Check Point CloudGuard CNAPP vs Prisma Access by Palo Alto Networks comparison

Check Point CloudGuard CNAPP

Read 65 Check Point CloudGuard CNAPP reviews

1,511 Views
885 Comparison Views

95% willing to recommend

Prisma Access by Palo Alto ...

Read 59 Prisma Access by Palo Alto Networks reviews

16,396 Views
11,040 Comparison Views

91% willing to recommend

Check Point CloudGuard CNAPP

Prisma Access by Palo Alto ...

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Check Point CloudGuard CNAPP and Prisma Access by Palo Alto Networks based on real PeerSpot user reviews.

Find out what your peers are saying about Tenable, Wiz, SentinelOne and others in Vulnerability Management.

To learn more, read our detailed Vulnerability Management Report (Updated: June 2024).

Buyer's Guide

Vulnerability Management

June 2024

Download the complete report

Helped 787,779 peers since 2012

Categories and Ranking

Check Point CloudGuard CNAPP

Average Rating

8.6

Number of Reviews

Ranking in other categories

Vulnerability Management (6th), Cloud and Data Center Security (8th), Container Management (6th), Cloud Workload Protection Platforms (CWPP) (5th), Cloud Security Posture Management (CSPM) (4th), Cloud-Native Application Protection Platforms (CNAPP) (4th), Data Security Posture Management (DSPM) (4th), Compliance Management (3rd)

Prisma Access by Palo Alto ...

Average Rating

8.2

Number of Reviews

Ranking in other categories

Secure Web Gateways (SWG) (3rd), Cloud Access Security Brokers (CASB) (3rd), Enterprise Infrastructure VPN (4th), ZTNA as a Service (2nd), Secure Access Service Edge (SASE) (1st)

Featured Reviews

reviewer2379448

Director of Cybersecurity at a comms service provider with 10,001+ employees

Apr 15, 2024

The benefits were immediate, effectively providing compliance rule sets and security best practices

We haven't had any cloud security incidents since implementing CloudGuard CNAPP in 2017. It's been a critical tool as we've grown our cloud usage, transitioning applications from data centers to the cloud. CloudGuard's scalability has kept pace with our growth. As the third-largest enterprise user of Azure, our cloud footprint is significant. The benefits of CloudGuard CNAPP were immediately apparent upon deployment. Back in 2017, we found ourselves needing to catch up on securing our existing AWS assets. We required a solution that offered quick implementation and usability. CloudGuard was the first platform we considered, and we've continued to expand its use alongside Check Point's ongoing development of new capabilities. We create custom rules to address our organization's unique security policies, in addition to leveraging the built-in rules within CloudGuard CNAPP's CSPM module. This flexibility is crucial for us. While CloudGuard CNAPP's CSPM capabilities effectively provide compliance rule sets and security best practices, it's important to understand that this is just one aspect of achieving full alignment with security frameworks. To be fully compliant, additional measures outside of CloudGuard need to be addressed and implemented. However, CloudGuard CNAPP remains a valuable piece of the puzzle. CSPM helps us identify the most critical business risks. It's a time-saver that translates into cost savings. CSPM provides insights from multiple perspectives. We can analyze what a breach would mean for the business, including brand reputation and the significant cost and time required for recovery. Even in terms of day-to-day operations, CSPM saves us employee hours by streamlining security tasks. The security provided by the CWP for containers is good. We are extremely satisfied. Our CI/CD environment utilizes some scanning capabilities offered by workload protection, but it's not fully integrated. This creates limitations in proactively identifying issues before deployment. When we do use the workload protection capabilities they are critical for us.

Read full review

ASHRAF ALI HASSAN

Senior Manager Network Design at MEEZA, Managed IT Services Provider

Dec 21, 2023

Along with a straightforward setup phase, the tool also offers exceptionally high stability

I have experience with Cisco and Fortinet. I have experience with Cisco AnyConnect Secure Mobility Client. The last time we used Cisco AnyConnect Secure Mobility Client in our company was three years ago, after which it was phased out from the set of standard solutions we use. Based on my experience with Fortinet and FortiClient, I can say that the support is not at the same level as the one offered by Palo Alto Networks. Fortinet's technical support team is not as strong as the technical team of Palo Alto Networks. Only the prices of Fortinet and FortiClient were good compared to Palo Alto Networks.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Cloud security posture management is the feature we've been using the longest."

"I love the work involved in maintaining and scaling security services and configurations across multiple public clouds using this solution, versus using native native cloud security controls. It is so much better. The different cloud platforms all have their own way that they handle a lot of the stuff that Dome9 handles. Even within their platform, they are in a lot of disparate places, e.g., in AWS, there are five different tools. You have to jump between them to get the same information that you can just pull in automatically on Dome9, which is just one platform. We are using multiple platforms, so that makes it even more complicated and time consuming if you had to just rely on them to get all of your information. Whereas, it's all just summarized and put together on the Dome9 end."

"It is easy to administer and easy to deploy. It has automated or pre-configured templates, security features, and proactive threat detection."

"Auto remediation is a very effective feature that helps ensure less manual intervention."

"The CloudGuard for Cloud Intelligence tool has several significant features that provide security to our company."

"People implementing this solution are concerned with addressing a significant risk, and within the AWS realm, this tool does de-risk substantially."

"The dashboard is intuitive. You know if you're compliant or not, and then it gives you a remediation plan."

"This solution has saved the company from unnecessary data loss that occurs due to cyber attacks."

More Check Point CloudGuard CNAPP pros

"It protects all app traffic so that users can gain access to all apps. Unlike other solutions that only work from ports 80 and 443, which are predominantly for web traffic, Prisma Access covers all protocols and works on all traffic patterns... The most sophisticated attacks can arise from sources that are not behind 80/443."

"The features I find most valuable is WildFire, user integration, and the basic technology features."

"Prisma SaaS is very easy to use; it's common sense — it's the best-in-class."

"The most valuable features of the solution are in the areas of the secure remote access it provides while also being user-friendly."

"Prisma Access gives us security from a single point. It controls mobile users and determines how secure their networks will be, including from where they will get internet access. We can optimize things and add security profiles centrally."

"It's great that we can make sure a machine meets the minimum requirements before users are allowed to log in."

"Its frontend is user-friendly. It is easy to use for us."

"To quarantine and clean a malware file provides a lot of security."

More Prisma Access by Palo Alto Networks pros

Cons

"I would like CloudGuard's pricing to be cheaper, but I think that's impossible. The pricing is the only thing I think they can improve."

"In Dome9, there should be a policy validation option where we can validate the policy before we push it into production."

"Automatic remediation requires read/write access. When providing read/write access to third-party applications, this can add risk. It should have some options of triggering API calls to the cloud platform, which in turn, can make the required changes."

"Check Point must provide a multi-cloud facility where AWS, Azure, and GCP can seamlessly work together and display posture in an integrated manner."

"The rules are not well-tuned, and many of them generate false positives or nonsensical results."

"Reporting should have more options."

"The main issue that we found with Dome9 is that we have a default rule set with better recommendations that we want to use. So, you do a clone of that rule set, then you do some tweaks and customizations, but there is a problem. When they activate the default rule set with the recommendations and new security measures, it doesn't apply the new security measures to your clones profile. Therefore, you need to clone the profile again. We are already writing a report to Check Point."

"You do need to pay extra in order to get better support."

More Check Point CloudGuard CNAPP cons

"Their next release should provide solutions for the mobile environment."

"Sometimes, you have these notifications sent out about changes in App-IDs, modifications in App-IDs, or even the introduction of entirely new App-IDs to replace. Sometimes, the recommendations are followed, but even then, when the package is installed on the firewall, it gets messed up. I remember a particular one was with Tableau, and suddenly, people weren't able to use Tableau, which is an analytics tool for business."

"I would like the solution to support a different type of authentication. We can't configure a secondary method for our portal."

"The documentation is generally good, but they could provide a more detailed description of all the configuration steps. I have to search for information or call support. Palo Alto could add more knowledge base articles about configuration with screenshots and walkthroughs. That would be helpful. When configuring a product, you want to see examples of how it is done."

"Palo Alto needs to improve the GlobalProtect agent to work as a secure web gateway agent, not only as a VPN agent because some companies would want only a secure gateway. They wouldn't want a full VPN. So, Palo Alto has to make the VPN agent work as a secure web gateway agent for those customers who want only the secure web gateway solution."

"From any improvement perspective, the product's compatibility issues with Linux need to be resolved."

"The product's current price is an area of shortcoming where improvements are required."

"There can be some latency issues with the solution that should be improved."

More Prisma Access by Palo Alto Networks cons

Pricing and Cost Advice

"I suggest that you pay attention to the product pricing because while there are no tricks, and the licensing model is transparent, the final numbers may surprise you."

"The pricing is extremely competitive."

"Check Point CloudGuard Posture Management is always known as a good solution but an expensive one. When you're using Cisco, Check Point, or Palo Alto, you know that you will pay more, but you know that it will work."

