Palo Alto Networks Magic Quadrant Leader

We are excited to see that Palo Alto Networks has been in Gartner's Magic Quadrant for the past three reports.  Below is a synopsis of the report, if you would like the full report click here to download.

Palo Alto Networks is a California-based pure-play network security company that has been shipping enterprise firewalls since 2007.  While being a relatively new firewall vendor, Palo Alto Networks continues to deliver on an enterprise-focused road map with its recent EAL4+ certification; also, it has a partnership with Citrix and VMware.  Palo Alto Networks has become well-known for its innovations in application control and for pushing forward in IPS quality.  Gartner sees the shortlists including Palo Alto Networks changing from its base of smaller enterprises and Internet-facing deployments.  Now, with an expanding market share, Palo Alto Networks is navigating the transition to larger opportunities, as well as the hurdles of RFPs and formal selections that the transition entails.  The PA-7050 appliance was recently released and provides a better top end to the options.

Palo Alto Networks is assessed as a Leader, mostly because of its NGFW focus, because it set the direction of the market along the NGFW path, and because of its consistent visibility in shortlists, increasing revenue and market share, and its proven ability to disrupt the market.


The vendor's focus on enterprise NGFW features and messaging is viewed positively by enterprise firewall operators.

Gartner clients consistently rate the Palo Alto Networks App-ID and IPS higher than competitors' offerings for ease of use and quality.

The firewall and IPS are closely integrated, with App-ID implemented within the firewall and throughout the inspection stream.  This "single pass" is a design advantage, as opposed to the unnecessary inspection that can occur in competing products that process traffic in serial order.

The Panorama management console is often ranked highly in selections, and scores well in selections seen by Gartner against all competitors (except Check Point).

Palo Alto Networks was consistently on most NGFW competitive shortlists seen by Gartner, and in the survey to vendors, it was most mentioned as the vendor with which these vendors compete.   A simple pricing structure helps in procurements versus competitors that charge for features that Palo Alto includes.

The WildFire advanced threat appliance and cloud service are popular add-ons with incumbent Palo Alto Networks firewall customers, giving them an option versus third-party advanced threat appliance solutions.


Recently, Gartner has seen Palo Alto Networks' direct sales and resellers being overly optimistic about the performance impact of turning on antivirus (that is, Web anti-malware) when being pressured by lower-cost UTM competition, resulting in poor performance during proofs of concept, client skepticism and low selection scores, especially in larger enterprises or data centers.

The company has limited products in adjacent security markets, which limits cross-selling opportunities.

Palo Alto Networks lacks an entry-level platform for small offices that would be price-competitive for distributed enterprise with small branches.   Gartner clients are increasingly asking about Juniper Networks' patent lawsuit against Palo Alto Networks. However, Gartner has not seen this item alone shift a deal away from Palo Alto Networks.
Like other vendors with leading products, Palo Alto Networks is challenged to win selections in which price is weighted more than security features, as in Type C enterprises.  The clients we interviewed would like to see better log handling at scale. Also, the client complaints we receive regarding Palo Alto Networks usually relate to management console issues at scale, or anecdotes of long commit times.