Prisma Access by Palo Alto Networks Reviews

As a Palo Alto provider, their Platform as a Service (PaaS) for their Prisma Cloud-Native product, is offered as a hosted or Software as a Service (SaaS) version. As a user their product should scan and manage cloud container images to identify vulnerabilities. It's a key feature for identifying CI/CD development issues for remediation. 

The most valuable feature of Prisma Cloud-Native, in my opinion, is that it assists in identifying, analyzing, and remediating vulnerabilities.

Palo Alto does a great job on managing updates to their products. It can be difficult managing all the subscription updates, especially if they are manual. There should be a process in place. 

One area of challenge is for them to stay on top of current CVEs on their platform. Anything in the lines of compliance should be current from potential attacks. They have a URL link where customers can make recommendations to map to specific compliance frameworks or standards. That's great, but instead of having the customer identify those, they should make sure they're using the most recent version. The NIST SP 800-53 Rev. 4, should be mapped to NIST SP 800-53 Rev. 5 current version. Many people are unaware of this change. Should use the most current version, unless you have an exception for legacy systems.

I have been using Palo Alto Prisma Cloud for about a year now.

I'm currently supporting a Prisma Cloud-Native re-configuration project. It's their Software-as-a-Service (SaaS) version in the Cloud to scan for vulnerabilities. 

Prisma Palo Alto Networks is an optimal solution. They use the Amazon platform. They have some extremely talented engineers who keep the product up to date. Version updates could be a challenge as some versions are not automated. They don't always push you to update unless you're maybe using the hosted version. If you are unaware of this, you may have been using an older version for an extended period of time. There will be bugs and issues, and it will not perform optimally. It's important to use the most current version. 

Palo Alot support is great. There are no complaints.

I am familiar with Trend Micro, and WatchGuard solutions. I really like Trend Micro. They are excellent, in my opinion. They are great for anti-malware, as well as scanning your desktops and computers for personal or business use.

Proofpoint is another product that I really like for DLP Endpoint Security. They do an excellent job.

I didn't do the original configuration, but I am doing some of the re-configuration. It is important to understand your organization's infrastructure, cloud containers, and all the various types of administrative access controls. It all comes down to having the knowledge and visibility to configure it with your environment. 

The pricing is reasonable for Palo Alto. They price their products using credit modules. There are various types of modules in each section. I believe there are four different modules. If you want to ensure that you are saving on cost, you should develop a very good DevOps or DevSecOps process with the cloud engineers and development team. Meaning, when the development team is no longer creating apps or working in their CI/CD environment, they must scale down, repave and decommission or it could increase your costs significantly.

We use it for remote access VPN. When our users are working remotely, from home, they can use it to connect to our IT environment.

An important aspect is that Prisma Access provides all its capabilities in a single cloud-delivered platform. It would be very inconvenient for us if we had to go to multiple places. It gives us centralized operations, and centralized configuration and management that enable us to be more efficient. We don't have to reference or go to multiple places or systems to maintain things and operate.

It has also improved our remote access. We deployed it to replace an older remote-access VPN that we had been using. That is where the usefulness of the product is for us. It provides security and allows our remote users to connect to our environments.

Remote access is the most valuable feature, giving remote users secure access to our IT environment. That is the specific feature that we are using it for. Prisma Access provides secure access to the environment, including apps, and some non-apps systems, such as system administration. This ability is very important, almost a mandatory requirement for some of our systems.

It not only protects web-based apps, but non-web-based apps as well. Again, that's important, because for this kind of access, the traffic has to be protected and secure. The fact that it secures not just web-based apps but non-web apps indirectly reduces the risk of a data breach. If all the traffic can be seen it should help keep things from getting into the hands of hackers, helping prevent data from being compromised and preventing access to systems as well. We don't want our systems to be compromised, as they are critical to our services and to our customers.

The solution also provides traffic analysis, threat prevention, URL filtering, and segmentation. That combination is important because it enhances the protection and makes the traffic more secure. It also keeps things more up-to-date, enabling us to deal with more of the current threats.

In addition, Prisma Access provides security updates for threat prevention. Those updates are important in general, of course, for security reasons. The more up-to-date you are, the better you are protected.

