Try our new research platform with insights from 80,000+ expert users
Professional Services Consultant at Infinity Labs India
Real User
Provides consolidated security for branch offices and mobile users and helps to isolate an issue at a specific level for troubleshooting
Pros and Cons
  • "We have an application called ADEM that helps us troubleshoot network-related issues. It helps us to isolate an issue whether it is on the ISP level, endpoint level, or system access level."
  • "The BGP filtering options on Prisma Access should be improved."

How has it helped my organization?

Prisma Access protects all app traffic so that users can gain access to all apps. This is very important when you have multiple applications in your environment. You do not want any network traffic to get compromised. It inspects all the incoming traffic so that the user can access that traffic in a secure way.

It secures both non-web and web-based apps, which is very important. You have applications in your environment. So, you want them to be accessed in a secure manner. It also provides security on the internet when you are trying to access something, such as PaaS apps. It provides security to that as well with the security management policy. It has an inbuilt security management policy. You just need to enable that, and that's it. This security of the non-web and web-based apps reduces the data breach. It is good for our operations that our non-web apps as well as web-based apps are secured.

We have two ways to manage Prisma Access. One is Panorama, and the other one is the Cloud Managed application. The graphical UI is very easy to use. It has a user-friendly graphical user interface, and we have a graphical statistics page as well, which gives you an insight into what's happening. It is very user-friendly.

It makes it very easy that in a single interface, you get all the features, such as routing, security, decryption, and other application functionalities. So, in a single graphical interface, you get everything, and it's easy to manage.

It provides traffic analysis, threat prevention, URL filtering, and segmentation. These elements are very important because you do not want to allow all the URL categories in your environment. You can simply block the categories that you don't want your users to access in your network. That's where these features come in handy. We can simply block these URL categories, and we have that functionality in Prisma Access.

It provides millions of security updates per day. Technology is changing every day, and Palo Alto is providing regular updates so that we can keep ourselves up to the market level. Constant enhancements are provided with the help of the Prisma Access plugin version. New plugins and features are coming every month.

Autonomous Digital Experience Management (ADEM) features are very good. It's a very helpful application. It helps us to troubleshoot network-related issues. It makes the job easy. We get to know whether an issue is at the endpoint level, ISP level, or system Access level. It helps us to determine the issue so that we can isolate and focus on a specific area. It makes our job easy.

ADEM is very impressive, and the users are enjoying this application. If they're not that tech savvy, it helps to isolate the issue at a particular level, making the job easy.

It enables us to deliver better applications. It is helpful because I can connect all my branch offices. If I have one office in the US, one in Asia, and one in Europe, I can connect all my offices to Prisma Access. I can also connect my data center and my mobile users spread across the globe. In Prisma Access, we have more than 100 locations provided by Palo Alto. So, it is very easy.

We have different security profiles inside Prisma Access. We have file blocking. We have anti-spyware. We have antivirus, and we have vulnerability protection. We also have DoS protection. All of these features are provided by Palo Alto Prisma Access, and we can utilize these options to make our security even better.

What is most valuable?

GlobalProtect is one of the best features of Prisma Access. It provides a remote access VPN solution.

We have an application called ADEM that helps us troubleshoot network-related issues. It helps us to isolate an issue whether it is on the ISP level, endpoint level, or system access level.

What needs improvement?

The Cloud Managed Prisma Access needs some more enhancement. Its GUI needs to be updated with respect to the inside application of Prisma Access.

The BGP filtering options on Prisma Access should be improved.

For how long have I used the solution?

It has been three years.

Buyer's Guide
Prisma Access by Palo Alto Networks
October 2024
Learn what your peers think about Prisma Access by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.

What do I think about the stability of the solution?

It is very stable. If one node goes down on Prisma Access, we always have a backup node so that the traffic is not impacted. A backup node is always available, and the traffic is not compromised.

What do I think about the scalability of the solution?

