Prisma Access by Palo Alto Networks Reviews

One of our use cases is that it is used by our internal users, our employees, when they need to work remotely. They'll be out in the field and, wherever they have an internet connection, they run the GlobalProtect client, connect, and they can access our resources as if they're in our building. For example, we have health inspectors who go to different sites.

Of course, we're doing more teleworking like everyone right now. Also, our admins all use it because that's how we get in and do remote work. And, periodically, we have contractors or vendors who need remote access. We'll build an account in AD and either have them download the client and connect to us, or if they currently use the GlobalProtect client for some other VPN connection, we can just provide our gateway and they can use their existing client to connect to the resources that we allow them.

We also have a clientless VPN by Palo Alto. It's a website where you can enter your AD credentials, and it will publish internal web apps that you can access through a browser. We have some users, and a set of contractors, who use that to access some of our internal systems for COVID response.

It's a cloud-based VPN, but it's managed from our Panorama instance, which is on-site. There's the GlobalProtect client that gets installed, that's the VPN client on your laptop, and that automatically updates from the cloud when a new version is available.

Prisma Access is our first cloud-based VPN solution. I like that aspect because I don't have all the traffic hitting my firewall interface directly. Users go to the cloud, wherever they are, and connect to some kind of cloud. It will grab their config, and our firewall doesn't see any extra traffic from that. That's awesome.

Because we are in the health sector, the clientless, web-based VPN that we're using has allowed us to partner with some external companies to do contact tracing for COVID. That means that if someone is positive for COVID, those companies track back to the people they have been in contact with and try to find the source. The fact that the only way a couple of hundred of our employees can access our records at any time is through the web-based VPN has really improved our ability to respond to the pandemic.

I like it because it's very easy to use. You install the client and you have to know your gateway, but that's something we give to our users. Beyond that, it takes about three seconds to train them on how to use it. And it just works well. That's great for us because it means less administrative time.

It's also nice that Prisma Access provides all its capabilities in a single, cloud-delivered platform. 

The thick client secures non-web apps in addition to web-based apps. If you have the client installed on your laptop, it's a completely secure VPN connection and anything you run will be secured by it. The clientless VPN, the web-based one, only allows you to redirect to URLs; it's only web. Being able to access non-web apps is important to us because it's how we get our remote work done. Not everything is web-based. We have to run applications and access Windows shares and the like. 

This ability helps decrease the risk of data breach. Information security is more and more a huge concern for everyone. Knowing that everything's going across an encrypted tunnel, and that we can manage what is accessed by which user, are huge benefits.

Another important aspect is that Prisma Access provides millions of security updates per day, because security has really become our number-one focus lately. That feature is very good.

I've been using Prisma Access by Palo Alto Networks for about two years, maybe a little longer.

It has been very stable. We've had a couple of small outages, but overall it's very trustworthy and stable.

It's cloud-based, so it's infinitely scalable. For us, it has worked fine. We went from a few users at first and we built up to hundreds.

It's our clientless VPN that really builds up our user count. It is consistently between 300 and 400 users. It rises and falls depending on what kind of campaign we're doing. If a new COVID variant is discovered and we have to ramp things up because of CDC guidance, the user count will bump up.

The one thing that I've been a little bit disappointed with is when we have had to open cases with Palo Alto about Prisma Access issues. Versus their other platforms, like their firewalls, where we tend to get really quick responses and very definitive answers, the few tickets I've had to open for Prisma Access have taken them longer to respond to. And they haven't necessarily given me the kind of answer I was looking for, meaning a fix to the problem. Maybe this technology is not as cut and dry as some of their other technologies. But I think they could improve their support offering for Prisma a little bit and put more expertise in place.

Overall, I'm very happy with Palo Alto's support. I'm not saying that their Prisma support is awful. It just hasn't been quite up to par with other support I've seen from them, which has been pretty phenomenal.

Positive

For VPN, we used Cisco AnyConnect. The switch to Prisma Cloud was part of a platform switch from Cisco ASA to Palo Alto firewalls.

We also have other solutions, such as a virtual desktop solution that is available externally. Some of our users use that and others use the VPN.

The setup was medium complex. Because of the way we're doing it through our Panorama, it's a little more complex than it would be on the cloud-only solution. There is definitely some  complexity to it.

I wasn't involved in the initial deployment of it, but our organization worked with a vendor called CompuNet, a company with Palo Alto expertise. I would guess it took one to two days to get through everything and test it. 

