Coming October 25: PeerSpot Awards will be announced! Learn more
Buyer's Guide
Enterprise Infrastructure VPN
September 2022
Get our free report covering OpenVPN, Zscaler, Cisco, and other competitors of Cisco AnyConnect Secure Mobility Client. Updated: September 2022.
632,539 professionals have used our research since 2012.

Read reviews of Cisco AnyConnect Secure Mobility Client alternatives and competitors

Toby Ashmore - PeerSpot reviewer
Network Administrator Specialist at a government with 501-1,000 employees
Real User
Cloud-based VPN solution grabs user's config, and our firewall doesn't see any extra traffic as a result
Pros and Cons
  • "I like it because it's very easy to use. You install the client and you have to know your gateway, but that's something we give to our users. Beyond that, it takes about three seconds to train them on how to use it. And it just works well. That's great for us because it means less administrative time."
  • "The one thing that I've been a little bit disappointed with is when we have had to open cases with Palo Alto about Prisma Access issues. Versus their other platforms, like their firewalls, where we tend to get really quick responses and very definitive answers, the few tickets I've had to open for Prisma Access have taken them longer to respond to. And they haven't necessarily given me the kind of answer I was looking for, meaning a fix to the problem."

What is our primary use case?

One of our use cases is that it is used by our internal users, our employees, when they need to work remotely. They'll be out in the field and, wherever they have an internet connection, they run the GlobalProtect client, connect, and they can access our resources as if they're in our building. For example, we have health inspectors who go to different sites.

Of course, we're doing more teleworking like everyone right now. Also, our admins all use it because that's how we get in and do remote work. And, periodically, we have contractors or vendors who need remote access. We'll build an account in AD and either have them download the client and connect to us, or if they currently use the GlobalProtect client for some other VPN connection, we can just provide our gateway and they can use their existing client to connect to the resources that we allow them.

We also have a clientless VPN by Palo Alto. It's a website where you can enter your AD credentials, and it will publish internal web apps that you can access through a browser. We have some users, and a set of contractors, who use that to access some of our internal systems for COVID response.

It's a cloud-based VPN, but it's managed from our Panorama instance, which is on-site. There's the GlobalProtect client that gets installed, that's the VPN client on your laptop, and that automatically updates from the cloud when a new version is available.

How has it helped my organization?

Prisma Access is our first cloud-based VPN solution. I like that aspect because I don't have all the traffic hitting my firewall interface directly. Users go to the cloud, wherever they are, and connect to some kind of cloud. It will grab their config, and our firewall doesn't see any extra traffic from that. That's awesome.

Because we are in the health sector, the clientless, web-based VPN that we're using has allowed us to partner with some external companies to do contact tracing for COVID. That means that if someone is positive for COVID, those companies track back to the people they have been in contact with and try to find the source. The fact that the only way a couple of hundred of our employees can access our records at any time is through the web-based VPN has really improved our ability to respond to the pandemic.

What is most valuable?

I like it because it's very easy to use. You install the client and you have to know your gateway, but that's something we give to our users. Beyond that, it takes about three seconds to train them on how to use it. And it just works well. That's great for us because it means less administrative time.

It's also nice that Prisma Access provides all its capabilities in a single, cloud-delivered platform. 

The thick client secures non-web apps in addition to web-based apps. If you have the client installed on your laptop, it's a completely secure VPN connection and anything you run will be secured by it. The clientless VPN, the web-based one, only allows you to redirect to URLs; it's only web. Being able to access non-web apps is important to us because it's how we get our remote work done. Not everything is web-based. We have to run applications and access Windows shares and the like. 

This ability helps decrease the risk of data breach. Information security is more and more a huge concern for everyone. Knowing that everything's going across an encrypted tunnel, and that we can manage what is accessed by which user, are huge benefits.

Another important aspect is that Prisma Access provides millions of security updates per day, because security has really become our number-one focus lately. That feature is very good.

For how long have I used the solution?

I've been using Prisma Access by Palo Alto Networks for about two years, maybe a little longer.

What do I think about the stability of the solution?

It has been very stable. We've had a couple of small outages, but overall it's very trustworthy and stable.

What do I think about the scalability of the solution?

It's cloud-based, so it's infinitely scalable. For us, it has worked fine. We went from a few users at first and we built up to hundreds.

It's our clientless VPN that really builds up our user count. It is consistently between 300 and 400 users. It rises and falls depending on what kind of campaign we're doing. If a new COVID variant is discovered and we have to ramp things up because of CDC guidance, the user count will bump up.

How are customer service and support?

