We compared Duo Security and Prisma Access by Palo Alto Networks across several parameters based on our users' reviews. After reading the collected data, you can find our conclusion below:
Comparison Results: Duo Security is praised for its easy setup, user-friendly interface, and detailed documentation. It excels in providing two-factor authentication and integration capabilities. However, it needs improvement in terms of compatibility, user-specific permissions, and technical support. On the other hand, Prisma Access is highly valued for its accessibility, strong security features, and global performance. It offers protection for all app traffic and integrates well with other Palo Alto platforms. However, it can be challenging to configure and has mixed reviews regarding customer support. Duo Security is considered competitively priced, while Prisma Access is seen as more expensive but worth it for its quality.
"The ease of deploying Cisco Duo Security and onboarding has greatly benefited our customers."
"Cisco is the perfect product for our current size, and I don't think we'll have problems with scalability as we grow."
"The two-factor authentication is valuable because that is the use case for which we are using it."
"If you have to log in to something, you must go to Duo Security to confirm that you're who you are on your phone."
"It's easy to deploy. It's easy to manage. It's easy to integrate with other applications."
"Documentation is the most valuable feature, and if you ever have to reach out to them with a question, their support is also fantastic."
"Duo Security provides a high level of certainty regarding the identity of the individual performing an action. Whether it's logging into a system, using VPN, or utilizing Autopay, establishing that trust is crucial. I can't imagine any security company, organization, or IT team that wouldn't prioritize having multifactor authentication enabled when accessing critical systems."
"It has definitely reduced embedding. We found a lot of problems with attackers being able to compromise accounts. Now, when they try to access accounts, they are not able to do so because there is an added layer of protection. Once we know that a username and password are compromised, we just reset the password to protect the company."
"Palo Alto Firewall is one of the best firewalls in the world."
"Security is absolutely spot-on, really top-notch. It's the result of all the components that come together, such as the HIP [Host Information Profile] and components like Forcepoint, providing end-user content inspection, and antivirus. It incorporates DLP features and that's fantastic because Prisma Access makes sure that all of the essential prerequisites are in place before a user can log in or can be tunneled into."
"I like it because it's very easy to use. You install the client and you have to know your gateway, but that's something we give to our users. Beyond that, it takes about three seconds to train them on how to use it. And it just works well. That's great for us because it means less administrative time."
"It's very stable. Sometimes after installing the boxes, we leave them for one or two years. We would just touch the box in the case of the customer needing new requirements or changes to the setup."
"A feature I've found very helpful is run time security because most of the products on the market will look at security during the build time, and they don't really look at what happens once you're going into production."
"It's quite reliable and performs well for users."
"The most valuable feature is the zero-trust part of this solution."
"The always-on feature is fantastic for the users. They don't have to think about it. When they go to a coffee shop to do work, there's no need to remember to toggle the VPN on. We'll protect them. URL filtering is the same at home as it is in the office."
"While two-factor authentication with mobile devices provides a high level of security, it's still not foolproof, as someone could potentially steal your phone. It would be beneficial to have information about the authentication location."
"I believe there are two new features. I am interested in adding auto-admin services and incorporating icons for easier navigation. This could contribute to a new business idea platform. I have seen the features, and they make things easier, resolving issues from before. The platform has been updated, and there's now another link in my platform for media access. When it comes to improvements, the UI can be more user-friendly, and there is room for easier navigation. Perhaps there could be enhancements in customization. I haven't faced issues in storage or backup, but I am open to improvements in customization functionality. It's not my environment, but I see possibilities for improvement in the deployment of funds. The addition of new features is appreciated, and for customization, it could provide more freedom for users."
"I would like to see some features simplified, such as securing, configuring, and implementing Microsoft Remote Desktop. Other than that, the solution was rock solid throughout my time administering it."
"We have a 24 hour timer for our Duo cookie and we would like to reduce this to a shorter time when using Duo."