The evaluation happened before my time here, but we had people who had worked with Palo Alto previously. They knew its reputation and were happy with it. I think the switch happened directly.

It functions like a lot of other VPN solutions. It's not special in that sense. It just works.

I have spoken with another agency that was looking at Prisma Access. The one thing they weren't aware of was the clientless, web-based VPN that is part of the product. They were pretty excited when I explained to them how we use it. So make sure you review the full feature set that Prisma Access offers. It may be broader than you expected.

We are using it as a hybrid solution where we manage it through our onsite firewall. There is a Prisma Access full-cloud solution where you do all the management there. If we were to start over again today, I would probably go full-cloud. That would ease the management a little bit. People who are using the cloud-only solution probably have fewer hoops to jump through to get certain things accomplished. But we've been fine.

The biggest issue I've run into is that most of the documentation for Prisma Access is based on the full-cloud model, as opposed to our hybrid implementation. It's a little trickier to find out how to implement some of those changes through Panorama. There are also some connectors you have to set up to make sure that your Panorama is talking to the cloud the way it should. Those wouldn't be necessary in the cloud version, and that means it's probably a little easier to sync your AD, set up your users in the cloud, and you're done. Everything is already on the cloud.

Overall, I'm very happy with the security provided by Prisma Access. Palo Alto is a security company and is always working on ways to make things more secure. I feel very confident that our data is safe using the solution, which is the whole point.

I use the solution in my company for our remote workers and branch access.

The product's price is an area of concern where improvements are required. The solution's price should be lowered.

Our company faces some issues during the product's configuration phase. The product's configuration part is slow and not very effective. In my company, we have to change the configuration multiple times to make it effective. The configuration part of the product can be improved.

The product's support team needs to improve the quality of services offered.

I have been using Prisma Access by Palo Alto Networks for a year.

Stability-wise, I rate the solution a seven out of ten.

Scalability-wise, I rate the solution a ten out of ten.

The product is suitable for medium to large-sized companies.

I have experience with the solution's technical support. I rate the technical support an eight out of ten.

Positive

I have experience with Fortinet FortiEDR.

The product's initial setup phase is simple.

The solution is deployed on the cloud.

The solution can be deployed in a couple of hours.

Zscaler is a good product. In terms of features, Prisma Access by Palo Alto Networks and Zscaler are at the same level. Prisma Access by Palo Alto Networks may have an advantage over Zscaler in terms of security. Palo Alto Networks comes from security vendors, and Zscaler is available from cloud vendors. When it comes to simplicity and connectivity, Zscaler is better than Prisma Access by Palo Alto Networks.

The product is secure for remote workers since it has many cloud-based facilities that can offer protection.

The product can provide improved access to those clients who do not directly go to SaaS applications but prefer to use such applications via Prisma Access since it provides security policies to help secure the network traffic.

For security needs, the product's security profile is good.

I have experience with the product's GlobalProtect VPN feature, and I feel that it works fine. The feature also allows the customer or client to go through a tunnel to Prisma Access.

The integration of Prisma Access with Palo Alto Networks can provide a better security posture. The integration of Prisma Access with Palo Alto Cortex XDR is the best, especially when our company sends the logs from Prisma Access to Cortex Data Lake. My company gets a full view of the attack part, consolidation, and timeline of the attacks in Palo Alto Cortex XDR.

I recommend the product to those who plan to use it.

I rate the tool an eight out of ten.

It can be used for remote access to web applications and to grant secure access to users.

I've mainly used their solutions for VPN connections from mobile devices. 

It's quite reliable and performs well for users.

It wasn't so satisfying to work with it. There is room for improvement in the policy management. It is difficult to cover the entire scenery through Palo Alto products. 

In future releases, more focus on integrations would be beneficial, along with improvements in policy management.

I am familiar with this product. 

It seemed quite a stable product. 

We have a couple of customers using this solution. 

The initial setup was relatively easy, but there were complexities due to the policies we had to generate. 

I was more of a user than an administrator. However, the deployment process seemed quick.

Primarily setting up the software. The team involved in the setup handled the rest.

One person is enough for the deployment. 

From the management side, I'm sure there are several people involved. From an end-user perspective, it's very simple. It likely doesn't need more than one person to manage it.

Overall, I would rate the solution a seven out of ten.

Our use case started with the pandemic. Before the pandemic, our users worked in our office, but when the pandemic started our users were at home. They wanted to have the same kind of access that they had on-premises. We deployed a network and mobile services for them so that they could have the same experience sitting at home and access all the infra in the office. We use mobile access to connect to Prisma Access, and from Prisma Access we built a site-to-site VPN to connect to the office network so that they would have the same kind of access.

