Try our new research platform with insights from 80,000+ expert users

Forcepoint CASB vs Prisma Access by Palo Alto Networks comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Nov 7, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

iboss
Sponsored
Ranking in Cloud Access Security Brokers (CASB)
8th
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
17
Ranking in other categories
Secure Web Gateways (SWG) (10th), Internet Security (4th), Web Content Filtering (3rd), ZTNA as a Service (11th), Secure Access Service Edge (SASE) (10th)
Forcepoint CASB
Ranking in Cloud Access Security Brokers (CASB)
16th
Average Rating
7.2
Reviews Sentiment
6.8
Number of Reviews
7
Ranking in other categories
No ranking in other categories
Prisma Access by Palo Alto ...
Ranking in Cloud Access Security Brokers (CASB)
1st
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
63
Ranking in other categories
Secure Web Gateways (SWG) (3rd), Enterprise Infrastructure VPN (5th), ZTNA as a Service (2nd), Secure Access Service Edge (SASE) (1st)
 

Mindshare comparison

As of April 2025, in the Cloud Access Security Brokers (CASB) category, the mindshare of iboss is 1.8%, up from 1.2% compared to the previous year. The mindshare of Forcepoint CASB is 1.1%, down from 1.5% compared to the previous year. The mindshare of Prisma Access by Palo Alto Networks is 18.4%, down from 18.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Access Security Brokers (CASB)
 

Featured Reviews

Matt Crockford - PeerSpot reviewer
It's easy to roll out, and their understanding of our business made it seamless
One aspect we value about iboss is its simplicity. Their customer service is brilliant, and they are super responsive and knowledgeable. It's easy to roll out, and their understanding of our business made it seamless. We were impressed by the solution's mental health function, which can detect if someone needs help. It scans what users are browsing and flags warning signs so we can check to see if they are okay. We've had to use it a couple of times. The user interface is highly intuitive. Our IT team picked it up with minimal training. It's arranged so that it's easy to find where things are. Another advantage is the single pane of glass console, which gives you visibility into what's happening. We're not fully there yet because we haven't implemented zero trust, but we're excited about the possibilities from the demos we've seen. We launched a POC of iboss' ChatGPT Risk Protection feature two weeks ago. AI is a great tool, but you need to be careful what you put into it. My biggest fear is employees inputting sensitive corporate information or customer PII data into one of these chatbots. I was impressed by our trial of the feature. It's exactly what we wanted. Now, when a user goes to ChatGPT, there's a banner warning them not to share information, and we can block conversations containing customer data like bank details and email addresses. I don't want to stop people from using it, but we need visibility. We've only tried it on a test group of 15 people. You can configure it to look for specific keywords or integrate it with your DLP policy if you have that configured
Edwin Eze Osiago - PeerSpot reviewer
Reliable, easy to set up and offers good visibility
It could be more robust, especially around custom applications. We've not really seen value around our custom applications, most especially when these applications are hosted on-premise. If there's a way Forcepoint can do something to ensure that the CASB also protects applications that are hosted on-premise, that would be ideal. Currently, basically, cloud-hosted applications, that are internet-facing are protected. If we can also have a CASB sit in front of our on-prem hosted applications, it would be massive. Forcepoint removed the ability to scan for unsanctioned applications on the CASB. Initially, CASB used to have that feature where you can scan for the applications and be able to support unsanctioned applications being used by the user. They moved it to another product. If there is an opportunity to speak to the product managers and get some features back, that would be ideal.
Partha Dash - PeerSpot reviewer
Makes us part of a bigger security ecosystem with updates taken care of for us, but pricing and support need work
There are definitely a number of things that could be improved. One of them is geographic coverage. China is still an issue because the solution does not operate there properly due to government regulations. I believe Palo Alto is trying pretty hard to get into partnerships with Alibaba and other cloud providers, but they do not have the same compelling offering in China that they have in the rest of the world. Businesses that are operating within China have to be very sure to evaluate the solution before making a buying decision. It is not an issue with Palo Alto, rather it is predominantly the result of government rules, but it's something that Palo Alto needs to work on. There is also room for improvement when it comes to latency in a couple of regions, including India and South America. They might have to increase their presence in those locations and come up with more modern cloud architectures. The third area is that, while Palo Alto has understood the essence of building capabilities around cloud technology and have come up with a CASB offering, that is a very new product. There are other companies that have better offerings for understanding cloud applications and have more graceful controls. That's something that Palo Alto needs to work on.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The iboss system is highly reliable. The false positive rates are small compared to some other systems we've experienced through other partner agencies who use competing solutions."
"Valuable features: Within the filter: Controls (Web categories, applications, and Allow/Block list) and Network (local Subnets). Within the reporter: Logs (Event Log) and Reports."
"The solution has massively improved our security posture, giving us full visibility into what our staff does online."
"iboss has significantly lowered the number of security incidents. It is crazy how much it blocks and how much it is aware of the outside danger."
"The security aspect of the solution, particularly the malware behind it, is excellent. That's something that really helped us out. It's not just a simple proxy that just blocks the insights of potential threats that come on behind it. They do malware detection and that helps us a lot."
"From a use-case scenario, what I like the most is the plug-in. I like the fact that we can do the filtering of these devices offsite independent of the network they are connected to, and we do not have to have traffic coming back inside our network."
"First of all, the security policies are essential. I do not have to rely solely on Active Directory for our users."
"Content filtering is the most useful feature of iboss."
"As it is based on AWS, it is not a problem."
"The product offers an easy initial setup."
"The most valuable aspect for us is the fact that the product seamlessly integrates with the Forcepoint DLP."
"Generally, most of our customers are happy with it though."
"Macro integration is a good feature."
"The tool's most valuable feature is its management ease."
"It gives you value for your investment."
"Palo Alto Firewall is one of the best firewalls in the world."
"The initial setup is very straightforward."
"The most valuable feature is the ability to join your network and provide access through the VPN."
"The visibility perspective is pretty cool. If I want to know how much data is being used for a specific project, I can look at how much data has been used, from which region, and which users have been connected. That visibility is very good so that I can see how many licenses we have and how many are used."
"It's very stable. Sometimes after installing the boxes, we leave them for one or two years. We would just touch the box in the case of the customer needing new requirements or changes to the setup."
"It has predefined or preconfigured rules, which are getting periodically updated. They are providing continuous improvements and periodically updating all search queries that they are looking for. That is one thing that helps us to stay vigilant and focused. If we query our AWS account for any breaches or vulnerabilities with any of the cloud tests, and it alerts us based on these predefined rules. It also provides an option to configure our own rules, and based on these rules, it can query the cloud trail logs, pull the information, and trigger alerts in real-time. I haven't explored this feature much because there are multiple accounts, and we don't have enough time to explore this feature. It also provides multiple integrations. When vulnerabilities or breaches are happening, you should be aware of them immediately. It provides integration with tools such as Slack, PagerDuty so that you can get alerted as soon as the high severity stuff comes up. For example, you have a security group that has allowed public traffic on port 22. As TechOps, you should be aware of this immediately. You cannot scan each machine or look into all security groups to identify it. So, Prisma helps us and alerts us when this kind of high-priority stuff comes up. It has different statistics, analytics, and graphs for data. The description of alerts is also pretty good. They describe what are the possible causes for this and what are the solutions. From Prisma Cloud, you can directly go to the AWS account. When you click on an alert, a resource, or a resource ID, it takes you to the AWS console where you need to log in. If you are already logged in, it will take you to that instance directly, and you can fix the issue there. I have found this feature very useful."
"I like it because it's very easy to use. You install the client and you have to know your gateway, but that's something we give to our users. Beyond that, it takes about three seconds to train them on how to use it. And it just works well. That's great for us because it means less administrative time."
"It's great that we can make sure a machine meets the minimum requirements before users are allowed to log in."
 

