Try our new research platform with insights from 80,000+ expert users

Barracuda Web Application Firewall vs Prisma Cloud by Palo Alto Networks comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 19, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cloudflare
Sponsored
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
74
Ranking in other categories
CDN (1st), Distributed Denial-of-Service (DDoS) Protection (1st), Managed DNS (1st), Cloud Security Posture Management (CSPM) (14th)
Barracuda Web Application F...
Average Rating
8.2
Reviews Sentiment
7.4
Number of Reviews
43
Ranking in other categories
Web Application Firewall (WAF) (16th)
Prisma Cloud by Palo Alto N...
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
108
Ranking in other categories
Cloud Security Posture Management (CSPM) (2nd), Cloud-Native Application Protection Platforms (CNAPP) (2nd), Data Security Posture Management (DSPM) (1st)
 

Featured Reviews

Spencer Malmad - PeerSpot reviewer
It's easy to set up because you point the DNS to it, and it's working in under 15 minutes
Cloudflare is highly scalable. Cloudflare is a system with a web portal that the end users like me see. It's a console where we can adjust the DNS, caching, and security features all in that console. Cloudflare owns thousands of servers across the world that cache the data. It's a powerful solution. When clients sign up for Cloudflare, they're getting this monster content delivery network, security, and a web application firewall in one. It's all rolled into one, and it's massive. Unless you have your website hosted on a massive hosting provider, there's no way that you can deliver the amount of data that Cloudflare can provide to the end users. If you have static content, there's no way that you can ever match what Cloudflare can do. Obviously, there are competitors to Cloudflare that do the same, but I'm saying other types of solutions. Let's say you go with F5. Great, that's on-prem. That's in your colo. You can't deliver as much data to the internet as you can with a CDN. You don't have to spend $20,000 on a net scaler, F5, or whatever Cisco's selling now. You don't have to buy that. You pay them $50 a month or $150 a month. It's totally worth it because even in five years, you'll never get the performance value, not just the actual ROI. You have to consider how much throughput you can get with Cloudflare.
Syed MajedHussain - PeerSpot reviewer
Easy to use with enhanced cybersecurity and seamless web traffic filtering
Our clients primarily use Barracuda Web Application Firewall to filter their web traffic and ensure they are secure enough to protect their cybersecurity workloads We have sold these solutions to academic clients like universities. They appreciated the ease of use and the signature base. The…
Mohammad Qaw - PeerSpot reviewer
It gives you one console to see all of your assets, review their configurations, and build your processes
Most customers use Prisma Cloud for visibility and compliance. Prisma has so many features, but many organizations do not use them. They primarily use the visibility part to connect all their cloud accounts and hosts for visibility to see if they are missing any security controls or if they have any misconfigurations. You can connect it to cloud environments such as Azure, AWS, Oracle Cloud, Alibaba, etc., or to an on-prem data center. Prisma Cloud gives you so many options to automate processes related to your daily operations. When it comes to cybersecurity, you can automate things with their existing APIs. They also have out-of-the-box integrations with many solutions. I have not seen any limitations. Everything is customizable. You can do whatever you want, defining the reporting and custom use cases. They recently updated the UI, so it's much better than before.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The features of Cloudflare were found to be more beneficial and led to the decision to utilize it over other options."
"The most valuable feature is its usability."
