Try our new research platform with insights from 80,000+ expert users

Prisma Access by Palo Alto Networks vs Zscaler Internet Access comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 23, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

iboss
Sponsored
Ranking in Secure Web Gateways (SWG)
10th
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
15
Ranking in other categories
Internet Security (4th), Web Content Filtering (3rd), Cloud Access Security Brokers (CASB) (8th), ZTNA as a Service (11th), Secure Access Service Edge (SASE) (10th)
Prisma Access by Palo Alto ...
Ranking in Secure Web Gateways (SWG)
3rd
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
62
Ranking in other categories
Cloud Access Security Brokers (CASB) (1st), Enterprise Infrastructure VPN (5th), ZTNA as a Service (2nd), Secure Access Service Edge (SASE) (1st)
Zscaler Internet Access
Ranking in Secure Web Gateways (SWG)
2nd
Average Rating
8.2
Reviews Sentiment
7.0
Number of Reviews
52
Ranking in other categories
Internet Security (2nd)
 

Mindshare comparison

As of April 2025, in the Secure Web Gateways (SWG) category, the mindshare of iboss is 2.0%, up from 1.7% compared to the previous year. The mindshare of Prisma Access by Palo Alto Networks is 11.2%, up from 9.1% compared to the previous year. The mindshare of Zscaler Internet Access is 15.6%, down from 17.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Secure Web Gateways (SWG)
 