It's not very easy to use. Sometimes it's buggy and there are problems when doing updates. The user interface is okay, but some configuration items are difficult. I would like it to be less buggy and easier to configure, to better streamline the user experience.

I have been using Prisma Access by Palo Alto Networks for a little more than one and half years.

The stability is pretty good. There are certain portions that are not very stable, but the core is pretty good.

I think the scalability is pretty good too, although we are a small company so I don't know how big we can scale, but for us, it's pretty good.

We have about a dozen users on it and most of them are technical staff, such as engineers and software engineers. Outside of the IT personnel, even finance people use it because they need access to the systems and applications. We are using it for one part of our environment, but we plan to expand it from 1,000 users to about 5,000 users.

The technical support is pretty good, as is the post-sales support. They are both very good and very attentive. Although the software is buggy, and sometimes it's hard to fix, they do provide the appropriate support levels to help us through.

Positive

We have used Cisco VPN, and I have used Juniper and Meraki. We switched because we are standardized on Palo Alto firewalls, so we wanted to use the same vendor for more interoperability.

The initial setup of the solution was complex. The configuration is not easy to understand and requires a lot of expertise from the Palo Alto side. The terms that they use in the product require quite a bit of explanation and clarification.

We used a phased approach. The first deployment we did, as a milestone, took us at least six months. For the deployment, we needed at least two to three engineers: someone from security, someone from networking, and someone from the end-user side. All parties had to be involved.

We used a contractor to help us.

The return on investment is that it allows our remote users to access our environment.

The licensing model for this product is complicated and changes all the time, making it very hard for the user to comprehend the configuration.

My advice would be to directly test it before you purchase it to see if the user experience and the complexity of the networking component are things you are able to handle.

The biggest lesson we learned from using the solution is not specific to the solution: We needed to do more proper planning in the beginning. Because the process is complicated, without good planning, it becomes more difficult during the process. The configuration involves many templates. Without planning ahead, they are created in a messy and disorganized way, and that causes further problems when we need to grow and do more setups. Now, we have to go back and correct those messy configurations, and that is something we are still doing.

Overall, the security provided by Prisma Access is very good. It provides the authentication, protection, and encryption that we are looking for for our remote users.

We're migrating customers from existing Cisco AnyConnect VPN to Prisma Access GlobalProtect VPN.

GlobalProtect VPN is a brand new concept compared to Cisco AnyConnect VPN. The huge difference is that if a user is working from home and needs access to Office 365, the way traffic is usually sent will potentially increase the delay. Some companies open split tunneling for users and they are able to send a request to Office 365 directly, but there is a loss of control from the network and security perspectives.

Since we started using GlobalProtect VPN, all the traffic is monitored, even for a user who needs access to Office 365. The traffic from the user's PC will connect to the closed and available VPN boxes, depending on the location. The traffic from that box will head to Office 365, meaning it will meet the performance and as well as security requirements. So that's one, the huge difference.

The other difference, in my experience with Cisco VPN, is that we normally control traffic based on source address, destination address, and destination port. But with Prisma Access, and using a lot of features from Palo Alto firewalls, we control the source, in particular, with the user ID or an Active Directory Group, instead of an IP address. The benefit for the user of using the user ID or Active Directory Group is in the following scenario. Suppose a user is usually in the United States but goes on a business trip to the UK. With a regular VPN, the user in the U.S. has a subnet. But when they travel to the UK, the IP just will be changed and there will be a totally different subnet. The access they had in the States may be lost when connecting from the UK. But using the user ID or Active Directory Group, the ID is always there no matter whether they are in the States, the UK, or anywhere else. That makes it more flexible for a user who is working remotely, traveling, or roaming.

In addition, performance-wise, a lot of applications have improved because the cloud-based VPN, based on the geographical location, provides a more optimized path and potentially reduces the latency. That provides better performance, but it depends on the applications.

Being able to use the user ID or Active Directory Group is one of the great features for control and providing more flexibility without worrying about IP addresses. 

