We just raised a $30M Series A: Read our story

Palo Alto Networks K2-Series Room for Improvement

Network Security & Virtualization at a financial services firm with 1,001-5,000 employees

There is not really anything that needs to be improved in the product. It might be nice if it were possible for newer users to get a higher level of support.  

View full review »
Communications Architect at a tech services company with 51-200 employees

The licensing cost is a typical complaint with many clients. The solution is expensive.

In terms of automation, they could get better with it, especially with third-party integration. There are not too many products that will integrate with ease to the Palo Alto product set. They keep things locked down quite hard, which technically is also a benefit. That said, third-party integration definitely would be a benefit to us, as most of our implementations are two or even three different firewalls. Having third-party tools that integrate with all three or all two other products would be a benefit.

View full review »
Security Solutions Architect at a tech services company with 501-1,000 employees

The solution could be improved with more dedicated reporting about the user's context. For example, if I need to have a summarized report that includes uses as well as consolidating the user's activities, threads and applications on the endpoint machine, Palo Alto does not have the visibility for the endpoint in their firewalls. If I want to have a report from the firewall that summarizes user application from the user side, rather than the server side, Palo Alto software does not have that information.

Other vendors, such as Cisco, have that in their profile. You can generate a report from Cisco firewall and it will tell you that you're using the internet, and using Firefox or Google Chrome. Palo Alto doesn't have that extended visibility to the end point. 

It would be the same for additional features - I need to have the visibility of the endpoint application, endpoint context. It's an innate feature in Cisco firewalls. I don't like the style of Forte, for example. It has email spam over the firewall. I don't like this feature, and I don't like to have features that are not really good for out of the box. What Forte does have that is good is an explicit proxy capability and Palo Alto could include that.

View full review »
Learn what your peers think about Palo Alto Networks K2-Series. Get advice and tips from experienced pros sharing their opinions. Updated: November 2021.
552,695 professionals have used our research since 2012.
IT Specialist at a transportation company with 10,001+ employees

It's like anything else. What's good today might not be in a day, a week, a month, etc. The solution needs to constantly be adapting and updating.

The solution needs a series of OS changes.

View full review »
Industrial Controls Advisor at a energy/utilities company with 5,001-10,000 employees

In the past, we've had trouble with Palo Alto's application filtering not getting it right. I would not be recommending layer 7 application filtering yet. That's the only hiccup with the product line. In terms of the features, I'd like to see, one of the bigger pieces missing from any firewall system is the ability to monitor and report. I don't think there are any firewalls doing this, but I'd like to see firewalls have the ability to do what Splunk is doing automatically. In other words, the ability to provide log analysis and monitoring from a visualization standpoint would be very beneficial to any firewall. That doesn't really exist today. 

There also needs to be a real methodology to maintain rules. They have rule sets in there and different ways of showing it, but the presentation isn't great. It's not a great presentation of where you have duplicate rules in place that makes it easy to find. Then again, I would say that no firewall company really has good management abilities for that. This isn't to badmouth Palo Alto. It's just that these features don't exist. So as we talk about where threat modeling and cybersecurity need to go, there's no one vendor with the best solution. It'd be nice if it would come in one platform. In other words, you buy their product, and they have a platform that includes that functionality.

View full review »
Data Center - Assistant Group Manager (Information Security) at a financial services firm with 501-1,000 employees

The company needs to align better with the customer. At the price point they offer, they need to be as good or better than the competition. They're losing market because they aren't there yet in that regard.

When it comes to renewing the solution, they tend to try to jack up the pricing.

View full review »
System Engineer at a tech services company with 501-1,000 employees

In terms of what needs improvement, Palo Alto is lacking abilities that other firewalls can do. They disable the current sessions when you think the hardest part is done. They have a workaround for authentication, but then our clients just use the local database of the device itself.

Some of the small to medium businesses are using these features and it would be easier for us to upsell the product up to other networks. Palo Alto Networks is quite a bit higher when it comes to prices. They should implement the features that the other firewalls have.

In the next release, I would like for them to include a checkbox where the user could disable concurrent users of the portal.

View full review »
Security Technical Lead at a tech services company with 11-50 employees

The reporting functionality in GlobalProtect needs to be improved. Other products, such as Check Point, have better reporting features that give more reports.

The price of the K2-Series should be lowered.

The dashboard could be improved by adding more GUI components.

View full review »
Cybersec Consultant at Freelance

The user interface could be improved. Right now, it's an aspect that is lacking. They should make it more user-friendly. There are too many options visible right now, which makes it confusing. They need to streamline and simplify it.

I'd like to see more data protection on the system. It needs a DLP, a Data Loss Prevention, system.

View full review »
System Engineer at E-smart systems

They should lower their prices for small businesses. They should offer subscriptions or box-sets because a lot of companies want to buy it, but they just can't afford it. 

It's not that expensive necessarily; the market is just doing poorly at the moment.

Everything I could possibly want has already been implanted into the new version, including the Internet of Things, machine learning, and SD-WAN; every feature I wanted has already been integrated.

View full review »
System Engineer - Security Presales at a tech services company with 1,001-5,000 employees

The partner support, which is a local company, is not that good and can be improved.

I would like to see the threat intelligence capability integrated with other vendors such as Cisco and Forcepoint. This would effectively be a multi-threat intelligence solution. Along the same lines, it would be useful to share threat signatures with different vendors.

View full review »
Cyber Security Engineer at Infort

The URL Filtering module needs to have more categories added to it.

The concept of clustering would be of benefit to Palo Alto and it would make it more productive. For example, with Forcepoint, you can cluster two different products.

View full review »
Technical Advisor to COO at a comms service provider with 51-200 employees

Palo Alto K2-Series firewalls could use some technical improvements, like main and standby, as well as FTU and STU support. In addition, they should upgrade the CPU, and there are so many other things that I cannot think of off the top of my head. 

View full review »
Hardware Engineer with 51-200 employees

The technical support, and how they provide it to the client, needs to be improved. They take too long to provide answers.

I would like to have a statistical report that shows the number of times that each rule is used.

View full review »
Senior Systems Engineer at a computer software company with 1,001-5,000 employees

We had some issues with upgrading in the past. They could make the process easier.

Palo Alto Networks K2-Series has improved their central management but if they could improve upon it more that would be a great benefit.

View full review »
CSD Manager at BTC

The ease of management and configuration should be improved.

The price of the K2 series could be lower.

View full review »
Network Engineer at a tech services company with 11-50 employees

They could improve by providing more features in the solution.

View full review »
Network Engineer at a international affairs institute with 1,001-5,000 employees

There are a lot of bugs in this solution.

View full review »
Learn what your peers think about Palo Alto Networks K2-Series. Get advice and tips from experienced pros sharing their opinions. Updated: November 2021.
552,695 professionals have used our research since 2012.