05-12-2021 07:35 AM
My company has been using SonicWall for the last 7 years or so, and we're currently on a NSA 3600 (NGFW) HA pair for main branch and a TZ500 for a small remote office. The TZ500 is totally fine and the 3600 works ok for the most part but there are always a lot of bugs and issues seemingly for every service and feature (espeically HA). Changes and firmware upgrades are often a painful and worrisome ordeal. Finally, the support is absolutely terrible - I have had 100+ tickets and I find that its really hit or miss if you get someone who has any idea of what they are doing unless I luck out and get the really experienced (but super grouchy) Indian technician.
I am at the point now where I want to consider other NGFW options but I have been in IT long enough to know that just switching products because you aren't happy isn't a solution unless you do a ton of research/DD.
That said, I wanted to get some extremely surface level insight here about where to start with looking into what PA offers.
As for pricing, what is a very ballpark cost of a PA NGFW comparable to the NSA 3600 ? We pay ballpark under $6K/year for this and honestly, where I work, we could easily afford more. I just want to get a very rough idea of cost.
Secondly, with the NSA 3600, we basically have several networks and zones, integrated wifi AP's and general security services like Gateway AV/Anti-Spyware/Intrusion Prevention/App Control/App Visualization, DPI-SSL (which has issues), bot-net filter, etc. I also just recently purchased SonicWall's Network Security Manager (NSM) which is a hosted service for management and analytics and reporting - and this thing doesn't even work correctly yet, at least not with the NSA 3600 and current firmware despite being told it was.
So yeah, can anyone give me a super rough idea of cost as well as pain level of dealing with the PA products and support?
05-12-2021 07:39 AM
Also, I wanted to add to my first paragraph that, yes, I do do a lot of knowledgebase searching and try to solve problems and understand config on my own. I still end up having to reach out to support for things that just don't work regardless of what I do.
05-13-2021 10:38 AM
Hello,
Welcome to the forum! I have used many different firewall models in the past and would not recommend anything other than Palo Alto. There are many reasons for this, however its platform and what it provides is second to none. With your sizing questions, Palo Alto's are sized by throughput. When sizing a PAN device, I take the highest throughput from the existing device and match it to the lowest the PAN will support. What this does is oversize it a bit and allows for growth and makes sure I dont undersize it by accident. Also are 10GB connections a must or just a nice to have and how many 1GB connections do you require?
https://www.paloaltonetworks.com/products/product-selection.html
Hope that helps.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
