• Home
  • Check Point CloudGuard CNAPP vs. Prisma Access by Palo Alto Networks

Check Point CloudGuard CNAPP vs Prisma Access by Palo Alto Networks comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Vulnerability Management
June 2024
Executive Summary

We performed a comparison between Check Point CloudGuard CNAPP and Prisma Access by Palo Alto Networks based on real PeerSpot user reviews.

Find out what your peers are saying about Tenable, Wiz, SentinelOne and others in Vulnerability Management.
To learn more, read our detailed Vulnerability Management Report (Updated: June 2024).
Download the complete report
772,649 professionals have used our research since 2012.
Featured Review
Samir-Paul
Provides centralized visibility and helps identify any misconfigurations or compliance issues
CloudGuard CNAPP helps to be compliant across a multi-tenant environment. We can be sure of the compliance status with respect to different cloud... Read more →
Anonymous User
Saves costs, helps to identify shadow IT apps, and provides better VPN user experience
It made VPN easy with the ability to build distributed VPN gateways. The cost of IT deployment is a bit less because you just need a VPN-capable... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Check Point CloudGuard CNAPP's initial configuration is very easy. It is plug-and-play. It also gives regular updates.""The ability to drill down to individual hosts on an account and see which ones are affected is valuable.""The feature that I find most valuable is the blocking feature.""The product allows us to enhance the security of the implementations we have.""It is able to bring visibility into that cloudy space where the security departments do not really see what is happening on the DevOps side. It brings visibility, security control, and standardization.""The audit feature is the most valuable for compliance reasons. It gives you a full view of the whole environment, no matter how many accounts you have in AWS or Azure. You have it all under one umbrella.""Cloud security posture management is the feature we've been using the longest.""We have more visibility than ever before, appreciating the valuable and proactive insight that we receive from the platform."

More Check Point CloudGuard CNAPP Pros →

"The setup is relatively straightforward.""Prisma integrates well with Cortex XDR and Cortex Data Lake. My company has been also using Prisma Access in-house for nearly a year, and it integrates seamlessly.""It's great that we can make sure a machine meets the minimum requirements before users are allowed to log in.""We have an application called ADEM that helps us troubleshoot network-related issues. It helps us to isolate an issue whether it is on the ISP level, endpoint level, or system access level.""It's very stable. Sometimes after installing the boxes, we leave them for one or two years. We would just touch the box in the case of the customer needing new requirements or changes to the setup.""It is easy to use, easy to integrate, and is stable. It's scalable as well.""The most valuable feature is the ability to join your network and provide access through the VPN.""Overall, the cost savings, ease of deployment, and better VPN user experience and performance are valuable."

More Prisma Access by Palo Alto Networks Pros →

Cons
"The costs are high.""The impact analysis that they perform can be improved. It is currently lacking. It should be more detailed.""It does not support on-premise deployments such as VMware Tanzu, and this has been a major drawback when it comes to integrations with some applications.""It should capture more information in metadata including communication detail. Also, Internal IP addresses should not be tracked as this might be having some compliance issues.""The solution could be improved with a greater analysis of its Microsoft Security score.""The product must provide different features like antivirus.""CloudGuard could be improved by including integration with vendors other than AWS, especially Azure, especially in permissions.""Especially with cloud security, there's too much clutter on the screen and too many things going on."