Featured Reviews

Matt Crockford - PeerSpot reviewer
It's easy to roll out, and their understanding of our business made it seamless
One aspect we value about iboss is its simplicity. Their customer service is brilliant, and they are super responsive and knowledgeable. It's easy to roll out, and their understanding of our business made it seamless. We were impressed by the solution's mental health function, which can detect if someone needs help. It scans what users are browsing and flags warning signs so we can check to see if they are okay. We've had to use it a couple of times. The user interface is highly intuitive. Our IT team picked it up with minimal training. It's arranged so that it's easy to find where things are. Another advantage is the single pane of glass console, which gives you visibility into what's happening. We're not fully there yet because we haven't implemented zero trust, but we're excited about the possibilities from the demos we've seen. We launched a POC of iboss' ChatGPT Risk Protection feature two weeks ago. AI is a great tool, but you need to be careful what you put into it. My biggest fear is employees inputting sensitive corporate information or customer PII data into one of these chatbots. I was impressed by our trial of the feature. It's exactly what we wanted. Now, when a user goes to ChatGPT, there's a banner warning them not to share information, and we can block conversations containing customer data like bank details and email addresses. I don't want to stop people from using it, but we need visibility. We've only tried it on a test group of 15 people. You can configure it to look for specific keywords or integrate it with your DLP policy if you have that configured
Partha Dash - PeerSpot reviewer
Makes us part of a bigger security ecosystem with updates taken care of for us, but pricing and support need work
There are definitely a number of things that could be improved. One of them is geographic coverage. China is still an issue because the solution does not operate there properly due to government regulations. I believe Palo Alto is trying pretty hard to get into partnerships with Alibaba and other cloud providers, but they do not have the same compelling offering in China that they have in the rest of the world. Businesses that are operating within China have to be very sure to evaluate the solution before making a buying decision. It is not an issue with Palo Alto, rather it is predominantly the result of government rules, but it's something that Palo Alto needs to work on. There is also room for improvement when it comes to latency in a couple of regions, including India and South America. They might have to increase their presence in those locations and come up with more modern cloud architectures. The third area is that, while Palo Alto has understood the essence of building capabilities around cloud technology and have come up with a CASB offering, that is a very new product. There are other companies that have better offerings for understanding cloud applications and have more graceful controls. That's something that Palo Alto needs to work on.
ShanavasVK - PeerSpot reviewer
Helps maintain a consistent posture of internet security while getting rid of VPN and hovering into zero trust
There could be a better way for the tool to categorize the traffic. For example, the tool does exceptions and everything overall. If I want to give guest access or provide access to guest users or any other internet access and if it does not go through the SSL inspection because, in our company, we can't have the root certificate on a device that we don't manage, which can be called out as an exception or an exclusion, but that doesn't provide a proper reflection of the picture of what is happening in the environment. There are granularities bringing it down. The tool I used or still have is Zscaler Cloud Connector to protect the cloud environment, which can have a bit more user-friendly installation and setup, and it would help a lot. The deployment process of Zscaler Cloud Connector needs to be more user-friendly. Improvements are required in the exception category. For example, suppose I report on a monthly basis what the breaches and traffic violating the SSL inspection area are coming from. In that case, I may find that half of them may be coming through some guest network, meaning the tool doesn't differentiate between the guest or normal networks or the corporate networks. Having options to differentiate different networks would be ideal so that it can show a true picture of things to users, as half of the things in the tool are not in our control and are not of our concern.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"iboss is among the few products providing inline filtering where no application is needed on the device. It operates on the network side and is not device-based. This feature was one of the main reasons why we stayed with them for so long."
"The security aspect of the solution, particularly the malware behind it, is excellent. That's something that really helped us out. It's not just a simple proxy that just blocks the insights of potential threats that come on behind it. They do malware detection and that helps us a lot."
"iboss is easy to use despite its complexity. Multiple engineers manage it, but it's significantly more straightforward to administer than traditional VPNs and web proxies."
"Its initial setup was straightforward."
"iboss has significantly lowered the number of security incidents. It is crazy how much it blocks and how much it is aware of the outside danger."
"iboss is pretty scalable. They provide good support. The case managers you work with to coordinate what you need are pretty good."
"iboss is among the few products providing inline filtering where no application is needed on the device."
"Technical support is pretty sharp and very responsive."
"The solution improved the consistency of our security controls and the BCP. There has been a 20 percent reduction in TCO. Prisma Access also enabled us to deliver better applications by centralizing security management."
"The users can securely access any cloud data centers or cloud platforms. In terms of the features, it has all the features that Palo Alto Next-Generation Firewall has. It is also very stable and scalable."
"The product's initial setup phase is simple."
"The most valuable features of the solution are in the areas of the secure remote access it provides while also being user-friendly."
"Its hands-off security and the fact that we don't have to maintain it are the most valuable features."
"It has predefined or preconfigured rules, which are getting periodically updated. They are providing continuous improvements and periodically updating all search queries that they are looking for. That is one thing that helps us to stay vigilant and focused. If we query our AWS account for any breaches or vulnerabilities with any of the cloud tests, and it alerts us based on these predefined rules. It also provides an option to configure our own rules, and based on these rules, it can query the cloud trail logs, pull the information, and trigger alerts in real-time. I haven't explored this feature much because there are multiple accounts, and we don't have enough time to explore this feature. It also provides multiple integrations. When vulnerabilities or breaches are happening, you should be aware of them immediately. It provides integration with tools such as Slack, PagerDuty so that you can get alerted as soon as the high severity stuff comes up. For example, you have a security group that has allowed public traffic on port 22. As TechOps, you should be aware of this immediately. You cannot scan each machine or look into all security groups to identify it. So, Prisma helps us and alerts us when this kind of high-priority stuff comes up. It has different statistics, analytics, and graphs for data. The description of alerts is also pretty good. They describe what are the possible causes for this and what are the solutions. From Prisma Cloud, you can directly go to the AWS account. When you click on an alert, a resource, or a resource ID, it takes you to the AWS console where you need to log in. If you are already logged in, it will take you to that instance directly, and you can fix the issue there. I have found this feature very useful."
"I like it because it's very easy to use. You install the client and you have to know your gateway, but that's something we give to our users. Beyond that, it takes about three seconds to train them on how to use it. And it just works well. That's great for us because it means less administrative time."
"There are plenty of features this solution provides and the most valuable would be the complete security protection we are receiving. We are provided with similar security that the Palo Alto AWS solution has. This includes features such as a firewall and machine learning AI."
"Overall, we're very happy with our product."
"We don't have to buy equipment to use it. And when our engineers set it up on our side, we just configured a few settings and we were in."
"The initial setup was straightforward. The biggest thing for us was to build our own policies. The deployment itself was only a few hours."
"We use ZIA for outbound internet connectivity. The internet traffic of on-prem users will be directed to the ZIA cloud for security checks and web filtering."
"The solution is scalable and stable."
"For our needs, the cloud-native proxy architecture is a very good solution. We are moving away from on-prem appliances and moving more toward cloud-based solutions. Zscaler is a good fit for our strategy. This architecture helps with cyber threats because we inspect most of the traffic and we can see that a lot of threats are stopped directly in the secure web gateway."
"It is easy to set up the solution."
"The initial setup is very straightforward."
 

