Try our new research platform with insights from 80,000+ expert users

Check Point CloudGuard CNAPP vs Prisma Access by Palo Alto Networks comparison

The compared Check Point Software Technologies and Palo Alto Networks solutions aren't in the same category. Check Point Software Technologies is ranked #8 in VM , with an average rating of 8.6. Palo Alto Networks is ranked #1 in SASE , with an average rating of 8.2, and holds a 21.4% mindshare. Additionally, 94% of Check Point Software Technologies users are willing to recommend the solution, compared to 91% of Palo Alto Networks users who would recommend it.
Check Point CloudGuard CNAPP
Read 69 Check Point CloudGuard CNAPP reviews
  • 2,419 Views
  • 1,105 Comparison Views
94% willing to recommend
Prisma Access by Palo Alto ...
Read 60 Prisma Access by Palo Alto Networks reviews
  • 12,983 Views
  • 9,040 Comparison Views
91% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 1, 2024

Check Point CloudGuard CNAPP and Prisma Access by Palo Alto Networks are leading cloud security solutions. Users show a preference for the features and pricing of Check Point CloudGuard CNAPP, while Prisma Access stands out with better ease of deployment and comprehensive customer service.

Features: Check Point CloudGuard CNAPP users appreciate the automated security policies, deep integration with CI/CD pipelines, and real-time threat prevention. Prisma Access by Palo Alto Networks receives high marks for its extensive threat intelligence, consistent network performance, and multi-cloud support.

Room for Improvement: Users suggest that Check Point CloudGuard CNAPP could benefit from enhanced reporting capabilities, more intuitive configuration options, and improved customer support response times. For Prisma Access by Palo Alto Networks, feedback indicates the need for more comprehensive training materials, better customer support response times, and improved usability enhancements.

Ease of Deployment and Customer Service: Check Point CloudGuard CNAPP is often praised for its straightforward deployment process but receives mixed reviews regarding customer service responsiveness. Prisma Access by Palo Alto Networks is recognized for its robust documentation and smooth deployment but has more favorable comments on the support quality.

Pricing and ROI: Check Point CloudGuard CNAPP users find the pricing competitive and report satisfactory ROI, especially for smaller-scale deployments. Prisma Access by Palo Alto Networks users acknowledge higher initial setup costs but justify them with strong ROI due to advanced security features. Users find Check Point more cost-effective, whereas Prisma Access is deemed worth the higher investment due to its comprehensive capabilities.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Vulnerability Management Report (Updated: October 2024).
Buyer's Guide
Vulnerability Management
October 2024
Download the complete report
Helped 815,854 peers since 2012
 

Categories and Ranking

Check Point CloudGuard CNAPP
Average Rating
8.6
Number of Reviews
69
Ranking in other categories
Vulnerability Management (8th), Cloud and Data Center Security (9th), Container Security (6th), Cloud Workload Protection Platforms (CWPP) (6th), Cloud Security Posture Management (CSPM) (5th), Cloud-Native Application Protection Platforms (CNAPP) (5th), Data Security Posture Management (DSPM) (4th), Compliance Management (5th)
Prisma Access by Palo Alto ...
Average Rating
8.2
Reviews Sentiment
7.2
Number of Reviews
60
Ranking in other categories
Secure Web Gateways (SWG) (3rd), Cloud Access Security Brokers (CASB) (1st), Enterprise Infrastructure VPN (4th), ZTNA as a Service (2nd), Secure Access Service Edge (SASE) (1st)
 