More Check Point CloudGuard CNAPP Cons →

"It's not very easy to use. Sometimes it's buggy and there are problems when doing updates. The user interface is okay, but some configuration items are difficult. I would like it to be less buggy and easier to configure, to better streamline the user experience.""Sometimes, you have these notifications sent out about changes in App-IDs, modifications in App-IDs, or even the introduction of entirely new App-IDs to replace. Sometimes, the recommendations are followed, but even then, when the package is installed on the firewall, it gets messed up. I remember a particular one was with Tableau, and suddenly, people weren't able to use Tableau, which is an analytics tool for business.""We are using the SaaS offering. We use our applications for microservices. We use Twistlock to scan containers, and it displays these results in Prisma, which is a good feature because we can see vulnerabilities with respect to these containers. We can see everything in a very detailed manner. However, when you have different environments for a single application, such as DEV, QA, PROD, and TEST, all these environments run multiple containers, which can lead to a very high number of containers. In such a scenario, it shows you the alerts for all those containers that have vulnerabilities. If you show the results of all the containers that share the same image, it is not going to add any value. Therefore, they should narrow down the alerts based on a container. It should show information for a single container. Otherwise, the person who is looking at the results gets the impression that he has to fix all these issues. This is something that they can improve.""It's not really Prisma's fault, but when you try to create exceptions you don't really have those abilities. You cannot say, on the management platform, "Hey, for these users I want to create these exceptions." That is one thing that I have gotten some complaints about, and we have faced some challenges there.""The one thing that I've been a little bit disappointed with is when we have had to open cases with Palo Alto about Prisma Access issues. Versus their other platforms, like their firewalls, where we tend to get really quick responses and very definitive answers, the few tickets I've had to open for Prisma Access have taken them longer to respond to. And they haven't necessarily given me the kind of answer I was looking for, meaning a fix to the problem.""My clients would like to see a more feature-rich product.""From any improvement perspective, the product's compatibility issues with Linux need to be resolved.""It would be nice to manage Prisma Access through the cloud instead of through Panorama. You can use the cloud version to monitor Prisma Access, but it doesn't have all the features yet, and it's not 100% done."

More Prisma Access by Palo Alto Networks Cons →

Pricing and Cost Advice
  • "​They support either annual licensing or hourly. At the time of our last negotiation, it was either one or the other, you could not mix or match. I would have liked to mix/match. ​"
  • "I would advise taking into account the existing number of devices and add a forecast of the number of devices to be added in the coming year or two, to obtain better pricing."
  • "It is a very straightforward licensing model that is based on the number of assets you are discovering and managing with the solution."
  • "The licensing and costs are straightforward, as they have a baseline of 100 workloads (number of instances) within one license with no additional nor hidden charges. If you want to have 200 workloads under Dome9, then you need to take out two licenses for that. Also, it does not have any impact on cloud billing, as data is shared using the API call. This is well within the limit of free API calls provided by the cloud provider."
  • "I suggest that you pay attention to the product pricing because while there are no tricks, and the licensing model is transparent, the final numbers may surprise you."
  • "Right now, we have licenses on 500 machines, and they are not cheap."
  • "The pricing is tremendous and super cheap. It is shockingly cheap for what you get out of it. I am happy with that. I hope that doesn't get reported back and they increase the prices. I love the pricing and the licensing makes sense. It is just assets: The more stuff that you have, the more you pay."
  • "Licensing and costs are straightforward, as they have a baseline of 100 workloads within one license and no additional charges."

    • More Check Point CloudGuard CNAPP Pricing and Cost Advice →

  • "The licensing cost is about 18,000 euros."
  • "Actually the solution is very expensive. I don't know the particulars since the purchasing team dealt with it."
  • "The pricing for this solution is on the higher end."
  • "Compared to other products, the price is slightly high."
  • "This is not an expensive product and everything is included with one license."
  • "Prisma Access is a little bit expensive."
  • "The licensing fees are paid on a yearly basis and for what we get, the price is good."
  • "The solution requires a license and the technical support has extra costs. The licensing model could improve."