"The solution is very good at mitigating threats."
"The most valuable feature of the solution is external DNS. It is also very secure. They have their own main server and once you configure it, the product takes care of everything. There are no issues in resolving IPs and low latency is also present."
"The most valuable feature of Cloudflare DNS is its global reach and it is always evolving."
"It's very user-friendly."
"The DDoS protection is the most valuable aspect of the solution."
"Even when there is a high load on our servers, Cloudflare is able to cache the data and serve it to users, ensuring they can still access the website."
"The solution offers multiple security features. There are machine learning features and great URL encryption. It also offers multi-protocol support against DDoS attacks."
"Barracuda Web Application Firewall provides optimized performance, a user-friendly environment, helpful dashboards, and is simple to use."
"One of the strongest points is its robust issue discovery capabilities. Barracuda invests significant efforts in identifying and resolving issues. They have multiple products that work in tandem to perform these checks, which is beneficial because it automates security updates. This is the primary reason I recommend it to my customers."
"Its recommendation about the probabilities on the website is great. It also has free probability managers for the website, which is really helpful. The protection engine, signature-based protection behavior, and analysis features are also great. It also has an ATP module for sandbox scanning and behavior analysis for file uploads."
"We only need one subscription to be protected against both active DDoS and offline DDoS attacks."
"The most valuable feature is the automatic content filtering."
"The product has fantastic support services."
"It's very simple and predictable, because Barracuda provides a vision of the current state of your application. It gives you an understanding of what is happening on your site and any attempts against you at your source. This is the main value that Web Application Firewall provides our company. These aspects are also the main reason for this documentation process."
"One of the main reasons we like Prisma Cloud so much is that they also provide an API. You can't expect to give someone an account on Prisma Cloud, or on any tool for that matter, and say, "Go find your things and fix them." It doesn't work like that... We pull down the information from the API that Prisma Cloud provides, which is multi-cloud, multi-account—hundreds and hundreds of different types of alerts graded by severity—and then we can clearly identify that these alerts belong to these people, and they're the people who must remediate them."
"The thing that I like the most is that when it comes to runtime events, whenever we see an event, we are able to look through the logs. It is pretty easy to look back through everything that took place."
"The container and serverless security is most valuable. It is quite a new technology for this region. Even though containers have been there for a long time, the adoption of containers is very minimal in this region. When it comes to using Kubernetes containers in a complex architecture, there is a lack of security in the market. People aren't aware of the security controls or the process for governance. Container security provided by Prisma Cloud is quite good at filling that gap."
"It helps to identify the misconfigurations by monitoring regularly which helps to secure the organization's cloud environment."
"The solution's dashboard looks very user-friendly."
"The runtime mechanism on the solution is very useful. It's got very good network mapping between containers. If you have more than one container, you can create a content data link between them."
"The two most valuable features are container security and the capability to discover workloads."
"The most valuable features of the solution are areas like compliance and asset inventories, along with runtime protection."
 

