Try our new research platform with insights from 80,000+ expert users

Cato SASE Cloud Platform vs Prisma Access by Palo Alto Networks comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Aug 11, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

iboss
Sponsored
Ranking in Cloud Access Security Brokers (CASB)
8th
Ranking in ZTNA as a Service
11th
Ranking in Secure Access Service Edge (SASE)
9th
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
19
Ranking in other categories
Secure Web Gateways (SWG) (7th), Internet Security (3rd), Web Content Filtering (3rd)
Cato SASE Cloud Platform
Ranking in Cloud Access Security Brokers (CASB)
6th
Ranking in ZTNA as a Service
4th
Ranking in Secure Access Service Edge (SASE)
5th
Average Rating
8.8
Reviews Sentiment
7.7
Number of Reviews
29
Ranking in other categories
WAN Optimization (1st), Software Defined WAN (SD-WAN) Solutions (5th), WAN Edge (5th)
Prisma Access by Palo Alto ...
Ranking in Cloud Access Security Brokers (CASB)
1st
Ranking in ZTNA as a Service
2nd
Ranking in Secure Access Service Edge (SASE)
1st
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
63
Ranking in other categories
Secure Web Gateways (SWG) (3rd), Enterprise Infrastructure VPN (5th)
 

Mindshare comparison

As of May 2025, in the Secure Access Service Edge (SASE) category, the mindshare of iboss is 1.7%, up from 1.2% compared to the previous year. The mindshare of Cato SASE Cloud Platform is 9.4%, up from 7.5% compared to the previous year. The mindshare of Prisma Access by Palo Alto Networks is 16.7%, down from 19.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Secure Access Service Edge (SASE)
 

