Try our new research platform with insights from 80,000+ expert users

Check Point CloudGuard CNAPP vs Prisma Access by Palo Alto Networks comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 6, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Zafran Security
Sponsored
Average Rating
9.4
Reviews Sentiment
8.2
Number of Reviews
5
Ranking in other categories
Vulnerability Management (18th), Continuous Threat Exposure Management (CTEM) (2nd)
Check Point CloudGuard CNAPP
Average Rating
8.6
Reviews Sentiment
7.4
Number of Reviews
71
Ranking in other categories
Vulnerability Management (9th), Cloud and Data Center Security (9th), Container Security (9th), Cloud Workload Protection Platforms (CWPP) (5th), Cloud Security Posture Management (CSPM) (5th), Cloud-Native Application Protection Platforms (CNAPP) (5th), Data Security Posture Management (DSPM) (6th), Compliance Management (6th)
Prisma Access by Palo Alto ...
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
63
Ranking in other categories
Secure Web Gateways (SWG) (4th), Cloud Access Security Brokers (CASB) (1st), Enterprise Infrastructure VPN (5th), ZTNA as a Service (2nd), Secure Access Service Edge (SASE) (3rd)
 

Mindshare comparison

Vulnerability Management
Secure Access Service Edge (SASE)
 

Featured Reviews

Israel Cavazos Landini - PeerSpot reviewer
Weekly insights and risk analysis facilitate informed security decisions
I appreciate the weekly insights Zafran provides, which include critical topics for networks and IT security, allowing us to evaluate which insights apply to our environment. The organization score feature is valuable to keep the leadership team updated on how our infrastructure fares security-wise. The applicable risk level versus base risk level feature is beneficial because prior to Zafran, we only used the base risk level, but now understand that risk depends on the asset itself. Zafran is an excellent tool.
Bart Coddens - PeerSpot reviewer
Evolved cloud security with active monitoring but needs interface consistency
The user interface needs work. Sometimes, it is a transition from the old tool to the new CNAPP Two that I currently have, and remnants of the old environment can still be detected. I require consistency in the user interface to ensure everything is streamlined into the same look and feel. More work is needed in fine-tuning the threat data towards your CSPM and activity logs, aligning them with business intelligence, which requires a cohesive console interface. My assessment of CloudGuard CDRs in intrusion detection and threat hunting capabilities is that it still needs some work. All the threat data that comes in, you need to fine tune it a bit.
Amar-Patil - PeerSpot reviewer
Enables seamless policy management and supports secure remote work
Our primary use case for Prisma Access by Palo Alto Networks is to control the internet and serve as an internet proxy. Additionally, we use it for secure remote work One of the most valuable features of Prisma Access by Palo Alto Networks is the ability to manage on-premise firewalls. We can…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We saw benefits from Zafran Security almost immediately after deploying it."
"Zafran has become an indispensable tool in our cybersecurity arsenal."
"We are able to see the real risk of a vulnerability on our environment with our security tools."
"Overall, we have seen about eighty-seven percent reduction of the number of vulnerabilities that require urgency to remediate, specifically the number of criticals."
"Zafran is an excellent tool."
"It learns from behavior, attacks, management, detections, captures packets, real-time analysis, et cetera. It's generating knowledge from a variety of sources for an excellent analysis."
"The identification of misconfigurations, maintenance of compliance in a centralized way, and visibility across all the multi-cloud tenants are the key functionalities."
"It has great scalability."
"The most valuable feature of Check Point CloudGuard Posture Management is the training."
"The solution offers an excellent price, benefit, and installation relationship."
"The most valuable feature is the separate environment."
"The two most valuable features for us are the central firewall administrator and the real-time cloud compliance monitoring."
"The CDR helps detect anomalous behavior and respond to threats before they become an issue."
"Prisma Access is very stable, and I am very much satisfied with its stability, rating it nine to ten out of ten."
"The solution is not very complex and is easy to manage for people who may or may not have knowledge about Palo Alto Networks."
"Prisma SaaS is very easy to use; it's common sense — it's the best-in-class."
"Its frontend is user-friendly. It is easy to use for us."
"Overall, the cost savings, ease of deployment, and better VPN user experience and performance are valuable."
"The setup is relatively straightforward."
"It's quite reliable and performs well for users."
"The always-on feature is fantastic for the users. They don't have to think about it. When they go to a coffee shop to do work, there's no need to remember to toggle the VPN on. We'll protect them. URL filtering is the same at home as it is in the office."
 