It is very helpful because it is protecting the applications that are behind it. It has so many components that we can use to secure our applications.

Prisma Access has all the features from Palo Alto. But the visibility perspective is pretty cool. If I want to know how much data is being used for a specific project, I can look at how much data has been used, from which region, and which users have been connected. That visibility is very good so that I can see how many licenses we have and how many are used. It gives a great view of what is happening, of everyone who is connected. That is one of the things I like.

It provides traffic analysis, threat prevention, and URL filtering, although I'm not sure if it provides segmentation. These features are very important. We wanted to filter traffic according to our standards. The URL filtering helps to filter the traffic so that we only send the traffic we want to on-premises or the internet. Without this, it would be very tough.

Also, it protects all your app traffic. It's like a next-generation firewall. It does everything.

For a non-technical guy, the reporting of Prisma Access is very easy. You need to know the navigation tabs, but it only has so many of them and you can do many things in the tabs. It is pretty easy because there aren't that many pages or options.

And the updates, like URL updates, IPS, IDS, and any WildFire subscription updates are very helpful for protecting our infra.

There should be a dedicated portal or SASE-based solution. They're trying to add a plugin but it needs a dedicated portal because it is now an enterprise solution for multiple organizations. People should be able to directly log in to a dedicated page for Prisma Access, rather than going into a Panorama plugin, and always having to update the plugin. An administrator should be able to look at it from a configuration perspective and not the management and maintenance perspectives.

We started using Prisma Access by Palo Alto Networks with the pandemic in 2019, so I have been using it for over three years.

Initially, they were coming up with a new plugin every one or two months, and you would have to download it. But now, I don't see that. Their team continues to work on it, but as a customer, I see it as stable. 

They're using the resources of GCP so if GCP in a specific region has some issues, it will impact Prisma Access. They have to look at some kind of backup.

I don't see it as a scalable solution because it is running on top of VMs. They say it is scalable, but we didn't see it working that way for one or two incidents that we had. But later, they had more firewalls in the cloud and kept them on standby. Since then, I haven't seen that issue.

I have implemented the solution for 100,000-plus users, and most of them are connecting from home. It reduces the load on our on-premises firewall, handling posturing and VPN. It is a dedicated project, meaning everyone, all of our employees, uses the same solution to connect to the infra.

When I started working with their support, the product was new for them as well so they were not all that familiar with it. They need to improve the technical support staff.

Positive

We were using Cisco AnyConnect but we replaced it, in part, with Zscaler and mostly with Prisma Access.

Prisma Access works on Panorama which we have on a virtual machine on GCP. As with anything, if you don't know it, it is complicated, but once you understand it, it is very easy. If I look at it as a combination of before and after, the setup is of average difficulty. You can learn things very fast. It's not that difficult or complicated, but you should know the purpose of each part. Then it is easy.

When I did my initial deployment of Prisma Access in 2019, it took around five days. But by the time I had done two or three deployments, it was taking me 20 minutes to deploy.

The implementation strategy is totally dependent on the requirements. Some customers say they want the same feeling at home that they have in the office. Some customers say they want Prisma Access to reduce the burden on the existing on-premises firewall. The posture checks have to be done on Prisma Access and, once done, the traffic is forwarded.

Once you understand the product, two to three guys should be able to handle it for configuration, and then they can move on. But for operations, you need a team.

We evaluated Zscaler Private Access and multiple other cloud solutions.

Compared to Zscaler and other services, the advantage of Prisma Access is that it supports both data and voice. The other vendors don't support voice. With Prisma Access, we don't need to look for any other services or solutions. It supports your data and voice services as well and that is one of our most important requirements.

At the end of the day, Prisma Access is nothing but a firewall that is hosted in the cloud. It depends on your capacity, the users that are connecting, and the VM you are running in the backend. It has all the capabilities and subscriptions that we were using on-premises. I don't see any challenges in terms of security. It is secure. They haven't compromised on anything with Prisma Access. It tries to protect us as much as possible.

It's crucial for us and is helping us a lot if you look at it from a business perspective.

We can do a lot with it and use it for eight to nine use cases. It supports your data and voice and, as I noted, I haven't seen any other product support both. Prisma Access is the best product. It depends on what you're looking for. But if you have a lot of requirements, you should go with Prisma Access.