Cons

"SSL decryption: We had issues with learners using apps instead of using web browsers. This type of encryption is tough for any appliance in a BYOD environment."
"The dashboards for local use could be better."
"The area I would like to see improvement in is the ability with in the reporter to navigate directly to the content the user is traversing. It is kind of there, but it's not perfect. Quite frequently, I receive links that lead me to pages with error messages."
"File integrity monitoring would be very advantageous as an additional feature."
"I am currently doing a PoC of the zero trust aspect of it. Compared to other similar solutions, it is hard to get around each feature. It takes a while to get used to it."
"Our biggest problem with their service was it did not recognize the device and filtering did not always work correctly."
"Our biggest problem with their service was it did not recognize the device and filtering did not always work correctly."
"Sometimes when you call in support, you get someone who is just following a sheet. It feels like a runaround. You feel that you are running into that support wall."
"I would like to see support for custom applications."
"Lacks a hybrid model which has API plus in-line security."
"Dependencies of applications sometimes is a bit confusing."
"When it comes to the VPN, it uses the global protect VPN functionality to connect remotely, but it has a feature limitation for assigning multiple IP sub-links to different user groups. It would be much better if we are able to assign the current IP blocks for the sub-links based on the user groups."
"We've run into some challenges, having hit a lot of bugs over the past year in the deployment of GlobalProtect. We've had our fair share of issues that I haven't been happy with. We're working with the support organization to remediate them and waiting for updated releases. The response on getting the bugs fixed has not been what I would consider adequate for a product like this."
"They automatically update and they should give us time to fully understand what they're updating so that we can make sure it doesn't impact production."
"I haven't seen any SD-WAN configuration capability. If Prisma Access would support SD-WAN, that would help... SD-WAN devices should be able to reach Prisma Access, and Palo Alto should support different, vendor-specific devices, not just Palo Alto devices, for SD-WAN configuration."
"It is a managed firewall. When you run into issues and have to troubleshoot, there is a fair amount of restriction. You run into a couple of restrictions where you don't have any visibility on what is happening on the Palo Alto managed infrastructure, and you need to get on a call to get technical assistance from Palo Alto's technical support. You have to get them to work with you to fix the problem. I would definitely like them to work on the visibility into what happens inside Palo Alto's infrastructure. It is not about getting our hands onto their infrastructure to do troubleshooting or fixing problems; it is just about getting more visibility. This will help us in guiding technical support folks to the area where they need to work."
"An improvement would be if they could provide an out-of-the-box experience, like 20 to 30 features all ready to go. In comparison, LogRhythm offers out-of-the-box features. With Zscaler Internet Access, there is firewall IPS, multiple security services, filtering, DLP, and CASB browser isolation. These are things that all users are going to be using. However, when an administrator or architect would start building this, I would definitely need to engage professional services to help clients do it."
"Sometimes, support isn't available."
"The pricing is an issue. It is expensive if you have all of your users in the same location. It is expensive compared to other firewalls on the market."
"Zscaler should provide adjacent services, which would be complementary to their current offering that could to be more pragmatic for a customer. For example, if you take Akamai, you get multiple sets of services, all depending on the customer and the strategy and the complexity and the problems. In some areas, they are more varied in terms of coverage."
"One feature I am missing is the ability to connect automatically to internal monitoring systems."
"In terms of usage, here in the GCC, it's still growing a growing market, so the combination of DLP, data leak prevention, to a certain extent is fine. But what it requires is user-based access or role-based access. The solution needs to grow into that, which definitely takes time. There's not an easy way to integrate it, when you have a cloud-based solution."
"Cloud App’s database should be improved."
"The deployment process of Zscaler Cloud Connector needs to be more user-friendly."
 