Prisma Access has a lot of other features. Instead of VPN, its gateway is able to decrypt traffic and, potentially, inspect it. This feature is more likely to be used by companies using Websense or a proxy server. Prisma Access or Prisma VPN has merged VPN, firewall, and some of the Websense-type and proxy functions. This means that four or five components have become one now.

The solution also protects all app traffic, meaning that users can access all apps. All traffic is sent through the Prisma devices. Even a user who reaches Office 365 with a load closed location is still controlled by the VPN boxes, and from the security and network perspectives, we can still see all of the traffic, meaning everything is under control.

In addition, there is something called Pre-logon with Prisma VPN, which means before you log in to the PC with the user ID, domain, and password, the PC automatically connects to the Prisma VPN. That means you already have some basic access, like to Office 365. In case the VPN box is having issues, the user still has access to Outlook, Teams, Word documents, et cetera. The Pre-logon features make things really convenient.

Another nice feature for users is that Prisma VPN saves the user session for seven days instead of, with Cisco VPN, only one day. As a result, the user doesn't need to connect to the VPN every day. After a week, once it expires, they will need to log in with the username and password, but it still keeps the security intact.

There is also the ability to do a HIP (Host Information Profile) check. We can check things like whether a device's operating systems are properly patched, that the antivirus software meets security requirements, and that the hard drive is encrypted. The latter is important because if the laptop is lost, the data can be stolen. A HIP check enables us to make sure the endpoint maintains the security requirements. That helps make things more secure.

And as a cloud-based solution, there are a lot of redundancies. I'm in Canada and have a gateway in Canada. In case the getaway or VPN box in Canada dies, they will automatically reroute me to New York or any other location that is available. In addition, if the cloud-based solution has an issue, we still have the on-prem firewall or VPN in place in our data centers, which means everything falls back to something that is just like Cisco VPN, but it is Palo Alto. But that is only happening in DR situations. The fact that Prisma Access is cloud-based also makes it easier to connect from our environment to cloud-computing environments.

I can't think of many things that need real improvement. But one thing that comes to mind is that when we deploy firewall rules via Panorama, we find it's a little bit slow. We have a global environment and might have 100 gateways or VPNs in the cloud. When we deploy something, it tries to deploy it one-by-one, and that can be slow. For example, one time we pushed a firewall change and the changes took about 10 minutes to finish up. If they could optimize the whole process to speed up that kind of deployment, that would be especially helpful.

I have been using Prisma Access by Palo Alto Networks for close to two years, including the testing and eventually working on it in the production environment.

As of now, we have deployed it for 25 percent of our employees globally and, so far, it has been stable. We haven't seen a situation where it is working one day and totally stops working the next. 

There are still some bugs and sometimes we encounter issues and we have to open a case with Palo Alto to ask them to fix things. Because this is a new solution in the market, having been introduced two or three years ago, the overall stability is good, but they can still enhance that aspect even more.

The scalability is pretty good. Since we bought it, we have added more and more users and had no issues. And because it's cloud-based, they can add VPN boxes in the cloud and, for us, that process is transparent, which is pretty good.

All in all, tech support has satisfied us. We are a big customer, and they have two tech engineers working with us when we deploy and when we do a migration. We always have them with us, especially via conference calls.

The support is timely, but there is still some room for improvement because, when we open cases with them, some agents are not as timely about fixing problems as others.

But overall, we are satisfied with their services.

Positive

The initial setup was not too complicated, but it still took a little time to get familiar with it. The good thing is that Prisma VPN uses our existing Panorama centralized management tool, which we use to manage Palo Alto firewalls and VPNs. Because the centralized management tool is very familiar to us, it helped us in using the new solution. But, of course, since it is a cloud-based VPN, it did take a little bit of time to get used to, but after we got used to it, it became straightforward.

It is pretty expensive. We have to balance the cost of some features. They need to work on some of the services and products, price-wise.

The importance of the combination of the solution's traffic analysis, threat prevention, URL filtering, and segmentation depends on the business. Some business lines are very critical so we might potentially apply more features to them, but everything has pros and cons. Applying more features potentially slows down the performance, so we have to balance between security and performance. But so far, in most situations, we don't have any concerns because we already apply the HIP check to make sure the laptop side meets all kinds of security requirements, based on our internal policies. Also, we are able to see all the traffic logs. Even though it's a huge amount of data, and we're not currently doing so, we're potentially able to investigate or analyze things. 

