Prisma SD-WAN Reviews

We use this solution to enable better connectivity for utilizing the more available Internet broadband lines instead of the expensive MPLS lines.

The solution is deployed on the cloud. I'm using version 5.4.

There are 15 people using this solution in my organization, including network and security engineers. We currently don't have any plans to increase usage.

The reliability of the solution has improved our organization. We don't have any downtime unless there is a power outage. The network is more resilient and faster. It delivers applications in a timely manner. The performance has greatly improved due to the expansion of bandwidth and a reduction in costs. 

MPLS lines are the most expensive lines. After changing to a broadband line, the monthly cost of running the network is completely different.

Prisma SD-WAN also provides Panorama integration, although we haven't used it.

We use Prisma SD-WAN's event correlation and analysis capabilities to help minimize the number of alarms from a single event, but this is all done from the dashboard. This feature has made our network operations much more clear and more concise. Sifting through numerous alarms, especially if they're for related incidents, makes it cumbersome to focus on the problem that needs our attention.

Prisma SD-WAN enables branch services such as networking and security to be delivered from the cloud. It provides seamless integration with the Prisma core networks and traffic web filtering. This simplifies our WAN management. 

We're able to have one place where we can configure pretty much all of the features of our network. We can designate a device to use a certain set of features, policies, etc. It's just a matter of doing its local configuration and it's instantly on. We don't have to configure each device from scratch. We set the policy, upload the configuration, and that's it.

The move to Prisma SD-WAN definitely resulted in a reduction in outages because we usually have one WAN link. Regardless of whether the internet access is used from the hub site, ideally, Prisma Access allows us to have local internet access through the branch side. The benefits are numerous in that respect.

I like that the integration with Palo Alto is easy.

The dashboard is okay. The dashboard gives us enough flexibility to get the information needed so that we can act upon any issues or data that is represented. It serves our purpose for our use case. Like with any other product, it takes time to get acquainted with it.

The only con is the pricing because it's more premium. 

I have used this solution for less than a year.

It's a solid product.

Scalability is not an issue. We can have defined policies, defined routing, etc. Onboarding new sites isn't a problem.

I haven't needed to contact technical support in the past year. The product is performing well. From what I know from my colleagues, the support from Palo Alto is usually great.

I wasn't involved in deployment, but I was told that it was pretty straightforward. It became complex because they did a full-blown deployment and configured everything. Palo Alto did the POC.

If you're already invested in a Palo Alto product, it would be logical to use this solution. If not, there might be some other solutions that are more viable in terms of pricing.

I would rate this solution a nine out of ten. 

My advice is that everybody should do a proof of concept. First, read the basic white papers on Palo Alto. If the product seems to suit your needs, contact them and see what the POC will be and what the pricing will be like. The pricing is different for different companies. Larger enterprises get larger discounts. This also depends on how many sites will be incorporated. There are many factors. It's not a simple decision, but at least you know the product is good. It's on the premium end, but that's what Palo Alto is all about. If you want a top-notch solution, then Prisma is for you.

Our security team evaluated the solution and couldn't find any lacking features. I think it's suitable for large and complex enterprises.

Public Cloud

Prisma SD-WAN provides security when remote users want to access an application or internal server. We recommend Prisma SD-WAN for users who want to connect to a VPN through their laptop and for users who have multiple applications and want to integrate them with our cloud.

The solution's most valuable feature is the visibility of the logs. In case of any errors, we can check the logs and resolve them as soon as possible.

The solution should include custom ports and group voice connections.

We have been using Prisma SD-WAN for the last six months.

The solution’s technical support is good. The technical support team's response time should be improved. The support's SLA timing always takes one or two hours, and sometimes it takes four to five hours.

I rate the solution’s technical support a seven or eight out of ten.

Positive

We have a dedicated team for Prisma SD-WAN, which handles the technical parts and pre-sales. Palo Alto is the market leader in security integration. It provides WildFire and an internal security portion. Prisma SD-WAN has, by default, an inbuilt artificial intelligence feature. The solution has Wildfire, GP, and a single pane of glass features available.

I will recommend Prisma SD-WAN to users in the mid-level market who have been using public applications. I will also recommend the solution to an enterprise customer, such as a bank or finance solution with over 10,000 users.

I would recommend the solution to other users.

Overall, I rate the solution a six out of ten.