It is a scalable solution. Many clients are using the Prisma Access solution. I have personally worked with clients from across the globe, such as Germany, Australia, and Asia. They all are enterprise customers. 

People who work with or manage it are cybersecurity architects and cybersecurity leads. 

How are customer service and support?

Sometimes, there's a long wait, and it is hard to get technical support, but it's improving day by day. I would rate them a 7 out of 10.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

I didn't use any other solution. 

How was the initial setup?

It's straightforward and very easy. The deployment duration depends on the client's infrastructure. It depends on how many branch offices they are going to have. They could have only 3 offices, or they could have 100 offices. On average, if they have only 4 offices, it will take a max of four sessions. If they have 10 offices, it would take about 20 hours with two hours for each session.

We need an infrastructure subnet so that we can create an infrastructure over Prisma Access. We need to decide on the routing part, whether we are going with BGP or traffic routing. We need to have the IP address information for the IPsec tunnel. Apart from that, we need to take care of the DNS and resolve internal domains, if they have any. 

From my end, only one consultant is assigned for delivering the solution to the customer.

What's my experience with pricing, setup cost, and licensing?

I would advise choosing your options according to your company's needs. Just go for what you want and do not pay for anything extra in terms of licensing. You need to determine how much bandwidth is required in your company network, and according to that, you should pay for the license. The mobile user license is based on the number of users who are going to use the VPN solution. You need to determine how many mobile users you are going to have in your network, and you should pay according to that.

There are no other costs in addition to licensing, but if you go for the consultant services of Palo Alto networks to deliver the solution for you, then you need to pay something extra. That is not a part of licensing.

What other advice do I have?

If you have a company with branch offices, you do not need to have your own data center. You can simply connect your branch offices as well as your remote VPN users to the Prisma Palo Alto data center. You do not need to maintain your own data center. It will save your LAN cost, electricity cost, and labor cost.

Make sure that you are familiar with your company's network design and your design is compatible with Prisma Access. Make sure that the design is properly done and every use case or scenario is properly discussed. After that only go for the Prisma Access solution.

I would rate Prisma Access an 8 out of 10.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Senior Engineer at a tech services company with 11-50 employees
Real User
Top 20
Reasonably priced tool that is easy to configure with great support
Pros and Cons
  • "The most valuable feature of Prisma Cloud-native, in my opinion, is that it assists in identifying, analyzing, and remediating vulnerabilities."
  • "One area for improvement is for them to stay on top of keeping their CVEs on their platform up to date."

What is our primary use case?

As a Palo Alto provider, their Platform as a Service (PaaS) for their Prisma Cloud-Native product, is offered as a hosted or Software as a Service (SaaS) version. As a user their product should scan and manage cloud container images to identify vulnerabilities. It's a key feature for identifying CI/CD development issues for remediation. 

What is most valuable?

The most valuable feature of Prisma Cloud-Native, in my opinion, is that it assists in identifying, analyzing, and remediating vulnerabilities.

What needs improvement?

Palo Alto does a great job on managing updates to their products. It can be difficult managing all the subscription updates, especially if they are manual. There should be a process in place. 

One area of challenge is for them to stay on top of current CVEs on their platform. Anything in the lines of compliance should be current from potential attacks. They have a URL link where customers can make recommendations to map to specific compliance frameworks or standards. That's great, but instead of having the customer identify those, they should make sure they're using the most recent version. The NIST SP 800-53 Rev. 4, should be mapped to NIST SP 800-53 Rev. 5 current version. Many people are unaware of this change. Should use the most current version, unless you have an exception for legacy systems.

For how long have I used the solution?

I have been using Palo Alto Prisma Cloud for about a year now.

I'm currently supporting a Prisma Cloud-Native re-configuration project. It's their Software-as-a-Service (SaaS) version in the Cloud to scan for vulnerabilities. 

What do I think about the stability of the solution?