It is a good solution and a new direction for many companies, especially big companies with global offices. Overall, the security that Prisma Access provides definitely meets our security requirements. Otherwise, we wouldn't be using this solution. The majority of companies, including a bank or any other financial company, should be happy with this solution.

In this pandemic, users want to work remotely and that means we need centralized control of remote users, our branch offices, and the head office. Prisma Access collects everything together and provides us with centralized management, enabling us to manage all our locations and users globally.

It manages on-premises networks, but it has its own infra in the cloud.

The ability to manage networks reduces costs for our organization. Suppose I have four offices and all four have a firewall device. All of those firewalls will have separate licenses, and each office will have a separate internet connection. The Prisma Access solution means we only need one router at each office and all the internet connectivity will go through the solution. That definitely cuts our internet costs.

It is also very important that Prisma Access provides all its capabilities in a single, cloud-delivered platform. For mobile users, without Prisma Access, I would have to control their traffic through on-premises networks and give them on-premises internet. Suppose that one of those users does not connect through the on-premises VPN. That user would then have access to and control of whatever he wants. The system might be compromised through unauthorized access. That's why, from a security perspective, it is very important to control this type of situation. We could control the system without Prisma Access, but that would require additional solutions. We would have to add another security client to the user's system. With Prisma Access, instead of having two solutions, we have one solution.

Prisma Access gives us security from a single point. It controls mobile users and determines how secure their networks will be, including from where they will get internet access. We can optimize things and add security profiles centrally.

Another valuable feature for mobile users is the GP VPN access. It provides security and a firewall as a service, including threat and vulnerability protection. From a security perspective, it is very good.

I haven't seen any SD-WAN configuration capability. If Prisma Access would support SD-WAN, that would help. There are some trending technologies in networking with SD-WAN. SD-WAN is nothing more than optimizing your WAN. SD-WAN devices should be able to reach Prisma Access, and Palo Alto should support different, vendor-specific devices, not just Palo Alto devices, for SD-WAN configuration.

Also, Palo Alto only provides corporate licenses. If they would give a license to a non-corporate email ID, for testing and a pre-trial, that would be really great for users to practice with it. Everybody could explore it. Or, for people who are not working in a corporate environment and who want to explore this kind of setup, it would enable that type of test access on a personal email account.

I have been working in networking and security for eight-plus years. I work on various infra including routers, switches, firewalls, and different cloud services. I work on various vendors' solutions, such as Fortinet, SonicWall, Sophos, and for the last four years, on Palo Alto.

Prisma Access is a subset of Palo Alto Networks and is a product they recently introduced. We just recently heard that our organization was planning to use the Prisma Access solution.

I cannot evaluate the stability based on my limited experience, but I recently called a colleague in a different organization who has been running Prisma Access, and he said it is going well and that he has seen good stability.

We have more than 10,000 users and 40 Palo Alto firewalls, located in different regions. They were involved in the PoC. In the future, we are planning on having Prisma in production.

Palo Alto support is very responsive. They respond immediately and they are very kind and very knowledgeable. They work on cases by priority. In general, when we call them, we are able to talk with them without much delay and they provide solutions that have met our expectations. 

I would rate their support at eight out of 10. I deducted two points because sometimes they do have a very busy schedule and every engineer is busy. Once we reach them, everything works fine.

Positive

This is a new implementation for SASE in our organization.

The license activation process is very straightforward. When we purchased Prisma Access, they provided a link and, from there, we had to add the serial number of our existing Panorama. After that, everything happened automatically. Once that management setup was done, we were easily able to add a rule and do other configurations.

Our deployment did not take a long time. However, our infra is very big. While the initial setup was done in four to five hours, finishing everything took us one week.

If you are planning on using the SASE model for your organization, I would recommend Palo Alto Prisma Access. It works well, based on my experience.