The security offered by the solution is pretty good.

Prisma SD-WAN should provide more flexibility and scalability on the hardware. The solution's conversions and failover need to be improved.

I have been using Prisma SD-WAN for two years.

Prisma SD-WAN is a stable solution.

I rate the solution’s stability an eight out of ten.

Our clients for Prisma SD-WAN are medium-sized businesses.

I rate the solution a four out of ten for scalability.

On a scale from one to ten, where one is difficult and ten is easy, I rate the solution's initial setup a five out of ten.

The solution’s deployment took a while.

On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing an eight out of ten.

The solution's security framework has enhanced our data protection. The solution offers really good security. We faced some challenges while integrating Prisma SD-WAN into our existing infrastructure. The key is to presage the SD-WAN ION boxes prior so you can do a simple cutover. Do as much groundwork as possible, and then you can cutover to the new boxes.

Prisma SD-WAN is aiding our AI-driven initiatives because we can push our policy updates across the board. Earlier, if you needed to provision a new IT service, you'd need several resources to implement via the command line interface to individual boxes. Now, it happens with the push of a button, and it works its magic. We're standardizing the networks first, building automation, and then looking at AI.

Overall, I rate the solution a seven out of ten.

On-premises

We are doing a proof of concept for Prisma SD-WAN and considering whether to migrate from our existing solution. We are attempting to replicate our existing technology and duplicate that traffic.

In POC testing, we're able to communicate from one site to another perfectly.

Prisma supports all of the applications we're currently using. 

Prisma could be a little cheaper. 

We are currently evaluating Prisma SD-WAN and haven't implemented it yet.

I rate Prisma SD-WAN nine out of 10 for stability.

I rate Prisma SD-WAN eight out of 10 for scalability. 

I rate Palo Alto support eight out of 10.

Positive

We are using an HP solution. Prisma SD-WAN is easier to manage and has more features. 

It's very easy to set up Prisma SD-WAN. 

Prisma SD-WAN is a good investment. 

I rate Prisma SD-WAN 10 out of 10. 

On-premises

Prisma SD-WAN is cost-effective and easy to manage. We have replaced all our MPLS connections with dial-up internet links. This will reduce our costs in place of ISP and is easy to manage. We can route the traffic based on the application. Sometimes, we used to route the package based on the user because some users want to use the internet. We are effectively using the solution for path manipulation for the users. We also have multiple tunnels whenever there is an issue or drop with one of the ISP tunnels.

We have a single dashboard to view all kinds of analytics. If we make Prisma SD-WAN as analytics, we can only see what kind of traffic is going and how much bandwidth it is utilizing. We can also see if there is high utilization from any particular link or application. Otherwise, we can configure Prisma SD-WAN as a control mode to use it as a routing protocol and for analytics. It gives you more insights about what kind of traffic is going, how much the consumption was, how we can reduce that consumption, and how we can apply that quality of service. If one of the sites is accessing more teams, our bandwidth will be utilized as a platinum application so that most of the bandwidth will be utilized for the team. Unlike traditional networks, it is very flexible, and based on the kind of application we are using, our bandwidth will be utilized.

It is flexible to use the internet connection via local breakouts without going to data centers. We don't need to install firewalls within the site to inspect the traffic. It will forward the traffic directly to the cloud so that the inspection will happen there for any unknown or unwanted traffic. This will also reduce the cost because we are not managing side-by-side firewalls. Your traffic will not go to data centers to inspect the outgoing traffic.

Prisma SD-WAN's technical support should be improved. When we have some issues, the technical support should be available on time, and the engineer should join to help us. It can increase the bandwidth capacity for some of the small branches. A warning message comes to us to notify us that something is going wrong, but we cannot understand that information.

Prisma SD-WAN can be automated so that our network will be faster and our work will be reduced.

My team has been using Prisma SD-WAN for the last two years, but I joined this project for the last six months.

Prisma SD-WAN is a stable solution.

I rate Prisma SD-WAN a seven or eight out of ten for scalability.

Prisma SD-WAN's support is good, but the engagement of the engineers gets delayed, or the right person might not join the call. The information should be made available on time. So we require very knowledgeable people in technical support to improve the customer environment and the network performance, as well as the operation team's knowledge.

Neutral

Prisma SD-WAN’s initial setup is very straightforward.

