We have multiple firewalls in our infrastructure. Palo Alto Networks Panorama serves as the management interface for all our Palo Alto firewalls. As our organization has grown, there has been one company initially, but now three companies have merged into one, and we have increased the number of firewalls. For instance, we have a Palo Alto firewall in our Azure stack and a core firewall from another company that we’ve integrated into our data center. We use Palo Alto Panorama to manage all our Palo Alto firewalls across our infrastructure.

We have centralized management for all Palo Alto firewalls. With the merger of three companies, each previously operating their own Palo Alto firewalls, we can now manage them efficiently through our operations using Panorama. Our network has become more complex as we run various services, including SD-WAN, across three sites. While the SD-WAN operates through a separate firewall, our core firewall remains Palo Alto. Additionally, we use Palo Alto as a perimeter firewall for our Azure stack. In total, we manage four firewalls with Panorama. We monitor various traffic types, including FTP, browser traffic, applications, and unified threat management. We also have SSL inspection enabled and are actively managing and monitoring SSL tunnels and threat management.

Palo Alto Panorama offers robust logging and reporting capabilities, allowing us to extract reports in a user-friendly GUI format with graphical representations. For example, we can track bytes sent and received for specific applications and users since we use Palo Alto XDR for analysis, reporting, and forensics.

We benefit from a certain level of customization in our reports, utilizing predefined templates and tailored reports. This includes user activity reports, application reports, and SaaS platform reports. We forward logs to a separate SIEM solution, enabling us to monitor TCP and inspect SSL traffic.

The logs from our virtual appliances show potential for improvement, particularly regarding their deployment in hypervisors like VMware, Proxmox, or Azure Stack. Monitoring the internal traffic between hosts with these hypervisors could be enhanced. While predefined reports are available, we often require customized reports tailored to the specific areas involving hypervisors. 

I have been using Palo Alto Networks Panorama for five years.

We use Palo Alto as a perimeter firewall for our public network, which can support nearly 40,000 users daily. About 7,000 to 10,000 users connect to the Internet through this firewall.

In addition, we utilize Palo Alto Global VPN for remote access. We have around 869 VPN users, primarily for remote work or when a government advisory requires the entire staff to connect. This solution integrates seamlessly with our Palo Alto firewall.

I rate the stability an eight out of ten.

It's important to reference authoritative sources like Gartner. We selected the product based on their ratings and assessments. In terms of capability, Palo Alto remains one of the top solutions for on-premises security, XDRs, and cloud security posture management. 

I rate the scalability a nine out of ten.

The support team is very knowledgeable. We only contact them when our partner support or integrated support cannot resolve an issue. They respond quickly, joining within an hour if there’s a critical situation.

Positive

We deployed our Palo Alto solution four years ago for the Azure Stack implementation. The complete deployment took around three months, as it's a comprehensive cloud solution similar to Azure or AWS.

If I were to replace my Palo Alto firewall today, I estimate it would take at least seven days to implement. Given our complex infrastructure, which includes SD-WANs and connections between three different data centers into one main center, this timeframe excludes the planning phase.

We are aligned with Palo Alto, as they are our partners. At times, we need to engage Palo Alto support directly due to our subscription with them, which was also established during the initial deployment.

Managing multiple firewalls across three large identities was becoming quite challenging. To address this, we implemented Palo Alto Panorama, which allows us to manage all our firewalls from a single interface. This has significantly improved our efficiency and manageability. It also helps us better use our current human resources; otherwise, we would need to hire several experts in Palo Alto to oversee the three data centers, which would be a cumbersome task.

Palo Alto solutions are more expensive than other products, but this often depends on an organization’s specific requirements. The level of security and features needed will influence the decision. For example, VPN access is essential for our corporate users and consultants, as company policy mandates that they connect via VPN to access the corporate network. When purchasing bulk licenses, we receive discounts, which makes the cost comparison with other solutions more favorable.

When it comes to security, complexity often accompanies it. With advancements over time and the integration of AI and new technologies, we're seeing improved features in the GUI compared to some online solutions. 

The ongoing improvements with the latest firmware updates are a positive sign. Still, virtual firewalls or appliances face a challenge: They could provide more comprehensive information than what is currently available in the reports.

We also use the VPN functionality, which became crucial during COVID-19. Initially, we had around 610 users, and now that number has risen to about 890 users who connect remotely through Palo Alto GlobalProtect VPN. We've never considered switching to another solution because it is stable and reliable for our needs.

You encounter news about zero-day vulnerabilities and firewall firmware updates when browsing the internet. We've been using our Palo Alto solution for the past four years, and during this time, some devices were procured five years ago, while others, including our Palo Alto firewall, were acquired around three years ago. Each identity had IT staff coordinating individual updates, which was inefficient. Now, with a unified approach through Panorama, we can monitor and manage zero-day vulnerabilities more effectively. Panorama plays a crucial role in ensuring timely updates. The features we utilize depend on the complexity of our network and the number of applications hosted in our environment.

Suppose your infrastructure is extensive, and you need a reliable, secure SDR, UTM, and firewall solution. In that case, choosing a product with comprehensive capabilities that you can rely on for at least the next five years is crucial. Proper planning is essential; if you purchase something that isn’t reliable or only plan for six months to a year, it may not be appropriate for your needs. Palo Alto is one of the best secure solutions for organizations with complex infrastructures, such as multiple sites in different regions.

Overall, I rate the solution a nine-point five out of ten.