Prisma Palo Alto Networks is an optimal solution. They use the Amazon platform. They have some extremely talented engineers who keep the product up to date. Version updates could be a challenge as some versions are not automated. They don't always push you to update unless you're maybe using the hosted version. If you are unaware of this, you may have been using an older version for an extended period of time. There will be bugs and issues, and it will not perform optimally. It's important to use the most current version. 

How are customer service and support?

Palo Alot support is great. There are no complaints.

Which solution did I use previously and why did I switch?

I am familiar with Trend Micro, and WatchGuard solutions. I really like Trend Micro. They are excellent, in my opinion. They are great for anti-malware, as well as scanning your desktops and computers for personal or business use.

Proofpoint is another product that I really like for DLP Endpoint Security. They do an excellent job.

How was the initial setup?

I didn't do the original configuration, but I am doing some of the re-configuration. It is important to understand your organization's infrastructure, cloud containers, and all the various types of administrative access controls. It all comes down to having the knowledge and visibility to configure it with your environment. 

What's my experience with pricing, setup cost, and licensing?

The pricing is reasonable for Palo Alto. They price their products using credit modules. There are various types of modules in each section. I believe there are four different modules. If you want to ensure that you are saving on cost, you should develop a very good DevOps or DevSecOps process with the cloud engineers and development team. Meaning, when the development team is no longer creating apps or working in their CI/CD environment, they must scale down, repave and decommission or it could increase your costs significantly.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Prisma Access by Palo Alto Networks
October 2024
Learn what your peers think about Prisma Access by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
Manager Network Engineering at a computer software company with 5,001-10,000 employees
Real User
Centralized operations and management enable us to be more efficient, but configuration is difficult
Pros and Cons
  • "The solution also provides traffic analysis, threat prevention, URL filtering, and segmentation. That combination is important because it enhances the protection and makes the traffic more secure. It also keeps things more up-to-date, enabling us to deal with more of the current threats."
  • "It's not very easy to use. Sometimes it's buggy and there are problems when doing updates. The user interface is okay, but some configuration items are difficult. I would like it to be less buggy and easier to configure, to better streamline the user experience."

What is our primary use case?

We use it for remote access VPN. When our users are working remotely, from home, they can use it to connect to our IT environment.

How has it helped my organization?

An important aspect is that Prisma Access provides all its capabilities in a single cloud-delivered platform. It would be very inconvenient for us if we had to go to multiple places. It gives us centralized operations, and centralized configuration and management that enable us to be more efficient. We don't have to reference or go to multiple places or systems to maintain things and operate.

It has also improved our remote access. We deployed it to replace an older remote-access VPN that we had been using. That is where the usefulness of the product is for us. It provides security and allows our remote users to connect to our environments.

What is most valuable?

Remote access is the most valuable feature, giving remote users secure access to our IT environment. That is the specific feature that we are using it for. Prisma Access provides secure access to the environment, including apps, and some non-apps systems, such as system administration. This ability is very important, almost a mandatory requirement for some of our systems.

It not only protects web-based apps, but non-web-based apps as well. Again, that's important, because for this kind of access, the traffic has to be protected and secure. The fact that it secures not just web-based apps but non-web apps indirectly reduces the risk of a data breach. If all the traffic can be seen it should help keep things from getting into the hands of hackers, helping prevent data from being compromised and preventing access to systems as well. We don't want our systems to be compromised, as they are critical to our services and to our customers.

The solution also provides traffic analysis, threat prevention, URL filtering, and segmentation. That combination is important because it enhances the protection and makes the traffic more secure. It also keeps things more up-to-date, enabling us to deal with more of the current threats.

In addition, Prisma Access provides security updates for threat prevention. Those updates are important in general, of course, for security reasons. The more up-to-date you are, the better you are protected.

What needs improvement?

It's not very easy to use. Sometimes it's buggy and there are problems when doing updates. The user interface is okay, but some configuration items are difficult. I would like it to be less buggy and easier to configure, to better streamline the user experience.

