Share your experience using Ivanti Application Control

I use WatchGuard Firebox for our private cloud protection, addressing our needs regarding DLP, firewall, and intrusion detection.

I host solutions for files and honey behind WatchGuard Firebox, but we no longer host websites or anything that would require bottlenecks.

I appreciate the interface and the client of WatchGuard Firebox the most. Many firewalls do not have a client to connect, and instead rely on CLI only. I also use the management server, which is a fully managed server, and I appreciate the feature to schedule operations.

It did reduce system bottlenecks and improve our operational throughput.

The CLI could be improved in WatchGuard Firebox, and I think integration with a cloud solution—such as Microsoft Enterprise and Google Cloud—has room for improvement. It has the feature recently, which is quite good, but it is not very perfect and has been available for only two or three years, while other solutions have had this feature longer.

Due to COVID and other factors, our license for mobile SSL VPN cannot simply be upgraded; we can only upgrade the number of simultaneous users. I think it could be improved because migrating from Firebox medium to Firebox large is the only solution if we have just a small use case.

I have used WatchGuard Firebox for 15 years, coming from my past enterprise, so the answer to how long I have been using it is quite long.

I do have bugs, but the only bug I have is on products that are late on firmware because they are not subscribed anymore. I know the bugs are fixed, but I cannot have it because it is obsolete. However, I have just one WatchGuard Firebox unit that is licensed, and I have no bugs on it, so I am happy with that. I rate it a nine.

In terms of scalability, I would rate it a seven. Other solutions share the same problem, but six years ago, we had only 300 persons in the company, and WatchGuard Firebox was very good. Due to COVID and other factors, our license for mobile SSL VPN cannot simply be upgraded; we can only upgrade the number of simultaneous users. I think it could be improved because migrating from Firebox medium to Firebox large is the only solution if we have just a small use case.

I recommend giving the technical support for WatchGuard Firebox a nine on a scale from one to ten.

Positive

I do not have the choice to compare WatchGuard Firebox with other solutions or other vendors because my internet provider works with Fortinet for all our agencies. The Fortinet solution is in the MPLS setup, but that choice was made by the provider, not us.

The deployment is easier, so I would say it is easier rather than complex.

I have used WatchGuard Firebox for 15 years, and because I know the product, deploying a Firebox just takes a few hours for me.

It is difficult to estimate the return on investment with WatchGuard Firebox, but I would say it is around twenty to thirty percent.

I do not pay the bill, so I feel comfortable about the pricing, and for me, it is not expensive. I think it is a little cheaper in comparison with other solutions; Cisco is more expensive and I think Fortinet is also more expensive.

We had mostly twenty Firebox units, but now we have just one which is licensed, while the others are not licensed anymore because we go to an MPLS solution with our provider, so I use WatchGuard Firebox less than in the past.

In IT, we have five people in production and around seven persons in development, which represents how many users work with WatchGuard Firebox in my organization. Overall, the company has about eight hundred or nine hundred persons.

I have been working in IT for twenty years.

I am not concerned about the spam blocking capabilities right now since we work with Google for email, and we are migrating to M365, so it is not behind WatchGuard Firebox. In the past, around seven years ago, I was concerned; however, I am not sure if it has improved since then, so I cannot give a rating for that.

I recommend WatchGuard Firebox and would give it a nine in terms of recommendation. Overall, I rate this product a nine.

I work with Zscaler Zero Trust Exchange Platform as a user. We are an HCM company, and we wanted to utilize it as a user because it is our own product company. We have been developing the customer product because the HCM product is focusing on workforce management and payroll. We have been trying to use it as a user itself, not for deployment for different companies.

If we speak about the use cases for Zscaler Zero Trust Exchange Platform, I can use the product for various purposes, not just one. There are multiple use cases because it is basically the HCM product. We have a huge database of customers, and it has a different case-to-case basis. Our model for deployment was huge with multiple use cases. In this case, it is very difficult for me to specify or identify one particular use case. I just log in with SSO and make sure that Zscaler Zero Trust Exchange Platform is able to protect it appropriately. It is not one use case; it is multiple business models we have deployed.

The benefit is the accessibility. When we were using Cisco, especially when we were focusing on VPN, we had multiple issues. Even with the login, we also had an issue. Since we started using Zscaler Zero Trust Exchange Platform, it has auto-configuration, and wherever we have deployed the auto-configuration, we have not encountered any problem. The company is not looking for any specific change or transition from Zscaler Zero Trust Exchange Platform to a different product. Even during deployment, the referral responses were quite appropriate. That is the reason why we have a preference, and I still rate it as good to go.

The deployment is already progressing. We completed deployment last month.