The solution is primarily used for firewall management. It is required for clients who want to manage a large number of firewalls in multiple locations. Otherwise, it is not too useful. It makes sense to use the product when the clients want to manage several branches.

Managing the firewalls in the branch locations from a central management console is easier. We can schedule tasks like firmware updates and send rules or policies to all the firewalls in a single stretch. Palo Alto is one of the best firewalls we can have in our environment. It has one of the best back-end databases for signatures and behavior-based analysis. Recently, the vendors integrated it with a lot of AI for threat prevention. Palo Alto is a leader in the market.

If we implement Cisco or Fortinet's firewall for the first time, anybody with a basic knowledge of firewalls can set the policies and rules. The implementation is not that easy. Though Palo Alto is much better and more efficient than many other products in the market, we need some skilled resources to manage the initial installation and configuration. It leads to an increase in service costs.

The tool is relatively stable. It has a good security portfolio in the market.

The support charges are pretty high. The subscription renewals are relatively much higher than those of the peers. However, the vendor is working on the pricing. They are also getting competitive because Fortinet is taking over many Palo Alto clients due to the cost.

Initial implementation is challenging to an extent. The setup takes time. Once it is implemented, then it's very straightforward. Once the person managing the setup gets a good experience with the product, it's pretty easy to manage and relatively smooth.

The high price gets compensated with the piece of mind of having Palo Alto in the environment.

Palo Alto is costly compared to Fortinet and Sophos. However, the vendor is working on cost-effective models. They are working on the back end to make it more attractive for SMBs.

Palo Alto and Check Point are the top products in the market. Fortinet and Cisco also have some good solutions.

Palo Alto has one of the best portfolios in the market if we need a very stable environment to manage the information security space for our organization or our client's organization in firewalling, application-level firewalling, and contextual-based firewalling. We can also look at Check Point as an option.

The vendor has AI incorporated into their new offerings. Generally, behavior analysis has to be more automated rather than manual. With AI incorporated, the back-end OS can understand and easily detect certain vectors, like the zero-day attack. It's in a very early stage. It'll take quite some time for Palo Alto to scale AI to the level where the entire thing can be automated.

Overall, I rate the solution an eight out of ten.

My clients use Palo Alto Networks Panorama for centralized management of multiple firewalls across various locations. It allows them to easily oversee and configure all their firewalls through a single interface, streamlining security management across their network infrastructure.

The most valuable aspect of Palo Alto Networks Panorama for me is the centralized management of multiple firewalls. It saves time, provides consolidated visibility into my network, and allows me to configure all firewalls from one web interface, eliminating the need to access each firewall separately.

In the future, it would be beneficial if Panorama could include a firewall assurance feature similar to Skybox. While each firewall has its policy optimizer, a consolidated policy optimizer in Panorama could further enhance firewall management and optimization.

I have been working with Palo Alto Networks Panorama for over ten years.

Panorama is stable.

Palo Alto Networks Panorama is scalable and can support up to 1,000 devices, making it suitable for various network sizes. In terms of clients, it is mainly used by larger customers with more than ten firewalls. Some smaller customers with six or eight firewalls may not opt for Panorama, but those with ten or more find it beneficial for centralized management.

I find Palo Alto Networks' technical support to be good, especially with premium support. The initial support level is handled by us, and if we encounter issues beyond our scope, Palo Alto's support team is efficient in resolving them. I would rate the support as a nine out of ten.

Positive

Installing Palo Alto Networks Panorama is easy, and connecting firewalls is a straightforward process. Deployment typically requires just one person, usually the firewall administrator. Maintenance is also easy, especially for those familiar with managing individual firewalls, and Panorama serves additional functions like log collection and setting up SD-WAN functionality, making it highly useful for networks with multiple firewalls.

In terms of return on investment, Palo Alto Networks Panorama is worthwhile, especially for larger networks with more than ten firewalls. The time saved and the consolidated view it provides investment pay off quickly, often within a couple of months.

In terms of pricing, Palo Alto Networks Panorama is moderate. It is very affordable when compared to more expensive firewalls. The license is yearly, and the price typically includes the initial license and support, with subsequent years requiring only twenty percent of the initial license cost for support. It is negotiable, and the overall cost depends on your network setup and the type of firewalls you are using.

Overall, I would rate Palo Alto Networks Panorama as an eight out of ten.

Palo Alto Networks Panorama is essential for those adopting a centralized landing zone firewall approach as it provides a unified management point for enforcing security policies. It becomes particularly crucial in multicast strategies and cloud environments, streamlining configuration and monitoring across multiple firewalls.

Using Palo Alto Networks has brought numerous benefits to our organization. It effectively addresses security vulnerabilities, incorporates advanced AI technology, ensures reliability, and continually innovates with a demand-driven approach to security features.

The most valuable feature of Palo Alto Networks Panorama is its innovation and impressive capacity to handle network traffic efficiently.

A potential improvement for Palo Alto Networks Panorama could be a more competitive pricing structure.

I have been working with Palo Alto Networks Panorama for three years.

It is a fairly stable solution.

I would rate the scalability of the product as an eight out of ten. We have approximately 30 to 40 customers using it.

The technical support is good.

The setup of Palo Alto Networks Panorama is moderately complex. In my experience, the deployment of Palo Alto Networks Panorama involves considering accessibility, and if it's on-premises, it may face challenges like procurement delays. The cloud version tends to be smoother and more straightforward for deployment.

The pricing structure could use some improvement.

I highly recommend Palo Alto Networks Panorama. It is a mature, solid, and innovative technology. Overall, I would rate it as a ten out of ten.