← Firewall / UTM / Network SecurityPalo Alto Networks NGFW

StrongAdequateStrongStrong

4.7

Vendors › Firewall / UTM / Network Security › Palo Alto Networks NGFW

Palo Alto Networks NGFW

Name: Palo Alto Networks NGFW
Rating: 4.65 (3620 reviews)
Author: Palo Alto Networks

Palo Alto Networks

Founded 2005·US·Public

4.7

Combined score

4.61,400

Gartner

4.71,800

⚠

Security incident on record — CVE-2024-3400 — critical PAN-OS vulnerability exploited in wild (2024); patched promptly

▪ Editorial verdict

Palo Alto Networks NGFW sets the standard for next-generation firewall capability. The ML-powered inline zero-day prevention, App-ID and User-ID for the most granular application and user visibility in the market, and the highest Completeness of Vision in Gartner's HMF Magic Quadrant reflect a product that consistently leads on innovation rather than competing on price.

The honest challenge is complexity and cost. Palo Alto NGFWs require dedicated Palo Alto expertise to configure and optimise. The management interface has the steepest learning curve in the NGFW category. And the premium pricing means the total cost of ownership is the highest in the market.

The verdict: Palo Alto Networks NGFW is right for enterprises that need the strongest prevention capability, the most granular application visibility, and the most consistent Gartner recognition. Organisations that cannot invest in dedicated Palo Alto expertise or that need the best throughput per dollar should evaluate Fortinet FortiGate.

Last reviewed: May 2026

4.61,400 reviews

Gartner

4.71,800 reviews

PeerSpot

8.6420 reviews

Gartner MQ: Leader (HMF MQ 2025 — #1 Completeness of Vision)

Firewall / UTM / Network Security assessment

PROTECTIONStrong

Security services breadth

5 / 5

App-ID, User-ID, Content-ID plus Advanced Threat Prevention, URL filtering, DNS Security, and Advanced WildFire sandboxing. Scored 5 for the most security-focused inspection architecture.

Sources: Palo Alto Networks NGFW documentation

Threat prevention quality

5 / 5

Best real-world threat prevention quality in the category. Inline ML-powered zero-day prevention via Advanced WildFire. Scored 5.

Sources: NSS Labs NGFW tests, Palo Alto documentation

OPERATIONSAdequate

Throughput under load

4 / 5

Strong throughput with all security services enabled. Scored 4 because Fortinet's custom ASICs achieve higher raw throughput at lower price points.

Sources: Independent NGFW tests

Policy management UX

3 / 5

Panorama provides centralised management but has steep learning curve. Scored 3 because the configuration complexity is consistently flagged by reviewers.

Sources: G2 reviews, Gartner Peer Insights

ANALYTICSStrong

Traffic & threat visibility

5 / 5

Best application-level visibility in the category — App-ID identifies 4,000+ applications. Scored 5.

Sources: Palo Alto NGFW documentation

TRUST & ECOSYSTEMStrong

Scalability & HA

5 / 5

Proven at data centre and service provider scale. Active/active HA. Scored 5 for enterprise-grade scalability.

Sources: Palo Alto documentation, customer references

Strongest: Security services breadth

Watch out for: Policy management UX

Strengths & limitations

Strengths

●#1 Completeness of Vision 2025 Gartner HMF MQ

●Most advanced threat prevention — AI/ML-powered zero-day

●Unified platform — integrates with Prisma Cloud and Cortex XDR

Watch out for

●Most expensive NGFW — per-feature pricing adds up

●Performance concerns when all features enabled

●Steep learning curve — requires Palo Alto expertise

Best for

Enterprises wanting most advanced threat prevention with AI-powered zero-day protection and deep ecosystem integration.

Not suitable for: SMBs — most expensive NGFW; requires dedicated PA expertise

Compliance coverage

●Essential Eight

●AU Privacy Act

●SOC 2

●HIPAA

●NIST CSF

●PCI-DSS

●CMMC

●GDPR

●NIS2

●DORA

●ISO 27001

●CIS Benchmarks

Switching intelligence

Switching from

Common migration paths based on review data

Also considering

Vendors typically shortlisted alongside

Also in our database

Palo Alto Networks also appears in:

Cloud Security Posture Management →EDR / XDR →Vulnerability Management →ZTNA / Zero Trust Network Access →CASB / Cloud App Security →SOAR →

← Back to Firewall / UTM / Network Security Compare with other Firewall / UTM / Network Security vendors →

Quick facts

Pricing modelhardware appliance + subscription; Strata Cloud Manager

Pricing rangeEnterprise — from $5,000 hardware; subscriptions custom

Free trialNo

Min seatsNo minimum

Deployment time1-2 weeks

Complexity3 / 5

Pricing transparency2 / 5

AU presenceYes

IRAP assessedYes

Open sourceProprietary

Deployment

ModelsHardware, SaaS (Prisma), VM

OS supportAll — network-level protection

CloudAWS, Azure, GCP, OCI

Support24/7 Phone, Email, Dedicated CSM, Professional Services

Data residencyUS, EU, AU, Global

Company

Palo Alto Networks

Founded 2005 · 15,000+ employees · Public

HQ: US

$8B+ total FY2024

Certifications

Common Criteria, FIPS 140-2, FedRAMP High, SOC 2 Type II, ISO 27001, PCI-DSS, IRAP PROTECTED

Integrations

Cortex XDRPrisma CloudXSOARSplunkServiceNowOktaCisco ISECrowdStrikeAzure Sentinel+ 1 more