We use Prisma Access to enhance security control on endpoints in a hybrid workplace. Everyone in my company uses Prisma. It's about 500 users.

Prisma covers web-based and non-web apps, reducing data breach risks. In addition to protecting web traffic, it can replace the VPN. Instead of using a separate VPN, we can route all the traffic to our office through Prisma Access. 

The solution improved the consistency of our security controls and the BCP. There has been a 20 percent reduction in TCO. Prisma Access also enabled us to deliver better applications by centralizing security management. Because it is a SaaS solution, the system admins don't need to worry about technical implementation, updates, or anything happening on the backend. 

The most valuable features are the Secure Web Gateway and firewall as a service. Prisma Access protects all internet traffic. It isn't limited to apps. Currently, it covers more than 90 percent of our web traffic.

Autonomous digital experience management is another essential feature that provides a level of end-to-end visibility that most other solutions cannot offer. ADEM's real and synthetic traffic analysis is highly useful.

The benefit ADEM provides to the end-user is pretty indirect. It gives a system admin some evidence to show the user that the problem may not be on the user's side rather than a system issue.

Prisma Access features like traffic analysis, threat protection, URL filtering, and segmentation are critical because our use case is a hybrid workplace. Users are working worldwide, so we expect security to be consistent anywhere, not just in the office.

It updates weekly. Because it's a SaaS solution, they don't tell you what is updated on their side, but if an update is on the user side, then they update it once weekly or biweekly.

If I had to rate Prisma Access for ease of use, I'd give it two out of ten. It's easy for the users, but it's difficult for admins to configure. 

I have been using Prisma Access for less than a year.

Prisma Access is stable. 

Prisma Access is scalable. 

I rate Palo Alto support seven out of ten. They sometimes take a long time to resolve complicated issues. 

Neutral

We tried Zscaler, but we switched to Prisma because of the price, and Palo Alto was better suited to our business requirements. Palo Alto is one of the best choices for regional deployment, but Zscaler is better for a global use case.

Setting up Prisma Access is complex. You cannot deploy it without help from Palo Alto or a Palo Alto partner. They are the only ones who can do the configuration. It took us about four months to get the solution up and running. We need about two IT staff to provide user support for Prisma, but Palo Alto handles all the updates. 

The licensing model isn't flexible enough. It's an all-or-nothing model. Other providers in the market allow you to buy modules or add-ons separately. With Prisma Access, you have to purchase the same module for all users.

In addition to Zscaler, we looked at Netskope and Cato Networks.

I rate Palo Alto Prisma Access a seven out of ten. It's not suitable for organizations whose users are primarily in mainland China. Prisma Access is excellent if you use most Palo Alto products, but Prisma Access might not be the best solution if you only use one of their products. 

It's crucial to define your business requirements well from the start because a Palo Alto solution can't quickly adapt to the changes that you need. If Palo Alto satisfies your initial conditions, it may be the cheapest solution at the time. However, if you need to make a change in the middle, the price can go up drastically. 

Prisma Access GlobalProtect is our always-on VPN. We use it for URL filtering, to make sure people don't go to websites that are not permissible according to our security policy, such as gambling and pornography sites. We also implement Data Loss Prevention and decrypt the packets so that we can analyze the inside and make sure that nobody is trying to exfiltrate data. It's always on and it doesn't matter if you're in an office or at home or in a coffee shop or a hotel. 

We also use their service connections to access our internal services through them.

Since everybody is on the network all the time, it's allowing us to eliminate the step of having to connect to a VPN. That's the whole premise of an always-on VPN. Nobody has to think, "Oh, I need to get on VPN before I can connect to that server," or, "Oh, my VPN timed out because I've been on for 12 hours." The whole premise is that you're constantly on a VPN and it's constantly securing the system. That has helped from an end-user perspective. It hasn't come without its challenge, but that is one thing that is definitely a benefit.

In terms of security, it's definitely better than what we had because a user could just disconnect from the VPN before. They couldn't shut off the cloud proxy, but the cloud proxy only handled web-based traffic. If they wanted to FTP to a server, when they were connected to the VPN, it would get blocked. But they could just disconnect from VPN and then connect to FTP. Now, it goes through more security controls. So we are definitely more secure because of it. But it's just a completely different technology; it's more because of that than the product itself.

It's also somewhat of an alternative to SD-WAN. We had been looking at SD-WAN solutions and, realistically, the way the users are connecting now with Prisma Access, there's really no need for it.