For how long have I used the solution?

I have been using Prisma Access by Palo Alto Networks for a little more than one and half years.

What do I think about the stability of the solution?

The stability is pretty good. There are certain portions that are not very stable, but the core is pretty good.

What do I think about the scalability of the solution?

I think the scalability is pretty good too, although we are a small company so I don't know how big we can scale, but for us, it's pretty good.

We have about a dozen users on it and most of them are technical staff, such as engineers and software engineers. Outside of the IT personnel, even finance people use it because they need access to the systems and applications. We are using it for one part of our environment, but we plan to expand it from 1,000 users to about 5,000 users.

How are customer service and support?

The technical support is pretty good, as is the post-sales support. They are both very good and very attentive. Although the software is buggy, and sometimes it's hard to fix, they do provide the appropriate support levels to help us through.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We have used Cisco VPN, and I have used Juniper and Meraki. We switched because we are standardized on Palo Alto firewalls, so we wanted to use the same vendor for more interoperability.

How was the initial setup?

The initial setup of the solution was complex. The configuration is not easy to understand and requires a lot of expertise from the Palo Alto side. The terms that they use in the product require quite a bit of explanation and clarification.

We used a phased approach. The first deployment we did, as a milestone, took us at least six months. For the deployment, we needed at least two to three engineers: someone from security, someone from networking, and someone from the end-user side. All parties had to be involved.

What about the implementation team?

We used a contractor to help us.

What was our ROI?

The return on investment is that it allows our remote users to access our environment.

What's my experience with pricing, setup cost, and licensing?

The licensing model for this product is complicated and changes all the time, making it very hard for the user to comprehend the configuration.

What other advice do I have?

My advice would be to directly test it before you purchase it to see if the user experience and the complexity of the networking component are things you are able to handle.

The biggest lesson we learned from using the solution is not specific to the solution: We needed to do more proper planning in the beginning. Because the process is complicated, without good planning, it becomes more difficult during the process. The configuration involves many templates. Without planning ahead, they are created in a messy and disorganized way, and that causes further problems when we need to grow and do more setups. Now, we have to go back and correct those messy configurations, and that is something we are still doing.

Overall, the security provided by Prisma Access is very good. It provides the authentication, protection, and encryption that we are looking for for our remote users.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
DevOps Engineer at a tech services company with 10,001+ employees
Real User
Useful predefined rules, multiple integrations, descriptive alerts, and great stability
Pros and Cons
  • "It has predefined or preconfigured rules, which are getting periodically updated. They are providing continuous improvements and periodically updating all search queries that they are looking for. That is one thing that helps us to stay vigilant and focused. If we query our AWS account for any breaches or vulnerabilities with any of the cloud tests, and it alerts us based on these predefined rules. It also provides an option to configure our own rules, and based on these rules, it can query the cloud trail logs, pull the information, and trigger alerts in real-time. I haven't explored this feature much because there are multiple accounts, and we don't have enough time to explore this feature. It also provides multiple integrations. When vulnerabilities or breaches are happening, you should be aware of them immediately. It provides integration with tools such as Slack, PagerDuty so that you can get alerted as soon as the high severity stuff comes up. For example, you have a security group that has allowed public traffic on port 22. As TechOps, you should be aware of this immediately. You cannot scan each machine or look into all security groups to identify it. So, Prisma helps us and alerts us when this kind of high-priority stuff comes up. It has different statistics, analytics, and graphs for data. The description of alerts is also pretty good. They describe what are the possible causes for this and what are the solutions. From Prisma Cloud, you can directly go to the AWS account. When you click on an alert, a resource, or a resource ID, it takes you to the AWS console where you need to log in. If you are already logged in, it will take you to that instance directly, and you can fix the issue there. I have found this feature very useful."
  • "We are using the SaaS offering. We use our applications for microservices. We use Twistlock to scan containers, and it displays these results in Prisma, which is a good feature because we can see vulnerabilities with respect to these containers. We can see everything in a very detailed manner. However, when you have different environments for a single application, such as DEV, QA, PROD, and TEST, all these environments run multiple containers, which can lead to a very high number of containers. In such a scenario, it shows you the alerts for all those containers that have vulnerabilities. If you show the results of all the containers that share the same image, it is not going to add any value. Therefore, they should narrow down the alerts based on a container. It should show information for a single container. Otherwise, the person who is looking at the results gets the impression that he has to fix all these issues. This is something that they can improve."