    • More Prisma Access by Palo Alto Networks Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
    See Recommendations
    772,649 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Check Point CloudGuard Posture Management?
    Top Answer:The visibility in our cloud environment is the most valuable feature.
    Read all 33 answers   →
    What is your experience regarding pricing and costs for Check Point Cloud...
    Top Answer:The price is on the higher end.
    Read all 27 answers   →
    What needs improvement with Check Point CloudGuard Posture Management?
    Top Answer:We have concerns regarding the pricing and would appreciate seeing some improvements.
    Read all 32 answers   →
    What is the better solution - Prisma Access or Zscaler Private Access?
    Top Answer: We looked into Prisma Access before choosing Zscaler Private Access (ZPA). Palo Alto’s Prisma Access is a secure access service edge (SASE) designed to deliver network security in a… more »
    What do you like most about Prisma Access by Palo Alto Networks?
    Top Answer:The most valuable features of the solution are in the areas of the secure remote access it provides while also being user-friendly.
    Read all 29 answers   →
    What is your experience regarding pricing and costs for Prisma Access by ...
    Top Answer:As compared to other solutions, Prisma Access is much cheaper. It is probably 30% to 40% cheaper than other solutions, but I do not know the exact cost. A customer is using 250,000 user licenses for… more »
    Read all 24 answers   →
    Ranking
    6th
    out of 111 in Vulnerability Management
    Views
    1,461
    Comparisons
    877
    Reviews
    55
    Average Words per Review
    672
    Rating
    8.6
    1st
    out of 41 in Secure Access Service Edge (SASE)
    Views
    16,920
    Comparisons
    11,519
    Reviews
    26
    Average Words per Review
    981
    Rating
    8.2
    Comparisons
    Also Known As
    Check Point CloudGuard Posture Management, Dome9, Check Point CloudGuard Workload Protection, Check Point CloudGuard Intelligence
    Palo Alto Networks Prisma Access, Prisma Access, GlobalProtect, Palo Alto GlobalProtect Mobile Security Manager, Prisma SaaS by Palo Alto Networks, Prisma Access
    Learn More
    Check Point Software Technologies
    Palo Alto Networks
    Overview

    Check Point CloudGuard CNAPP is a robust cloud security solution, offering comprehensive protection for cloud workloads and applications against cyberattacks. This platform encompasses cloud security posture management, threat prevention, and efficient incident response, providing organizations with a unified defense against threats. Key features include continuous visibility and remediation of misconfigurations, threat prevention through various techniques like intrusion prevention and malware detection, and rapid, cost-effective incident response. With CloudGuard CNAPP, you can safeguard cloud-native applications, cloud infrastructure, and sensitive data, enhancing your overall cloud security posture. This solution is a powerful asset for organizations seeking to fortify their cloud environments against a range of cyber threats.

    Prisma Access by Palo Alto Networks provides consistent security for all users and applications across your remote networks. Prisma Access grants users safe access to the cloud and data center applications and the internet as well. In addition, the solution combines all of your security and networking capabilities into a single cloud-delivered platform, enabling flexible hybrid workforces.

    Prisma Access can be managed two ways:

    1. Cloud Managed
    2. Panorama Managed

    Prisma Access delivers both networking and security services, including:

    • SD-WAN
    • VPN
    • Zero Trust network access (ZTNA)
    • Quality of service (QoS)
    • Clean Pipe
    • Firewall as a service (FWaaS)
    • DNS Security
    • Threat Prevention
    • Cloud secure web gateway (SWG)
    • Data loss prevention (DLP)
    • Cloud access security broker (CASB)

    Prisma Access by Palo Alto Networks Features

    Prisma Access by Palo Alto Networks has many valuable key features including: App-ID, User-ID, Device-ID, SSL Decryption, Dynamic User Group (DUG) Monitoring, AI/ML-Based Detection, IoT Security, Reporting, URL Filtering, Enterprise Data Loss Prevention (DLP), Digital Experience Monitoring (DEM)*, Logging, Policy Automation, Intrusion Prevention System (IPS), and many more.

    Prisma Access by Palo Alto Networks Benefits

    Some of the benefits of using Prisma Access by Palo Alto Networks include:

    • Security: Prisma Access gives you consistent security to protect against cyberattacks, with enforcement of policy at every location. By implementing Prisma Access, you also gain protection that works to prevent known and unknown malware, exploits, credential theft, command and control, and many other attack vectors across all ports and protocols.

    • Global connectivity: Prisma Access provides global coverage through use of its connectivity layer.

    • Scalability: With Prisma Access, scaling is automatically managed and is scalable, flexible, and agile.

