What is our primary use case?
We use Palo Alto Networks Traps (Version 6) to protect our endpoints against NG malware via behavior analysis, artificial intelligence and machine learning. Both the PA Traps endpoint logs, our PA firewall traffic logs and the Wildfire sandbox are used to provide immediate threat response and feed this information to the PA Threat Intelligence cloud.
How has it helped my organization?
Palo Alto Networks Traps improves our security posture and lowers risk by providing next-gen methods to combat against modern threats on all the major platforms.
What is most valuable?
The one feature that our organization finds most valuable is being able to control the USB ports on the endpoints
What needs improvement?
The MAC agent is not as robust feature-wise as the PC version. I need to control USB ports on MAC laptops and cannot. This is a MUST so I opened a case with Palo Alto and requested this feature for an upcoming update.
I would like to see more automation and self-healing for incidents that can be easily classified as malware.
For how long have I used the solution?
Less than one year.
What do I think about the stability of the solution?
What do I think about the scalability of the solution?
Palo Alto Networks Traps features excellent protection, cost and scalability. We are a small group of 4 employees and have 2 people dedicated to deployment and monitoring of 1400+ endpoints.
How are customer service and technical support?
Palo Alto Network's technical support is excellent.
Which solution did I use previously and why did I switch?
Since we were a Fortinet shop, we previously used the FortiClient endpoint agent. We switched to Palo alto FWs and endpoint protection because it is a more mature product with advanced next-gen capabilities not available from the Fortinet solution.
How was the initial setup?
The initial setup was done by a Palo Alto certified service provider.
What was our ROI?
This product pays for itself with only one ransomware denial!
What's my experience with pricing, setup cost, and licensing?
Our license runs on a monthly basis with a recurring monthly charge. If you want additional options like secure remote access with policies, that requires an additional cost.
Palo Alto Networks Traps does not apply secure remote access to devices without policies, which we are implementing. If you want to apply more policies, like an anti-virus program, anti-malware, or configurations for using a VPN on remote connections, that would also be an additional cost. We're not doing that.
Which other solutions did I evaluate?
Cylance, Carbon Black, Crowdstrike, Microsoft Windows Defender ATP, Sophos, SentinelONE
What other advice do I have?
On a scale from 1-10, I would rate Palo Alto Networks Traps with an eight. It is great, but I have some issues with the cost of the product license.
Which version of this solution are you currently using?