The one thing that I've been a little bit disappointed with is when we have had to open cases with Palo Alto about Prisma Access issues. Versus their other platforms, like their firewalls, where we tend to get really quick responses and very definitive answers, the few tickets I've had to open for Prisma Access have taken them longer to respond to. And they haven't necessarily given me the kind of answer I was looking for, meaning a fix to the problem. Maybe this technology is not as cut and dry as some of their other technologies. But I think they could improve their support offering for Prisma a little bit and put more expertise in place.

Overall, I'm very happy with Palo Alto's support. I'm not saying that their Prisma support is awful. It just hasn't been quite up to par with other support I've seen from them, which has been pretty phenomenal.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

For VPN, we used Cisco AnyConnect. The switch to Prisma Cloud was part of a platform switch from Cisco ASA to Palo Alto firewalls.

We also have other solutions, such as a virtual desktop solution that is available externally. Some of our users use that and others use the VPN.

How was the initial setup?

The setup was medium complex. Because of the way we're doing it through our Panorama, it's a little more complex than it would be on the cloud-only solution. There is definitely some  complexity to it.

What about the implementation team?

I wasn't involved in the initial deployment of it, but our organization worked with a vendor called CompuNet, a company with Palo Alto expertise. I would guess it took one to two days to get through everything and test it. 

Which other solutions did I evaluate?

The evaluation happened before my time here, but we had people who had worked with Palo Alto previously. They knew its reputation and were happy with it. I think the switch happened directly.

What other advice do I have?

It functions like a lot of other VPN solutions. It's not special in that sense. It just works.

I have spoken with another agency that was looking at Prisma Access. The one thing they weren't aware of was the clientless, web-based VPN that is part of the product. They were pretty excited when I explained to them how we use it. So make sure you review the full feature set that Prisma Access offers. It may be broader than you expected.

We are using it as a hybrid solution where we manage it through our onsite firewall. There is a Prisma Access full-cloud solution where you do all the management there. If we were to start over again today, I would probably go full-cloud. That would ease the management a little bit. People who are using the cloud-only solution probably have fewer hoops to jump through to get certain things accomplished. But we've been fine.

The biggest issue I've run into is that most of the documentation for Prisma Access is based on the full-cloud model, as opposed to our hybrid implementation. It's a little trickier to find out how to implement some of those changes through Panorama. There are also some connectors you have to set up to make sure that your Panorama is talking to the cloud the way it should. Those wouldn't be necessary in the cloud version, and that means it's probably a little easier to sync your AD, set up your users in the cloud, and you're done. Everything is already on the cloud.

Overall, I'm very happy with the security provided by Prisma Access. Palo Alto is a security company and is always working on ways to make things more secure. I feel very confident that our data is safe using the solution, which is the whole point.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Johan Derycke - PeerSpot reviewer
Network Security Engineer at Smals vzw
Real User
Top 5
Easy to set up with flexible management and good network resources
Pros and Cons
  • "The flexibility in their management is great."
  • "The stability could be better. There are sometimes bugs in the system."

What is our primary use case?

The product is used as a secure gateway - a gateway to give access to remote users by checking the user credentials and user authentication. It also checks the machine authentication and the machine security, by using host checking mechanisms. The product gives or allows access or authorizes access to certain resources based on the user credentials and the machine check.

What is most valuable?

They support a very extended or a list of resources, network resources, applications, whatever. They are very broad in supporting all kinds of resources.

The flexibility in their management is great. For us, there was no other product better than that.

The product is very easy to set up. 

What needs improvement?

We would like to see them be a bit more swift in the changes in the protocols and the browsers. They are lagging a bit behind. Certainly, for the Pulse Desktop Client, they should really work on the modernization.

The stability could be better. There are sometimes bugs in the system.

For how long have I used the solution?

I've used the solution for years already. The VPN solution has been taken out of the Juniper company and has been put into a new company, Pulse Secure, so we have been using this solution, the same solution, for years on.

What do I think about the stability of the solution?

For many years, it was known as a very stable platform. However, now, they have a bit of difficulty really having a stable and robust product overall, end-to-end. 

The central infrastructure is still very stable and robust, however, have troubles with security vulnerabilities and bugs in its code. They have a bit of trouble on those issues, on those topics in general.

What do I think about the scalability of the solution?

The scalability is great. You can have whatever number of appliances you need.

We are an ISP, meaning we have different customers, and different organizations, for this VPN service. We have a very diverse set of clients. We have somewhere around 10,000 end-users for this platform.

Which solution did I use previously and why did I switch?

We were using a Cisco VPN solution in the years starting around 2002 or 2003. A Juniper solution was chosen back around 2007. It changed names and we have been using it ever since.

How was the initial setup?

The implementation is rather easy. Installing out of the box, the application is easy to install and configure.

Deployment time depends on a few factors. For example, the primary installation, the primary configuration of the central infrastructure, only takes a couple of hours. Then, of course, to have all your different clients connected and connecting to the infrastructure, that's a project of months as you have to set up a whole project and communication strategy, and then you need a project manager to give clear guidance on this.

