Cortex XDR by Palo Alto Networks Reviews

Our primary use case is anti-malware and anti-exploit.

Traditional anti-virus is signature-based, whereas Traps is behavior-based. Therefore, it doesn't necessarily whitelist things, it looks for anything with bad behavior. Thus, we've had a significant increase in blocking with a decrease in false positives, because it's looking at how the files work, not just a list of files that it's been told to look for.

The anti-exploit is impenetrable. We chose Traps because it is the only product that we were not able to get anything past.

Going from version 4 to version 5, they had a major change in their user interface. Version 5 is now all cloud managed, while it has a very intuitive, useful interface, it doesn't have all the features that were in the version 4 interface. For example, we lost being able to automatically trigger upgrades, like creating manual groups to upgrade with. It doesn't currently have the ability to use the Active Directory to create groups. 

It's fairly stable. They do have bugs which come up every once in a while, but they're usually good about getting them taken care of within a release.

It is definitely scalable.

Primarily, it is just being used by myself. The help desk also uses it. There are probably a total of around ten users.

We've deployed it to about 1500 endpoints so far. There is a possibility that we may expand our usage, but not in the foreseeable future. We are at pretty much at 100 percent deployment at this point.

I would describe Palo Alto's technical support as audio waterboarding. They have the worst support, as a company, that I have ever worked with, as they are difficult to get a hold of and keep on the phone. They don't know what they are talking about when you get them on the phone. They don't like to respond to messages when you send them to them. They like to "research problems" for weeks on end, then pass you off to somebody else.

We were previously using Sophos for antivirus, and are still using Sophos for antivirus, but we're using Traps to augment it.

The initial setup was pretty straightforward on version 4, but on version 5, it is almost idiot-proof.

The initial deployment of getting the servers and everything up took about a week, but getting everything deployed was somewhere closer to six weeks.

We implemented it in-house. We incrementally did some systems to make sure that it wouldn't block anything that it shouldn't. After that, we used Active Directory to push it to everything else.

Very little staff is required for deployment and maintenance, as Traps is self-maintaining.

I feel that we have seen ROI. There have been a number of blocked, bad files that could have gotten through, but were stopped by Traps.

The pricing seems fair, and I do like the licensing model. You use wherever they are, and it is elastic. So, if you have 1100 computers today, you can license that. Therefore, as long as you're below your licensing cap, you're fine.

We looked at Palo Alto vs Sophos, which has a anti-malware system called Intercept X, but it did quite literally nothing. We thought about Symantec, but we didn't end up testing them against Traps.

The implementation is fairly straightforward and easy. With version 5, everything is now on the cloud. It is easy to work with and use. I would use mobile device management (MDM) or Active Directory (AD) to push the file everywhere when installing it, as it will auto go from there. The management is pretty low. Thus, it will be set it, and for the most part, you can forget it.

The level of security I get for my endpoints and servers is extremely valuable.

No signature updates of the AV needed, so no old signatures. No patching, very little operational effort needed.

Performance at the endpoint is much better than with the old AV.

No signature updates needed.

Stops the attack before it is executed.

Two years.

No.

No.

No.

Perfect.

Real experts.

Yes. We switched because the footprint was heavy, the protection rate decreases and the operational costs (incidence response) were high.

Yes, it took one hour to install the back end and the rollout was done by software deployment. Project lasted four weeks .

In-house.

Ask your local dealer.

Yes.

If you are already a Palo Alto Networks Firewall customer you can have perfect Integration between your clients/servers and your firewalls. Automated response without supporting and APIs.

The tool's use cases are relevant to security. 

The tool needs to be improved in terms of integration and interface. 

I have been working with the solution for five years. 

The solution is stable. 

I would rate the product's scalability a nine out of ten. 

The product's technical support is good. 

Positive

The tool's setup is easy. The solution's deployment took five days to complete. 

The solution is expensive. It's pricing is on a yearly-basis. 

I would rate the tool a seven out of ten. 

