We compared Prisma Access by Palo Alto Networks and Cloudflare Access across several parameters based on our users' reviews. After reading the collected data, you can find our conclusion below:
Comparison Results: When comparing Prisma Access by Palo Alto Networks and Cloudflare Access, it is important to note several differences. Prisma Access has a more intricate setup process that may require expertise and assistance, whereas Cloudflare Access is known for its simple and direct setup. Prisma Access is highly regarded for its user accessibility, performance, security features, and integration capabilities. On the other hand, Cloudflare Access is valued for its DDoS protection, user-friendly interface, and customizable rule set. Prisma Access is priced higher but is considered a worthwhile investment, while Cloudflare Access has mixed reviews regarding its pricing. Customer support for Prisma Access is generally satisfactory, and Cloudflare Access receives positive feedback for its support.
"The solution is stable."
"On the outside, the main differentiation is because Lookout ingest. They have ingested basically all of the apps for the last ten years and all the versions of all the apps, and we have that in a corporate database that allows us to do very large-scale machine learning and analysis on that data set. That's not something that any of the competitors really have the capability to do because they don't have access to the data set. A lot of the apps you can no longer get them because that version of the app is five or six years old, and it just doesn't exist anywhere anymore, except within our infrastructure. So, the ability to have that very rich dataset and learn from that dataset is a real differentiator."
"The most valuable features are the antivirus as a whole, the anti-malware, and all of the protection features that scan our enterprise devices."
"The protection offered by the product is the most valuable feature. It detects vulnerabilities or traps on our users' phones and then prompts them to clean up their devices. Tools we used previously would only discover, which required us to gather information on the backend, so Lookout is a welcome upgrade."
"It's the endpoint exposition. We don't need to expose our VPN server to the internet and need a zero-test solution. I can apply some conditional access to the endpoint that's connecting to our network to check their security policies or the security condition of their workstation. Once the workstation is trying to connect to my internal network, then I would like to check the discrete condition of these endpoints that are trying to access my internal network. We created some conditional access. We have CrowdStrike, to check if the CrowdStrike is installed, to check if it's updated, and to check for Windows updates. We created some conditional policies to check it."
"For Cloudflare Access, I am using the free plan...The most valuable feature is their protection."
"Enables me to work from two locations."
"The tool also offers good scalability, and the dashboard, along with real-time analytics, is very good."
"Cloudflare, in my opinion, was easy to implement."
"Panorama provides centralized management capabilities for all our firewalls and locations so that we can manage different data centers through a single device, a very valuable feature. We don't have to log into various devices to oversee them individually."
"We're now able to go after contracts that require a Zero Trust solution and Prisma's other technology solutions."
"Its hands-off security and the fact that we don't have to maintain it are the most valuable features."
"The tool's consolidation is pretty quick."
"It's quite reliable and performs well for users."
"Prisma Access provides comprehensive security. It provides URL filtering, application control, SSL, DLP, etc. It provides complete security for the cloud environment."
"Palo Alto Firewall is one of the best firewalls in the world."
"Prisma Access gives us security from a single point. It controls mobile users and determines how secure their networks will be, including from where they will get internet access. We can optimize things and add security profiles centrally."
"Lookout was moving into the SSE space. And so their work on SecureWeb Gateway and SD-WAN is still sort of evolving."
"We just submitted an enhancement request reflecting the main area we want to see improvement in; the APIs. Currently, we're able to build dashboards, but it's somewhat backward because we use our MDM API to create them. Lookout should provide API to customers so we can query our data and use it in our cloud, and this is the only outstanding area for improvement with the product right now."
"From the analysis that we've done, they do seem to be maybe a step behind in trying to enter the market with a new solution. But when they do pick up, they do come out with some good products."