What's my experience with pricing, setup cost, and licensing?

Pulse Secure and Juniper are very expensive in their license cost. That's a drawback of this solution. The hardware is rather cheap, however, licensing is very, very, very expensive.

You have different kinds of licenses you can be used, depending on what kind of functionality you will be using with this infrastructure. Of course, you need to have support on these licenses also, and this is rather expensive also. You need a vendor or a supporting firm capable of supporting the functionality and the licenses linked to them.

What other advice do I have?

We are a customer and an end-user.

Last year, this solution was bought by Ivanti. Now it's called Ivanti Connect Secure. Basically, it's been the same product since 2007. It's still the same product yet it has been evolving, of course.

We are using the latest version of the solution. 

I'd advise potential new users to do some homework on what network resources they want to present to their users, and what will be the conditions they will impose on their end-users as for users' credentials, for example, multi-factor authentication for start. Also, they should look at the host checking on their client PCs. For example, they need to consider what will be the conditions to access certain resources, as that will be important for their configuration at the outset.

I'd rate the solution an eight out of ten. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
FrançoisNolin - PeerSpot reviewer
Cybersecurity architect at Alithya
Real User
Top 20
Easy to set up and user-friendly with good support
Pros and Cons
  • "It’s really easy to use."
  • "It would be interesting if the solution offered a way to try to investigate and create a use case to trace vectors."

What is our primary use case?

FortiClient is for the VPN. FortiClient is used with FortiGate. We have 100 users across both North America and Europe. We created a rule with the firewall to authorize the countries we are in, and we have rules to authorize specific IPs. We have to link to the internet.

How has it helped my organization?

The incidents in the log have been very useful. Some projects are really a pain to investigate. This helps.

What is most valuable?

The solution is user-friendly. It’s really easy to use. It is not like Cisco where GUI is really bad.

I don't have really issues with them. In terms of features, everything is easier.

When you want to find any information, you have documentation on hand that is easy to use.

You have good support and the price is good.

The solution is very easy to set up.

What needs improvement?

I’m not sure what exactly can be improved.

It would be interesting if the solution offered a way to try to investigate and create a use case to trace vectors.

For how long have I used the solution?

I’ve used the solution for more than two years.

What do I think about the stability of the solution?

We don’t have any issues with stability. It’s been fine. There are no bugs or glitches and it doesn’t crash or freeze. We don’t have any issues with the internet or power supplies.

What do I think about the scalability of the solution?

We have about 100 users on the solution currently. We don’t really scale it.

How are customer service and support?

Technical support has been excellent. They are fantastic.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I used a different solution. However, it does not cover the same responsibilities.

Sometimes, for SOCs, I’ve looked at WatchGuard, Palo Alto, Cisco, and Check Point.

How was the initial setup?

The initial setup was simple and straightforward. It wasn’t difficult at all.

I wasn’t a part of the initial setup and we tried to switch since the first time the person deployed it. In FortiGate, he used the wrong setting and the wrong methodology. We had to try to make some changes without creating any issues with the production.

It is very easy when you start at the beginning. It is not long to deploy.

What about the implementation team?

We handled the setup ourselves in-house. However, when I leave the company, likely they will try working with a third party as they don’t have the time and have a contract with other clients.

What was our ROI?

I don’t deal with anything related to pricing or costs or ROI.

What's my experience with pricing, setup cost, and licensing?

I don’t know the exact pricing of the solution. It’s not an aspect I worry about.

Which other solutions did I evaluate?

To compare every project on FortiClient you have and compare it with Palo Alto. Palo Alto offers a few more powerful new features. You can automate the use case. You have internet analysis and endpoint analysis. I would like to see the same options in FortiClient.

What other advice do I have?

I administrate FortiGate.

Within my new job, I am trying to be a partner with FortiGate and FortiClient to sell it to other clients. I have to get my certification just to be expert

I’d advise users to just look into best practices. Maybe try to join a training session. You can also simply go on the internet and try to find the best practices that make sense for you.

I’d rate the solution eight out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PRAPHULLA  DESHPANDE - PeerSpot reviewer
Associate Consult at Atos
Real User
Top 5Leaderboard
Highly stable, very stable, and offers good technical support
Pros and Cons
  • "To maintain the authorization of the connected user, Check Point provides multi-factor authentication for an RA VPN client to make sure legitimate users have access to resources."
  • "Some configurations, like idle timeout (the requirement came from multiple users), are not possible to configure directly from the Check Point management server."

What is our primary use case?

Remote Access VPN is one of those essential items for every organization in order to maintain seamless and highly secured connectivity between the end-user and the organization's local area network to access resources - including Jump server Databases, et cetera.