What is our primary use case?

We are basically using it for cloud governance. We have AWS as our public cloud service, and we have multiple cloud accounts that we manage. We're using Prisma SaaS for the cloud governance of these accounts. 

How has it helped my organization?

It has been very useful so far. We are a part of a small team, and we have almost 20 accounts. Therefore, it is difficult for us to log in to each account and look at cloud trail and other things. It is not possible to log in manually and check each of the vulnerabilities. Prisma has helped us a lot. It shows the alerts in real-time, and we are pretty happy with the service it offers. We now know how to categorize alerts, which ones need immediate attention, and on which ones can we act a bit later.

What is most valuable?

It has predefined or preconfigured rules, which are getting periodically updated. They are providing continuous improvements and periodically updating all search queries that they are looking for. That is one thing that helps us to stay vigilant and focused. If we query our AWS account for any breaches or vulnerabilities with any of the cloud tests, and it alerts us based on these predefined rules. It also provides an option to configure our own rules, and based on these rules, it can query the cloud trail logs, pull the information, and trigger alerts in real-time. I haven't explored this feature much because there are multiple accounts, and we don't have enough time to explore this feature. 

It also provides multiple integrations. When vulnerabilities or breaches are happening, you should be aware of them immediately. It provides integration with tools such as Slack, PagerDuty so that you can get alerted as soon as the high severity stuff comes up. For example, you have a security group that has allowed public traffic on port 22. As TechOps, you should be aware of this immediately. You cannot scan each machine or look into all security groups to identify it. So, Prisma helps us and alerts us when this kind of high-priority stuff comes up. 

It has different statistics, analytics, and graphs for data. The description of alerts is also pretty good. They describe what are the possible causes for this and what are the solutions. From Prisma Cloud, you can directly go to the AWS account. When you click on an alert, a resource, or a resource ID, it takes you to the AWS console where you need to log in. If you are already logged in, it will take you to that instance directly, and you can fix the issue there. I have found this feature very useful.

What needs improvement?

We are using the SaaS offering. We use our applications for microservices. We use Twistlock to scan containers, and it displays these results in Prisma, which is a good feature because we can see vulnerabilities with respect to these containers. We can see everything in a very detailed manner. However, when you have different environments for a single application, such as DEV, QA, PROD, and TEST, all these environments run multiple containers, which can lead to a very high number of containers. In such a scenario, it shows you the alerts for all those containers that have vulnerabilities. If you show the results of all the containers that share the same image, it is not going to add any value. Therefore, they should narrow down the alerts based on a container. It should show information for a single container. Otherwise, the person who is looking at the results gets the impression that he has to fix all these issues. This is something that they can improve.

For how long have I used the solution?

I have been using this solution for two years.

What do I think about the stability of the solution?

Its stability has been great. 

Which solution did I use previously and why did I switch?

I have used different tools previously. I have used Evident. Prisma is much better than Evident in terms of the information it provides for alerts. In Evident, they provide a little bit of information about the triggered alert, whereas Prisma provides in-depth details.

How was the initial setup?