Featured Reviews

Yokesh Mani - PeerSpot reviewer
Jan 23, 2024
Easy to write custom rules and policies in the UI with limited coding knowledge
The user interface could be improved. Sometimes, the visibility is not immediately available for the environment. We have the native servers that come with the solutions, but we cannot see them in the Check Point log. Another issue is with the integrated file monitoring. It would make sense to have stuff like file integrity monitoring and malware scanning available within this module because we don't want to integrate another product. For example, let's say it's showing a process violation. It should be able to do some additional malware scanning in that particular bucket to get some additional information. I don't want to integrate with another third-party tool or go to the native server to check something. It would be helpful to have integrated monitoring and malware scanning for the file types. There are a few flaws with the security management portal where I have limited visibility into the workload protection features. There is no error visibility where I can see the communication and workflow between services. Some of the dashboards need to be fine-tuned if they are not customized. For example, I cannot customize anything on the effective risk management dashboard. Some of the information is not correct for my tenant. With respect to passwords and user management, there are no policies I can measure at the user level. If the user was created more than six months ago, you don't need to worry about that password or do anything like two-factor authentication associated with that user. They can still log in after six months or one year. It's also a challenge to use CloudGuard's agentless workload posture with AWS. An Azure storage is summed up with a CNAPP encryption by default. We tried onboarding this data, but the problem is the attachment is not done. After a few days, we identified that it was impossible to do the encryption detection. But CloudGuard's default rules say that this has to be encrypted. The AWS module says that we cannot access this volume with this encryption, so we cannot use an agentless workload posture with AWS because of this. It is a best practice to ensure that all the volumes are being encrypted. Without the encryption, how can I do this? It is a big challenge for CloudGuard.
Read full review
TejasJain - PeerSpot reviewer
Dec 5, 2021
Provides actionable insights, secures all applications, and has global coverage
It is a managed firewall. When you run into issues and have to troubleshoot, there is a fair amount of restriction. You run into a couple of restrictions where you don't have any visibility on what is happening on the Palo Alto managed infrastructure, and you need to get on a call to get technical assistance from Palo Alto's technical support. You have to get them to work with you to fix the problem. I would definitely like them to work on the visibility into what happens inside Palo Alto's infrastructure. It is not about getting our hands onto their infrastructure to do troubleshooting or fixing problems; it is just about getting more visibility. This will help us in guiding technical support folks to the area where they need to work.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"This product provides a really nice visualization of the infrastructure, including network topology, firewalls, etc."
"The most valuable feature is posture management, which gives you complete visibility of all your assets in the cloud and allows you to do governance and compliance."
"The comprehensive security for IaaS and PaaS cloud assets provides efficient security awareness to all the teams."
"It has an analytics service that does research for us."
"The initial setup is easy and not complex at all."
"Overall, it provides good security."
"CloudGuard's best feature is real-time detection. We can detect incidents and vulnerabilities in our code with one click."
"Compliance is becoming an important tool for us as well."
More Check Point CloudGuard CNAPP pros
"It supports auto-scaling for mobile users. It auto-scales depending on the mobile user traffic. For example, if 1,000 people are working from home today, and tomorrow, the number increases to 2,000, it is not going to be an issue."
"Prisma Access gives us security from a single point. It controls mobile users and determines how secure their networks will be, including from where they will get internet access. We can optimize things and add security profiles centrally."
"Prisma's most valuable feature would be its ability to identify bad or risky configurations."
"It is geographically dispersed, and it sits on top of Google and AWS platforms. Therefore, you don't face the standard issues, such as latency or bandwidth issues, that you usually face in the case of on-prem data centers."
"The solution's most valuable features were the model's reduced complexity on the client side and its capability to provide security."
"We have an application called ADEM that helps us troubleshoot network-related issues. It helps us to isolate an issue whether it is on the ISP level, endpoint level, or system access level."
"Palo Alto Firewall is one of the best firewalls in the world."
"The solution is not very complex and is easy to manage for people who may or may not have knowledge about Palo Alto Networks."
More Prisma Access by Palo Alto Networks pros
 

