Palo Alto Networks Prisma SaaS Review

Protects cloud data at rest and sends valuable notifications in a timely manner


What is our primary use case?

This is a CASB product that we use to protect data that is in the cloud. We work with our client to protect them from unknown threats, as well as known threats such as the inadvertent sharing of files. An example of this is the uploading of a file by an admin that contains sensitive data that was not intended to be shared with anyone who is external to the organization, such as a Gmail address. This solution offers protection from these kinds of problems.

How has it helped my organization?

From my client's perspective, I can say that they had no control over their cloud data that they needed to protect. They had solutions that can handle their on-premise DLP, such as determining whether a particular service is malware-free. When it was on the cloud, such as Google Cloud, Google Drive, ServiceNow, or others, they were not sure how to protect it. With this solution, they are able to protect themselves, and also with data at rest. It has helped to protect against the propagation of malware from the cloud to the premises.

What is most valuable?

There are two features that I find very good. This solution provides a DLP on the cloud and very few people have a scanning device for data at rest. The second feature that I really like about this solution is the notifications that it provides. It provides me with timely notifications so that I can consider things such as whether actions are trusted or untrusted and I can quarantine the data on the fly.

What needs improvement?

There are a lot of cloud-based applications that are supported, such as Box, Skype, Google Drive, and SharePoint, but there are many more than have not been totally integrated. They cannot use in-house apps because they are not generic services. I would like to see support for custom applications. 

There are also certain storage services that are not integrated, like AWS S3. If the services are created by the customer then it would be very nice to have those protected too.

Right now, this is a data at rest CASB, but it would be nice if it included features such as forward proxy or reverse proxy. It would be able to provide the OTP to those gateways and anyone who can integrate with Aperture can send the data to have it authenticated, via Aperture to the cloud, rather than just scanned. Essentially, if it can be made to act as an auth server, to automatically handle the forward proxy CASB, it would be good.

For how long have I used the solution?

Six months.

What do I think about the stability of the solution?

It seems to be a pretty stable product. It has been six months and we haven't seen many problems yet.

What do I think about the scalability of the solution?

Given that it is in the cloud, I don't think that there is an issue with the scalability. You can just add agents or perform more integration very easily and it will work. Unless the price model changes because it is already a bit pricey from the perspective of the end-user, it is not a problem.

The scalability is based on devices rather than users, but I can say that there are perhaps six cloud accounts with around ten or fifteen apps that they are trying to protect.

How are customer service and technical support?

The technical support is very friendly. They are aware of the solution and they can definitely help you if you are stuck with a problem.

If you previously used a different solution, which one did you use and why did you switch?

Our customer was not aware of how to protect their cloud data, and this is the first solution that they chose.

How was the initial setup?

The initial setup is simple. You just need to log into the Aperture cloud with your user ID and password, apply the license and you are done. After this, you just need to know how to integrate, but they already have documentation that can help you out.

The time required for deployment depends on how complex you are making the environment. If it's a very simple one, such as a Box or a Google Drive, then it will take around a day or two, maximum a week.

I would say that a complex environment may take between three and four weeks. It depends on the use case. If you want to do a POC setup on VPC or Google Drive then it may take less time. On the other hand, if you are integrating more services then it will take longer because you have to learn the product from scratch. There are no similar services.

Once this solution is configured, there is very little that you have to do unless the customer requests something new. If you integrate it with WildFire and AutoFocus, it will automatically get the latest volume or latest signatures, and it will notify you whenever that happens. If somebody is properly trained then one person can handle the maintenance.

What about the implementation team?

We deployed this solution for our customer. We also used agents, provided with Aperture, on the local devices so that they could be easily connected to the cloud.

What's my experience with pricing, setup cost, and licensing?

The pricing for this solution is on the higher end. Our customer felt that the solution was a bit overpriced but they had nothing that offered them better protection.

The licensing fees are on a yearly basis, and there are no additional costs.

Which other solutions did I evaluate?

There are now more vendors doing this, such as Oracle, but when we started there were very few. This is one of the reasons for choosing this solution.

What other advice do I have?

This is a fairly good product if you are looking for something to protect data at rest. There are alternatives, like Oracle and McAfee, that also provide similar solutions, but you should do a POC with them first. In fact, you should always start with a POC because everyone has different needs. 

If you take the training that is available then you will be able to handle the maintenance yourself. There can be challenges when there are compliance issues, like somebody putting a file into quarantine. It will have to be taken out manually, and if the user is untrained then they will require technical help for this.

I would rate this solution eight and a half out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email