It's an always-on solution and it supports both Mac and Windows. We have one configuration globally, and the only area where we had to do something differently is China.

Prisma Access protects all app traffic, so that users can gain access to all apps and that's very important because we need to be able to access everything. 

It also allows us to access non-web apps; anything internal that we need access to, we can access. Because we're using it as a VPN solution, our users are always on the internal network, regardless of where they are. They can't do anything because we lock them down so that if GlobalProtect doesn't connect, they can't get out to the internet. It's helped in that there were things that people would work around in other ways with our old model, things that they can't work around with the new model.

Also, having a single cloud-delivered platform, a global solution, was a key requirement for us.

We use the solution's threat prevention, URL filtering, and segmentation and they're all extremely important, based on what we're doing with the product. It's also very important to the business that Prisma Access provides millions of security updates per day.

We've run into some challenges, having hit a lot of bugs over the past year in the deployment of GlobalProtect. We've had our fair share of issues that I haven't been happy with. We're working with the support organization to remediate them and waiting for updated releases. The response on getting the bugs fixed has not been what I would consider adequate for a product like this. We've had some very pointed discussions with the support organization and the development teams on those issues and on doing what we can to help remediate them as well. They have been more responsive now towards our needs but it's a work in progress. 

They're going from being an organization that supported physical hardware, the Palo Alto firewall, into the realm of a SaaS-based solution. As a result, they need to change their operating model, support model, and release model to support that SaaS-based solution. That is related to support, related to operational efficiency, and deployments of code. Those are the areas where they need to improve.

I've been using Prisma Access by Palo Alto for about a year.

I don't see issues yet in terms of its scalability. We have more capacity than we need, so I think it's fine. We have firewalls in every region and in every country that Palo Alto has available. It's fairly scalable.

We previously used Cisco AnyConnect for VPN and a cloud proxy solution for web-based security. We went from two products to one. The main purpose was to find a replacement for the cloud proxy solution. VPN just wound up being a good and positive outcome, in addition to it.

The initial setup was complex. It has taken us almost a year, but we have about 7,000 users. We're just finishing up the main deployment of 5,000-plus users. We had an acquisition earlier this year and that will add another couple of thousand users. There have been a lot of hurdles with the bugs that we hit in the product. The stability of the software has been our biggest challenge.

We did the deployment ourselves. In terms of maintenance, I manage the network engineering team globally, and our team is responsible for it.

We did look at other vendors when we were deciding on our VPN software and we went with Palo Alto for security reasons. 

My advice would be to wait until they fix the bugs. We've been on a pretty stable version for the past several months and haven't had any issues. But other users who are on the same version have hit bugs on a regular basis, and it has been a nightmare to try to support. We're waiting on the final update of version 5.2.9 to get some of these issues fixed, and we're also waiting on 5.2.10 to support Windows 11 and the new version of Mac.

It's a balancing act in terms of security and nothing is perfect. We do have Palo Alto hardware as well as the Prisma Access solution, so we're reliant on Palo Alto's security for a lot of our security needs. I think the security is adequate.

I like the product in principle and I would rate it pretty high, but the bugs that we've hit pull the score down a bit. And then there are the operational support issues that we've had with Palo Alto, in general, that contribute to the score of six out of 10, as well.

We use the solution to secure and monitor our traffic to the cloud. We are able to route traffic where we need it to go and It provides us with secure direct connectivity to our cloud application console.

There are plenty of features this solution provides and the most valuable would be the complete security protection we are receiving. We are provided with similar security that the Palo Alto AWS solution has. This includes features such as a firewall and machine learning AI. The cloud server provides maximum uptime, controls, and overall strong security. 

I have received a lot of good client user experience from the solution.

There can be some latency issues with the solution that should be improved.

I have found when comparing this solution to others it is very stable.

The solution is scalable. We definitely plan to increase usage, many people are working from home and this solution makes sense being in the cloud. We encourage our organization to utilize the solution to its maximum potential.

Whenever we had to use the technical support they have been very knowledgeable about the issue we were facing.

I have used other solutions in the past and this solution has better security and conductivity in the cloud environment.

The initial setup is straightforward.

We did the implementation ourselves. The full implementation can take a while, it typically does not take more than a few days. However, the time is dependant on the environment in which the solution is being implemented. It should not take more than 20 days. 

Since this is a cloud base solution it does not require a lot of maintenance. The updates are done from the company side.

The solution requires a license and the technical support has extra costs. The licensing model could improve.

I have learned that moving operations to the cloud is a good thing. 