Featured Reviews

Matt Crockford - PeerSpot reviewer
It's easy to roll out, and their understanding of our business made it seamless
One aspect we value about iboss is its simplicity. Their customer service is brilliant, and they are super responsive and knowledgeable. It's easy to roll out, and their understanding of our business made it seamless. We were impressed by the solution's mental health function, which can detect if someone needs help. It scans what users are browsing and flags warning signs so we can check to see if they are okay. We've had to use it a couple of times. The user interface is highly intuitive. Our IT team picked it up with minimal training. It's arranged so that it's easy to find where things are. Another advantage is the single pane of glass console, which gives you visibility into what's happening. We're not fully there yet because we haven't implemented zero trust, but we're excited about the possibilities from the demos we've seen. We launched a POC of iboss' ChatGPT Risk Protection feature two weeks ago. AI is a great tool, but you need to be careful what you put into it. My biggest fear is employees inputting sensitive corporate information or customer PII data into one of these chatbots. I was impressed by our trial of the feature. It's exactly what we wanted. Now, when a user goes to ChatGPT, there's a banner warning them not to share information, and we can block conversations containing customer data like bank details and email addresses. I don't want to stop people from using it, but we need visibility. We've only tried it on a test group of 15 people. You can configure it to look for specific keywords or integrate it with your DLP policy if you have that configured
Alexander Azikov - PeerSpot reviewer
Provide a seamless experience for end users with internet duplication feature
The setup and onboarding process is very straightforward - I'd rate it a ten out of ten for ease. We use CatoCloud as our cloud provider. They have points of presence, and we connect to the nearest one to our physical location. All the routing, inspection, and logic for what to route, block, or allow happens in the cloud, not on the local device. Our deployment took a couple of weeks because we installed the sites manually. If we had a team to help switch locally, it could have been done in a week. The deployment process is straightforward. We set up all the sites in their cloud system; then, they ship the sockets directly to the location or our main office. We connect the device to the internet, it gets activated, we assign it to a specific site inside the cloud, and it's online and ready to use. It's very easy.
Partha Dash - PeerSpot reviewer
Makes us part of a bigger security ecosystem with updates taken care of for us, but pricing and support need work
There are definitely a number of things that could be improved. One of them is geographic coverage. China is still an issue because the solution does not operate there properly due to government regulations. I believe Palo Alto is trying pretty hard to get into partnerships with Alibaba and other cloud providers, but they do not have the same compelling offering in China that they have in the rest of the world. Businesses that are operating within China have to be very sure to evaluate the solution before making a buying decision. It is not an issue with Palo Alto, rather it is predominantly the result of government rules, but it's something that Palo Alto needs to work on. There is also room for improvement when it comes to latency in a couple of regions, including India and South America. They might have to increase their presence in those locations and come up with more modern cloud architectures. The third area is that, while Palo Alto has understood the essence of building capabilities around cloud technology and have come up with a CASB offering, that is a very new product. There are other companies that have better offerings for understanding cloud applications and have more graceful controls. That's something that Palo Alto needs to work on.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Its initial setup was straightforward."
"iboss is easy to use despite its complexity. Multiple engineers manage it, but it's significantly more straightforward to administer than traditional VPNs and web proxies."
"Because of iboss, I did not have to assign web filtering tasks to my techs on a daily basis."
"The solution has massively improved our security posture, giving us full visibility into what our staff does online."
"The security aspect of the solution, particularly the malware behind it, is excellent. That's something that really helped us out. It's not just a simple proxy that just blocks the insights of potential threats that come on behind it. They do malware detection and that helps us a lot."
"Content filtering is the most useful feature of iboss."
"The iboss system is highly reliable. The false positive rates are small compared to some other systems we've experienced through other partner agencies who use competing solutions."
"Granular setup, which was able to set different levels of filters using the OUs in the AD."
"The most valuable features of Cato Networks are the always-on VPN for remote workers and centralized management. Additionally, web filtering and antivirus are good."
"The most valuable feature of Cato Networks is the CASB and the documentation is useful."
"The tool's advantage is that it provides a hassle-free solution that is easy to manage across all customers. For instance, we have a few customers with as few as 50 users, including one with a branch in Vietnam and others with thousands of users."
"The scalability is quite good."
"The Cato SASE Cloud Platform is a remarkable solution for managing and controlling all aspects of Zero Trust network access functions through its SASE capabilities. It's designed with an exquisite and practical architecture, making it a worthwhile investment for organizations looking to optimize IT spending and streamline management processes."
"When I first encountered Cato, I didn't know how to use it, but after a week of training, I could onboard our systems to it, so the solution was easy to learn and navigate."
"Cato offers all the functionality found in other solution. The life cycle management is always very stable."
"The solution is stable."
"Prisma integrates well with Cortex XDR and Cortex Data Lake. My company has been also using Prisma Access in-house for nearly a year, and it integrates seamlessly."
"Its hands-off security and the fact that we don't have to maintain it are the most valuable features."
"The most valuable feature is the zero-trust part of this solution."
"The solution's most valuable features were the model's reduced complexity on the client side and its capability to provide security."
"We're now able to go after contracts that require a Zero Trust solution and Prisma's other technology solutions."
"Prisma Access is very stable, and I am very much satisfied with its stability, rating it nine to ten out of ten."
"Prisma Access protects all app traffic, so that users can gain access to all apps and that's very important because we need to be able to access everything. It also allows us to access non-web apps; anything internal that we need access to, we can access."
"Overall, the cost savings, ease of deployment, and better VPN user experience and performance are valuable."
 

