We performed a comparison between Check Point Harmony Connect and Prisma Access by Palo Alto Networks based on real PeerSpot user reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Check Point Harmony Connect is the preferred option over Prisma Access by Palo Alto Networks, according to user reviews. It offers more detailed policies, monitoring, and reporting, along with a highly valued DLP feature. It also has a better pricing compared to other SASE market players, and some users were able to negotiate flexible pricing with Check Point Taiwan. However, Prisma Access has shortcomings in authentication and multi-environment visibility, a complex licensing model that changes often, and a high price point.
"On the outside, the main differentiation is because Lookout ingest. They have ingested basically all of the apps for the last ten years and all the versions of all the apps, and we have that in a corporate database that allows us to do very large-scale machine learning and analysis on that data set. That's not something that any of the competitors really have the capability to do because they don't have access to the data set. A lot of the apps you can no longer get them because that version of the app is five or six years old, and it just doesn't exist anywhere anymore, except within our infrastructure. So, the ability to have that very rich dataset and learn from that dataset is a real differentiator."
"The most valuable features are the antivirus as a whole, the anti-malware, and all of the protection features that scan our enterprise devices."
"The solution is stable."
"The protection offered by the product is the most valuable feature. It detects vulnerabilities or traps on our users' phones and then prompts them to clean up their devices. Tools we used previously would only discover, which required us to gather information on the backend, so Lookout is a welcome upgrade."
"It's improved the security of every single OS in the organization as well as the visibility and security capabilities."
"The reports give a simple overview of the traffic pattern within the organization."
"It is a very stable solution."
"The DRP is the most valuable feature."
"What I like about Harmony Connect is that every packet through the network is screened and filtered so that only clean packets can enter the PC. This is useful for a variety of security reasons because you no longer need to worry about things like DDoS attacks."
"The product’s ability to block phishing sites is valuable."
"Our investment in quality hardware has proven to provide a better customer experience. They heavily rely on Check Point Firewall and Check Point SaaS Connect to safeguard their networks from external threats and attacks."
"The scalability is good, and I'd give it an eight out of ten."
"There is a system for monitoring the traffic. You can monitor the traffic of the connected people and point out any issues on the connection part."
"It has predefined or preconfigured rules, which are getting periodically updated. They are providing continuous improvements and periodically updating all search queries that they are looking for. That is one thing that helps us to stay vigilant and focused. If we query our AWS account for any breaches or vulnerabilities with any of the cloud tests, and it alerts us based on these predefined rules. It also provides an option to configure our own rules, and based on these rules, it can query the cloud trail logs, pull the information, and trigger alerts in real-time. I haven't explored this feature much because there are multiple accounts, and we don't have enough time to explore this feature. It also provides multiple integrations. When vulnerabilities or breaches are happening, you should be aware of them immediately. It provides integration with tools such as Slack, PagerDuty so that you can get alerted as soon as the high severity stuff comes up. For example, you have a security group that has allowed public traffic on port 22. As TechOps, you should be aware of this immediately. You cannot scan each machine or look into all security groups to identify it. So, Prisma helps us and alerts us when this kind of high-priority stuff comes up. It has different statistics, analytics, and graphs for data. The description of alerts is also pretty good. They describe what are the possible causes for this and what are the solutions. From Prisma Cloud, you can directly go to the AWS account. When you click on an alert, a resource, or a resource ID, it takes you to the AWS console where you need to log in. If you are already logged in, it will take you to that instance directly, and you can fix the issue there. I have found this feature very useful."
"It is easy to use, easy to integrate, and is stable. It's scalable as well."
"It protects all app traffic so that users can gain access to all apps. Unlike other solutions that only work from ports 80 and 443, which are predominantly for web traffic, Prisma Access covers all protocols and works on all traffic patterns... The most sophisticated attacks can arise from sources that are not behind 80/443."
"The always-on feature is fantastic for the users. They don't have to think about it. When they go to a coffee shop to do work, there's no need to remember to toggle the VPN on. We'll protect them. URL filtering is the same at home as it is in the office."
"The remediation process is easy compared to other platforms."
