We compared Prisma Access by Palo Alto Networks and Cloudflare Access across several parameters based on our users' reviews. After reading the collected data, you can find our conclusion below:
Comparison Results: When comparing Prisma Access by Palo Alto Networks and Cloudflare Access, it is important to note several differences. Prisma Access has a more intricate setup process that may require expertise and assistance, whereas Cloudflare Access is known for its simple and direct setup. Prisma Access is highly regarded for its user accessibility, performance, security features, and integration capabilities. On the other hand, Cloudflare Access is valued for its DDoS protection, user-friendly interface, and customizable rule set. Prisma Access is priced higher but is considered a worthwhile investment, while Cloudflare Access has mixed reviews regarding its pricing. Customer support for Prisma Access is generally satisfactory, and Cloudflare Access receives positive feedback for its support.
"The protection offered by the product is the most valuable feature. It detects vulnerabilities or traps on our users' phones and then prompts them to clean up their devices. Tools we used previously would only discover, which required us to gather information on the backend, so Lookout is a welcome upgrade."
"The most valuable features are the antivirus as a whole, the anti-malware, and all of the protection features that scan our enterprise devices."
"On the outside, the main differentiation is because Lookout ingest. They have ingested basically all of the apps for the last ten years and all the versions of all the apps, and we have that in a corporate database that allows us to do very large-scale machine learning and analysis on that data set. That's not something that any of the competitors really have the capability to do because they don't have access to the data set. A lot of the apps you can no longer get them because that version of the app is five or six years old, and it just doesn't exist anywhere anymore, except within our infrastructure. So, the ability to have that very rich dataset and learn from that dataset is a real differentiator."
"The solution is stable."
"Enables me to work from two locations."
"It's the endpoint exposition. We don't need to expose our VPN server to the internet and need a zero-test solution. I can apply some conditional access to the endpoint that's connecting to our network to check their security policies or the security condition of their workstation. Once the workstation is trying to connect to my internal network, then I would like to check the discrete condition of these endpoints that are trying to access my internal network. We created some conditional access. We have CrowdStrike, to check if the CrowdStrike is installed, to check if it's updated, and to check for Windows updates. We created some conditional policies to check it."
"The tool also offers good scalability, and the dashboard, along with real-time analytics, is very good."
"For Cloudflare Access, I am using the free plan...The most valuable feature is their protection."
"Cloudflare, in my opinion, was easy to implement."
"The remediation process is easy compared to other platforms."
"Security is absolutely spot-on, really top-notch. It's the result of all the components that come together, such as the HIP [Host Information Profile] and components like Forcepoint, providing end-user content inspection, and antivirus. It incorporates DLP features and that's fantastic because Prisma Access makes sure that all of the essential prerequisites are in place before a user can log in or can be tunneled into."
"The initial setup is very straightforward."
"A feature I've found very helpful is run time security because most of the products on the market will look at security during the build time, and they don't really look at what happens once you're going into production."
"We're now able to go after contracts that require a Zero Trust solution and Prisma's other technology solutions."
"There are plenty of features this solution provides and the most valuable would be the complete security protection we are receiving. We are provided with similar security that the Palo Alto AWS solution has. This includes features such as a firewall and machine learning AI."
"The most valuable feature is the ability to change the gateway. For example, if there's a problem with a specific region or vendor, we can make modifications. The solution is scalable, and there are different gateways that can be created depending on the demand."
"The users can securely access any cloud data centers or cloud platforms. In terms of the features, it has all the features that Palo Alto Next-Generation Firewall has. It is also very stable and scalable."
"The stability depends on the service from where you access it. Because sometimes, the place you are in, you have Gateway. You don't have Gateway. The gateway is overutilized. At the end, you need to go through their gateways. And this is the key point here. You have a tracking point. If it's not well orchestrated, and it scales up as you add more to the existing team, you will suffer"
"We just submitted an enhancement request reflecting the main area we want to see improvement in; the APIs. Currently, we're able to build dashboards, but it's somewhat backward because we use our MDM API to create them. Lookout should provide API to customers so we can query our data and use it in our cloud, and this is the only outstanding area for improvement with the product right now."
