We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The policies that come prepackaged in the tool have been very valuable to us. They're accurate and they provide good guidance as to why the policy was created, as well as how to remediate anything that violates the policy."
"Technical support is quite helpful."
"The product is quite good for providing multi-clouds or cross-cloud security from a single-pane -of-glass."
"The Twistlock vulnerability scanning tool is its most valuable feature. It provides us insight into security vulnerabilities, running inside both on-premise and public cloud-based container platforms. It is filling a gap that we have with traditional vulnerability scanning tools, where we don't have the ability to scan inside containers."
"It scans our containers in real time. Also, as they're built, it's looking into the container repository where the images are built, telling us ahead of time, "You have vulnerabilities here, and you should update this code before you deploy." And once it's deployed, it's scanning for vulnerabilities that are in production as the container is running."
"You can also integrate with Amazon Managed Services. You can also get a snapshot in time, whether that's over a 24-hour period, seven days, or a month, to determine what the estate might look like at a certain point in time and generate reports from that for vulnerability management forums."
"The ability to monitor the artifact repository is one of the most valuable features because we have a disparate set of development processes, but everything tends to land in a common set of artifact repositories. The solution gives us a single point where we can apply security control for monitoring. That's really helpful."
"In addition to that, I can get a snapshot of what I deemed were the priority vulnerabilities, whether it was identity access management, key rotation, or secrets management. Whatever you deem to be a priority for mitigating threats for your environment, you can get that as a snapshot."
"The most valuable feature is the ability to create, develop, and deploy servers in minutes to hours, rather than days."
"I have found the solution to be stable."
"The most valuable features are stability and low cost."
"Overall, I would say the solution has been quite stable."
"During our experience, the solution has been stable."
"The most valuable features are the micro-segmentation and integrated security options."
"Overall, for me, it's a good solution and has been working well."
"One of the big improvements between the NSX-V and NSX-T is that in NSX-T you are no longer dependent on V-Center anymore."
"Some of the usability within the Compute functionality needs improvement. I think when Palo Alto added on the Twistlock functionality, they added a Compute tab on the left side of the navigation. Some of the navigation is just a little dense. There is a lot of navigation where there is a tab and dropdowns. So, just improving some of the navigation where there is just a very dense amount of buttons and drop-down menus, that is probably the only thing, which comes from having a lot of features. Because there are a lot of buttons, just navigating around the platform can be a little challenging for new users."
"Palo Alto should work on ease-of-use and the user-friendliness to be more competitive with some competing products."
"We would like it to have more features from the risk and compliance perspectives."
"The integration of the Compute function into the cloud monitoring function—because those are two different tools that are being combined together—could use some more work. It still feels a little bit disjointed."
"The alignment of Twistlock Defender agents with image repositories needs improvement. These deployed agents have no way of differentiating between on-premise and cloud-based image repositories. If I deploy a Defender agent to secure an on-premise Kubernetes cluster, that agent also tries to scan my ECR image repositories on AWS. So, we have limited options for aligning those Defenders with the repositories that we want them to scan. It is scanning everything rather than giving us the ability to be real granular in choosing which agents can scan which repositories."
"Based on my experience, the customization—especially the interface and some of the product identification components—is not as customizable as it could be. But it makes up for that with the fact that we can access the API and then build our own systems to read the data and then process and parse it and hand it to our teams."
"We would like to have the detections be more contemporaneous. For example, we've seen detections of an overprivileged user or whatever it might be in any of the hundreds of Prisma policies, where there are 50 minutes of latency between the event and the alert."
"In terms of improvement, there are some small things like hardening and making sure the Linux resources are deployed well but that's more at an operational level."
"We have done three installations and we have not had any critical issues. The time it took for the installation was approximately two days. However, they should provide better documentation."
"One drawback is this solution requires a lot of other products in the VMware ecosystem to have a full end-to-end operation orchestration monitoring. You have to buy a lot of add-ons to fully utilize the functionality."
"VMware NSX only supports some platforms like KVM."
"NSX could better integrate with open-source products. Of course, it integrates with some, but I know many people are uncomfortable deploying NSX with certain open-source solutions, such as Radar."