Cons

"We are a product integrator and reseller, and we would like to have a better partner relationship, similar to a channel sales relationship. Sometimes we are on our own or get diverted by Cloudflare because they have direct sales, which competes with us and makes it difficult to build a relationship with this company since we want to be an MSP or a managed service provider for the solution."
"Support response time could be improved."
"It would be helpful if the solution could continue evolving to compete with the other solutions on the market."
"We're facing challenges due to an upgrade in the machine learning model. The problem arises from some users abusing the APIs, resulting in an influx of suspicious traffic. Cloudflare's learning model mistakenly identifies this traffic as human. Consequently, it assigns it a higher trust score, akin to legitimate human traffic, causing complications in our architecture. Previously, such traffic would have been categorized as suspicious, enabling us to apply appropriate blocking rules. However, we encounter difficulties distinguishing between genuine and suspicious traffic with the new categorization. Despite these challenges, overall, Cloudflare remains the preferred solution compared to Azure, AWS CloudFront, and Google Cloud Armor."
"I believe they currently have this feature, but there will most likely be integration with APIs so we can control some features through API."
"Areas like how assessment, discovery, and payload are dealt with and how it all comes into your organization can be considered when trying to make suggestions to Cloudflare for improvements."
"It would be beneficial for us if Cloudflare could offer a scrubbing solution. This would involve taking a snapshot of my website and keeping it live during a DDoS attack, ensuring uninterrupted service for our users. DDoS attacks are typically short in duration, and having Cloudflare maintain the site's availability from its secure network would enhance the overall user experience. I would appreciate it if Cloudflare could consider implementing this feature. Many organizations already utilize similar capabilities in their CDN platforms, where a static snapshot of the web page is displayed during DDoS attacks. In terms of features, Cloudflare needs to enhance its resilience and stay more focused on adopting new technologies. For instance, solutions like F5 XC Box, Access Solution, and Distributed Cloud Solution have impressive features, and Cloudflare should strive to match and exceed those capabilities. There's a need for improvement in areas like AI-based DDoS attacks and Layer 7 WAF features. Cloudflare should prioritize enhancements in areas such as behavioral DDoS and protection against SQL injection attacks, considering the prevalent trend of public exposure to the internet for business reasons. Overall, Cloudflare needs to invest more in advancing its feature set."
"There should be a specific price list for enterprise-level customers."
"There are false positives that I am receiving when compared to other WAFs."
"In the Barracuda Web Application Firewall, there should be more affordable options for WAF as a service."
"We encountered a few glitches while implementing API security features into the product."
"Barracuda Web Application Firewall’s scalability needs improvement."
"The solution could use more reports."
"An area for improvement in Barracuda Web Application Firewall is attack identification. Other banks identified attacks and tracked logs that the solution wasn't able to identify because of its ready-made rules pre-deployed by the vendor. My organization raised this issue with the technical support team. Another area to improve in Barracuda Web Application Firewall is its service desk. The team resorted to stonewalling because they couldn't accept that a feature was missing in the solution, and it was only after a lot of drilling down that the service desk team accepted that, and would be adding that feature in the future. My organization had to submit a report to the Reserve Bank of India with information on the logs identified and the attacks that happened, and that there was a failure on the part of the Barracuda Web Application Firewall. The Reserve Bank of India conducts a tri-monthly cyber risk audit in all Indian banks. Even smaller banks identified and caught attacks that my organization wasn't able to do, so I was looking into other solutions that competitor banks could be using because Barracuda Web Application Firewall failed to identify some of the attacks."
"Barracuda Web Application Firewall's load balancing feature could be improved."
"It is not stable nor mature."
"Technical support could use some improvement."
"It would be ideal if they could somehow reduce the deployment time."
"One of the main backlogs in their development is in the area of integration. For example, we have ServiceNow in place for ticket management and Prisma Cloud is supposed to send closure emails for incidents. But from time to time, it fails to do so. We have several other mismatches between Prisma Cloud and ServiceNow."
"This solution is more AWS and Azure-centric. It needs to be more specific on the GCP side, which they are working on."
"Prisma Cloud supports generating CSV files, but I would also like it to generate PDF files for reporting."
"The security automation capabilities are average."
"We have discovered that Prisma is not functioning properly with GCP."
"Some of the usability within the Compute functionality needs improvement. I think when Palo Alto added on the Twistlock functionality, they added a Compute tab on the left side of the navigation. Some of the navigation is just a little dense. There is a lot of navigation where there is a tab and dropdowns. So, just improving some of the navigation where there is just a very dense amount of buttons and drop-down menus, that is probably the only thing, which comes from having a lot of features. Because there are a lot of buttons, just navigating around the platform can be a little challenging for new users."
 

