Prisma Cloud by Palo Alto Networks Reviews

We primarily use the solution to create a cluster or scenario, for runtime management on containers.

We have three containers in our organization. Two were legacy containers and we added a third. The solution helped with our DevOps pipeline and allowed us to inspect and analyze the product.

The runtime mechanism on the solution is very useful. It's got very good network mapping between containers. If you have more than one container, you can create a content data link between them.

I'm not sure about areas for improvement on the solution, however, I do think the compliance and dashboarding could be better.

The innovation side of the solution could be more efficient and more detailed.

I've been using the solution for two months.

The initial setup was reasonably complex. The container security makes it a complex implementation. If I were to rate the complexity out of ten I'd give it a seven.

We use the cloud deployment model.

I'd rate the solution nine out of ten.

The primary use case for this solution was to run the rule set for the CIS 20 framework and HIPAA compliance.

This solution will ensure that we've got a more secure environment, mitigating any sort of bad actors coming in and either destroying or disrupting the environment.

The most valuable feature is that the rule set is managed and that it can be run on a regularly scheduled basis.

The pricing for the solution needs improvement.

The stability of this solution is very good. Very favorable.

We have four people involved with this solution. They are administrators and DevOps resources.

The solution is currently used across our entire environment. I bought licenses for one hundred hosts and I only have twenty-eight. So, there will be no incremental cost for me until I exceed one hundred hosts, which is a long way away.

Technical support is very good. They have been very responsive to various requests in the past.

We did not use another solution prior to this one.

The initial setup was very straightforward. RedLock was very helpful in setting up the environment. The deployment took approximately two hours.

Two people are required for deployment and maintenance.

We worked with a reseller. They are Rocus Networks out of Charlotte, North Carolina. We had a very good experience with them.

Our licensing fees are $18,000 USD per year. There are no costs in addition to the standard licensing fees.

We evaluated the Dome9 solution in addition to this one. RedLock was selected based on Rocus' recommendation.

This is a product for which I had a very specific need, and my security partner recommended it. This product is one of the leaders. I would, however, suggest that you do a POC before implementing this solution.

It has very good support in all of the cloud environments. I think that they offer a lot of functionality in supporting that space. I don't think that this product is perfect, but it fits my needs perfectly.

I would rate this solution a nine out of ten.

Our primary use case for this solution is for container security and monitoring.

It has helped us understand the dynamic topology of our containers and manage security through the application of policies that our pipelines apply straight from Git.

The most valuable feature is the automated forensics.

I would like to see the inclusion of automated counter-attack, although this is probably illegal.

Our client needed a solution which would be a true implementation of the concept "Trust, but verify," and Aporeto fulfills that notion as it decouples security from network and infrastructure. It services microservices in a nifty and seamless way.

Aporeto has accelerated our client's expansion to the cloud. With Aporeto, they have secured their Linux workloads on any infrastructure with end-to-end encryption and have a path for modernizing with a security layer that is future-proofed.

The dynamic workload identity creation, attestation, and assignment is the best feature. In addition, the application dependency map across heterogeneous environments for compliance is a striking feature.

It integrates quite well with the AWS products as it uniquely fingerprints each workload. Aporeto is designed to combine metadata from the orchestration layer, the container, the operating system, and the AWS instance identity document. By combining these information sources, along with dynamic attributes such as image scanner inputs, Aporeto is designed to create a strong cryptographic identity for each workload. It authenticates and authorizes all network communications within a virtual private cloud (VPC), across VPCs independent of their region or availability zone, and across cloud environments.

More documentation with real-world use cases would be helpful. Another useful feature would be greater transparency and visibility into the security checks being implemented.

In AWS, it scales with the cloud and we have found no issues at all with the stability.

Aporeto is now available in AWS where it efficiently deploys, manages, and secures applications at scale on various platforms including Kubernetes, Docker, Linux, and Mesos, among others.

The purchasing process was easy and quick. It is a very economical solution.

We chose to procure this solution via AWS Marketplace because that's where we get all other solutions and to make sure it's supported by AWS.

I would rate it as a nine out of ten, due to its cloud-facing features which fit in nicely with the whole cloud ecosystem.