Cons

"Sometimes the agent stops working in iboss, and we have to reinstall the agent."
"Our biggest problem with their service was it did not recognize the device and filtering did not always work correctly."
"I am currently doing a PoC of the zero trust aspect of it. Compared to other similar solutions, it is hard to get around each feature. It takes a while to get used to it."
"If they could implement an extra security layer preventing access to iboss from the open internet, it would be great."
"The reporting feature needs improvement."
"Their on-premise hardware's network interface is capped at one gigabit, which is sort of a problem. If you stand a filter up where all traffic flows through that, according to them, in order to go above a gigabit, you have to have multiple devices, which in today's IT seems a little bit silly. They could easily put in an SFP port into their device that could accommodate 10 gigs or at least offer a box."
"For zero trust implementation, we encountered complexity issues, especially with a large infrastructure company ExxonMobil."
"Sometimes when you call in support, you get someone who is just following a sheet. It feels like a runaround. You feel that you are running into that support wall."
"Cato Networks could improve their intrusion detection. There is not a lot in place."
"The product's technical support could be more responsive."
"The price could be better."
"The platform lacks strong security features on the edge. All security features are on the cloud."
"For a packaged solution, needing external intervention or a system integrator to get other features not offered by Cato Networks could be an area for improvement. Cato Networks does what it's meant to do and is even overstretching capabilities when introducing new features. The product can only have very few features added on top of what its currently doing. Managed service providers can deliver the extra features you'd need. It's a set of managed services, and what Cato Networks does is very comprehensive. So, for the time being, when the actual incarnation of the SASE solution is deployed, Cato Networks is a very effective product. Naturally, technology will evolve, so everybody knows that in three, four, or five years, there will be a new kid on the block, a new game. Still, at the moment, Cato Networks only needs to improve a little regarding SASE delivery. The product is doing very well, but one feature the Cato Networks team is doing right is preparing for the future through deploying the SSE 360, so the security service is at that edge. It's an excellent strategy to prepare for the future. SSE 360 is what Cato Networks should invest in the most to keep prospering."
"However, Cato's solution is modular. You don't have to buy the whole package; instead, you can start with some of the functionality and then expand it as you see fit, based on its value and as your other contracts expire."
"We would like the product to continue to improve its security."
"I'd rate Cato SASE Cloud Platform's pricing as about five or six out of ten. It's not the cheapest solution, but it is cheaper than Palo Alto and even VeloCloud."
"Palo Alto Prisma 10 came out over a year ago. Palo Alto added this identity management feature. The legacy way Palo Alto selected which user is sitting on an IP address it passes through has been clunky."
"It is a managed firewall. When you run into issues and have to troubleshoot, there is a fair amount of restriction. You run into a couple of restrictions where you don't have any visibility on what is happening on the Palo Alto managed infrastructure, and you need to get on a call to get technical assistance from Palo Alto's technical support. You have to get them to work with you to fix the problem. I would definitely like them to work on the visibility into what happens inside Palo Alto's infrastructure. It is not about getting our hands onto their infrastructure to do troubleshooting or fixing problems; it is just about getting more visibility. This will help us in guiding technical support folks to the area where they need to work."
"The tools' scalability is subject to some limitations when done on-premise due to the need for additional licenses. However, in other scenarios, increasing scalability involves expanding infrastructure to accommodate more third-party VPN access. It is scalable as long as you pay the money. Also, it needs to improve security."
"When it comes to integration mechanisms, Prisma SaaS does not support reverse proxy type of integrations."
"I would like to see support for custom applications."
"There can be some latency issues with the solution that should be improved."
"We are using the SaaS offering. We use our applications for microservices. We use Twistlock to scan containers, and it displays these results in Prisma, which is a good feature because we can see vulnerabilities with respect to these containers. We can see everything in a very detailed manner. However, when you have different environments for a single application, such as DEV, QA, PROD, and TEST, all these environments run multiple containers, which can lead to a very high number of containers. In such a scenario, it shows you the alerts for all those containers that have vulnerabilities. If you show the results of all the containers that share the same image, it is not going to add any value. Therefore, they should narrow down the alerts based on a container. It should show information for a single container. Otherwise, the person who is looking at the results gets the impression that he has to fix all these issues. This is something that they can improve."
"The user interface could be better. They need to work a little bit on the console. It is similar to their firewalls but not exactly. They need to clean it up a bit."
 

