We performed a comparison between Palo Alto Networks Advanced Threat Prevention and Vectra AI based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like the solution's interface."
"The most valuable features are that it's user-friendly, has interesting features, URL filtering, and threat prevention."
"The initial setup was straightforward. It's quite easy. Deployment took one to two weeks."
"It is a stable product."
"Most of the features of Palo Alto Threat Prevention are alright. I recommend features like content filtering, IP address, & intelligent firewalls. The reporting feature is very good."
"The most valuable feature of Palo Alto Threat Prevention for our company is the next generation firewall."
"The stability of Palo Alto Networks Threat Prevention is good."
"The user interface is a bit more professional than some free products."
"Vectra is very compatible with various cloud providers, such as Amazon and Azure AD. This is helpful as customers often migrate their network infrastructure to the cloud."
"The solution's ability to reduce alerts, by rolling up numerous alerts to create a single incident or campaign, helps in that it collapses all the events to a particular host, or a particular detection to a set of hosts. So it doesn't generate too many alerts. By and large, whatever alerts it generates are actionable, and actionable within the day."
"The fact that we get the visualization of what's happening on our network, which is a way of improving our security in-depth is most valuable."
"One of the most valuable features of the platform is its ability to provide you with aggregated risk scores based on impact and certainty of threats being detected. This is both applied to individual and host detections. This is important because it enables us to use this platform to prioritize the most likely imminent threats. So, it reduces alert fatigue follow ups for security operation center analysts. It also provides us with an ability to prioritize limited resources."
"It gives you access, with Recall, to instant visibility into your network through something like a SIEM solution. For us, being able to correlate all of this network data without having to manage it, has provided immediate value. It gives us the ability to really work on the stuff where I and my team have expertise, instead of having to manage a SIEM solution..."
"The UI is easy to use and when we send detection to everybody, they easily understand what we are asking at the time."
"Some valuable features of Vectra AI are that it is very intuitive and that there are only a small amount of false positives. Therefore, it's an effective solution."
"One of the things that we didn't expect to happen was that our network team also jumped on it faster than we thought. In most cases, if it's a security tool that's working on the network part, they can also use it to find out certain flaws that have been in the system. Certain flaws, related to some legacy stuff, were already there for quite a few years, which they couldn't explain at first, but we could explain them based on the timing of certain things."
"We are attempting to improve the use of URL filtering beyond threat protection."
"It's not so easy to set up a test environment, because it's not so easy to get the test license. The vendor only gives you 90 days for a test license; it's a tough license to get."
"The initial setup is complex."
"Palo Alto Networks Threat Prevention could improve the commercial offing. Other solutions, such as Fortinet provide better commercial features."
"In terms of what needs improvement, the only thing I don't like is the support."
"I think they can use some improvement on FID."
"The solution needs to improve its local technical support services. There is no premium support offered in our market."
"The application’s pricing and dashboard need improvement. It could be user-friendly."
"A blind spot that I have is around the ease with which you can automate threat intervention."
"Vectra Recall could be utilized much more, and I'm seeing some indications of that today with the investigative components. I use the Visualize feature to visualize components and dashboards a lot. I'm interested in new ways to build automated searches or having them leveraged already from Vectra."
"The solution has not reduced the security analyst workload in our organization because we still need to SIEM. Unfortunately, while Vectra, for us, is a brilliant tool for network investigations, giving wonderful visibility, it doesn't go the whole way to replace our SIEM that is needed for compliance. So, I still have the same amount of alerting and logging that I did before. It gives us more defined ability to see incidents, but it doesn't give us enough information to satisfy a PCI or 27001 audit."
"One thing which I have found where there could be improvement is with regard to the architecture, a little bit: how the brains and sensors function. It needs more flexibility with regard to the brain. If there were some flexibility in that regard, that would be helpful, because changing the mode of the brain is complex. In some cases, the change is permanent. You cannot revert it."
"I would like to see a bit more strategic metrics instead of technical data. Information that I could show to my executive management team or board would be valuable."
"One of the things I am not so happy about when it comes to Vectra is the scoring board."
"You are always limited with visibility on the host due to the fact that it is a network based tool. It gives you visibility on certain elements of the attack path, but it doesn't necessarily give you visibility on everything. Specifically, the initial intrusion side of things that doesn't necessarily see the initial compromise. It doesn't see stuff that goes on the host, such as where scripts are run. Even though you are seeing traffic, it doesn't necessarily see the malicious payload. Therefore, it's very difficult for it to identify these type of host-driven complex attacks."
"One of the things that we are missing a bit is the capability to add our own rules to it. At the moment, the tech engine does its thing, but we have some cool ideas to make additional rules. There should be an option in the platform to add custom rules, or there should be some kind of user group where we can suggest them for the roadmap and see if they get evaluated and get transparent communication on whether they will be implemented in the product or not."
More Palo Alto Networks Advanced Threat Prevention Pricing and Cost Advice →
Palo Alto Networks Advanced Threat Prevention is ranked 7th in Intrusion Detection and Prevention Software (IDPS) with 24 reviews while Vectra AI is ranked 2nd in Intrusion Detection and Prevention Software (IDPS) with 42 reviews. Palo Alto Networks Advanced Threat Prevention is rated 8.8, while Vectra AI is rated 8.6. The top reviewer of Palo Alto Networks Advanced Threat Prevention writes "A good amount of granularity and advanced URL filtering capabilities". On the other hand, the top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". Palo Alto Networks Advanced Threat Prevention is most compared with Check Point IPS, Fortinet FortiGate IPS, Arista NDR, Trend Micro TippingPoint Threat Protection System and Cisco Secure Network Analytics, whereas Vectra AI is most compared with Darktrace, ExtraHop Reveal(x), Cisco Secure Network Analytics, Arista NDR and Check Point IPS. See our Palo Alto Networks Advanced Threat Prevention vs. Vectra AI report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.