Sure, I can speak to the PaloAlto Integrations.
The firewall integration has the following:
Reduces time to implement FW rules to milliseconds
Easy to implement using ATD and Palo's dynamic block lists (setup in under an hour)
Palo does not recognize if there are repeat rules (ie has the IP address already been blocked in other rules?)
Palo does not understand FQDNs in rules and requires IP addresses. Otherwise, the fqdn would be a valid indicator as well
The WildFire integration has the following:
Reduces time to implement controls around malicious convictions from Wildfire into your ENS endpoint (milliseconds)
Adds visibility into the WildFire detection in your McAfee/DXL ecosystems
Wildfire uses a static analysis image
Wildfire cloud provides ALL convictions in the last 24 hours, not just your tenant's. This is a bug I filed with Palo Alto almost 2 years ago. Not sure where it is now. Maybe it's considered a feature?
Anyway, hope this helps.