I rate Prisma Access by Palo Alto Networks a nine out of ten.

The use case for our clients is that they have branch office locations all over the world. Users can connect over the internet and inspection of their traffic will happen on the Prisma infrastructure. Remote users can also connect to the VPN through Prisma infrastructure, and they can connect their data center with the Prisma infrastructure as well.

It's a cloud solution from Palo Alto Networks. Customers just need to establish an IPSec tunnel from their on-prem device with Palo Alto's closest location, which they have all over the world—100-plus locations.

The benefit of using Prisma Access is that the customer doesn't need to have their own data center. They just need to purchase a Prisma Access license. The customer will save on the labor cost associated with the data center, on the electricity cost, and they will save on the land cost as well. The data center infrastructure is provided by Palo Alto Networks.

Prisma Access is a big change for our customers. Not having to have data centers, and not having to deploy a firewall at each location, makes things simpler.

The solution also enables customers to deliver better applications. It helps them save on costs. It is easy to manage with fewer resources.

It's easy to manage. Our customers do not need to worry about what is happening in the data center. With legacy networks, they have to worry about things like the firewall being down and having to go to the data center to replace it. With Prisma Access, they do not need to worry about that. Palo Alto takes care of it. If something goes down in the infrastructure, the Palo Alto team will take care of it.

Prisma Access protects all app traffic, so that users can gain access to all apps. It is important for our clients that all traffic coming through the firewall is inspected. Prisma inspects all the traffic, and if a customer wants to make an exception for certain traffic, that is also possible.

It also inspects both web-based apps and non web-based apps.

In addition, it's really easy to manage. If customers have Panorama they can use it to manage Prisma Access. There is also a cloud application which provides a single console to manage it. Changes can be made on that console and pushed to the customer's environment, which is another way they make it easy to manage. The customer can opt for Panorama or the cloud management application. The latter is free.

Prisma Access provides traffic analysis, threat prevention, URL filtering, and segmentation, as well as vulnerability protection, DLP, anti-spyware, antivirus, URL filtering, and file blocking. It provides everything. This combination is very important. When a customer wants to block certain URL categories, they can block them. If they want to exclude any entertainment websites from their environment, they can block them. What we implement depends totally on the customer's environment and what they need. We can play with it and modify things.

Another benefit is that if any vulnerability is detected, such as a Zero-day attack, Palo Alto provides an update dynamically. The patch is installed so that the network is not exploited.

The Autonomous Digital Experience Management (ADEM) offered by Palo Alto is a good reporting tool. It gives insights into how things are going within the network. It takes all the data from the users' endpoints and does an analysis, and it suggests changes as well. The ADEM analysis of various tests will give the user feedback such as, "Okay, I'm seeing latency here." We or the customer can then improve on that. If something is blocked that shouldn't be, we can make a change in the policy. It's a good tool to have. It makes the user experience better.

The Cloud Management application has room for improvement. There are a lot of things on the roadmap for that application; things are going to happen soon.

I have been using Palo Alto Networks Prisma Access for around one year, as a consultant. I have deployed the solution for clients all over the world.

The availability of Prisma Access is good. I haven't seen any major issues yet.

It is scalable. We scale the solution based on the customer's requirements, after getting their technical design and discussing how they want to deploy it.

I would rate their customer support at nine out of 10. The one point I have deducted is because it is very hard to get support sometimes. There are times when the customer has to wait a long time in the queue. But once they get an engineer, they get the proper support. The Palo Alto engineers are good. It's just that it's very hard to get the engineer on time, sometimes. I believe this is because the solution has expanded a lot. Users are purchasing it but the support is not keeping pace. They are working on that and the support is going to be increased in the future.

Positive

The deployment is simple.

The time it takes for deployment of Prisma Access depends on how big the environment is. One company may have 120 or 130 branch sites, while another company may have just six or seven. It varies on that number of sites or on the number of data centers they have. If there are only five or six branch office locations, then the deployment can be completed in five or six days.

I'm not involved on the financial side, but I believe the solution is costly.

In the same way a customer manages their on-prem firewalls that are not on Prisma Access, they can manage Prisma Access infrastructure through Panorama. That makes it easy for them. The customer is already familiar with how to manage things with Panorama, so there isn't much that is new. There are little changes but that's it. If a customer is already using Palo Alto, we recommend going with Panorama.

Overall, the security provided by Prisma Access is top-notch. It is the same firewall that Palo Alto provides for a local setup. It's the best firewall, per the industry review ratings.