Cortex XDR by Palo Alto Networks Review

User friendly, stable, and automatically correlates events and logs

What is our primary use case?

We mainly use it for endpoint protection, exploit prevention, and malware prevention. 

What is most valuable?

It can automatically correlate events and logs, which is very helpful for an IT administrator. It can correlate different kinds of malware activities over a network, agent, or host system. You do not need to do it manually. It is a good feature. 

It is also a user-friendly solution. We have deployed it on the cloud because our space does not provide any flexibility for on-premises deployment, but Palo Alto has added some flexibility to install it on-premises. It must be like the same Cortex XDR agent for all the VPN services, web filtering services, and everything else.

What needs improvement?

It is not a suitable solution if you are looking for a single product with multiple features such as DLP, encryption, rollback, etc.
this is good as an endpoint protection to prevent malware, exploits, zero days, ransomware, botnet etc. For features like Host DLP or encryption or patch management, or any such features which are available in basic anti-virus, you cannot expect it in Palo Alto Network's Cortex XDR solution. rest, all features work as expected, without any lagg or slowness observed in the system.

For how long have I used the solution?

I have been using this solution for a year or something like that. We have been using it from the day they launched or released version 4.0. Currently, they are on version 7.

What do I think about the stability of the solution?

It is stable. I have never faced any kind of issues or never heard from any of my colleagues that they have faced any kind of issue.

What do I think about the scalability of the solution?

There is no problem with scalability. Currently, we have around 150 users. In our company, it is compulsory to install this agent on all systems. If we want to scale it, we just need to install an agent. There is no upgrading the server or the hardware because it is a SaaS service provided by Palo Alto Networks.

How are customer service and technical support?

We directly raise issues with Palo Alto Networks, and they support us. I've never directly created a support query because our IT team looks into support queries, but I think it's pretty easy. You'll never face any kind of issues or challenges in raising support queries.

How was the initial setup?

It was straightforward. In earlier versions, such as version 4.0, it was a bit difficult to install the server and then upgrade the agents and servers. These processes were difficult. There are no complications now.

It took us more than a week to deploy because we were implementing it on the systems of various users who were working from home.

What about the implementation team?

We are a partner of Palo Alto Networks, so we have deployed it directly.

Which other solutions did I evaluate?

We evaluated multiple products. We have evaluated Trend Micro, McAfee, Broadcom Symantec, Sophos, and many other products. Each product is good in its own field. We chose Cortex because we already had a Palo Alto Networks firewall. It got integrated easily, and the co-relation part and the co-relation engine worked very well.

What other advice do I have?

If you are looking for security, mainly for advanced threat prevention from ransomware and malware attacks, I would recommend Cortex. Even if you want to integrate your firewall, I would recommend Cortex, but if you are looking for a single product with multiple options or features, such as DLP, encryption, rollback, and other features, I would not recommend Cortex.

I would rate Cortex XDR a nine out of ten.

Which deployment model are you using for this solution?

Private Cloud

Which version of this solution are you currently using?

**Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
More Cortex XDR by Palo Alto Networks reviews from users
...who work at a Healthcare Company
...who compared it with McAfee Endpoint Security
Learn what your peers think about Cortex XDR by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: January 2021.
456,719 professionals have used our research since 2012.
Add a Comment