
What do you dislike about the product?
Sometimes the latest version updates do not always seem to be ready for prime time.
What problems is the product solving and how is that benefiting you?
Web application firewalling, virus/malware protection, DDoS attacks. We found that there was a high volume of impersonation and poxy avoidance in use in our organization we were unaware of prior to its inception.
Recommendations to others considering the product:
If your organization is in need of a firewall that can do more than just block a DDoS attack but don't have the budget for multiple devices then you need to check out Palo Alto.
HA Palo Alto Firewalls
What do you like best about the product?
Palo Alto firewalls are great at securing the network. Not meant for all environments as they do not allow any white listing.
What do you dislike about the product?
They do not allow any white listing, no white list based on static, MAC or VLAN. Their support is only break fix, there are really no options for configuration assistance.
What problems is the product solving and how is that benefiting you?
The benefits here is the device is solid. They work well do rarely give a problem.
Recommendations to others considering the product:
Do not use in a school. Do not plan on their support helping you with any configurations.
Best Next-Gen Firewall On The Market
What do you like best about the product?
Palo is an all-in-one platform that allows the firewall administrator to utilize a single platform. URL Filtering, SSL decryption, deep packet inspection, anti-virus, etc. are all on a single data plane and management platform.
What do you dislike about the product?
The cost of the appliance and support is significantly higher than that of competitors.
What problems is the product solving and how is that benefiting you?
Logical segmentation of networks within branch offices and data center locations. Also eliminated a separate web filter appliance and are using a single platform with the Palo Alto firewall.
Recommendations to others considering the product:
Definitely consider using Palo Alto. Though it is expensive, the quality of the firewall and next-gen capabilities are unmatched to others. There is a reason why Palo is an industry leader on the Gartner Magic Quadrant.
A Real NGFW
What do you like best about the product?
Palo Alto Firewalls have a very good features, one of them is the Log Monitor, is very fast and easy to capture traffic with the easy filter they have. The capacity of you can configure policies for a user AD Group, without depending on the ip address it's a plus. Of course, as L4/L7 firewall and IPS work SUPER!!
What do you dislike about the product?
Maybe the only question that I dislike of PA NGFW is the firewall packet flow... comparing with my old Juniper SSG firewalls.... In my Juniper SSG Firewalls you can apply in 2 different Virtual Routers a destination NAT rule for solve a route that match in both VR... In PaloAlto you need to apply the destination NAT rule with 2 different VSYS... so it's more complicated.
What problems is the product solving and how is that benefiting you?
With Palo Alto we can apply security policy rules of L7, apply IPS policies and Antivirus filters.... my old Juniper SSG Firewalls don't support most of them
Recommendations to others considering the product:
User firewall policies
L4/L7 policies
Antivirus policies
A very good Monitor session
L4/L7 policies
Antivirus policies
A very good Monitor session
Palo alto ngfw
What do you like best about the product?
Lots of features to include ngfw capabilities, url filtering, threat and vulnerability prevention, vpn(global protect), etc.
What do you dislike about the product?
Price is a bit extreme. The web gui is absolutely rubbish. It locks up and takes forever to load.devices are extremely expensive.
What problems is the product solving and how is that benefiting you?
Firewall.
Recommendations to others considering the product:
Price. Licensing
Palo Alto Review
What do you like best about the product?
Easy to install and the options are endless.
What do you dislike about the product?
There is too much to configure. If you want to change a certain rule or policy or anything else, you'll have to click so many times before you find the right page
What problems is the product solving and how is that benefiting you?
It's a great firewall solution and the security is one of the best.
Recommendations to others considering the product:
If you want a easy to use firewall solution with high security patches, Palo Alto is the product to use
palo alto NGFW rreview
What do you like best about the product?
excelent performance when you are adding additional security features - uniques single pass technology
excellent security control for applications (App-ID, User-ID, Content-ID)
Very good support
excellent security control for applications (App-ID, User-ID, Content-ID)
Very good support
What do you dislike about the product?
management of device is not user-friendly
sometimes security updates harm functionalities of running applications
slow response on management plane when you have a lot of different rules (adding, changing rules)
sometimes security updates harm functionalities of running applications
slow response on management plane when you have a lot of different rules (adding, changing rules)
What problems is the product solving and how is that benefiting you?
With Palo Alto we solved the problem of security when we are facing access and traffic from/to Internet. With solution whichi integrate application security check, antimalware check and URL protection we are much more safe when we are exchanging traffic over Internet. We also use site-to-site VPN on Palo ALto firewalls to securely interconnect our companies worldwide.
PAN ng firewalls are truly next gen
What do you like best about the product?
AppID and UserID are probably my favorite features, but I really love PAN's content inspection and wildfire analysis integration. Not to mention Panorama central mgmt across all firewalls and the partner hooks into other interopped vendor's security infrastructure within our environment resulting in overall stronger security posture.
What do you dislike about the product?
some of the appIDs with "dynamic port ranges" like skype for business are opening all the ports when they don't necessarily use all 65535 ports. They should be restricted to least privilege approach. vuln scanners are throwing false positives that traffic is listening due to appID, when it's actually filtered/denied. on the plus side, this could trick hackers recon attempts so it inadvertently has a positive side.
What problems is the product solving and how is that benefiting you?
central firewall access mgmt, malicious content inspection across wifi and wired connections, stronger insight into activity on the network, integration with SIEM are the few off hand that come to mind.
Recommendations to others considering the product:
don't wait, get back control of your network by switching to PAN!
showing 81 - 90