    • Instant deployment: Deployment is fast, eliminating wasted time that may otherwise be associated with setting up a solution, operating it, or shipping hardware in order to get started.

    Reviews from Real Users

    Below are some reviews and helpful feedback written by Microsoft Azure Synapse Analytics

    users who are currently using the solution.

    PeerSpot user Partha D., Global Network Tech Lead at a computer software company, speaks about his experience using the product, saying, "It protects all app traffic so that users can gain access to all apps. Unlike other solutions that only work from ports 80 and 443, which are predominantly for web traffic, Prisma Access covers all protocols and works on all traffic patterns... The most sophisticated attacks can arise from sources that are not behind 80/443."

    Tejas J., a Sr. Cloud Security Architect at a computer software company, mentions that "it is geographically dispersed, and it sits on top of Google and AWS platforms. Therefore, you don't face the standard issues, such as latency or bandwidth issues, that you usually face in the case of on-prem data centers.

    Another PeerSpot reviewer, Max I., Associate Director at Cognizant, comments that "Security is absolutely spot-on, really top-notch. It's the result of all the components that come together, such as the HIP [Host Information Profile] and components like Forcepoint, providing end-user content inspection, and antivirus. It incorporates DLP features and that's fantastic because Prisma Access makes sure that all of the essential prerequisites are in place before a user can log in or can be tunneled into."

    Sample Customers
    Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners
    Concord Hospital, State of Colorado, Essilor International, RheinLand Versicherungsgruppe, University of Westminster, Universidade Nove de Julho, SPAR Austria, CAME Group, ZipRealty, Greenhill & Co., IKT Agder, Aviva Stadium, Animal Logic, Management & Training Corporation, Brigham Young University Hawaii, School District of Chilliwack
    Top Industries
    REVIEWERS
    Security Firm22%
    Financial Services Firm18%
    Computer Software Company11%
    Cloud Solution Provider8%
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company15%
    Security Firm8%
    Manufacturing Company8%
    REVIEWERS
    Computer Software Company44%
    Manufacturing Company11%
    Security Firm4%
    Pharma/Biotech Company4%
    VISITORS READING REVIEWS
    Computer Software Company15%
    Manufacturing Company11%
    Financial Services Firm11%
    Government6%
    Company Size
    REVIEWERS
    Small Business43%
    Midsize Enterprise12%
    Large Enterprise45%
    VISITORS READING REVIEWS
    Small Business27%
    Midsize Enterprise11%
    Large Enterprise63%
    REVIEWERS
    Small Business31%
    Midsize Enterprise28%
    Large Enterprise41%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise14%
    Large Enterprise68%
    Buyer's Guide
    Vulnerability Management
    June 2024
    Download Free Report
    Find out what your peers are saying about Tenable, Wiz, SentinelOne and others in Vulnerability Management. Updated: June 2024.
    DOWNLOAD NOW
    772,649 professionals have used our research since 2012.

    Check Point CloudGuard CNAPP is ranked 6th in Vulnerability Management with 64 reviews while Prisma Access by Palo Alto Networks is ranked 1st in Secure Access Service Edge (SASE) with 59 reviews. Check Point CloudGuard CNAPP is rated 8.6, while Prisma Access by Palo Alto Networks is rated 8.2. The top reviewer of Check Point CloudGuard CNAPP writes "Threat intel integration provides us visibility in case any workload is communicating with suspicious or blacklisted IPs". On the other hand, the top reviewer of Prisma Access by Palo Alto Networks writes "Integration with Palo Alto platforms such as Cortex Data Lake and Autofocus gives us visibility into our attack surface". Check Point CloudGuard CNAPP is most compared with Prisma Cloud by Palo Alto Networks, Wiz, AWS GuardDuty, Microsoft Defender for Cloud and Tenable Cloud Security, whereas Prisma Access by Palo Alto Networks is most compared with Netskope , Zscaler Zero Trust Exchange, Cisco Umbrella, Zscaler Internet Access and Prisma SD-WAN.

    We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.