Cons

"SSL decryption: We had issues with learners using apps instead of using web browsers. This type of encryption is tough for any appliance in a BYOD environment."
"Its pricing could be better."
"Our biggest problem with their service was it did not recognize the device and filtering did not always work correctly."
"I'd like to see them accelerate development on the security side, particularly around data loss prevention."
"If they could implement an extra security layer preventing access to iboss from the open internet, it would be great."
"The reporting feature needs improvement."
"Fold that in with the risk intelligence they're getting from all of the different subscriptions they are a part of. Now, these security companies subscribe to things like emerging threats, databases, etc. You can fold all this intelligence to decide what's happening on an endpoint. I would love to see them start moving into that space. That would compete directly with Microsoft. Maybe that's why they haven't. Having that ability native within the solution would be great. The other area in which I would love to see improvement is more detailed descriptions of why they block websites."
"Our iboss subscription access should be more secure with an OTP or VPN etc. It is easy to gain access if, for example, hackers obtain my username and password."
"Forcepoint removed the ability to scan for unsanctioned applications on the CASB."
"Lacks different ways to authenticate users."
"They should work on the possibility of consolidating all of the products with the group of agents."
"Integration is an area of the solution that needs to be improved."
"The solution needs to be easier to install, and they need to clean up the backend, so stuff doesn't break."
"When using the Forcepoint CASB, and you are a remote worker, basically not in the office, you have to have an agent on your computer, a Forcepoint agent. However, with many other CASB solutions, they can integrate with MDM."
"There are various modules to secure a public cloud, such as Cloud Security Posture Management. You might have seen these features available if you've reviewed solutions like Zscaler or Netskope. A full-fledged CASB should be manageable. However, the tool does not seem to offer complete public cloud visibility. While it provides some cloud visibility and can manage API traffic for Web 2.0, it lacks a specific module for securing public cloud environments."
"Palo Alto Prisma 10 came out over a year ago. Palo Alto added this identity management feature. The legacy way Palo Alto selected which user is sitting on an IP address it passes through has been clunky."
"There is some particular traffic that the security team wants to filter out and apply their own policies and they cannot."
"It's not really Prisma's fault, but when you try to create exceptions you don't really have those abilities. You cannot say, on the management platform, "Hey, for these users I want to create these exceptions." That is one thing that I have gotten some complaints about, and we have faced some challenges there."
"Prisma would be a stronger solution if it could aggregate resources by project or by application. So say we have an application we've developed in AWS and five applications we've developed in Azure. The platform will group it according to those applications, but it's based on the tags we use in Azure, which means I have to rely on development teams to tag resources properly."
"The solution’s stability could be improved."
"Prisma's integration between operational technology and IT should be more seamless. Right now, it requires additional setup and maintenance."
"The licensing model isn't flexible enough. It's an all-or-nothing model. Other providers in the market allow you to buy modules or add-ons separately. With Prisma Access, you have to purchase the same module for all users."
"We would like to see improvements in the licensing; currently, Palo Alto provides 500 to 1000 licenses for users, and we want to see 1500 to 2000 licenses for one version."
 