Pricing and Cost Advice

"It is probably in line with other solutions, but I do not deal with the financial side."
"We had the cost of purchasing a new appliance along with the implementation and licensing costs. However, the following year, the cost of just licensing was similar to what was paid the previous year for a new appliance along with the implementation and licensing costs."
"It is not expensive, and it is also not cheap. iboss is priced right in the sweet spot for the number of features it offers."
"The overall pricing for iboss is very competitive and transparent."
"We have not priced the solution recently, but they were competitive with other vendors in the past."
"It is expensive compared to one of its competitors."
"The platform is expensive."
"The price of Cato Networks is in the middle range compared to other solutions. NetFoundry is a less expensive solution than Cato Networks."
"You pay yearly based on the speed of your network. If you increase the speed of your network, you increase the cost for your throughput. It is by bandwidth for the most part and then licenses for VPN. There is some per-seat licensing for VPN access, but the majority of it is minimal. It is like $30 a year per client. The rest is based on how much bandwidth you'll use. You pay for that upfront for the year, and if you have to increase it, you increase it, and then they let you send more data through. There are no additional costs in addition to the standard licensing fees."
"The solution has reasonable pricing. It has a yearly subscription. The pricing depends on the permit to code. Sometimes, we need to increase the permit, and the cost will automatically change. There's no fixed cost. Unless we request additional modules such as DNS security, ELP, and decent features, there will be no additional cost."
"The pricing is on the higher side, almost an eight out of ten."
"The product is very competitively priced, and that's compelling. They don't charge the customer based on the operational cost like other brands such as Palo Alto. Cato has its own fully-fledged cloud, with their own data centers, equipment, and so on, which is an advantage. I rate the solution five out of five for affordability."
"Cato Networks seems more expensive than Cisco Meraki."
"If you compare with VeloCloud, the price is the same or even cheaper."
"Palo Alto is the Cadillac solution, so their products are pretty expensive. That's just the way it is. Their solution surpasses anything else. Cisco AnyConnect, Zscaler, and all of the other products don't compare. Palo Alto is the market leader with the most features. It saves you work, and you don't have to worry about it."
"The solution is expensive."
"I would advise choosing your options according to your company's needs. Just go for what you want and do not pay for anything extra in terms of licensing. You need to determine how much bandwidth is required in your company network, and according to that, you should pay for the license. The mobile user license is based on the number of users who are going to use the VPN solution. You need to determine how many mobile users you are going to have in your network, and you should pay according to that. There are no other costs in addition to licensing, but if you go for the consultant services of Palo Alto networks to deliver the solution for you, then you need to pay something extra. That is not a part of licensing."
"It is a little expensive. Because it is one of the best in the market, it is a little bit more expensive than other vendors."
"They price their products using credit modules."
"Actually the solution is very expensive. I don't know the particulars since the purchasing team dealt with it."
"It is not cheap. It is expensive. The good thing is that you are able to pay for what you need, but overall, it is not cheap. The pricing is not based on packages. You pay based on the features. If you want DLP, you only pay for DLP. They are very flexible. It is not cheap, but the licensing is flexible. There are no additional costs in addition to the standard licensing fees."
"The licensing model for this product is complicated and changes all the time, making it very hard for the user to comprehend the configuration."
report
Use our free recommendation engine to learn which Secure Access Service Edge (SASE) solutions are best for your needs.
851,471 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Financial Services Firm
11%
Manufacturing Company
9%
Government
6%
Computer Software Company
26%
Manufacturing Company
11%
Financial Services Firm
8%
Comms Service Provider
6%
Computer Software Company
14%
Manufacturing Company
13%
Financial Services Firm
12%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about iboss?
Content filtering is the most useful feature of iboss.
What needs improvement with iboss?
I have a couple of thoughts for improvement, but usually when I address them with my rep, they put it into the featur...
What is your primary use case for iboss?
We use it primarily for simpler filtering because we're a K12 entity.
What do you like most about Cato Networks?
The solution is a simple WAN solution. We've onboarded the socket on the Cato platform, and it provides connectivity....
What is your primary use case for Cato Networks?
I use Cato SASE Cloud Platform primarily as a single vendor, integrated SD-WAN plus SASE solution.
What advice do you have for others considering Cato Networks?
I rate Cato SASE Cloud Platform at 9.5 out of 10. There is always room for improvement, especially in edge security f...
What is the better solution - Prisma Access or Zscaler Private Access?
We looked into Prisma Access before choosing Zscaler Private Access (ZPA). Palo Alto’s Prisma Access is a secure ac...
What do you like most about Prisma Access by Palo Alto Networks?
The most valuable features of the solution are in the areas of the secure remote access it provides while also being ...
What is your experience regarding pricing and costs for Prisma Access by Palo Alto Networks?
From my experience, Palo Alto is more expensive compared to solutions like Netskope and Triscale.
 

Also Known As

iBoss Cloud Platform
Cato Networks
Palo Alto Networks Prisma Access, Prisma Access, GlobalProtect, Palo Alto GlobalProtect Mobile Security Manager, Prisma SaaS by Palo Alto Networks, Prisma Access
 

Overview

 

Sample Customers

More than 4,000 global enterprises trust the iboss Cloud Platform to support their modern workforces, including a large number of Fortune 50 companies.
Paysafe, AdRoll, Pet Lovers Centre, Arlington Orthopedics, Humphreys & Partners Architects
Concord Hospital, State of Colorado, Essilor International, RheinLand Versicherungsgruppe, University of Westminster, Universidade Nove de Julho, SPAR Austria, CAME Group, ZipRealty, Greenhill & Co., IKT Agder, Aviva Stadium, Animal Logic, Management & Training Corporation, Brigham Young University Hawaii, School District of Chilliwack
Find out what your peers are saying about Cato SASE Cloud Platform vs. Prisma Access by Palo Alto Networks and other solutions. Updated: April 2025.
851,471 professionals have used our research since 2012.