We performed a comparison between F5 BIG-IP Access Policy Manager (APM) and Prisma Access by Palo Alto Networks based on real PeerSpot user reviews.
Find out in this report how the two Secure Web Gateways (SWG) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable features are the antivirus as a whole, the anti-malware, and all of the protection features that scan our enterprise devices."
"The solution is stable."
"On the outside, the main differentiation is because Lookout ingest. They have ingested basically all of the apps for the last ten years and all the versions of all the apps, and we have that in a corporate database that allows us to do very large-scale machine learning and analysis on that data set. That's not something that any of the competitors really have the capability to do because they don't have access to the data set. A lot of the apps you can no longer get them because that version of the app is five or six years old, and it just doesn't exist anywhere anymore, except within our infrastructure. So, the ability to have that very rich dataset and learn from that dataset is a real differentiator."
"The protection offered by the product is the most valuable feature. It detects vulnerabilities or traps on our users' phones and then prompts them to clean up their devices. Tools we used previously would only discover, which required us to gather information on the backend, so Lookout is a welcome upgrade."
"The product allows us to create customized portals for your users."
"The load balancing features are valuable."
"Stickiness is the most valuable feature of the product."
"The performance of the solution is valuable."
"This is a product that is easy to install and integrate, and it is simple to use."
"The most valuable feature is the virtual IP creation. It's our most frequently used feature."
"In my opinion, the GUI is perfect with the configuration options provided. F5 BIG-IP has given customization options and policy configuration tools in the GUI. It's good and good enough to work."
"F5 BIG-IP APM is relatively easy to use."
"A feature I've found very helpful is run time security because most of the products on the market will look at security during the build time, and they don't really look at what happens once you're going into production."
"The stacked policies, event policies, and routing policies are easy to understand for someone with general knowledge."
"Prisma SaaS is very easy to use; it's common sense — it's the best-in-class."
"The solution also provides traffic analysis, threat prevention, URL filtering, and segmentation. That combination is important because it enhances the protection and makes the traffic more secure. It also keeps things more up-to-date, enabling us to deal with more of the current threats."
"It is easy to use, easy to integrate, and is stable. It's scalable as well."
"It has predefined or preconfigured rules, which are getting periodically updated. They are providing continuous improvements and periodically updating all search queries that they are looking for. That is one thing that helps us to stay vigilant and focused. If we query our AWS account for any breaches or vulnerabilities with any of the cloud tests, and it alerts us based on these predefined rules. It also provides an option to configure our own rules, and based on these rules, it can query the cloud trail logs, pull the information, and trigger alerts in real-time. I haven't explored this feature much because there are multiple accounts, and we don't have enough time to explore this feature. It also provides multiple integrations. When vulnerabilities or breaches are happening, you should be aware of them immediately. It provides integration with tools such as Slack, PagerDuty so that you can get alerted as soon as the high severity stuff comes up. For example, you have a security group that has allowed public traffic on port 22. As TechOps, you should be aware of this immediately. You cannot scan each machine or look into all security groups to identify it. So, Prisma helps us and alerts us when this kind of high-priority stuff comes up. It has different statistics, analytics, and graphs for data. The description of alerts is also pretty good. They describe what are the possible causes for this and what are the solutions. From Prisma Cloud, you can directly go to the AWS account. When you click on an alert, a resource, or a resource ID, it takes you to the AWS console where you need to log in. If you are already logged in, it will take you to that instance directly, and you can fix the issue there. I have found this feature very useful."
"The tool's consolidation is pretty quick."
"It's quite reliable and performs well for users."
"Lookout was moving into the SSE space. And so their work on SecureWeb Gateway and SD-WAN is still sort of evolving."
"From the analysis that we've done, they do seem to be maybe a step behind in trying to enter the market with a new solution. But when they do pick up, they do come out with some good products."