"Quite a complex solution."
"I would like to see automation capabilities in the deployment process."
"The support needs improvement."
"Traffic flow introspection topology visibility is definitely needed because at the moment, NSX-T lacks in this area."
"I don't know a better way to do it, but their licensing is a little confusing. That's due to the breadth of different types of technologies they are trying to cover. The way you license depends on where you're securing. When they were Twistlock it was a simple licensing scheme and you could tell what you were doing. Now that they've changed that scheme with Palo Alto, it is quite confusing. It's very difficult to predict what your costs are going to be as you try to expand coverage."
"Prisma Cloud is quite scalable. In our current licensing model, we're able to heavily extend our cloud workload and onboard a lot of customers. It really helps, and it is on par with other solutions."
"If you pay for three years of Palo Alto, it's better. If you're planning on doing this, it's obviously not going to be for one year, so it's better if you go with a three-year license... The only challenge we have is with the public cloud vendor pricing. The biggest lesson I have learned is around the issues related to pricing for public cloud. So when you are doing your segmentation and design, it is extremely important that you work with someone who knows and understands what kinds of needs you will have in the future and how what you are doing will affect you in terms of costs."
"The pricing and the licensing are both very fair... The biggest advice I would give in terms of costs would be to try to understand what the growth is going to look like. That's really been our biggest struggle, that we don't have an idea of what our future growth is going to be on the platform. We go from X number of licenses to Y number of licenses without a plan on how we're going to get from A to B, and a lot of that comes as a bit of a surprise. It can make budgeting a real challenge for it."
"From my exposure so far, they have been really flexible on whatever your current state is, with a view to what the future state might be. There's no hard sell. They "get" the journey that you're on, and they're trying to help you embrace cloud security, governance, and compliance as you go."
"The pricing is good. They gave us some good discounts right at the end of the year based on the value that it brings, visibility, and the ability to build in cloud, compliance, and security within one dashboard."
"The licensing cost is a bit high on the compute side."
"You can expect a premium price because it is a premium quality product by a leading supplier."
"This solution requires a licence."
"There is a license required for this solution, we pay annually."
"The price of this product is too high."
"I was not involved in the purchase of the solution but I hear it is on the expensive side."
"There is a license required for this solution and there is also a support license available. The price of the solution could be better."
"It is an expensive product, but cheaper than some competing solutions."
"VMware NSX is expensive and everything is licensed. We have to pay for each individual feature."
"The price is based on the virtual desktop infrastructure(VDI) side and also is dependant on the size of the environment. The price is expensive and it could attract more purchasers in smaller organisations if it was reduced."
The move to the cloud has changed all aspects of the application development lifecycle – security being foremost among them. Security and DevOps teams face a growing number of entities to secure as organizations adopt cloud native approaches. Ever-changing environments challenge developers to build and deploy at a frantic pace, while security teams remain responsible for the protection and compliance of the entire lifecycle. Prisma™ Cloud by Palo Alto Networks delivers complete security across the development lifecycle on any cloud, enabling you to develop cloud native applications with confidence.
Prisma Cloud by Palo Alto Networks is ranked 1st in Microsegmentation Software with 19 reviews while VMware NSX is ranked 2nd in Microsegmentation Software with 23 reviews. Prisma Cloud by Palo Alto Networks is rated 8.0, while VMware NSX is rated 7.8. The top reviewer of Prisma Cloud by Palo Alto Networks writes "Gives me a holistic view of cloud security across multiple clouds or multiple cloud workloads within one cloud provider". On the other hand, the top reviewer of VMware NSX writes "A flexible option for managing security, but setup is complex and documentation is lacking". Prisma Cloud by Palo Alto Networks is most compared with Aqua Security, Microsoft Defender for Cloud, Check Point CloudGuard Posture Management, Lacework and Snyk, whereas VMware NSX is most compared with Cisco ACI, Cisco Secure Workload, Nutanix Flow and Guardicore Centra. See our Prisma Cloud by Palo Alto Networks vs. VMware NSX report.
See our list of best Microsegmentation Software vendors.
We monitor all Microsegmentation Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.