"Its hands-off security and the fact that we don't have to maintain it are the most valuable features."
"Prisma SaaS is very easy to use; it's common sense — it's the best-in-class."
"From the analysis that we've done, they do seem to be maybe a step behind in trying to enter the market with a new solution. But when they do pick up, they do come out with some good products."
"Lookout was moving into the SSE space. And so their work on SecureWeb Gateway and SD-WAN is still sort of evolving."
"The stability depends on the service from where you access it. Because sometimes, the place you are in, you have Gateway. You don't have Gateway. The gateway is overutilized. At the end, you need to go through their gateways. And this is the key point here. You have a tracking point. If it's not well orchestrated, and it scales up as you add more to the existing team, you will suffer"
"We just submitted an enhancement request reflecting the main area we want to see improvement in; the APIs. Currently, we're able to build dashboards, but it's somewhat backward because we use our MDM API to create them. Lookout should provide API to customers so we can query our data and use it in our cloud, and this is the only outstanding area for improvement with the product right now."
"An improvement could be made in terms of achieving better coverage in such complicated regions as the Asia Pacific, China, and Russia."
"Automation and scalability are areas where the solution lacks and needs to improve."
"The integration from a management perspective could be improved so that the management can, from an existing Check Point firewall, manage a Harmony firewall through one pane of glass."
"In order to be able to invite users, send the agent and implement it, the user input must be generated manually."
"There is an issue when installing the Check Point client."
"Sometimes downloading PDF files can be slow."
"As it is a new market solution, I still face some instabilities in access at certain times of the day when I have more than 150 users using it simultaneously."
"When it comes to Check Point Quantum SASE, though the OEM provides security, it is not 100 percent full-fledged to meet the requirements from the customers' end."
"The solution’s stability could be improved."
"Prisma Access by Palo Alto Networks should consolidate the portals into a single portal. It is slow and takes more than ten seconds to load a page."
"I haven't seen any SD-WAN configuration capability. If Prisma Access would support SD-WAN, that would help... SD-WAN devices should be able to reach Prisma Access, and Palo Alto should support different, vendor-specific devices, not just Palo Alto devices, for SD-WAN configuration."
"From any improvement perspective, the product's compatibility issues with Linux need to be resolved."
"Its security is good. Everything is good, but the way the dashboard responds can be improved. It takes time to implement a policy. If you change only two or three lines and push the policy to make the change work, it takes 20 to 30 minutes even for a small change. That is something very irritating from the implementation perspective."
"When it comes to integration mechanisms, Prisma SaaS does not support reverse proxy type of integrations."
"I would like to see support for custom applications."
"We've run into some challenges, having hit a lot of bugs over the past year in the deployment of GlobalProtect. We've had our fair share of issues that I haven't been happy with. We're working with the support organization to remediate them and waiting for updated releases. The response on getting the bugs fixed has not been what I would consider adequate for a product like this."
More Prisma Access by Palo Alto Networks Pricing and Cost Advice →
Check Point Quantum SASE is ranked 8th in Secure Access Service Edge (SASE) with 31 reviews while Prisma Access by Palo Alto Networks is ranked 1st in Secure Access Service Edge (SASE) with 58 reviews. Check Point Quantum SASE is rated 8.4, while Prisma Access by Palo Alto Networks is rated 8.2. The top reviewer of Check Point Quantum SASE writes "Very agile with a granular level of control over users ". On the other hand, the top reviewer of Prisma Access by Palo Alto Networks writes "Integration with Palo Alto platforms such as Cortex Data Lake and Autofocus gives us visibility into our attack surface". Check Point Quantum SASE is most compared with Perimeter 81, Cisco Umbrella, Netskope and Zscaler Zero Trust Exchange, whereas Prisma Access by Palo Alto Networks is most compared with Zscaler Zero Trust Exchange, Netskope , Cisco Umbrella, Zscaler Internet Access and Prisma SD-WAN. See our Check Point Quantum SASE vs. Prisma Access by Palo Alto Networks report.
See our list of best Secure Access Service Edge (SASE) vendors.
We monitor all Secure Access Service Edge (SASE) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.