"From the analysis that we've done, they do seem to be maybe a step behind in trying to enter the market with a new solution. But when they do pick up, they do come out with some good products."
"Lookout was moving into the SSE space. And so their work on SecureWeb Gateway and SD-WAN is still sort of evolving."
"They don't have a person to provide support for customers using the solution under their free plan."
"For the topic of improvement, providing some training material is one of my suggestions."
"When there are any dynamic changes in complex applications, the tool takes a lot of time, making its analytics-related area a major matter of concern where improvements are needed."
"The pricing is an area that can be improved. Pricing, as far as I recall, was the source of our problems."
"Dependencies of applications sometimes is a bit confusing."
"The one thing that I've been a little bit disappointed with is when we have had to open cases with Palo Alto about Prisma Access issues. Versus their other platforms, like their firewalls, where we tend to get really quick responses and very definitive answers, the few tickets I've had to open for Prisma Access have taken them longer to respond to. And they haven't necessarily given me the kind of answer I was looking for, meaning a fix to the problem."
"There can be some latency issues with the solution that should be improved."
"We've run into some challenges, having hit a lot of bugs over the past year in the deployment of GlobalProtect. We've had our fair share of issues that I haven't been happy with. We're working with the support organization to remediate them and waiting for updated releases. The response on getting the bugs fixed has not been what I would consider adequate for a product like this."
"One area for improvement is for them to stay on top of keeping their CVEs on their platform up to date."
"We are using the SaaS offering. We use our applications for microservices. We use Twistlock to scan containers, and it displays these results in Prisma, which is a good feature because we can see vulnerabilities with respect to these containers. We can see everything in a very detailed manner. However, when you have different environments for a single application, such as DEV, QA, PROD, and TEST, all these environments run multiple containers, which can lead to a very high number of containers. In such a scenario, it shows you the alerts for all those containers that have vulnerabilities. If you show the results of all the containers that share the same image, it is not going to add any value. Therefore, they should narrow down the alerts based on a container. It should show information for a single container. Otherwise, the person who is looking at the results gets the impression that he has to fix all these issues. This is something that they can improve."
"When it comes to the VPN, it uses the global protect VPN functionality to connect remotely, but it has a feature limitation for assigning multiple IP sub-links to different user groups. It would be much better if we are able to assign the current IP blocks for the sub-links based on the user groups."
"It is a managed firewall. When you run into issues and have to troubleshoot, there is a fair amount of restriction. You run into a couple of restrictions where you don't have any visibility on what is happening on the Palo Alto managed infrastructure, and you need to get on a call to get technical assistance from Palo Alto's technical support. You have to get them to work with you to fix the problem. I would definitely like them to work on the visibility into what happens inside Palo Alto's infrastructure. It is not about getting our hands onto their infrastructure to do troubleshooting or fixing problems; it is just about getting more visibility. This will help us in guiding technical support folks to the area where they need to work."
More Prisma Access by Palo Alto Networks Pricing and Cost Advice →
Cloudflare Access is ranked 11th in ZTNA as a Service with 5 reviews while Prisma Access by Palo Alto Networks is ranked 2nd in ZTNA as a Service with 57 reviews. Cloudflare Access is rated 8.8, while Prisma Access by Palo Alto Networks is rated 8.2. The top reviewer of Cloudflare Access writes "Replaces traditional VPN and enables endpoint exposition ". On the other hand, the top reviewer of Prisma Access by Palo Alto Networks writes "Integration with Palo Alto platforms such as Cortex Data Lake and Autofocus gives us visibility into our attack surface". Cloudflare Access is most compared with Twingate, Zscaler Zero Trust Exchange, Auth0, Google Cloud Platform Cloud Identity-Aware Proxy and Amazon Cognito, whereas Prisma Access by Palo Alto Networks is most compared with Zscaler Zero Trust Exchange, Netskope , Cisco Umbrella, Zscaler Internet Access and Cato SASE Cloud Platform. See our Cloudflare Access vs. Prisma Access by Palo Alto Networks report.
See our list of best ZTNA as a Service vendors and best Secure Access Service Edge (SASE) vendors.
We monitor all ZTNA as a Service reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