Pricing and Cost Advice

"The overall pricing for iboss is very competitive and transparent."
"It is expensive compared to one of its competitors."
"It is not expensive, and it is also not cheap. iboss is priced right in the sweet spot for the number of features it offers."
"It is probably in line with other solutions, but I do not deal with the financial side."
"We had the cost of purchasing a new appliance along with the implementation and licensing costs. However, the following year, the cost of just licensing was similar to what was paid the previous year for a new appliance along with the implementation and licensing costs."
"We have not priced the solution recently, but they were competitive with other vendors in the past."
"The pricing really depends on the size of the customer's business because it is price-relevant to the environment."
"The solution is not that expensive compared to Zscaler. Netskope is between Forcepoint CASB and Zscaler in terms of cost. Forcepoint CASB would be the first choice because it negotiates well and offers a perpetual license, though it may seem subscription-based. I rate its pricing a six out of ten."
"As compared to other solutions, Prisma Access is much cheaper. It is probably 30% to 40% cheaper than other solutions, but I do not know the exact cost."
"Based on what I have heard from others, it is a pricey solution as compared to its peers, but I am not sure. However, considering the features that it offers, it is a break-even point. You get whatever they are promising."
"We have to pay additional costs for maintenance and support services."
"The solution is expensive."
"Compared to other products, the price is slightly high."
"The price has been good for the ROI during these difficult times for the cruise industry. There are no hidden costs; what the product offers is what you get."
"The licensing cost is about 18,000 euros."
"It is a little expensive. Because it is one of the best in the market, it is a little bit more expensive than other vendors."
report
Use our free recommendation engine to learn which Cloud Access Security Brokers (CASB) solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Financial Services Firm
12%
Manufacturing Company
9%
Government
6%
Financial Services Firm
19%
Computer Software Company
11%
Manufacturing Company
9%
Educational Organization
7%
Computer Software Company
14%
Manufacturing Company
13%
Financial Services Firm
13%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about iboss?
Content filtering is the most useful feature of iboss.
What needs improvement with iboss?
Our biggest problem with their service was it did not recognize the device and filtering did not always work correctl...
What is your primary use case for iboss?
We used it for student and faculty filtering on campus.
What is your experience regarding pricing and costs for Forcepoint CASB?
The solution is not that expensive compared to Zscaler. Netskope is between Forcepoint CASB and Zscaler in terms of c...
What needs improvement with Forcepoint CASB?
There are various modules to secure a public cloud, such as Cloud Security Posture Management. You might have seen th...
What is the better solution - Prisma Access or Zscaler Private Access?
We looked into Prisma Access before choosing Zscaler Private Access (ZPA). Palo Alto’s Prisma Access is a secure ac...
What do you like most about Prisma Access by Palo Alto Networks?
The most valuable features of the solution are in the areas of the secure remote access it provides while also being ...
What is your experience regarding pricing and costs for Prisma Access by Palo Alto Networks?
From my experience, Palo Alto is more expensive compared to solutions like Netskope and Triscale.
 

Also Known As

iBoss Cloud Platform
Imperva Skyfence
Palo Alto Networks Prisma Access, Prisma Access, GlobalProtect, Palo Alto GlobalProtect Mobile Security Manager, Prisma SaaS by Palo Alto Networks, Prisma Access
 

Overview

 

Sample Customers

More than 4,000 global enterprises trust the iboss Cloud Platform to support their modern workforces, including a large number of Fortune 50 companies.
Zions Bank, GE Healthcare, HomeAway, Logitech, Universal, California National Resources Agency and many mor
Concord Hospital, State of Colorado, Essilor International, RheinLand Versicherungsgruppe, University of Westminster, Universidade Nove de Julho, SPAR Austria, CAME Group, ZipRealty, Greenhill & Co., IKT Agder, Aviva Stadium, Animal Logic, Management & Training Corporation, Brigham Young University Hawaii, School District of Chilliwack
Find out what your peers are saying about Forcepoint CASB vs. Prisma Access by Palo Alto Networks and other solutions. Updated: April 2025.
849,190 professionals have used our research since 2012.