Pricing and Cost Advice

"It is probably in line with other solutions, but I do not deal with the financial side."
"The overall pricing for iboss is very competitive and transparent."
"We had the cost of purchasing a new appliance along with the implementation and licensing costs. However, the following year, the cost of just licensing was similar to what was paid the previous year for a new appliance along with the implementation and licensing costs."
"It is expensive compared to one of its competitors."
"It is not expensive, and it is also not cheap. iboss is priced right in the sweet spot for the number of features it offers."
"We have not priced the solution recently, but they were competitive with other vendors in the past."
"Prisma Access by Palo Alto Networks has flexible licensing models with different categories. It comes with different features which can be removed if not needed. However, its pricing is high."
"The licensing fees are paid on a yearly basis and for what we get, the price is good."
"This is not an expensive product and everything is included with one license."
"The solution is expensive."
"The pricing is very friendly. It's not confusing to figure out your workload and how much you'd be paying for the solution."
"They price their products using credit modules."
"The pricing for this solution is on the higher end."
"In terms of pricing, considering that it is a two or three years old solution, they should apply big discounts for the next two or three years. This approach will be better for them to capture the market."
"If we need any extra features, the price will increase."
"Because it's a cloud solution, we pay on a yearly basis. It is affordable and includes tech support and all features."
"Zscaler is an expensive solution, but it's worth the price. Their services are unmatched by competitors. Some may come with half the features that Zscaler can offer and be much cheaper. However, they do not have the global coverage that Zscaler has, and they will not provide the same low latencies and the same speeds that Zscaler can."
"The pricing is an issue. It is expensive compared to other firewalls on the market."
"There are multiple bundles: enterprise, business, and transformation. Transformation includes all the features, but recently I've seen a few more line items that are additional costs. Overall, it's expensive."
"Our monthly fee is around R3000."
"It is costlier than other solutions."
"Roughly, we might spend $70,000 a month on the solution. We don't pay for anything beyond the standard licensing fee."
report
Use our free recommendation engine to learn which Secure Web Gateways (SWG) solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Financial Services Firm
12%
Manufacturing Company
9%
Government
6%
Computer Software Company
14%
Manufacturing Company
13%
Financial Services Firm
13%
Government
6%
Educational Organization
24%
Computer Software Company
13%
Financial Services Firm
9%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about iboss?
Content filtering is the most useful feature of iboss.
What needs improvement with iboss?
I have the same complaint about them that I have about other software companies. Sometimes when you call in support, ...
What is your primary use case for iboss?
We are a PreK-12 public school district, and we use iboss to filter internet content for our students at home and sta...
What is the better solution - Prisma Access or Zscaler Private Access?
We looked into Prisma Access before choosing Zscaler Private Access (ZPA). Palo Alto’s Prisma Access is a secure ac...
What do you like most about Prisma Access by Palo Alto Networks?
The most valuable features of the solution are in the areas of the secure remote access it provides while also being ...
What is your experience regarding pricing and costs for Prisma Access by Palo Alto Networks?
The pricing is on the higher side, rating it around eight to nine out of ten. While it is justified for its value, th...
Which is the better security solution - Cisco Umbrella or Zscaler?
Cisco Umbrella and Zscaler Internet Access are two broad-spectrum Internet security solutions that I have tried. Zs...
Which is better, Zscaler internet access or Netsckope CASB?
We researched Netskope but ultimately chose Zscaler. Netskope is a cloud access security broker that helps identify ...
 

Also Known As

iBoss Cloud Platform
Palo Alto Networks Prisma Access, Prisma Access, GlobalProtect, Palo Alto GlobalProtect Mobile Security Manager, Prisma SaaS by Palo Alto Networks, Prisma Access
ZIA
 

Overview

 

Sample Customers

More than 4,000 global enterprises trust the iboss Cloud Platform to support their modern workforces, including a large number of Fortune 50 companies.
Concord Hospital, State of Colorado, Essilor International, RheinLand Versicherungsgruppe, University of Westminster, Universidade Nove de Julho, SPAR Austria, CAME Group, ZipRealty, Greenhill & Co., IKT Agder, Aviva Stadium, Animal Logic, Management & Training Corporation, Brigham Young University Hawaii, School District of Chilliwack
Ulster-Greene ARC, BanRegio, HDFC, Ralcorp Holdings Inc., British American Tobacco, Med America Billing Services Inc., Lanco Group, Aquafil, Telefonica, Swisscom, Brigade Group
Find out what your peers are saying about Prisma Access by Palo Alto Networks vs. Zscaler Internet Access and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.