"The stability depends on the service from where you access it. Because sometimes, the place you are in, you have Gateway. You don't have Gateway. The gateway is overutilized. At the end, you need to go through their gateways. And this is the key point here. You have a tracking point. If it's not well orchestrated, and it scales up as you add more to the existing team, you will suffer"
"For the topic of improvement, providing some training material is one of my suggestions."
"They don't have a person to provide support for customers using the solution under their free plan."
"The pricing is an area that can be improved. Pricing, as far as I recall, was the source of our problems."
"When there are any dynamic changes in complex applications, the tool takes a lot of time, making its analytics-related area a major matter of concern where improvements are needed."
"My clients would like to see a more feature-rich product."
"Prisma would be a stronger solution if it could aggregate resources by project or by application. So say we have an application we've developed in AWS and five applications we've developed in Azure. The platform will group it according to those applications, but it's based on the tags we use in Azure, which means I have to rely on development teams to tag resources properly."
"The frequency of updates could be reduced."
"We would like to see improvements in the licensing; currently, Palo Alto provides 500 to 1000 licenses for users, and we want to see 1500 to 2000 licenses for one version."
"Sometimes, you have these notifications sent out about changes in App-IDs, modifications in App-IDs, or even the introduction of entirely new App-IDs to replace. Sometimes, the recommendations are followed, but even then, when the package is installed on the firewall, it gets messed up. I remember a particular one was with Tableau, and suddenly, people weren't able to use Tableau, which is an analytics tool for business."
"We are using the SaaS offering. We use our applications for microservices. We use Twistlock to scan containers, and it displays these results in Prisma, which is a good feature because we can see vulnerabilities with respect to these containers. We can see everything in a very detailed manner. However, when you have different environments for a single application, such as DEV, QA, PROD, and TEST, all these environments run multiple containers, which can lead to a very high number of containers. In such a scenario, it shows you the alerts for all those containers that have vulnerabilities. If you show the results of all the containers that share the same image, it is not going to add any value. Therefore, they should narrow down the alerts based on a container. It should show information for a single container. Otherwise, the person who is looking at the results gets the impression that he has to fix all these issues. This is something that they can improve."
"I haven't seen any SD-WAN configuration capability. If Prisma Access would support SD-WAN, that would help... SD-WAN devices should be able to reach Prisma Access, and Palo Alto should support different, vendor-specific devices, not just Palo Alto devices, for SD-WAN configuration."
"Palo Alto needs to improve the GlobalProtect agent to work as a secure web gateway agent, not only as a VPN agent because some companies would want only a secure gateway. They wouldn't want a full VPN. So, Palo Alto has to make the VPN agent work as a secure web gateway agent for those customers who want only the secure web gateway solution."
More Prisma Access by Palo Alto Networks Pricing and Cost Advice →
Cloudflare Access is ranked 12th in Secure Access Service Edge (SASE) with 5 reviews while Prisma Access by Palo Alto Networks is ranked 1st in Secure Access Service Edge (SASE) with 59 reviews. Cloudflare Access is rated 8.8, while Prisma Access by Palo Alto Networks is rated 8.2. The top reviewer of Cloudflare Access writes "Replaces traditional VPN and enables endpoint exposition ". On the other hand, the top reviewer of Prisma Access by Palo Alto Networks writes "Integration with Palo Alto platforms such as Cortex Data Lake and Autofocus gives us visibility into our attack surface". Cloudflare Access is most compared with Twingate, Zscaler Zero Trust Exchange, Auth0, Google Cloud Platform Cloud Identity-Aware Proxy and Amazon Cognito, whereas Prisma Access by Palo Alto Networks is most compared with Netskope , Zscaler Zero Trust Exchange, Cisco Umbrella, Zscaler Internet Access and Cato SASE Cloud Platform. See our Cloudflare Access vs. Prisma Access by Palo Alto Networks report.
See our list of best Secure Access Service Edge (SASE) vendors and best ZTNA as a Service vendors.
We monitor all Secure Access Service Edge (SASE) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.