Pricing and Cost Advice

"I give the price a five out of ten."
"That is one of the great features. I was able to access the majority of the features and services for free."
"We don't have any issues with the price."
"The price is reasonable."
"It's a premium model. You can start at zero and work your way up to the enterprise model, which has a very high pricing level."
"Cloudflare's pricing is not much higher and is good for middle-level organizations."
"There are no additional costs beyond the standard licensing fees."
"The product's pricing is cheap."
"The price is reasonable, more so than other products."
"While I would have to check on the price of the solution, I feel it to be okay and it matches the market price."
"They only offer a yearly licensing plan."
"The pricing is reasonable."
"They have competitive pricing."
"Cost is a bit on the higher side. Big companies can afford it."
"In my opinion, the product is fairly priced."
"The price of the solution is a little expensive. There is a license for this solution and it can be purchased every one, two, or five years."
"The purchasing process was easy and quick. It is a very economical solution."
"From my exposure so far, they have been really flexible on whatever your current state is, with a view to what the future state might be. There's no hard sell. They "get" the journey that you're on, and they're trying to help you embrace cloud security, governance, and compliance as you go."
"The pricing is competitive; for the most part, the security firms have similar prices."
"Its price is reasonable as compared to other products. The main challenge is explaining the licensing model to customers. It isn't a problem related to Palo Alto. Commonly, people don't understand cloud licensing or security licensing. When they have fixed virtual machines, they know what they are going to be charged, but when it comes to cloud automation, it is hard for them to get clarity in case of high workloads or when they have enabled auto-scaling, etc. It would be helpful if Palo Alto can educate people on their licensing programs."
"Its licensing cost depends on the type of license such as the business license or the enterprise license. The enterprise license is costlier than the business license, but we get more visibility and more modules. If you have a multi-cloud environment and subscribe to each cloud's native CSPM tool, it is costly. If you are using a single tool like Prisma Cloud, with a single license, you can monitor all environments, such as Google Cloud, Azure, AWS, and Oracle Cloud. The cost of Prisma Cloud is less than the cost of subscribing to the CSPM tool of each cloud provider. This is where Prisma Cloud can save costs."
"The cost was not on the higher side. Overall, the cost gets recovered with its implementation."
"The pricing for Prisma Cloud is high. Providing a pay-as-you-go model or pricing options tailored for medium and small enterprises could help attract more clients."
"If you pay for three years of Palo Alto, it's better. If you're planning on doing this, it's obviously not going to be for one year, so it's better if you go with a three-year license... The only challenge we have is with the public cloud vendor pricing. The biggest lesson I have learned is around the issues related to pricing for public cloud. So when you are doing your segmentation and design, it is extremely important that you work with someone who knows and understands what kinds of needs you will have in the future and how what you are doing will affect you in terms of costs."
report
Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
842,690 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
21%
Computer Software Company
13%
Comms Service Provider
9%
Financial Services Firm
8%
Computer Software Company
20%
Financial Services Firm
10%
Government
7%
Educational Organization
6%
Educational Organization
17%
Financial Services Firm
13%
Computer Software Company
13%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the best DDoS protection solution for a big ISP for monitoring and mitigating?
Cloudflare. We are moving from Akamai prolexic to Cloudflare. Cloudflare anycast network outperforms Akamai static GR...
Which would you choose - Cloudflare DNS or Quad9?
Cloudflare DNS is a very fast, very reliable public DNS resolver. It is an enterprise-grade authoritative DNS service...
What do you like most about Cloudflare?
Cloudflare offers CDN and DDoS protection. We have the front end, API, and database in how you structure applications.
What do you like most about Barracuda Web Application Firewall?
It significantly improved our overall web security posture, addressing intrusions and enhancing control over web URLs...
What is your primary use case for Barracuda Web Application Firewall?
I use Barracuda Web Application Firewall mainly for web application protection. I have worked with Barracuda for six ...
What is your experience regarding pricing and costs for Barracuda Web Application Firewall?
The pricing for Barracuda is quite high compared to other OEMs. Each transaction requires my purchase team to negotia...
What is your primary use case for Prisma Cloud by Palo Alto Networks ?
Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
What Cloud-Native Application Protection Platform do you recommend?
We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We...
What do you think of Aqua Security vs Prisma Cloud?
Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valu...
 

Also Known As

Cloudflare DNS
No data available
Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
 

Overview

 

Sample Customers

Trusted by over 9,000,000 Internet Applications and APIs, including Nasdaq, Zendesk, Crunchbase, Steve Madden, OkCupid, Cisco, Quizlet, Discord and more.
Oracle, CBS, Pioneer, Hyundai, Publix, Barnes Noble, Calzedonia, Nordstrom, Samsung, Nascar
Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
Find out what your peers are saying about Barracuda Web Application Firewall vs. Prisma Cloud by Palo Alto Networks and other solutions. Updated: January 2025.
842,690 professionals have used our research since 2012.