Why the PAN should be your next firewall

Christopher Lentz | October 19, 2016 08:00 AM

In the last 20 years or so I have had the opportunity to work with many vendors hardware in both the systems and networking worlds. It wasn't until I worked with the Palo Alto Networks firewall, often called the PAN, that I fell in love with network security. Palo Alto Networks offers a range of security appliances for your network security needs, including small branch office devices like the PA-200 up to the beastly PA-7000 for robust data center operations.

Why I Love It

Of all the security appliances on the market, I found that the PAN had a more robust feature set out of the box: policies that can tie into your Active Directory infrastructure, application level policing, and so much more. Honestly, the PAN deserves to be in its own class of security devices because of its massive response to customer needs in the current world of network security threats. If the out-of-the-box features are enough to wet your whistle you can add on great features like Panorama which allow you to control policy accross multiple devices in your network, or try out WildFire which gives you actionable support for zero-day threats, file and link analysis, and more in realtime.

Securing BYOD and Outside Devices

BYOD is one of the most common things in today's modern companies because users don't want to carry around 3 cell phones, a pager, and their laptop. Security for a device that the company doesn't own however, can be a nightmare every IT administrator would love to avoid. The Palo Alto Networks firewalls bring forth Global Protect to make all our lives a little easier when it comes to securing BYOD and outside devices. With Global Protect you can create policies for different classifications of remote users. Maybe you have remote sales people that have company issued laptops that need one set of rules, remote vendors or partners that need an entirely different set of rules; the PAN has the flexibility to do all of them and more thanks to their insanely granular policy building capabilities. 

What It Will Cost You

We all know that cost is a big factor these days when it comes to buying hardware. The Palo Alto Networks firewalls may not be the cheapest devices in your rack but when you run the cost benefit analysis, it is easy to see that it is an investment well spent. You can expect a reduction in virus and malware outbreaks, support calls for VPN assistance, and even less SPAM emails in your inbox! For a small branch office, you can get the PA-200 for around $2,000 USD. If you need a bit more, the big brother PA-500 will run you around $4,500 USD for the base device. If you are looking for data center or large metropolitan area coverage, expect to pay upwards of $14,000 USD for the PA-3000 and up.

If you want true protection for your network and remote devices, this is the only firewall you should be looking at. 


Enforma IT provides Cisco Network Consulting, VMware Virutualization Consultanting, and Server/Desktop Support in the San Francisco Bay Area, Oakland, San Jose, and Chicago metropolitan areas.

© 2019 Enforma IT. All Rights Reserved.