Cons

"In Dome9, there should be a policy validation option where we can validate the policy before we push it into production."
"It should capture more information in metadata including communication detail. Also, Internal IP addresses should not be tracked as this might be having some compliance issues."
"I would like an interface more adapted to cell phones or tablets."
"When rules change, it messes up the remediation. They haven't found a fix for that yet. The remediation rule goes into limbo. It's an architectural design flaw within their end compliance engine—a serious bug."
"The setup can be better. With every other Check Point product, the setup is scripted. You just approve versions, and then you are off. The setup for this solution is still very much manual. I would like to see that transition to more of a scripted setup."
"Improvements can be made to the user interface."
"Scalability, particularly in workload protection, is an area that needs improvement."
"The costs are high."
More Check Point CloudGuard CNAPP cons
"The initial support team is not very good. Most of the time, I have found that they are one to three years experienced only. They don't have network expertise. They know about Palo Alto products but don't know how to troubleshoot the issues. We have to guide them most of the time to troubleshoot correctly since their approach is not developed."
"Its integration with non-Palo Alto products can be improved. Currently, it is easy to integrate it with other Palo Alto products such as Cortex XDR. It integrates well with other Palo Alto products. A major part of our network is based on Palo Alto products, but for those companies that use multi-vendor products in their infrastructure, Palo Alto should optimize the integration of Prisma Access with the network devices from other vendors."
"The one thing that I've been a little bit disappointed with is when we have had to open cases with Palo Alto about Prisma Access issues. Versus their other platforms, like their firewalls, where we tend to get really quick responses and very definitive answers, the few tickets I've had to open for Prisma Access have taken them longer to respond to. And they haven't necessarily given me the kind of answer I was looking for, meaning a fix to the problem."
"Sometimes, you have these notifications sent out about changes in App-IDs, modifications in App-IDs, or even the introduction of entirely new App-IDs to replace. Sometimes, the recommendations are followed, but even then, when the package is installed on the firewall, it gets messed up. I remember a particular one was with Tableau, and suddenly, people weren't able to use Tableau, which is an analytics tool for business."
"When we deploy firewall rules via Panorama, we find it's a little bit slow. We have a global environment and might have 100 gateways or VPNs in the cloud. When we deploy something, it tries to deploy it one-by-one, and that can be slow."
"They could add more flexibility and improve product performance."
"Its security is good. Everything is good, but the way the dashboard responds can be improved. It takes time to implement a policy. If you change only two or three lines and push the policy to make the change work, it takes 20 to 30 minutes even for a small change. That is something very irritating from the implementation perspective."
"The tools' scalability is subject to some limitations when done on-premise due to the need for additional licenses. However, in other scenarios, increasing scalability involves expanding infrastructure to accommodate more third-party VPN access. It is scalable as long as you pay the money. Also, it needs to improve security."
More Prisma Access by Palo Alto Networks cons
 