I have come across many firewalls and I have hands-on experience with various devices, but Palo Alto is the best for everything. It is the best device for infra security. It not only has security, but it works well when it comes to routing and switching.

Overall I would rate Prisma Access at 8 out of 10. It gives us centralized management and reliability, scalability, and ease of configuration.

One of our use cases is that it is used by our internal users, our employees, when they need to work remotely. They'll be out in the field and, wherever they have an internet connection, they run the GlobalProtect client, connect, and they can access our resources as if they're in our building. For example, we have health inspectors who go to different sites.

Of course, we're doing more teleworking like everyone right now. Also, our admins all use it because that's how we get in and do remote work. And, periodically, we have contractors or vendors who need remote access. We'll build an account in AD and either have them download the client and connect to us, or if they currently use the GlobalProtect client for some other VPN connection, we can just provide our gateway and they can use their existing client to connect to the resources that we allow them.

We also have a clientless VPN by Palo Alto. It's a website where you can enter your AD credentials, and it will publish internal web apps that you can access through a browser. We have some users, and a set of contractors, who use that to access some of our internal systems for COVID response.

It's a cloud-based VPN, but it's managed from our Panorama instance, which is on-site. There's the GlobalProtect client that gets installed, that's the VPN client on your laptop, and that automatically updates from the cloud when a new version is available.

Prisma Access is our first cloud-based VPN solution. I like that aspect because I don't have all the traffic hitting my firewall interface directly. Users go to the cloud, wherever they are, and connect to some kind of cloud. It will grab their config, and our firewall doesn't see any extra traffic from that. That's awesome.

Because we are in the health sector, the clientless, web-based VPN that we're using has allowed us to partner with some external companies to do contact tracing for COVID. That means that if someone is positive for COVID, those companies track back to the people they have been in contact with and try to find the source. The fact that the only way a couple of hundred of our employees can access our records at any time is through the web-based VPN has really improved our ability to respond to the pandemic.

I like it because it's very easy to use. You install the client and you have to know your gateway, but that's something we give to our users. Beyond that, it takes about three seconds to train them on how to use it. And it just works well. That's great for us because it means less administrative time.

It's also nice that Prisma Access provides all its capabilities in a single, cloud-delivered platform. 

The thick client secures non-web apps in addition to web-based apps. If you have the client installed on your laptop, it's a completely secure VPN connection and anything you run will be secured by it. The clientless VPN, the web-based one, only allows you to redirect to URLs; it's only web. Being able to access non-web apps is important to us because it's how we get our remote work done. Not everything is web-based. We have to run applications and access Windows shares and the like. 

This ability helps decrease the risk of data breach. Information security is more and more a huge concern for everyone. Knowing that everything's going across an encrypted tunnel, and that we can manage what is accessed by which user, are huge benefits.

Another important aspect is that Prisma Access provides millions of security updates per day, because security has really become our number-one focus lately. That feature is very good.

I've been using Prisma Access by Palo Alto Networks for about two years, maybe a little longer.

It has been very stable. We've had a couple of small outages, but overall it's very trustworthy and stable.

It's cloud-based, so it's infinitely scalable. For us, it has worked fine. We went from a few users at first and we built up to hundreds.

It's our clientless VPN that really builds up our user count. It is consistently between 300 and 400 users. It rises and falls depending on what kind of campaign we're doing. If a new COVID variant is discovered and we have to ramp things up because of CDC guidance, the user count will bump up.

The one thing that I've been a little bit disappointed with is when we have had to open cases with Palo Alto about Prisma Access issues. Versus their other platforms, like their firewalls, where we tend to get really quick responses and very definitive answers, the few tickets I've had to open for Prisma Access have taken them longer to respond to. And they haven't necessarily given me the kind of answer I was looking for, meaning a fix to the problem. Maybe this technology is not as cut and dry as some of their other technologies. But I think they could improve their support offering for Prisma a little bit and put more expertise in place.

Overall, I'm very happy with Palo Alto's support. I'm not saying that their Prisma support is awful. It just hasn't been quite up to par with other support I've seen from them, which has been pretty phenomenal.