It is pretty straightforward. It is a two-step procedure. You need to create the roles and mention the role in the Prisma config. You have to create a role in the corresponding AWS account or Azure account and give that role information while configuring Prisma. So, you need to provide the account ID number, the role that you have created, and a short description of the account that you're using. You also need to enable a couple of other things, such as VPC flow logs and cloud trail for Prisma. If these are not configured, Prisma will still get configured, but it will alert you that you have not configured the flow logs, cloud trail, and all other events. After that, Prisma will immediately start scanning the account. 

It also has a provision for grouping your accounts into a particular group. If you have a project that has multiple accounts, you can group them together as a central group. If all those accounts are managed by a single team, you can enable alert notifications for that single team instead of each account. Everything is pretty good in terms of management activities.

Deployment hardly takes five to ten minutes. It is a SaaS offering. It is a managed service by Palo Alto. You don't have to configure anything at your site for Prisma. You don't have to create any sort of instances or deploy it. You just need to onboard the accounts.

What about the implementation team?

It doesn't require any maintenance. It is managed by our corporate IT team. They have onboarded all the AWS accounts with respect to my organization. These AWS accounts belong to multiple groups of people. 

My department has around 30 people who use this solution as DevOps, and we have the access to the portal. We have enabled read-only access for certain groups so that they can go and look into the alerts and do the necessary things. We have created multiple read-only groups, and we have assigned a set of users to each read-only group.

What was our ROI?

It has definitely provided an ROI.

Which other solutions did I evaluate?

We looked into multiple options, and we chose Prisma considering the price and the features it offered.

We started off with AWS three years ago. As the number of accounts grew, we felt the need to use some sort of cloud governance tool because it is not possible for us to log in to each account and look for issues that may impact the organization. That's why we started to use Prisma. We are using multiple solutions from Palo Alto. We use Twistlock for container scanning and things like that.

What other advice do I have?

I have positive feedback about this product. We are happy with this product and the features it offers for the price. 

I would rate Prisma SaaS an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Information Technology Consultant at Trillennium (Pvt) Ltd
Reseller
Good performance and technical support
Pros and Cons
  • "The performance is good."
  • "The price can be reduced to make it more competitive."

What is our primary use case?

We are a solution provider and we work with our customers to provide them with cloud-based solutions. One of the categories we provide is in the security-related space, and Prisma SaaS is one that we are promoting.

One of the primary use cases is to create a more secure tunnel between home and office, allowing people to more securely work remotely from home.

What is most valuable?

We use the central monitoring tool from Palo Alto, which gives us good visibility on our network.

The performance is good.

What needs improvement?

The price can be reduced to make it more competitive.

For how long have I used the solution?

We have been working with Prisma SaaS for the last six months.

What do I think about the stability of the solution?

Stability-wise, we have not had any problems.

What do I think about the scalability of the solution?

We have had no issues with scalability.

Which solution did I use previously and why did I switch?

We work with a variety of security vendors including Check Point and Fortinet. For cloud-based solutions, we work with Barracuda.

The suitability of a particular product or vendor will depend on the client's requirements, situation, and budget.

What's my experience with pricing, setup cost, and licensing?

Compared to other products, the price is slightly high. In fact, sometimes there is a large pricing gap.

What other advice do I have?

This is the best product that I have looked at, out of all of the competitors. We are still testing it, but from what I have seen, it is really good compared to the others.

I would rate this solution a ten out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
PeerSpot user
PeerSpot user
Architect - Cloud Serviced at a comms service provider with 10,001+ employees
Real User
Top 20
Protects cloud data at rest and sends valuable notifications in a timely manner
Pros and Cons
  • "This solution provides a DLP on the cloud and very few people have a scanning device for data at rest."
  • "I would like to see support for custom applications."

What is our primary use case?

This is a CASB product that we use to protect data that is in the cloud. We work with our client to protect them from unknown threats, as well as known threats such as the inadvertent sharing of files. An example of this is the uploading of a file by an admin that contains sensitive data that was not intended to be shared with anyone who is external to the organization, such as a Gmail address. This solution offers protection from these kinds of problems.