Pricing and Cost Advice

"Licensing and costs are straightforward, as they have a baseline of 100 workloads within one license and no additional charges."
"​They support either annual licensing or hourly. At the time of our last negotiation, it was either one or the other, you could not mix or match. I would have liked to mix/match. ​"
"The pricing of Check Point is very reasonable. Cisco is a very big brand, so the pricing is quite high. We want a solution that fits into our pocket and has all the features. They can improve the licensing model for small and mid-sized organizations. It suits large companies but not small and mid-sized organizations."
"The price is on the higher end."
"Check Point CloudGuard Posture Management is expensive."
"I would advise taking into account the existing number of devices and add a forecast of the number of devices to be added in the coming year or two, to obtain better pricing."
"The licensing and costs are straightforward, as they have a baseline of 100 workloads (number of instances) within one license with no additional nor hidden charges. If you want to have 200 workloads under Dome9, then you need to take out two licenses for that. Also, it does not have any impact on cloud billing, as data is shared using the API call. This is well within the limit of free API calls provided by the cloud provider."
"The license for CloudGuard Posture Management is about $80 a year, and it's based on your cloud footprint, not the number of users. So you could have a million users, and it doesn't matter."
More Check Point CloudGuard CNAPP pricing and cost advice
"Prisma SaaS is more expensive than similar solutions but I think it's worth it."
"As compared to other solutions, Prisma Access is much cheaper. It is probably 30% to 40% cheaper than other solutions, but I do not know the exact cost."
"The initial prices of Prisma Access were okay. But as soon as you start deploying Palo Alto gear, the support prices and the recurring prices, which are the major operational costs, tend to increase over time."
"In terms of pricing, considering that it is a two or three years old solution, they should apply big discounts for the next two or three years. This approach will be better for them to capture the market."
"It is pretty expensive. We have to balance the cost of some features. They need to work on some of the services and products, price-wise."
"It is not cheap. It is expensive. The good thing is that you are able to pay for what you need, but overall, it is not cheap. The pricing is not based on packages. You pay based on the features. If you want DLP, you only pay for DLP. They are very flexible. It is not cheap, but the licensing is flexible. There are no additional costs in addition to the standard licensing fees."
"Prisma Access by Palo Alto Networks has flexible licensing models with different categories. It comes with different features which can be removed if not needed. However, its pricing is high."
"I would advise choosing your options according to your company's needs. Just go for what you want and do not pay for anything extra in terms of licensing. You need to determine how much bandwidth is required in your company network, and according to that, you should pay for the license. The mobile user license is based on the number of users who are going to use the VPN solution. You need to determine how many mobile users you are going to have in your network, and you should pay according to that. There are no other costs in addition to licensing, but if you go for the consultant services of Palo Alto networks to deliver the solution for you, then you need to pay something extra. That is not a part of licensing."
More Prisma Access by Palo Alto Networks pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
See recommendations
815,854 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Computer Software Company
14%
Manufacturing Company
9%
Security Firm
6%
Computer Software Company
15%
Manufacturing Company
12%
Financial Services Firm
12%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Check Point CloudGuard Posture Management?
The visibility in our cloud environment is the most valuable feature.
See all answers
What is your experience regarding pricing and costs for Check Point CloudGuard Posture Management?
The price is on the higher end.
See all answers
What needs improvement with Check Point CloudGuard Posture Management?
We have concerns regarding the pricing and would appreciate seeing some improvements.
See all answers
What is the better solution - Prisma Access or Zscaler Private Access?
We looked into Prisma Access before choosing Zscaler Private Access (ZPA). Palo Alto’s Prisma Access is a secure access service edge (SASE) designed to deliver network security in a cloud-deliver...
See all answers
What do you like most about Prisma Access by Palo Alto Networks?
The most valuable features of the solution are in the areas of the secure remote access it provides while also being user-friendly.
See all answers
What is your experience regarding pricing and costs for Prisma Access by Palo Alto Networks?
The licensing cost of Prisma Access is calculated per unique user, with each user being able to connect up to eight devices. If a user is no longer active after thirty days, that license becomes fr...
See all answers
 

Comparisons

Prisma Cloud by Palo Alto Networks vs Check Point CloudGuard CNAPP Logo
Prisma Cloud by Palo Alto Networks vs Check Point CloudGuard CNAPP
Compared 27% of the time
Wiz vs Check Point CloudGuard CNAPP Logo
Wiz vs Check Point CloudGuard CNAPP
Compared 19% of the time
Microsoft Defender for Cloud vs Check Point CloudGuard CNAPP Logo
Microsoft Defender for Cloud vs Check Point CloudGuard CNAPP
Compared 10% of the time
AWS GuardDuty vs Check Point CloudGuard CNAPP Logo
AWS GuardDuty vs Check Point CloudGuard CNAPP
Compared 10% of the time
Cloudflare vs Check Point CloudGuard CNAPP Logo
Cloudflare vs Check Point CloudGuard CNAPP
Compared 4% of the time
More Check Point CloudGuard CNAPP Competitors
Cisco Umbrella vs Prisma Access by Palo Alto Networks Logo
Cisco Umbrella vs Prisma Access by Palo Alto Networks
Compared 11% of the time
Netskope vs Prisma Access by Palo Alto Networks Logo
Netskope vs Prisma Access by Palo Alto Networks
Compared 11% of the time
Zscaler Internet Access vs Prisma Access by Palo Alto Networks Logo
Zscaler Internet Access vs Prisma Access by Palo Alto Networks
Compared 8% of the time
Zscaler Zero Trust Exchange Platform vs Prisma Access by Palo Alto Networks Logo
Zscaler Zero Trust Exchange Platform vs Prisma Access by Palo Alto Networks
Compared 7% of the time
FortiSASE vs Prisma Access by Palo Alto Networks Logo
FortiSASE vs Prisma Access by Palo Alto Networks
Compared 7% of the time
More Prisma Access by Palo Alto Networks Competitors
 