Prisma SD-WAN's deployment is completely based on the process. For example, one box running with a little older version was migrated from one of the sites to our site. So, it is running with a very older version, and our devices are running with a very higher version. Sometimes, the internet connectivity will not come up, and we have to connect to that Prisma cloud to get the diverse version to upgrade it.

Sometimes, the upgrade might take some time due to the heavy load on the cloud or a congested ISP. Generally, if you go for a simple configuration, it won't take much time. You simply configure basic ISP settings, and it will get the internet connection. It might not take more than 45 minutes.

You need console access. It's based on the ISP. If you have a dynamic ISP, you connect that ISP to one of the WAN links, and it'll get the IP address. So if you get the IP address, it automatically shows it online in the system in your domain. If that ISP is not dynamic and we have to manually configure the IT address, we have to take the console access. We need help from site IDs. It is not a drawback of the project, but it is something dependent on the ISP.

We used to open tickets because it was a completely new environment for every engineer and because it was hosted for the last two years. Whenever we had such challenges in the network at the architect level, we used to open a ticket. So we request the engineer to join and discuss our plans for what we want to achieve. They will help us with most things. Sometimes we might see some failure of changes as well, but most of the time, we succeed when we involve this Prisma SD-WAN tactic.

Prisma SD-WAN has layer seven capability to check how the traffic is going, but unfortunately, I do not have in-depth knowledge of that process. We have a workflow at the layer seven level. They have all kinds of analytics at layers three, four, five, and seven.

Prisma SD-WAN can automate many things, but we also need to have that kind of testing environment. We never use it in our environment because of our daily activities.

Network automation is the biggest thing in current evaluation in the network world. We have thousands of switches and network devices where we need to configure multiple configurations. So if you have automation in place, it will reduce the timeline, and we won't miss anything. If we do it manually, some people might properly follow the process, and others might not. So if the automation comes in place, only one person can push all the configurations to the respective devices so that we follow the standards.

We never tried using automation for network troubleshooting, but we tried much automation while provisioning some networks, like new installations. Troubleshooting will come with the packet capture directly. We do some packet captures, but as of now, we didn't automate those. We are looking for automation for provisioning things when new sites come into the picture. We want to automate without doing manual configurations.

The alarms make sure that we are checking everything on time and give us some flexibility to ensure that the device will not go down. So, the alarms might not reduce in the future, but they will give us a trigger point so that we check immediately what is missing. Those are mandatory alarms for CPU alerts. Every time there is a high utilization on the box, it will show some trigger. We'll understand why the CPU utilization was happening. They will show some information on the network regarding why the CPU is being utilized. We can ensure not to repeat that kind of scenario in the future. Sometimes, if the bandwidth utilization from the users is high, we cannot control those alerts. But when such kind of traffic utilization is high, we can increase the bandwidth so that we can reduce those alerts. If you take those steps effectively, then it will definitely reduce your alerts.

Prisma SD-WAN incorporates policy control for event correlation and analysis, which affects our admins' control over events generated on our network.

We have many path policies and QOS policies. It will show which is the better path that needs to be selected while the traffic was going. It also shows the next backup path, if one of the paths fails. We have to configure manually with the path policies, what kind of application requires minimum amounts of bandwidth. Those path policies need to be applied to the iron box. Whenever a user sends traffic via the iron box, it will select those path policies to make an effective decision.

Prisma SD-WAN's policy control for event correlation and analysis helps admins pinpoint issues. Whenever we log in and check, users complain about issues related to packet loss, and we have to load share the network manually. These automated path policies affect configurations. Sometimes, if the internet link keeps on disconnecting, we can see something on the analytics screen that packet drops are high.

Unlike traditional networks, you don't have any kind of analytics. The customer might not take third-party analytics because of the cost. So we don't know the visibility of checking those WAN links, and we simply rely on the ISPs to understand how the WAN link is working. They tell that there is no issue with the WAN links and everything is fine.

There might be some milli-seconds of packet loss which cannot be shown on the ping reserves. So this analytics gives a lot of information to the administrator to understand the issue. We can ask those people to understand this issue, and they can resolve those things by seeing those analytics. Prisma SD-WAN is the web solution that helps the administrator to understand the issue and resolve it.

Prisma SD-WAN enables branch services such as networking and security to be delivered from the cloud. They also have virtual solutions that they can provide, but we never use those virtual solutions.