Zscaler Zero Trust Exchange Platform probably needs to be more efficient because scanning takes a lot of time. Some vulnerabilities create issues, and when we wanted to identify the source of the vulnerabilities, specifically focusing on mobile ID and related areas, it was unable to provide assistance. However, according to discussions with Zscaler Zero Trust Exchange Platform, they said that by the end of mid-2026, they are exploring these features, and probably those features can be incorporated or embedded into this particular system. That is the only major negative point.

In terms of responses, Zscaler Zero Trust Exchange Platform is good. In terms of controlling vulnerability, it is good. The only cons I have noticed is that it is a bit slower, and sometimes it is unable to identify the source. These are the key areas for improvement.

We started somewhere in March 2025, and it is going to be a year in March.

Zscaler Zero Trust Exchange Platform is very stable. I am using it on my PC, and I do not see any issues coming to me for the past one year. I have never seen any issues.

Zscaler Zero Trust Exchange Platform is scalable. The only limitation I was mentioning is that it was unable to identify the sources of vulnerability, which they are going to embed by the mid of this year. That is what the promise they have made in their plan. After that, it is scalable.

Zscaler Zero Trust Exchange Platform support is good. We have managed to find 24/7 support region-wise. We have North America, we have Asia Pacific region, Japan, China, New Zealand, and Australia. We managed to identify the 24/7 support. They have provided the numbers and contact supports, and it is almost immediate. I would rate support from Zscaler Zero Trust Exchange Platform from zero to ten points, with ten being the best. I can say seven to eight.

Positive

I have been working with Cisco XDR and Cisco Secure Access. We were using Cisco XDR and Cisco as an endpoint security, especially on VPN. Recently, we have moved from Cisco, and we have gone to Zscaler Zero Trust Exchange Platform. Currently, we are using Zscaler Zero Trust Exchange Platform. Cisco was decommissioned in late 2024, and early 2025, we moved to Zscaler Zero Trust Exchange Platform.

I used Trend Micro sometime in 2022. We were using CrowdStrike until 2024. We replaced it with Prisma. The reason we made the replacement from Prisma to Wiz is because of the cost. I can tell that it is a saving of about half a million dollars a year.

Zscaler Zero Trust Exchange Platform is very easy to deploy with no complication. We did our implementation in-house. We have our own team and our own security team, and it was being assisted by Zscaler Zero Trust Exchange Platform directly. We did not engage any vendor.

We did our implementation in-house. We have our own team and our own security team, and it was being assisted by Zscaler Zero Trust Exchange Platform directly. We did not engage any vendor.

I see return on investment here. When I see that I am trying to cut costs, for example, even when replacing Prisma, we have managed to save about over half a million dollars a year. I can see some of our own products where Zscaler Zero Trust Exchange Platform has been deployed, and I can say over 50,000 US dollars I am able to save a month as compared to the other products. Definitely I will consider this as ROI.

Zscaler Zero Trust Exchange Platform is much, much cheaper when comparing price.

I have been working with Cisco XDR and Cisco Secure Access. We were using Cisco XDR and Cisco as an endpoint security, especially on VPN. Recently, we have moved from Cisco, and we have gone to Zscaler Zero Trust Exchange Platform. Currently, we are using Zscaler Zero Trust Exchange Platform. Cisco was decommissioned in late 2024, and early 2025, we moved to Zscaler Zero Trust Exchange Platform.

I used Trend Micro sometime in 2022. We were using CrowdStrike until 2024. We replaced it with Prisma. The reason we made the replacement from Prisma to Wiz is because of the cost. I can tell that it is a saving of about half a million dollars a year.

Zscaler Zero Trust Exchange Platform's SSL Inspection feature helps to improve security. The threat intelligence capability is true and important. When we are scanning all our applications, especially focusing on application security, we are using the product Invicti. While we are doing vulnerability management prior to Zscaler Zero Trust Exchange Platform and this SSL Inspection feature, subsequently what we have noticed is that the vulnerabilities, especially the security bugs that were coming prior to Zscaler Zero Trust Exchange Platform, were about 20,000 to 22,000. Subsequently, after this, there is a huge reduction. It has come down more than 40 percent. That is definitely an advantage over the previous product.

It helps for the remote workforce. Ours is 100 percent remote. All the accesses have definitely improved because we are also using an SSO platform. Subsequently, what we have been noticing with this feature is the security. My job is to ensure that security is scanned from across the cloud region, across application security, and across on-premises. With this deployment, I have seen the security being in absolute control. We have not seen any incident being reported for the past one year.

We are not getting into too many details internally for metrics, except for the scanning and the results that we have been monitoring. I would rate this review eight out of ten.

Hybrid Cloud

Other