No matter from which device or from which location users are accessing an organization's local resources, with the help of the Check Point VPN client they can make sure they have connected securely.

Check Point offers a best-in-class encryption algorithm to ensure confidentiality and maintain integrity between the end-user and the Gateway. 

How has it helped my organization?

In disaster situations like Covid-19, most users were working from home or in remote locations. In such cases, Check Point Remote Access VPN provides feasibility to everyone to work from home and access an organization's resources remotely.

With a client-less configuration known as SSL VPN users can directly access resources via a browser-like database, share folders, et cetera.

To maintain the authorization of the connected user, Check Point provides multi-factor authentication for an RA VPN client to make sure legitimate users have access to resources.

What is most valuable?

  • Secure connectivity: Guaranteed authentication, confidentiality, and data integrity for every connection and user.
  • Straightforward Configuration: Easy to enable blades and define policies.
  • Authentication: SAML authentication makes sure the user is legitimate.
  • Compliance check: It scans the endpoint machine to detect suspicious/malicious content before connecting to an office network.
  • MEP: Multi entry points to make sure there's availability to the LAN network even if the primary gateway goes down.
  • A single client can work as sandblast agent.

What needs improvement?

Check Point RA VPN requires companies to take separate licenses initially so that only 5 connected users licenses are given as subscriptions. Most other competitors, like Palo Alto, provide 1000 connected user licenses for free.

Some configurations, like idle timeout (the requirement came from multiple users), are not possible to configure directly from the Check Point management server. We have to make changes in the local directory of the respective devices.

For how long have I used the solution?

I've used the solution for more than three years.

What do I think about the stability of the solution?

The solution is highly stable.

What do I think about the scalability of the solution?

Check Point has an Unlimited License Package for the RA VPN and therefore we can scale it easily.

How are customer service and technical support?

Customer service has a dedicated team that handles RA VPN cases which ultimately leads to an early resolution.

Which solution did I use previously and why did I switch?

Migration has taken place such as from Cisco to Check Point and Sophos to Check Point. During that phase, the customer needed to change the VPN client as well.

Browser-based functionality is one of the best things that Check Point provides.

How was the initial setup?

The initial setup is straightforward during the initial configuration.

What's my experience with pricing, setup cost, and licensing?

The setup is very straightforward but subscription-based. It isn't cost-effective.

Which other solutions did I evaluate?

We did look at Cisco Anyconnect and Palo Alto Global Protect.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Jun Park - PeerSpot reviewer
Senior Manager at Tmoney Co., Ltd.
Reseller
Top 20
Popular as a brand and great for remote access but needs 5G capabilities
Pros and Cons
  • "It’s very light."
  • "The remote access point coverage should be bigger than it is now."

What is our primary use case?

We are using it for the office network. The people connect to the access points with their laptops. It’s for remote access. That's the main use.

What is most valuable?

Aruba's brand image is famous for AP. It’s quite popular and well known. Customer awareness is quite high.

The solution is stable.

It is scalable.

It’s very light.

The solution is easy to use and makes it simple to connect to the internet.

What needs improvement?

The remote access point coverage should be bigger than it is now. The speed of the express network should be higher than now. These days, the 5G network is very fast. If they don't improve their network speed, then they will fade away, fade out. We’d like them to add 5G functionality as soon as possible.

For how long have I used the solution?

We’ve been using the solution for four or five years.

What do I think about the stability of the solution?

The solution is very stable. I haven’t heard about any failure of the access points, or our access points. It seems to be reliable and the performance is good. There are no bugs or glitches. It doesn’t crash or freeze.

What do I think about the scalability of the solution?

The solution is very scalable. You only need to install more APs. It’s not a problem at all if you would like to expand as a company or organization.

How are customer service and support?

We do not get help from Aruba engineers. We get technical support from our partners. They are helpful. If we need assistance, they are there.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

We are using Aruba wireless network products, and we are using Cisco for the local LAN network.

Normally, a customer thinks Cisco is safer and more stable. However, the main differentiation is just the brand image. Their features are almost the same.

How was the initial setup?

I didn’t handle the initial setup. I can’t speak to how easy it was or how long it took to deploy.

What's my experience with pricing, setup cost, and licensing?

I’d rate the solution four out of five in terms of affordability. It’s cheaper than, for example, Cisco.

What other advice do I have?

We are a SI, system integration, company. We are a customer as well as a reseller.

Overall we are satisfied with Aruba products.

I would rate the solution six out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer:
Flag as inappropriate
Buyer's Guide
Enterprise Infrastructure VPN
September 2022
Get our free report covering OpenVPN, Zscaler, Cisco, and other competitors of Cisco AnyConnect Secure Mobility Client. Updated: September 2022.
632,539 professionals have used our research since 2012.