We compared Okta Workforce Identity and Prisma Access by Palo Alto Networks across several parameters based on our users' reviews. After reading the collected data, you can find our conclusion below:
Comparison Results: Okta Workforce Identity is commended for its user-friendly interface, simple setup process, and strong integration capabilities. However, it lacks certain functionalities such as password vaulting management and could improve its customer support. On the other hand, Prisma Access is highly regarded for its extensive security features, accessibility for users, and ability to safeguard all types of app traffic. Nevertheless, it can be challenging to use and configure, and its pricing is considered relatively high.
"The most valuable features are ease of operation and visibility."
"Okta integrates well with other solutions. Once you have integrated an application into Okta and onboarded a user, they will be onboarded for just-in-time provisioning."
"A solution that's easy to use, stable, and reliable."
"Valuable features include UD, SSO functionality, MFA and Adaptive MFA functionality, ability to link multiple Directory databases with UD."
"It is dependent on the evolution of your user base. It depends on usage per user, so the more sign-ins there are, the more expensive it becomes, so it works best for smaller companies from a financial perspective."
"I like the tool's workflows, which is user-friendly. It can integrate with different applications. I particularly like that users are delighted to access their applications without the hassle of entering their username and password each time. It truly enhances user-friendliness."
"It is a very scalable solution."
"The product’s most valuable feature is multifactor authentication."
"To quarantine and clean a malware file provides a lot of security."
"Overall, the cost savings, ease of deployment, and better VPN user experience and performance are valuable."
"The most valuable features of the solution stem from the fact that it offers stability and scalability while being a very secure product."
"You have the ability to create your own expressions for your data. Palo Alto understands that DLP is not the same for all consumers. You might have a particular need to fulfill, and they give you the opportunity to create a custom expression to match the specific format that you have. For a confidential file property that you have in your files, you can add a metadata field. It gives you that opportunity to create that."
"Monitoring is the most valuable feature because we can easily monitor all kinds of stuff coming over the network. We can check the dashboard and work accordingly."
"The Autonomous Digital Experience Management (ADEM) offered by Palo Alto is a good reporting tool. It gives insights into how things are going within the network. It takes all the data from the users' endpoints and does an analysis, and it suggests changes as well."
"It has predefined or preconfigured rules, which are getting periodically updated. They are providing continuous improvements and periodically updating all search queries that they are looking for. That is one thing that helps us to stay vigilant and focused. If we query our AWS account for any breaches or vulnerabilities with any of the cloud tests, and it alerts us based on these predefined rules. It also provides an option to configure our own rules, and based on these rules, it can query the cloud trail logs, pull the information, and trigger alerts in real-time. I haven't explored this feature much because there are multiple accounts, and we don't have enough time to explore this feature. It also provides multiple integrations. When vulnerabilities or breaches are happening, you should be aware of them immediately. It provides integration with tools such as Slack, PagerDuty so that you can get alerted as soon as the high severity stuff comes up. For example, you have a security group that has allowed public traffic on port 22. As TechOps, you should be aware of this immediately. You cannot scan each machine or look into all security groups to identify it. So, Prisma helps us and alerts us when this kind of high-priority stuff comes up. It has different statistics, analytics, and graphs for data. The description of alerts is also pretty good. They describe what are the possible causes for this and what are the solutions. From Prisma Cloud, you can directly go to the AWS account. When you click on an alert, a resource, or a resource ID, it takes you to the AWS console where you need to log in. If you are already logged in, it will take you to that instance directly, and you can fix the issue there. I have found this feature very useful."
"There is a system for monitoring the traffic. You can monitor the traffic of the connected people and point out any issues on the connection part."
"UD attribute mapping, Okta group rules, and dynamic usage could use improvement. It also needs more in-depth functionality and features to integrate with RADIUS solutions."
"Okta Workforce Identity could improve the way passwords are reset and how it interfaces with Microsoft."
"There are some issues with the interface that can be improved."
"They also have single sign-on (SSO). When we bought Okta Workforce Identity a year and a half ago, I was also looking at SSO, but not much documentation was available for SSO. The documentation for SSO should be a little more robust for somebody who is implementing it for the first time."
"You can't hide the device when you're checking logs."
"RESTful Web Service calls and their response seem a bit slow."
"We still had to write several internal programs/scripts to complete the user-provisioning process. Okta does not have the ability to provision mailbox accounts for on-premise Exchange or in a hybrid O365 environment. The Group Push function from Okta to AD did not work reliably in our environment."
"The pricing could be improved."
"The one thing that I've been a little bit disappointed with is when we have had to open cases with Palo Alto about Prisma Access issues. Versus their other platforms, like their firewalls, where we tend to get really quick responses and very definitive answers, the few tickets I've had to open for Prisma Access have taken them longer to respond to. And they haven't necessarily given me the kind of answer I was looking for, meaning a fix to the problem."
"It's not really Prisma's fault, but when you try to create exceptions you don't really have those abilities. You cannot say, on the management platform, "Hey, for these users I want to create these exceptions." That is one thing that I have gotten some complaints about, and we have faced some challenges there."
"The solution’s stability could be improved."
"Prisma Access by Palo Alto Networks should consolidate the portals into a single portal. It is slow and takes more than ten seconds to load a page."
"They automatically update and they should give us time to fully understand what they're updating so that we can make sure it doesn't impact production."
"They can add some new characteristics. For example, when an incident triggers, they can automatically send a template for a particular match that is related to the policy. We don't have that right now. It is something to improve. There could be more automation for certain actions. For example, for a particular group, it can send an administrator alert to their manager. It was one of the concerns of our customers."
"It applies commits to the firewalls slowly. There isn't an API you can use for anything. We've previously had trouble with the egress IP addresses though we expressed to engineering that those mustn't change. They changed several times without warning, causing a lot of headaches."
"We would like to see improvements in the licensing; currently, Palo Alto provides 500 to 1000 licenses for users, and we want to see 1500 to 2000 licenses for one version."
More Prisma Access by Palo Alto Networks Pricing and Cost Advice →
Okta Workforce Identity is ranked 7th in ZTNA as a Service with 56 reviews while Prisma Access by Palo Alto Networks is ranked 2nd in ZTNA as a Service with 57 reviews. Okta Workforce Identity is rated 8.6, while Prisma Access by Palo Alto Networks is rated 8.2. The top reviewer of Okta Workforce Identity writes "Extremely easy to work with, simple to set up, and reasonably priced ". On the other hand, the top reviewer of Prisma Access by Palo Alto Networks writes "Integration with Palo Alto platforms such as Cortex Data Lake and Autofocus gives us visibility into our attack surface". Okta Workforce Identity is most compared with Google Cloud Identity, Microsoft Entra ID, SailPoint IdentityIQ, Saviynt and Auth0, whereas Prisma Access by Palo Alto Networks is most compared with Zscaler Zero Trust Exchange, Netskope , Cisco Umbrella, Zscaler Internet Access and Prisma SD-WAN. See our Okta Workforce Identity vs. Prisma Access by Palo Alto Networks report.
See our list of best ZTNA as a Service vendors.
We monitor all ZTNA as a Service reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.