Prisma SD-WAN is a very good product. It gives lots of benefits to the enterprise network by deactivating the costliest MPRS networks. Even non-technical people can understand the packet flow and easily see what is happening by seeing the analytics of the link.

Overall, I rate Prisma SD-WAN an eight out of ten.

On-premises

The solution is used for multi-cloud and remote access for workers. On top of that is the CASB use case. We are going for zero-trust. If you want to implement zero-trust, this approach is very successful.

The mix between the normal gateway of my firewall and the other branches or the head office firewall is great. The gateway is available on the cloud which allows you to gain access from anywhere and still connect to your home gateway. 

Also, if I want to access a resource on the cloud, it can be accessed from the nearest EU tower data center right from London, not from here where I am.

Its connectivity and security are great.

The initial setup is easy.

I'm happy with it as it is. Maybe they could introduce some new features that make things easier. That said, for me, I didn't find it lacking in any major way. It gives me all that I really need. 

I'd like to see them move more towards CASB.

The solution does do a lot of frequent updating. 

I've used the solution for about two years now. Since they started, I've been using it.

The solution is both stable and reliable. There are no bugs or glitches. It doesn't crash or freeze. 

We mostly deal with medium and large-sized organizations, specifically in retail and multi-national branches. It works well and can scale to meet the needs of businesses of that size. 

It should scale well. We don't have a large implementation - which I would consider as 100 branches or more. Until now, we've been able to handle 35 to 36 branches without issue.  It should scale. I haven't had issues yet in this regard.

Palo Alto support is good. We are an old Palo Alto partner. We're not a customer, however, instead, we have our own setup with Palo Alto. It's not a limitation. They're good. Technical support has been amazing for us. 

I have used both Prisma SD-WAN and Juniper Contrail SD-WAN.

We found the initial setup to be very simple and straightforward. it wasn't overly complex or difficult. 

That said, it depends on how many sites it allows and what the complications related to that might be. If your setup is not ready, and you need to work on it, normalize it, and baseline it, it could take longer. That's it.

For us, for 20 sites, it took us two days to complete with just one resource.

In terms of maintenance, we receive the updates automatically. This is scheduled for the weekends. It's non-disruptive. The updates are frequent. They happen frequently and mostly on the firewall, or the ION itself.

The solution is expensive. Its competitor, Zscaler, is far less expensive. It's half the price. I haven't however, tried it to compare them. 

It's sort of like iPhone versus Android. They are both phones, yes, however, I don't care about the money, I care about the product. I'll choose an iPhone even if it is more expensive due to the fact that I love the experience I get from Apple. The same is true with Prisma. It's not cheap, however, I really appreciate the service they offer. 

There are different ways they can deliver their services, and these have different costs associated. There's Prisma Access, Prisma SaaS, and Prisma Cloud.

We are a Palo Alto partner. 

We are a system integrator and not a customer. We're selling to customers right now.

We are using the solution with a SASE subscription, Prisma Access.

I've used both on-premises and cloud deployments. 

I'd recommend the solution to the users and companies. It comes with all the security and the good direct point to the cloud application as well.

I would rate the solution at a ten out of ten. It's a really great product.

Public Cloud

Prisma SD-WAN is intuitive. We have a better idea of the different tools we can use and jump between the menus quickly. 

The tool needs to work on price and complexity. 

I have been working with the product for about two weeks. 

I rate the product a seven out of ten. 

The platform allows aggregating different media, such as fiber, DSL, and even 4G/5G, providing a cost-effective alternative to MPLS VPN.

The product provides efficient stability, security, and reliability features.

They could add more advanced security features to the product.

We have been working with Prisma SD-WAN for three years.

The platform is stable. 

The product is scalable. 

We were primarily working with VMware SD-WAN.

The initial setup is quite straightforward.

We provide full implementation training for our customers. Our engineers handle all the deployment tasks.

The platform's simplicity and advanced functionalities, like a dynamic command, are very beneficial. Due to its key technology, it's better than many other vendors.

Unlike hardware SD-WAN vendors like Cisco Meraki, it integrates security easily and effectively across devices. It allows the deployment of various security solutions on the same devices.

Currently, AI functionalities are limited to basic database querying and reporting. More advanced AI integration would be beneficial.

I recommend it to others and rate it a ten out of ten.