"They can make authentication easier. It should be done in a shorter time. Sometimes, it can take a bit more time to get the answer on your phone. You have to wait a bit longer to get the SMS code and other things. There can be some internet or connection issues. They should make it faster because sometimes, it's urgent, and you need to access something as soon as possible."
"It could be a little bit more intuitive when it comes to the sign-up process. I know they send out an email, but sometimes our users get a little confused. It could be an end-user problem, but Cisco could work on that a little."
"I'm not a big fan of relicensing products every year or two years, but that's the model at the moment. I prefer to go back to licensing perpetually or permanent licensing."
"The new smart license model doesn't always work. It's very complicated."
"While Palo Alto has understood the essence of building capabilities around cloud technology and have come up with a CASB offering, that is a very new product. There are other companies that have better offerings for understanding cloud applications and have more graceful controls. That's something that Palo Alto needs to work on."
"The solution needs to be more compatible with other solutions. This is specifically a problem for us when it comes to healthcare applications. They have proprietary connection types and things of that nature that make compatibility a challenge sometimes."
"We are using the SaaS offering. We use our applications for microservices. We use Twistlock to scan containers, and it displays these results in Prisma, which is a good feature because we can see vulnerabilities with respect to these containers. We can see everything in a very detailed manner. However, when you have different environments for a single application, such as DEV, QA, PROD, and TEST, all these environments run multiple containers, which can lead to a very high number of containers. In such a scenario, it shows you the alerts for all those containers that have vulnerabilities. If you show the results of all the containers that share the same image, it is not going to add any value. Therefore, they should narrow down the alerts based on a container. It should show information for a single container. Otherwise, the person who is looking at the results gets the impression that he has to fix all these issues. This is something that they can improve."
"The BGP filtering options on Prisma Access should be improved."
"There can be some latency issues with the solution that should be improved."
"The tools' scalability is subject to some limitations when done on-premise due to the need for additional licenses. However, in other scenarios, increasing scalability involves expanding infrastructure to accommodate more third-party VPN access. It is scalable as long as you pay the money. Also, it needs to improve security."
"It is a managed firewall. When you run into issues and have to troubleshoot, there is a fair amount of restriction. You run into a couple of restrictions where you don't have any visibility on what is happening on the Palo Alto managed infrastructure, and you need to get on a call to get technical assistance from Palo Alto's technical support. You have to get them to work with you to fix the problem. I would definitely like them to work on the visibility into what happens inside Palo Alto's infrastructure. It is not about getting our hands onto their infrastructure to do troubleshooting or fixing problems; it is just about getting more visibility. This will help us in guiding technical support folks to the area where they need to work."
"Their next release should provide solutions for the mobile environment."
More Prisma Access by Palo Alto Networks Pricing and Cost Advice →
Cisco Duo is ranked 3rd in ZTNA as a Service with 55 reviews while Prisma Access by Palo Alto Networks is ranked 2nd in ZTNA as a Service with 59 reviews. Cisco Duo is rated 8.8, while Prisma Access by Palo Alto Networks is rated 8.2. The top reviewer of Cisco Duo writes "Helps reduce the risk of a breach and is easy to deploy and onboard". On the other hand, the top reviewer of Prisma Access by Palo Alto Networks writes "Integration with Palo Alto platforms such as Cortex Data Lake and Autofocus gives us visibility into our attack surface". Cisco Duo is most compared with Microsoft Entra ID, Fortinet FortiAuthenticator, Fortinet FortiToken, Yubico YubiKey and UserLock, whereas Prisma Access by Palo Alto Networks is most compared with Netskope , Zscaler Zero Trust Exchange, Cisco Umbrella, Zscaler Internet Access and Prisma SD-WAN. See our Cisco Duo vs. Prisma Access by Palo Alto Networks report.
See our list of best ZTNA as a Service vendors.
We monitor all ZTNA as a Service reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.