We compared Duo Security and Prisma Access by Palo Alto Networks across several parameters based on our users' reviews. After reading the collected data, you can find our conclusion below:
Comparison Results: Duo Security is praised for its easy setup, user-friendly interface, and detailed documentation. It excels in providing two-factor authentication and integration capabilities. However, it needs improvement in terms of compatibility, user-specific permissions, and technical support. On the other hand, Prisma Access is highly valued for its accessibility, strong security features, and global performance. It offers protection for all app traffic and integrates well with other Palo Alto platforms. However, it can be challenging to configure and has mixed reviews regarding customer support. Duo Security is considered competitively priced, while Prisma Access is seen as more expensive but worth it for its quality.
"Duo Security provides a high level of certainty regarding the identity of the individual performing an action. Whether it's logging into a system, using VPN, or utilizing Autopay, establishing that trust is crucial. I can't imagine any security company, organization, or IT team that wouldn't prioritize having multifactor authentication enabled when accessing critical systems."
"It was a simple way of providing two-factor authentication for remote access when we hit the COVID pandemic. It was very easy and quick to get it going."
"It provides single-pane-of-glass management, which is pretty easy and straightforward. Because we manage multiple access tiers, it allows us to essentially manage everything from one viewpoint and not have many viewpoints for the same product. This is important because it is a time and resource saver. It also saves us money."
"The most valuable features of Duo Security are visibility and OTP authentication. The OTP is very important because it is a self-enrollment feature, you are able to enroll users very quickly with a shorter time period."
"The app has greater stability than rival solutions such as Google Authenticator, and Duo Push authentication is a valuable feature."
"Multifactor authentication and secure two-factor authentication are the most valuable features. It's been around for a while, but now it's becoming an enforced behavior as opposed to something that you used to do as optional."
"We were considering purchasing other products, like AMP for Endpoints, and it was not properly integrated with the firewall function. It might be better now with SecureX."
"The single pane of glass management works very well. That feature is very important because we have a lot of admins who have to manage Duo, and it's much easier when it's a single pane of glass. That single pane is also great because it's easy to enroll new devices."
"The Autonomous Digital Experience Management (ADEM) offered by Palo Alto is a good reporting tool. It gives insights into how things are going within the network. It takes all the data from the users' endpoints and does an analysis, and it suggests changes as well."
"The performance is good."
"The solution also provides traffic analysis, threat prevention, URL filtering, and segmentation. That combination is important because it enhances the protection and makes the traffic more secure. It also keeps things more up-to-date, enabling us to deal with more of the current threats."
"The remediation process is easy compared to other platforms."
"It's much faster and more secure than legacy solutions. It is also quite stable and scalable as well. We are able to see all the traffic in one place."
"This solution provides a DLP on the cloud and very few people have a scanning device for data at rest."
"Its hands-off security and the fact that we don't have to maintain it are the most valuable features."
"It has predefined or preconfigured rules, which are getting periodically updated. They are providing continuous improvements and periodically updating all search queries that they are looking for. That is one thing that helps us to stay vigilant and focused. If we query our AWS account for any breaches or vulnerabilities with any of the cloud tests, and it alerts us based on these predefined rules. It also provides an option to configure our own rules, and based on these rules, it can query the cloud trail logs, pull the information, and trigger alerts in real-time. I haven't explored this feature much because there are multiple accounts, and we don't have enough time to explore this feature. It also provides multiple integrations. When vulnerabilities or breaches are happening, you should be aware of them immediately. It provides integration with tools such as Slack, PagerDuty so that you can get alerted as soon as the high severity stuff comes up. For example, you have a security group that has allowed public traffic on port 22. As TechOps, you should be aware of this immediately. You cannot scan each machine or look into all security groups to identify it. So, Prisma helps us and alerts us when this kind of high-priority stuff comes up. It has different statistics, analytics, and graphs for data. The description of alerts is also pretty good. They describe what are the possible causes for this and what are the solutions. From Prisma Cloud, you can directly go to the AWS account. When you click on an alert, a resource, or a resource ID, it takes you to the AWS console where you need to log in. If you are already logged in, it will take you to that instance directly, and you can fix the issue there. I have found this feature very useful."
"They can make authentication easier. It should be done in a shorter time. Sometimes, it can take a bit more time to get the answer on your phone. You have to wait a bit longer to get the SMS code and other things. There can be some internet or connection issues. They should make it faster because sometimes, it's urgent, and you need to access something as soon as possible."
"The only thing I can think of to improve for tech support is to have a dedicated engineer but then I would get an engineer that has priorities in one area or another and maybe not the scope I need."
"The new smart license model doesn't always work. It's very complicated."
"We already have Active Directory enabled in our routers and switches. However, if we could do two-factor authentication, then it could go a long way since no one's getting into them unless you want them to."
"One area that might be improved is that setting up SMS texting is not as easy as using the app, even though it does support it."
"Duo Security should have more customized use cases. For example, if a client needs to have more customization, it would be better to connect directly with Duo's R&D to try to discuss the issues together in order to add customizations."
"There is a little bit of apprehension for some users thinking, well, "How do I know this app is not collecting personal information from my personal device?""
"There might be a little slowness, but that could be my connection."
"Better integration with the MDM solution would be useful."
"One area for improvement is for them to stay on top of keeping their CVEs on their platform up to date."
"It wasn't so satisfying to work with it. There is room for improvement in the policy management. It is difficult to cover the entire scenery through Palo Alto products."
"The product's price is an area of concern where improvements are required. The solution's price should be lowered."
"It is a managed firewall. When you run into issues and have to troubleshoot, there is a fair amount of restriction. You run into a couple of restrictions where you don't have any visibility on what is happening on the Palo Alto managed infrastructure, and you need to get on a call to get technical assistance from Palo Alto's technical support. You have to get them to work with you to fix the problem. I would definitely like them to work on the visibility into what happens inside Palo Alto's infrastructure. It is not about getting our hands onto their infrastructure to do troubleshooting or fixing problems; it is just about getting more visibility. This will help us in guiding technical support folks to the area where they need to work."
"The licensing model isn't flexible enough. It's an all-or-nothing model. Other providers in the market allow you to buy modules or add-ons separately. With Prisma Access, you have to purchase the same module for all users."
"Their next release should provide solutions for the mobile environment."
"Sometimes, we encountered a portal crash. When we told Palo Alto they said it might be the browser or cache, but I think they need to improve it on their side."
More Prisma Access by Palo Alto Networks Pricing and Cost Advice →
Cisco Duo is ranked 3rd in ZTNA as a Service with 55 reviews while Prisma Access by Palo Alto Networks is ranked 2nd in ZTNA as a Service with 57 reviews. Cisco Duo is rated 8.8, while Prisma Access by Palo Alto Networks is rated 8.2. The top reviewer of Cisco Duo writes "Helps reduce the risk of a breach and is easy to deploy and onboard". On the other hand, the top reviewer of Prisma Access by Palo Alto Networks writes "Integration with Palo Alto platforms such as Cortex Data Lake and Autofocus gives us visibility into our attack surface". Cisco Duo is most compared with Microsoft Entra ID, Fortinet FortiAuthenticator, Fortinet FortiToken, Yubico YubiKey and UserLock, whereas Prisma Access by Palo Alto Networks is most compared with Zscaler Zero Trust Exchange, Netskope , Cisco Umbrella, Zscaler Internet Access and Prisma SD-WAN. See our Cisco Duo vs. Prisma Access by Palo Alto Networks report.
See our list of best ZTNA as a Service vendors.
We monitor all ZTNA as a Service reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.