Product Reports

Buyer's Guide
Check Point CloudGuard CNAPP
November 2024
Check Point CloudGuard CNAPP reportDownload Check Point CloudGuard CNAPP product report
Buyer's Guide
Prisma Access by Palo Alto Networks
November 2024
Prisma Access by Palo Alto Networks reportDownload Prisma Access by Palo Alto Networks product report
 

Also Known As

Check Point CloudGuard Posture Management, Dome9, Check Point CloudGuard Workload Protection, Check Point CloudGuard Intelligence
Palo Alto Networks Prisma Access, Prisma Access, GlobalProtect, Palo Alto GlobalProtect Mobile Security Manager, Prisma SaaS by Palo Alto Networks, Prisma Access
 

Learn More

Check Point Software Technologies
Palo Alto Networks
 

Overview

Check Point CloudGuard CNAPP is a cloud-native application protection platform designed to secure your cloud environments and applications. By combining CSPM, CWPP, CSNS, and WAF capabilities, it provides a comprehensive solution to protect your cloud environment from a wide range of threats.



CloudGuard CNAPP delivers end-to-end cloud security, including workload protection, vulnerability management, and identity management, all while maintaining continuous compliance. It uses advanced AI to detect and prevent threats, offering protection for containers, serverless applications, and APIs. CloudGuard CNAPP also emphasizes simplifying security management, integrating directly with cloud platforms like AWS, Azure, and GCP.

CloudGuard CNAPP provides customers with more context to drive actionable security and smarter prevention, from code-to-cloud, across the application lifecycle. More Context Means Actionable Security, Smarter Prevention. The primary components are:

  • Unified & Modular Platform - A single platform unifying SAST, CSPM, DSPM, CIEM, CWPP, WAF, and Cloud Detection and Response.
  • Continuous Cloud Security - Automatic enforcement of security requirements and internal policies from development to runtime.
  • Real-time Detection & Protection - Real-time incidents and vulnerability detection with a single-click or automated remediation.

    What are the key features of CloudGuard CNAPP?

    • Workload Protection: Secures cloud-based workloads, including VMs, containers, and serverless functions, from vulnerabilities and attacks.
    • Posture Management: Continuously monitors cloud configurations and assets to ensure compliance with security standards and policies.
    • Threat Prevention: Uses AI-driven threat detection to block malware, ransomware, and zero-day exploits in real-time.
    • Compliance Automation: Automates compliance checks and ensures adherence to industry regulations, such as GDPR, HIPAA, and PCI-DSS.
    • Identity and Access Management (IAM) Protection: Secures identities by managing access policies and detecting misconfigurations in permissions.

    What are the key benefits to consider?

    • Improved Cloud Visibility: Provides clear insights into cloud environments, assets, and workloads, helping teams detect misconfigurations and vulnerabilities early.
    • Risk Reduction: Threat prevention features help reduce the risk of breaches by identifying and blocking potential attacks before they can exploit system weaknesses.
    • Operational Efficiency: Automated compliance and posture management reduce the manual work needed to maintain security standards.
    • Multi-cloud Support: CloudGuard CNAPP integrates across AWS, Azure, and Google Cloud, streamlining security operations for hybrid and multi-cloud deployments.