How has it helped my organization?

From my client's perspective, I can say that they had no control over their cloud data that they needed to protect. They had solutions that can handle their on-premise DLP, such as determining whether a particular service is malware-free. When it was on the cloud, such as Google Cloud, Google Drive, ServiceNow, or others, they were not sure how to protect it. With this solution, they are able to protect themselves, and also with data at rest. It has helped to protect against the propagation of malware from the cloud to the premises.

What is most valuable?

There are two features that I find very good. This solution provides a DLP on the cloud and very few people have a scanning device for data at rest. The second feature that I really like about this solution is the notifications that it provides. It provides me with timely notifications so that I can consider things such as whether actions are trusted or untrusted and I can quarantine the data on the fly.

What needs improvement?

There are a lot of cloud-based applications that are supported, such as Box, Skype, Google Drive, and SharePoint, but there are many more than have not been totally integrated. They cannot use in-house apps because they are not generic services. I would like to see support for custom applications. 

There are also certain storage services that are not integrated, like AWS S3. If the services are created by the customer then it would be very nice to have those protected too.

Right now, this is a data at rest CASB, but it would be nice if it included features such as forward proxy or reverse proxy. It would be able to provide the OTP to those gateways and anyone who can integrate with Aperture can send the data to have it authenticated, via Aperture to the cloud, rather than just scanned. Essentially, if it can be made to act as an auth server, to automatically handle the forward proxy CASB, it would be good.

For how long have I used the solution?

Six months.

What do I think about the stability of the solution?

It seems to be a pretty stable product. It has been six months and we haven't seen many problems yet.

What do I think about the scalability of the solution?

Given that it is in the cloud, I don't think that there is an issue with the scalability. You can just add agents or perform more integration very easily and it will work. Unless the price model changes because it is already a bit pricey from the perspective of the end-user, it is not a problem.

The scalability is based on devices rather than users, but I can say that there are perhaps six cloud accounts with around ten or fifteen apps that they are trying to protect.

How are customer service and technical support?

The technical support is very friendly. They are aware of the solution and they can definitely help you if you are stuck with a problem.

Which solution did I use previously and why did I switch?

Our customer was not aware of how to protect their cloud data, and this is the first solution that they chose.

How was the initial setup?

The initial setup is simple. You just need to log into the Aperture cloud with your user ID and password, apply the license and you are done. After this, you just need to know how to integrate, but they already have documentation that can help you out.

The time required for deployment depends on how complex you are making the environment. If it's a very simple one, such as a Box or a Google Drive, then it will take around a day or two, maximum a week.

I would say that a complex environment may take between three and four weeks. It depends on the use case. If you want to do a POC setup on VPC or Google Drive then it may take less time. On the other hand, if you are integrating more services then it will take longer because you have to learn the product from scratch. There are no similar services.

Once this solution is configured, there is very little that you have to do unless the customer requests something new. If you integrate it with WildFire and AutoFocus, it will automatically get the latest volume or latest signatures, and it will notify you whenever that happens. If somebody is properly trained then one person can handle the maintenance.

What about the implementation team?

We deployed this solution for our customer. We also used agents, provided with Aperture, on the local devices so that they could be easily connected to the cloud.

What's my experience with pricing, setup cost, and licensing?

The pricing for this solution is on the higher end. Our customer felt that the solution was a bit overpriced but they had nothing that offered them better protection.

The licensing fees are on a yearly basis, and there are no additional costs.

Which other solutions did I evaluate?

There are now more vendors doing this, such as Oracle, but when we started there were very few. This is one of the reasons for choosing this solution.

What other advice do I have?

This is a fairly good product if you are looking for something to protect data at rest. There are alternatives, like Oracle and McAfee, that also provide similar solutions, but you should do a POC with them first. In fact, you should always start with a POC because everyone has different needs. 