Positive

For VPN, we used Cisco AnyConnect. The switch to Prisma Cloud was part of a platform switch from Cisco ASA to Palo Alto firewalls.

We also have other solutions, such as a virtual desktop solution that is available externally. Some of our users use that and others use the VPN.

The setup was medium complex. Because of the way we're doing it through our Panorama, it's a little more complex than it would be on the cloud-only solution. There is definitely some  complexity to it.

I wasn't involved in the initial deployment of it, but our organization worked with a vendor called CompuNet, a company with Palo Alto expertise. I would guess it took one to two days to get through everything and test it. 

The evaluation happened before my time here, but we had people who had worked with Palo Alto previously. They knew its reputation and were happy with it. I think the switch happened directly.

It functions like a lot of other VPN solutions. It's not special in that sense. It just works.

I have spoken with another agency that was looking at Prisma Access. The one thing they weren't aware of was the clientless, web-based VPN that is part of the product. They were pretty excited when I explained to them how we use it. So make sure you review the full feature set that Prisma Access offers. It may be broader than you expected.

We are using it as a hybrid solution where we manage it through our onsite firewall. There is a Prisma Access full-cloud solution where you do all the management there. If we were to start over again today, I would probably go full-cloud. That would ease the management a little bit. People who are using the cloud-only solution probably have fewer hoops to jump through to get certain things accomplished. But we've been fine.

The biggest issue I've run into is that most of the documentation for Prisma Access is based on the full-cloud model, as opposed to our hybrid implementation. It's a little trickier to find out how to implement some of those changes through Panorama. There are also some connectors you have to set up to make sure that your Panorama is talking to the cloud the way it should. Those wouldn't be necessary in the cloud version, and that means it's probably a little easier to sync your AD, set up your users in the cloud, and you're done. Everything is already on the cloud.

Overall, I'm very happy with the security provided by Prisma Access. Palo Alto is a security company and is always working on ways to make things more secure. I feel very confident that our data is safe using the solution, which is the whole point.

My customers are military and federal government agencies. They're really interested in Secure Access Service Edge technology for their endpoints. Palo Alto Prisma is one of the solutions we use to make the SASE solution work for endpoints. For our customers, we normally do SD-WAN, Zero Trust, SWG, and SWaaS. Nobody has really asked for ADEM yet.

Prisma Access lets us compete in the cloud space.

Prisma isn't hard for the average system admin to use, and our customers are interested in Prisma's SD-WAN and Zero Trust capabilities. Government customers are particularly interested in the CASB capability. Prisma protects all app traffic, so our customers can access all of our apps, which is essential. That's one of the main reasons my business and customers use this technology, especially in the COVID-19 environment.

My military customers have users who need secure access to their information from all over the world. If they're using Microsoft Office products or some other app that isn't web-based, they can still access them through the web whether they're using their corporate devices or working on their personal devices using corporate information. Prisma will still protect that from phishing or other attacks.

Having all of these capabilities on a single cloud-delivered platform was extremely important to us. We also liked how well Prisma integrates with other solutions. Other solutions offer the same functionalities Prisma does when it comes to Zero Trust, CASB, and SD-WAN within the Microsoft Cloud. Prisma helps us protect our customers when a user isn't going to the Microsoft Cloud. 

Prisma also helps with traffic analysis, and that is controlled through the Manager. We can see what websites individuals within organizations are going to. For example, we can do cybersecurity analysis, such as phishing and so forth, to determine the cybersecurity risk of a particular site. While Prisma is doing that, we're also sending those Prisma files to our security operations, and they're also doing the analysis. In addition to threat detection, we're doing threat prevention. URL filtering fits into that category because we can determine what website an individual was able to access.

Prisma does segmentation either through the management of user groups or according to network access. Prisma provides millions of security updates per day, which is crucial for my government customers and business partners. It helps us keep up with security violations or phishing attacks by bad state actors. These threats are dynamic.

Prisma should implement industry updates in near real-time. Also, Prisma's integration between operational technology and IT should be more seamless. Right now, it requires additional setup and maintenance.

We've been using Prisma Access for about a year.

Prisma is stable. It works as advertised.

Prisma is highly scalable and global.