    Check Point CloudGuard CNAPP simplifies cloud security management with integrated protection and automation.




    Prisma Access by Palo Alto Networks provides consistent security for all users and applications across your remote networks. Prisma Access grants users safe access to the cloud and data center applications and the internet as well. In addition, the solution combines all of your security and networking capabilities into a single cloud-delivered platform, enabling flexible hybrid workforces.

    Prisma Access can be managed two ways:

    1. Cloud Managed
    2. Panorama Managed

    Prisma Access delivers both networking and security services, including:

    • SD-WAN
    • VPN
    • Zero Trust network access (ZTNA)
    • Quality of service (QoS)
    • Clean Pipe
    • Firewall as a service (FWaaS)
    • DNS Security
    • Threat Prevention
    • Cloud secure web gateway (SWG)
    • Data loss prevention (DLP)
    • Cloud access security broker (CASB)

    Prisma Access by Palo Alto Networks Features

    Prisma Access by Palo Alto Networks has many valuable key features including: App-ID, User-ID, Device-ID, SSL Decryption, Dynamic User Group (DUG) Monitoring, AI/ML-Based Detection, IoT Security, Reporting, URL Filtering, Enterprise Data Loss Prevention (DLP), Digital Experience Monitoring (DEM)*, Logging, Policy Automation, Intrusion Prevention System (IPS), and many more.

    Prisma Access by Palo Alto Networks Benefits

    Some of the benefits of using Prisma Access by Palo Alto Networks include:

    • Security: Prisma Access gives you consistent security to protect against cyberattacks, with enforcement of policy at every location. By implementing Prisma Access, you also gain protection that works to prevent known and unknown malware, exploits, credential theft, command and control, and many other attack vectors across all ports and protocols.

    • Global connectivity: Prisma Access provides global coverage through use of its connectivity layer.

    • Scalability: With Prisma Access, scaling is automatically managed and is scalable, flexible, and agile.

    • Instant deployment: Deployment is fast, eliminating wasted time that may otherwise be associated with setting up a solution, operating it, or shipping hardware in order to get started.

    Reviews from Real Users

    Below are some reviews and helpful feedback written by Microsoft Azure Synapse Analytics

    users who are currently using the solution.

    PeerSpot user Partha D., Global Network Tech Lead at a computer software company, speaks about his experience using the product, saying, "It protects all app traffic so that users can gain access to all apps. Unlike other solutions that only work from ports 80 and 443, which are predominantly for web traffic, Prisma Access covers all protocols and works on all traffic patterns... The most sophisticated attacks can arise from sources that are not behind 80/443."

    Tejas J., a Sr. Cloud Security Architect at a computer software company, mentions that "it is geographically dispersed, and it sits on top of Google and AWS platforms. Therefore, you don't face the standard issues, such as latency or bandwidth issues, that you usually face in the case of on-prem data centers.

    Another PeerSpot reviewer, Max I., Associate Director at Cognizant, comments that "Security is absolutely spot-on, really top-notch. It's the result of all the components that come together, such as the HIP [Host Information Profile] and components like Forcepoint, providing end-user content inspection, and antivirus. It incorporates DLP features and that's fantastic because Prisma Access makes sure that all of the essential prerequisites are in place before a user can log in or can be tunneled into."

     

    Sample Customers

    Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners
    Concord Hospital, State of Colorado, Essilor International, RheinLand Versicherungsgruppe, University of Westminster, Universidade Nove de Julho, SPAR Austria, CAME Group, ZipRealty, Greenhill & Co., IKT Agder, Aviva Stadium, Animal Logic, Management & Training Corporation, Brigham Young University Hawaii, School District of Chilliwack
    Buyer's Guide
    Vulnerability Management
    October 2024
    Download Free Report
    Find out what your peers are saying about Tenable, Qualys, Wiz and others in Vulnerability Management. Updated: October 2024.
    DOWNLOAD NOW
    815,854 professionals have used our research since 2012.

    We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.