HomeSoftwareCybersecurityPalo Alto Networks
CybersecurityPalo Alto Networks

Palo Alto Networks Review 2026

4.4/ 5.0 from 3,200 verified reviews
Vendor
Palo Alto Networks
Pricing
Enterprise (quote required)
Deployment
Hardware, Virtual, Cloud, SaaS
Best For
Large enterprise security teams
Industries
Financial services, Government, Healthcare, Telecom
Implementation
3–12 months typical

Overview

Palo Alto Networks operates three security platforms: Strata (network security and next-gen firewalls), Prisma (cloud and SASE), and Cortex (XDR, XSOAR, XSIAM). The company's stated strategy is platformisation — bundling these three platforms and discouraging customers from running competing point products. Net new ARR from platform deals has been the focal point of investor communications since 2024.

Palo Alto's PA-Series next-generation firewalls remain the reference architecture in many large enterprise networks. Cortex XSIAM has emerged as a credible challenger to Splunk and Microsoft Sentinel in the SIEM space. Buyers should weigh platformisation discounts against the lock-in implications, particularly given Palo Alto's premium pricing posture and aggressive renewal behaviour.

The 2024 acquisition of QRadar SaaS assets from IBM and the continued maturation of Cortex XSIAM mean Palo Alto is making a serious bid to displace Splunk in the SIEM segment. Buyers evaluating the broader platform investment should validate XSIAM detection content and integration with non-Palo-Alto data sources during proof-of-concept work.

Key Features

  • PA-Series and VM-Series next-generation firewalls
  • Prisma Access SASE with global PoPs
  • Prisma SD-WAN (formerly CloudGenix)
  • Prisma Cloud (CWPP, CSPM, CIEM, code security)
  • Cortex XDR cross-domain detection and response
  • Cortex XSIAM next-generation SIEM
  • Cortex XSOAR security orchestration and automation
  • URL Filtering, Threat Prevention, WildFire malware analysis subscriptions
  • GlobalProtect endpoint VPN/ZTNA agent
  • Panorama centralised firewall management
  • Unit 42 threat intelligence and incident response services
  • AI Access Security for monitoring SaaS GenAI usage

Pricing

EditionModelTypical Cost
PA-Series hardware NGFWCapex + subscriptions$5K–500K+ per appliance
VM-Series virtual NGFWPer CPU/year$1.5K–25K/CPU/year
Prisma Access SASEPer user/year$200–600/user/year
Cortex XSIAMPer GB/dayQuote required

Pricing verified May 2026. Platform bundle discounts often exceed 40% on multi-product deals. Subscription stacking (Threat Prevention + WildFire + URL Filtering) is standard.

Strengths

  • Industry-leading next-generation firewall capability and visibility
  • Broad platform coverage across network, cloud, and endpoint
  • Strong threat intelligence via Unit 42 research team
  • Cortex XSIAM is a genuine technical innovation in SIEM
  • Mature global support and large partner ecosystem

Limitations

  • Premium pricing — typically the most expensive option in any category
  • Platformisation strategy creates lock-in risk; exit is costly
  • Subscription stacking on top of hardware leads to unpredictable TCO
  • Operational complexity is high — adequate staffing is essential
  • Renewal negotiations are aggressive and audit-driven

Buyer Considerations

The platformisation decision is fundamentally a multi-year lock-in versus best-of-breed cost trade-off. Bundle discounts of 40%+ are real but exit costs three years later can erase the savings if business circumstances change. The most successful Palo Alto enterprise deployments scope the platform commitment to specific business outcomes (e.g., MPLS retirement, SOC consolidation) with clear measurement criteria rather than open-ended technology investment.

Alternatives

Fortinet FortiGate
Strong price/performance, ASIC-accelerated firewalls
4.4
Cisco Secure Firewall
Integrated with Cisco network stack
4.0
Check Point Quantum
Strong threat prevention, mature management
4.2
Zscaler Internet Access
Cloud-native SASE alternative to Prisma Access
4.3
CrowdStrike Falcon
Better endpoint alternative to Cortex XDR
4.6

Compare Palo Alto Networks

Palo Alto vs Fortinet → Palo Alto vs Cisco → Prisma vs Zscaler →

Frequently Asked Questions

What does platformisation actually mean for buyers?
Palo Alto offers significant discounts when customers commit to multiple platforms — typically Strata + Prisma + Cortex. The trade-off is lock-in: once data and policies are deeply embedded, exit is costly and slow. Negotiate exit clauses and data portability before signing.
Is Cortex XSIAM ready to replace Splunk?
For organisations standardising on Palo Alto, yes — XSIAM has matured significantly and offers strong correlation with Cortex XDR telemetry. Splunk retains advantages in non-security log analytics and existing customer ecosystems. Run a parallel pilot before committing.
How does Prisma Access compare to Zscaler?
Both are credible SASE platforms. Prisma Access wins for customers already standardised on Palo Alto firewalls and Cortex. Zscaler wins on cloud-native maturity and SaaS-first deployment simplicity. Both should be evaluated head-to-head with real traffic in a pilot.
What's the renewal price-increase pattern?
10–25% increases at renewal are typical, particularly when bundles have been adopted. Multi-year terms with capped escalators reduce risk. Buyers should engage procurement specialists familiar with Palo Alto's commercial playbook.
Last updated: May 2026

About Palo Alto Networks

Founded 2005. Headquarters: Santa Clara, California. 14,500 employees. Revenue: $8.0B (FY2024). Listed: NASDAQ (PANW). CEO: Nikesh Arora.

Related Categories

All Cybersecurity Network Management Cloud Infrastructure Identity & Access Management Observability & Monitoring

Research

SASE Buyer's Guide 2026 NGFW Comparison Matrix SIEM Pricing Benchmark Best Firewall for Enterprise
Last updated: