We performed a comparison between Cisco Umbrella and Prisma Access by Palo Alto Networks based on Peerspot users’ reviews in five parameters. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Umbrella is commended for its advanced DNS security, user-friendly interface, and extensive licensing options, while Prisma Access is valued for its accessibility, top-quality security features, and adaptable policy application. Nevertheless, there is room for improvement in certain areas for both products, such as pricing and integrability for Cisco Umbrella and support and licensing for Prisma Access. Ultimately, the decision between the two will be influenced by the specific needs and priorities of the organization.
"The protection offered by the product is the most valuable feature. It detects vulnerabilities or traps on our users' phones and then prompts them to clean up their devices. Tools we used previously would only discover, which required us to gather information on the backend, so Lookout is a welcome upgrade."
"On the outside, the main differentiation is because Lookout ingest. They have ingested basically all of the apps for the last ten years and all the versions of all the apps, and we have that in a corporate database that allows us to do very large-scale machine learning and analysis on that data set. That's not something that any of the competitors really have the capability to do because they don't have access to the data set. A lot of the apps you can no longer get them because that version of the app is five or six years old, and it just doesn't exist anywhere anymore, except within our infrastructure. So, the ability to have that very rich dataset and learn from that dataset is a real differentiator."
"The solution is stable."
"The most valuable features are the antivirus as a whole, the anti-malware, and all of the protection features that scan our enterprise devices."
"Any time someone went off the network, the AnyConnect client had the Umbrella agent built in, and it would realize when their computer connected that they were not on the corporate network. It would monitor and they would have pretty close to the same rules that they had to follow when they were in the office, regarding what kind of website browsing they could do."
"Umbrella, being one pane for managing, being all-encompassing, allows us to quickly go in, make a change, and it applies to either every location, if we want it to, or we can have policies in place that only apply to certain users or certain computers."
"The most valuable feature is its ability to detect if a URL has malware or is vulnerable."
"Provides dependable DNS monitoring of external devices."
"Threats never come close to your network with security at the DNS level."
"The interface is well organized, so you can easily find everything. Even if you don't have much experience with Cisco, you can easily navigate the solution and find your way around. Everything has been done well, from the deployment to monitoring."
"You can manage and create policies based on a group of users. It can permit some URLs and block others."
"Its simplicity is most valuable. I can install it and get it up and running, and it can be pervasive across my business within a business day. It is pretty simple and straightforward to install and configure. Its remit is reasonably clearly defined. When you look at solutions like Darktrace and Carbon Black, the mission objective isn't as clearly defined. Cisco Umbrella, Sophos Central, or some of the other solutions have a more standardized approach to antivirus, which includes enhanced response from the machine learning or deep learning perspective."
"It has predefined or preconfigured rules, which are getting periodically updated. They are providing continuous improvements and periodically updating all search queries that they are looking for. That is one thing that helps us to stay vigilant and focused. If we query our AWS account for any breaches or vulnerabilities with any of the cloud tests, and it alerts us based on these predefined rules. It also provides an option to configure our own rules, and based on these rules, it can query the cloud trail logs, pull the information, and trigger alerts in real-time. I haven't explored this feature much because there are multiple accounts, and we don't have enough time to explore this feature. It also provides multiple integrations. When vulnerabilities or breaches are happening, you should be aware of them immediately. It provides integration with tools such as Slack, PagerDuty so that you can get alerted as soon as the high severity stuff comes up. For example, you have a security group that has allowed public traffic on port 22. As TechOps, you should be aware of this immediately. You cannot scan each machine or look into all security groups to identify it. So, Prisma helps us and alerts us when this kind of high-priority stuff comes up. It has different statistics, analytics, and graphs for data. The description of alerts is also pretty good. They describe what are the possible causes for this and what are the solutions. From Prisma Cloud, you can directly go to the AWS account. When you click on an alert, a resource, or a resource ID, it takes you to the AWS console where you need to log in. If you are already logged in, it will take you to that instance directly, and you can fix the issue there. I have found this feature very useful."
"There are plenty of features this solution provides and the most valuable would be the complete security protection we are receiving. We are provided with similar security that the Palo Alto AWS solution has. This includes features such as a firewall and machine learning AI."
"A feature I've found very helpful is run time security because most of the products on the market will look at security during the build time, and they don't really look at what happens once you're going into production."
"The features I find most valuable is WildFire, user integration, and the basic technology features."
"Monitoring is the most valuable feature because we can easily monitor all kinds of stuff coming over the network. We can check the dashboard and work accordingly."
"The solution has all its capabilities in a single cloud delivery platform which is great and it provides overall good protection."
"The solution is not very complex and is easy to manage for people who may or may not have knowledge about Palo Alto Networks."
"The remediation process is easy compared to other platforms."
"The stability depends on the service from where you access it. Because sometimes, the place you are in, you have Gateway. You don't have Gateway. The gateway is overutilized. At the end, you need to go through their gateways. And this is the key point here. You have a tracking point. If it's not well orchestrated, and it scales up as you add more to the existing team, you will suffer"
"We just submitted an enhancement request reflecting the main area we want to see improvement in; the APIs. Currently, we're able to build dashboards, but it's somewhat backward because we use our MDM API to create them. Lookout should provide API to customers so we can query our data and use it in our cloud, and this is the only outstanding area for improvement with the product right now."
"From the analysis that we've done, they do seem to be maybe a step behind in trying to enter the market with a new solution. But when they do pick up, they do come out with some good products."
"Lookout was moving into the SSE space. And so their work on SecureWeb Gateway and SD-WAN is still sort of evolving."
"I'm hoping for the conversion of Cisco ZTNA's features from Duo to Umbrella."
"With any Cisco product, it's the licensing side of things that needs improvement."
"In the next release, I would like to see the integration of VDI NSX with Cisco Umbrella."
"It should have a real-time malware classification engine. It should check the malware on the website. It would be good if it had a real-time malware check for the websites because currently, it just compares the DNS queries of the blacklist. It should also have malware control over file execution and the types of files that the users are allowed to download."
"The pricing could be improved."
"I would like to see more integrations with more products. Some of the integrations need to be simpler as well. For example, the integration with Cisco Secure Firewall could be simpler. It would be good to make reporting simpler. For those who don't use SecureX, it would be good to make Umbrella really simple to use upfront. It's not a difficult product, but it can be daunting for someone who isn't exposed to it because there are so many options."
"Data reporting could be improved."
"I'd like to see this solution more closely integrate with other products Cisco has in its portfolio."
"The solution’s stability could be improved."
"Palo Alto Prisma 10 came out over a year ago. Palo Alto added this identity management feature. The legacy way Palo Alto selected which user is sitting on an IP address it passes through has been clunky."
"Prisma Access by Palo Alto Networks should consolidate the portals into a single portal. It is slow and takes more than ten seconds to load a page."
"I would like to see support for custom applications."
"There is some particular traffic that the security team wants to filter out and apply their own policies and they cannot."
"One area for improvement is for them to stay on top of keeping their CVEs on their platform up to date."
"Its security is good. Everything is good, but the way the dashboard responds can be improved. It takes time to implement a policy. If you change only two or three lines and push the policy to make the change work, it takes 20 to 30 minutes even for a small change. That is something very irritating from the implementation perspective."
"It's not really Prisma's fault, but when you try to create exceptions you don't really have those abilities. You cannot say, on the management platform, "Hey, for these users I want to create these exceptions." That is one thing that I have gotten some complaints about, and we have faced some challenges there."
More Prisma Access by Palo Alto Networks Pricing and Cost Advice →
Cisco Umbrella is ranked 2nd in Secure Access Service Edge (SASE) with 108 reviews while Prisma Access by Palo Alto Networks is ranked 1st in Secure Access Service Edge (SASE) with 58 reviews. Cisco Umbrella is rated 8.8, while Prisma Access by Palo Alto Networks is rated 8.2. The top reviewer of Cisco Umbrella writes "Protects endpoints wherever they are, always pushing people to the right locations to avoid malicious intent". On the other hand, the top reviewer of Prisma Access by Palo Alto Networks writes "Integration with Palo Alto platforms such as Cortex Data Lake and Autofocus gives us visibility into our attack surface". Cisco Umbrella is most compared with Zscaler Internet Access, Microsoft Defender for Cloud Apps, Palo Alto Networks DNS Security, Fortinet FortiGate SWG and Infoblox Advanced DNS Protection, whereas Prisma Access by Palo Alto Networks is most compared with Zscaler Zero Trust Exchange, Netskope , Zscaler Internet Access, Prisma SD-WAN and Microsoft Defender for Cloud Apps. See our Cisco Umbrella vs. Prisma Access by Palo Alto Networks report.
See our list of best Secure Access Service Edge (SASE) vendors, best Secure Web Gateways (SWG) vendors, and best Cloud Access Security Brokers (CASB) vendors.
We monitor all Secure Access Service Edge (SASE) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.