If you take the training that is available then you will be able to handle the maintenance yourself. There can be challenges when there are compliance issues, like somebody putting a file into quarantine. It will have to be taken out manually, and if the user is untrained then they will require technical help for this.

I would rate this solution eight and a half out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Solution Architect // Network Consultant at a consultancy with 501-1,000 employees
Consultant
Top 20
Provides robust cloud security along with a host of valuable features
Pros and Cons
  • "Palo Alto Firewall is one of the best firewalls in the world."
  • "Though the monitoring is fine, the solution should improve its application graphs and interface monitoring."

What is our primary use case?

My clients used Prisma Access essentially for security in the cloud. We integrated their SD-WAN into Prisma Access.

What is most valuable?

Palo Alto Firewall is one of the best firewalls in the world. It's very clear about the policies and all the security features they have. Also, the user integration works very well in Palo Alto. The WiFi, anti-threat, web filtering features and IT/OT separation are also good.

What needs improvement?

Though the monitoring is fine, the solution should improve its application graphs and interface monitoring. Additionally, the pricing could be improved.

For how long have I used the solution?

I worked as a consultant on Prisma Access for one year for one integration project.

What do I think about the stability of the solution?

The product is very stable.

What do I think about the scalability of the solution?

The product is scalable. Our clients are medium-sized businesses. There are 1,500 users worldwide.

How are customer service and support?

The support is good. I rate the support an eight or nine out of ten.

How would you rate customer service and support?

Positive

How was the initial setup?

The solution is not easy to implement. The first setup is a bit more difficult, but it gets better. The solution is easy to maintain.

What about the implementation team?

A global partner did the setup.

What's my experience with pricing, setup cost, and licensing?

I'm still comparing, but the solution is quite expensive.

What other advice do I have?

I recommend people try the product out because it's really good. I rate Prisma Access an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Consultant
PeerSpot user
Senior Security Architecture Specialist at a computer software company with 201-500 employees
Reseller
Stable and easy to scale, but it needs better integration with MDM
Pros and Cons
  • "The most valuable feature is the ability to join your network and provide access through the VPN."
  • "Better integration with the MDM solution would be useful."

What is our primary use case?

We are a system integrator and Prisma Access is one of the security products that we implement for our clients. We handle all products, from high-level to low-level, and we propose an end-to-end solution for each customer. I am a pre-sales architect and engineer.

Prisma Access is the name of the GlobalProtect Cloud Service.

Normally, it is sold to users who want to use a VPN agent.

What is most valuable?

The most valuable feature is the ability to join your network and provide access through the VPN.

What needs improvement?

It is integrated with the MDM solution but it is not a VPN, so this is something that can be improved. Better integration with the MDM solution would be useful.

What do I think about the stability of the solution?

We don't hear from customers for a long time when they have this solution, so I think that it is stable.

What do I think about the scalability of the solution?

Scaling is easy because it is just a license that you extend.

Our clients for this solution are typically small to medium-sized companies.

Which solution did I use previously and why did I switch?

We work with similar solutions from a number of vendors including Fortinet, F5, Trend Micro, and others.

What about the implementation team?

We have an in-house team that is responsible for implementing products for our clients.

We also perform the required maintenance, as well as technical support.

What's my experience with pricing, setup cost, and licensing?

This is not an expensive product and everything is included with one license. We normally sell GlobalProtect bundled with a firewall if the customer wants an endpoint solution.

What other advice do I have?

We have to pitch it to smaller customers. When it comes to medium-sized organizations, they are almost dedicated to a VPN solution. This is a good solution and I can recommend it, although it would be improved with better MDM integration.

I would rate this solution a seven out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
Buyer's Guide
Download our free Prisma Access by Palo Alto Networks Report and get advice and tips from experienced pros sharing their opinions.
Updated: October 2024
Buyer's Guide
Download our free Prisma Access by Palo Alto Networks Report and get advice and tips from experienced pros sharing their opinions.