I rate Palo Alto's tech support 10 out of 10. It's outstanding. But I'd like to highlight the difference between technical support and government technical support because it's two different beasts. I'm talking about Palo Alto's government technical support. They have a separate set of personnel inside the organization that handles government customers.

Positive

Setting up Prisma is pretty straightforward. It takes around an hour to get it up and running. The amount of time needed to fully deploy Prisma depends on the size of the enterprise and the number of units, groups, endpoints, etc. Pre-deployment preparation also varies according to the size of the enterprise. It takes about a couple of days for a medium-size organization. You have to set up the architecture, determine who the users are, set up the IP schema, establish your Zero Trust scheme, set up network access, and send your log files over to the site. All of that takes about three days. Two network engineers can handle setup and deployment. After that, Prisma can be maintained by normal networking staff and at least one engineer.

Integrators from our partners at Tech Data help us deploy. We also get help integrating from my engineers over at TOSIBOX, our proprietary VPN solution.

We're now able to go after contracts that require a Zero Trust solution and Prisma's other technology solutions. 

We looked at other competitors, including Aruba, HP, Cisco, and Microsoft Enterprise solutions. 

I rate Prisma Access nine out of 10. It has been constantly changing since it was released. Palo Alto is the leader in all these technologies on the Gartner Magic Quadrant. 

I would advise anyone considering Prisma to look at their endpoint protection and evaluate how it fits in the overall enterprise solution, including integration with operational technology.

This solution helps us with visibility of the data stored in the cloud and it even scans our files. If a user is trying to upload any kind of malware file or a script, Prisma SaaS scans those files and helps us identify anything malicious. If it finds something, it directly cleans the file. We are partners with Prisma SaaS.

I've evaluated multiple solutions on the market but to quarantine and clean a malware file is something I haven't seen anywhere else. It's a great feature and provides a lot of security.  

I would like to see a hybrid model which has API plus in-line security, where the user's data is controlled via an API call and also controlled in-line. 

We been using this solution for over a year. 

We've never had any issues in terms of stability. 

In terms of scalability, we initially went with the out-of-the-box solution which was able to support around 40 to 50 users and it was fine. There was no need for any add-ons. We now have a license for 200 users and it scales well. 

Technical support is responsive. We contacted them a few times and they were helpful. 

The initial setup was straightforward. It was completely on cloud and easily activated, and we were up and running quite quickly.

The licensing of this solution is a little expensive and is paid on an annual basis. 

If a company is looking for an API-based technology to control their SaaS data uses and user access, then Prisma SaaS is a good product but if they're looking for a complete CASB solution, then this is not suitable. The solution provides a lot of security but when you look at it in terms of the high cost for licensing, then it is not cost effective to spend that amount just to protect the data stored by the user.

I rate this solution a six out of 10. 

We use the solution to secure and monitor our traffic to the cloud. We are able to route traffic where we need it to go and It provides us with secure direct connectivity to our cloud application console.

There are plenty of features this solution provides and the most valuable would be the complete security protection we are receiving. We are provided with similar security that the Palo Alto AWS solution has. This includes features such as a firewall and machine learning AI. The cloud server provides maximum uptime, controls, and overall strong security. 

I have received a lot of good client user experience from the solution.

There can be some latency issues with the solution that should be improved.

I have found when comparing this solution to others it is very stable.

The solution is scalable. We definitely plan to increase usage, many people are working from home and this solution makes sense being in the cloud. We encourage our organization to utilize the solution to its maximum potential.

Whenever we had to use the technical support they have been very knowledgeable about the issue we were facing.

I have used other solutions in the past and this solution has better security and conductivity in the cloud environment.

The initial setup is straightforward.

We did the implementation ourselves. The full implementation can take a while, it typically does not take more than a few days. However, the time is dependant on the environment in which the solution is being implemented. It should not take more than 20 days. 

Since this is a cloud base solution it does not require a lot of maintenance. The updates are done from the company side.

The solution requires a license and the technical support has extra costs. The licensing model could improve.

I have learned that moving operations to the cloud is a good thing. 

I rate Prisma Access by Palo Alto Networks a nine out of ten.