"The stability depends on the service from where you access it. Because sometimes, the place you are in, you have Gateway. You don't have Gateway. The gateway is overutilized. At the end, you need to go through their gateways. And this is the key point here. You have a tracking point. If it's not well orchestrated, and it scales up as you add more to the existing team, you will suffer"
"We just submitted an enhancement request reflecting the main area we want to see improvement in; the APIs. Currently, we're able to build dashboards, but it's somewhat backward because we use our MDM API to create them. Lookout should provide API to customers so we can query our data and use it in our cloud, and this is the only outstanding area for improvement with the product right now."
"Integrating identity providers and single sign-on solutions can simplify user authentication and access control."
"F5 BIG-IP Access Policy Manager has room for improvement in integration with other products."
"I'd suggest improved documentation integration directly within the GUI. Right now, finding comprehensive documentation often requires going to external websites like the community portal."
"The technical support’s response time must be improved."
"The initial setup was complex."
"The operational deployment is not great."
"In my opinion, the GUI side needs some improvement based on my usage. Sometimes, it doesn't work as efficiently as the CLI side."
"We do not have knowledgeable support teams locally."
"When it comes to integration mechanisms, Prisma SaaS does not support reverse proxy type of integrations."
"We would like to see improvements in the licensing; currently, Palo Alto provides 500 to 1000 licenses for users, and we want to see 1500 to 2000 licenses for one version."
"Prisma's integration between operational technology and IT should be more seamless. Right now, it requires additional setup and maintenance."
"One thing that would help is if we could get a guide. With Cisco, for example, you can just type the problem regarding your Cisco product and you will easily get your solution. In Palo Alto, however, it's not easy to find the solutions."
"They automatically update and they should give us time to fully understand what they're updating so that we can make sure it doesn't impact production."
"The frequency of updates could be reduced."
"We are using the SaaS offering. We use our applications for microservices. We use Twistlock to scan containers, and it displays these results in Prisma, which is a good feature because we can see vulnerabilities with respect to these containers. We can see everything in a very detailed manner. However, when you have different environments for a single application, such as DEV, QA, PROD, and TEST, all these environments run multiple containers, which can lead to a very high number of containers. In such a scenario, it shows you the alerts for all those containers that have vulnerabilities. If you show the results of all the containers that share the same image, it is not going to add any value. Therefore, they should narrow down the alerts based on a container. It should show information for a single container. Otherwise, the person who is looking at the results gets the impression that he has to fix all these issues. This is something that they can improve."
"The solution needs to be more compatible with other solutions. This is specifically a problem for us when it comes to healthcare applications. They have proprietary connection types and things of that nature that make compatibility a challenge sometimes."
More F5 BIG-IP Access Policy Manager (APM) Pricing and Cost Advice →
More Prisma Access by Palo Alto Networks Pricing and Cost Advice →
F5 BIG-IP Access Policy Manager (APM) is ranked 16th in Secure Web Gateways (SWG) with 13 reviews while Prisma Access by Palo Alto Networks is ranked 3rd in Secure Web Gateways (SWG) with 58 reviews. F5 BIG-IP Access Policy Manager (APM) is rated 8.2, while Prisma Access by Palo Alto Networks is rated 8.2. The top reviewer of F5 BIG-IP Access Policy Manager (APM) writes " Facilitates packet inspection, modification, and offloading and offers visibility and troubleshooting capabilities, allowing for pre-production server testing". On the other hand, the top reviewer of Prisma Access by Palo Alto Networks writes "Integration with Palo Alto platforms such as Cortex Data Lake and Autofocus gives us visibility into our attack surface". F5 BIG-IP Access Policy Manager (APM) is most compared with Citrix Gateway, CyberArk Privileged Access Manager, Cisco ISE (Identity Services Engine), Ivanti Connect Secure and Microsoft Remote Desktop Services, whereas Prisma Access by Palo Alto Networks is most compared with Zscaler Zero Trust Exchange, Netskope , Cisco Umbrella, Zscaler Internet Access and Prisma SD-WAN. See our F5 BIG-IP Access Policy Manager (APM) vs. Prisma Access by Palo Alto Networks report.
See our list of best Secure Web Gateways (SWG) vendors.
We monitor all Secure Web Gateways (SWG) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.