"It is difficult to contextualize the pricing because we are used to Indian pricing and licensing."

"The solution’s pricing is a little bit high."

"Check Point CloudGuard Posture Management is expensive."

"I would advise taking into account the existing number of devices and add a forecast of the number of devices to be added in the coming year or two, to obtain better pricing."

"Its price is very fair."

More Check Point CloudGuard CNAPP pricing and cost advice

"The pricing can be difficult because it came to us with another agreement, but it can be negotiated. I highly recommend people to compare this product's performance and pricing against BetterCloud, because I feel BetterCloud is better than Prisma SaaS if they're starting from scratch."

"I would advise choosing your options according to your company's needs. Just go for what you want and do not pay for anything extra in terms of licensing. You need to determine how much bandwidth is required in your company network, and according to that, you should pay for the license. The mobile user license is based on the number of users who are going to use the VPN solution. You need to determine how many mobile users you are going to have in your network, and you should pay according to that. There are no other costs in addition to licensing, but if you go for the consultant services of Palo Alto networks to deliver the solution for you, then you need to pay something extra. That is not a part of licensing."

"The licensing fees are paid on a yearly basis and for what we get, the price is good."

"They price their products using credit modules."

"It is a little expensive. Because it is one of the best in the market, it is a little bit more expensive than other vendors."

"The solution is expensive."

"The pricing is very friendly. It's not confusing to figure out your workload and how much you'd be paying for the solution."

"In terms of pricing, considering that it is a two or three years old solution, they should apply big discounts for the next two or three years. This approach will be better for them to capture the market."

More Prisma Access by Palo Alto Networks pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.

See recommendations

787,779 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

17%

Computer Software Company

15%

Security Firm

Manufacturing Company

Computer Software Company

15%

Manufacturing Company

11%

Financial Services Firm

11%

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Check Point CloudGuard Posture Management?

The visibility in our cloud environment is the most valuable feature.

See all answers

What is your experience regarding pricing and costs for Check Point CloudGuard Posture Management?

The price is on the higher end.

See all answers

What needs improvement with Check Point CloudGuard Posture Management?

We have concerns regarding the pricing and would appreciate seeing some improvements.

See all answers

What is the better solution - Prisma Access or Zscaler Private Access?

We looked into Prisma Access before choosing Zscaler Private Access (ZPA). Palo Alto’s Prisma Access is a secure access service edge (SASE) designed to deliver network security in a cloud-deliver...

See all answers

What do you like most about Prisma Access by Palo Alto Networks?

The most valuable features of the solution are in the areas of the secure remote access it provides while also being user-friendly.

See all answers

What is your experience regarding pricing and costs for Prisma Access by Palo Alto Networks?

Palo Alto products are expensive, but they offer efficient features. We have to pay additional costs for maintenance and support services.

See all answers

Comparisons

Prisma Cloud by Palo Alto Networks vs Check Point CloudGuard CNAPP

Compared 28% of the time

Wiz vs Check Point CloudGuard CNAPP

Compared 15% of the time

AWS GuardDuty vs Check Point CloudGuard CNAPP

Compared 14% of the time

Microsoft Defender for Cloud vs Check Point CloudGuard CNAPP

Compared 12% of the time

Sysdig Secure vs Check Point CloudGuard CNAPP

Compared 2% of the time

More Check Point CloudGuard CNAPP Competitors

Netskope vs Prisma Access by Palo Alto Networks

Compared 11% of the time

Zscaler Zero Trust Exchange vs Prisma Access by Palo Alto Networks

Compared 11% of the time

Cisco Umbrella vs Prisma Access by Palo Alto Networks

Compared 10% of the time

Zscaler Internet Access vs Prisma Access by Palo Alto Networks

Compared 7% of the time

Prisma SD-WAN vs Prisma Access by Palo Alto Networks

Compared 5% of the time

More Prisma Access by Palo Alto Networks Competitors

Product Reports

Buyer's Guide

Check Point CloudGuard CNAPP

June 2024

Download Check Point CloudGuard CNAPP product report

Buyer's Guide

Prisma Access by Palo Alto Networks

June 2024

Prisma Access by Palo Alto Networks report

Download Prisma Access by Palo Alto Networks product report

Also Known As

Check Point CloudGuard Posture Management, Dome9, Check Point CloudGuard Workload Protection, Check Point CloudGuard Intelligence