I'm testing the product right now. I use the solution for endpoint security.

Everything is fine. 

It'll not slow down your system when compared to others.

The initial setup is easy.

I'd like the solution to provide URL filtering and web-based prevention. We'd like to block web pages at a high level.

We would also like to have advanced tech protection and email scanning.

I've been using the solution for a year.

The product is very stable and the performance is good. It doesn't slow down the systems it runs on. There are no bugs or glitches. It doesn't crash or freeze. 

The solution can scale well.

More than 100 people are using the solution right now. 

We've never needed the assistance of technical support just yet.

I've also used McAfee MVISION Endpoint. 

I'm testing them both and finding the advantages and disadvantages between them.

The solution is very easy to set up.

You do have to pay for a license in order to use a solution. It's expensive.

We're a reseller.

We are using the latest, most up-to-date version, of the product.

I would recommend using it with another protection layer. Cortex should provide an additional layer of security apart from this. You might have to integrate with other vendors also.

If you are looking to deploy a security solution as a whole, this is a good option.

I'd rate the solution seven out of ten. If we had more advanced security features, I'd rate it higher.

We have deployed Cortex XDR for a couple of clients in manufacturing.

Cortex XDR lets us manage several clients from the same console, and its endpoint defense is more advanced than traditional antivirus.

The dashboard could be more user-friendly.

I've been using Cortex XDR for two years.

Cortex XDR is stable enough.

Cortex's scalability is good. We have about 200 users on it at the moment. 

Palo Alto support is great. 

Cortex XDR is trickier to configure than other Palo Alto products. This is one area where we are not so satisfied. We need two people to deploy and maintain the solution. 

Our clients pay for the license every year. It's just a standard fee with no additional costs. 

I rate Cortex XDR eight out of 10. 

We are using it for a banking client.

Its interface and pricing are most valuable. It is better than other vendors in terms of security.

It is not very strong in terms of endpoint management. It should have additional features like DLP, encryption, or advanced device control. Currently, Cortex is good in terms of the security of the endpoints, but it is not as good as other vendors in terms of the management of the endpoint.

I have been using this solution for two years.

It is very stable. I wouldn't recommend the latest version. Being a new version, it would have bugs, which is similar to the new versions of other products.

In Peru, we have approximately 20,000 users. The banking client doesn't have any plans to expand the usage. We might increase its usage by 200 to 500 with new clients.

Technical support of Palo Alto is the best.

It is very easy to deploy. The deployment is quick. The deployment of the management console takes just two hours, but the deployment of the agent takes approximately a month.

We have five to eight engineers for deployment and maintenance.

I would rate Cortex XDR a nine out of 10.

We deploy this solution in Universities and banks because it's private. Our company is a private company.

They did what they said. This solution could apply to any scenario.

The configuration could be simplified.

I would like to see better protection, specifically to protect email applications.

This solution is stable.

It's easy to deploy

You need the experience to configure the equipment, but the configuration is easy to deploy.

The price could be improved. Our customers have expressed that the price is high. When compared with other services, it's more expensive, but it's not too high.

I would rate this solution a ten out of ten.

We use the product to monitor and control all the systems. It helps us understand user behavior.

The product gives full visibility and control of the endpoints in the environment. The users and the employees can protect their systems by investigating files for incidents.

The platform's most valuable feature is being a cloud-based solution. We can visualize and control the activities in the environment from anywhere.

The product's pricing needs improvement. They could provide more discounts. Additionally, the dashboard and control panel could be enhanced.

We have been using Cortex XDR by Palo Alto Networks for two months.

The platform is stable. As far as you have the internet, the product is secure.

The platform is scalable.

They have a good technical support team.

Positive

The initial setup is straightforward. It is easy to maintain as well.

I implemented the product myself.

I recommend Cortex XDR by Palo Alto Networks and rate it an eight out of ten. It is a good solution for the commercial sector as they can work on the cloud. I advise others to refer to user guides for understanding the processes easily.