Palo Alto Networks Prisma Access, Prisma Access, GlobalProtect, Palo Alto GlobalProtect Mobile Security Manager, Prisma SaaS by Palo Alto Networks, Prisma Access

Learn More

Check Point Software Technologies

Palo Alto Networks

Overview

Check Point CloudGuard CNAPP is a robust cloud security solution, offering comprehensive protection for cloud workloads and applications against cyberattacks. This platform encompasses cloud security posture management, threat prevention, and efficient incident response, providing organizations with a unified defense against threats. Key features include continuous visibility and remediation of misconfigurations, threat prevention through various techniques like intrusion prevention and malware detection, and rapid, cost-effective incident response. With CloudGuard CNAPP, you can safeguard cloud-native applications, cloud infrastructure, and sensitive data, enhancing your overall cloud security posture. This solution is a powerful asset for organizations seeking to fortify their cloud environments against a range of cyber threats.

Prisma Access by Palo Alto Networks provides consistent security for all users and applications across your remote networks. Prisma Access grants users safe access to the cloud and data center applications and the internet as well. In addition, the solution combines all of your security and networking capabilities into a single cloud-delivered platform, enabling flexible hybrid workforces.

Prisma Access can be managed two ways:

Cloud Managed
Panorama Managed

Prisma Access delivers both networking and security services, including:

SD-WAN
VPN
Zero Trust network access (ZTNA)
Quality of service (QoS)
Clean Pipe
Firewall as a service (FWaaS)
DNS Security
Threat Prevention
Cloud secure web gateway (SWG)
Data loss prevention (DLP)
Cloud access security broker (CASB)

Prisma Access by Palo Alto Networks Features

Prisma Access by Palo Alto Networks has many valuable key features including: App-ID, User-ID, Device-ID, SSL Decryption, Dynamic User Group (DUG) Monitoring, AI/ML-Based Detection, IoT Security, Reporting, URL Filtering, Enterprise Data Loss Prevention (DLP), Digital Experience Monitoring (DEM)*, Logging, Policy Automation, Intrusion Prevention System (IPS), and many more.

Prisma Access by Palo Alto Networks Benefits

Some of the benefits of using Prisma Access by Palo Alto Networks include:

Security: Prisma Access gives you consistent security to protect against cyberattacks, with enforcement of policy at every location. By implementing Prisma Access, you also gain protection that works to prevent known and unknown malware, exploits, credential theft, command and control, and many other attack vectors across all ports and protocols.
Global connectivity: Prisma Access provides global coverage through use of its connectivity layer.
Scalability: With Prisma Access, scaling is automatically managed and is scalable, flexible, and agile.
Instant deployment: Deployment is fast, eliminating wasted time that may otherwise be associated with setting up a solution, operating it, or shipping hardware in order to get started.

Reviews from Real Users

Below are some reviews and helpful feedback written by Microsoft Azure Synapse Analytics

users who are currently using the solution.

PeerSpot user Partha D., Global Network Tech Lead at a computer software company, speaks about his experience using the product, saying, "It protects all app traffic so that users can gain access to all apps. Unlike other solutions that only work from ports 80 and 443, which are predominantly for web traffic, Prisma Access covers all protocols and works on all traffic patterns... The most sophisticated attacks can arise from sources that are not behind 80/443."

Tejas J., a Sr. Cloud Security Architect at a computer software company, mentions that "it is geographically dispersed, and it sits on top of Google and AWS platforms. Therefore, you don't face the standard issues, such as latency or bandwidth issues, that you usually face in the case of on-prem data centers.”

Another PeerSpot reviewer, Max I., Associate Director at Cognizant, comments that "Security is absolutely spot-on, really top-notch. It's the result of all the components that come together, such as the HIP [Host Information Profile] and components like Forcepoint, providing end-user content inspection, and antivirus. It incorporates DLP features and that's fantastic because Prisma Access makes sure that all of the essential prerequisites are in place before a user can log in or can be tunneled into."

Sample Customers

Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners

Concord Hospital, State of Colorado, Essilor International, RheinLand Versicherungsgruppe, University of Westminster, Universidade Nove de Julho, SPAR Austria, CAME Group, ZipRealty, Greenhill & Co., IKT Agder, Aviva Stadium, Animal Logic, Management & Training Corporation, Brigham Young University Hawaii, School District of Chilliwack

Buyer's Guide

Vulnerability Management

June 2024

Download Free Report

Find out what your peers are saying about Tenable, Wiz, SentinelOne and others in Vulnerability Management. Updated: June 2024.

DOWNLOAD NOW

787,779 professionals have used our research since 2012.

We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.