Cons

"The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvements."
"I think the ability to have some enhanced reporting capabilities is something they can improve on, as they have good reports but we have asked for some specific reporting enhancements."
"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."
"I strongly advise that the multi-layered security system of Check Point often undergoes updates and new versions keep coming."
"Compliance checks on cloud resources against various industry standards and compliance framework templates need to be improved."
"For businesses with varied IT ecosystems, increasing the integration capabilities with additional third-party products and services would increase flexibility and user-friendliness."
"CloudGuard CNAPP could be enhanced by increasing the number of components that run natively on Azure."
"When rules change, it messes up the remediation. They haven't found a fix for that yet. The remediation rule goes into limbo. It's an architectural design flaw within their end compliance engine—a serious bug."
"The user interface needs work. Sometimes, it is a transition from the old tool to the new CNAPP Two that I currently have, and remnants of the old environment can still be detected."
"I'd like to see more advanced encryption for local features, which is not present right now."
"In general, for the product to be successful, they need to improve security, and configuration detection."
"I haven't seen any SD-WAN configuration capability. If Prisma Access would support SD-WAN, that would help... SD-WAN devices should be able to reach Prisma Access, and Palo Alto should support different, vendor-specific devices, not just Palo Alto devices, for SD-WAN configuration."
"The solution needs to be more compatible with other solutions. This is specifically a problem for us when it comes to healthcare applications. They have proprietary connection types and things of that nature that make compatibility a challenge sometimes."
"Palo Alto Prisma 10 came out over a year ago. Palo Alto added this identity management feature. The legacy way Palo Alto selected which user is sitting on an IP address it passes through has been clunky."
"It's not really Prisma's fault, but when you try to create exceptions you don't really have those abilities. You cannot say, on the management platform, "Hey, for these users I want to create these exceptions." That is one thing that I have gotten some complaints about, and we have faced some challenges there."
"The product's current price is an area of shortcoming where improvements are required."
"They can add some new characteristics. For example, when an incident triggers, they can automatically send a template for a particular match that is related to the policy. We don't have that right now. It is something to improve. There could be more automation for certain actions. For example, for a particular group, it can send an administrator alert to their manager. It was one of the concerns of our customers."
"They could add more flexibility and improve product performance."
"I would like to see support for custom applications."
 

Pricing and Cost Advice

Information not available
"The tool's pricing is moderate. Its licensing costs are yearly."
"The licensing part still needs some work. The issue that I have is that we do not use all the services in the cloud, but sometimes, CloudGuard identifies them as an asset."
"Everything in this field is very expensive."
"The licensing and costs are straightforward, as they have a baseline of 100 workloads (number of instances) within one license with no additional nor hidden charges. If you want to have 200 workloads under Dome9, then you need to take out two licenses for that. Also, it does not have any impact on cloud billing, as data is shared using the API call. This is well within the limit of free API calls provided by the cloud provider."
"The pricing is tremendous and super cheap. It is shockingly cheap for what you get out of it. I am happy with that. I hope that doesn't get reported back and they increase the prices. I love the pricing and the licensing makes sense. It is just assets: The more stuff that you have, the more you pay."
"It is a very straightforward licensing model that is based on the number of assets you are discovering and managing with the solution."
"The price is on the higher end."
"In the beginning, the price of Dome9 was cheap, whereas now it is not."
"The licensing model for this product is complicated and changes all the time, making it very hard for the user to comprehend the configuration."
"Prisma Access by Palo Alto Networks is an expensive solution, especially when compared to other solutions like Cisco. There are no additional charges apart from the standard licensing costs attached to the solution."
"It is a little expensive. Because it is one of the best in the market, it is a little bit more expensive than other vendors."
"The solution requires a license and the technical support has extra costs. The licensing model could improve."
"Actually the solution is very expensive. I don't know the particulars since the purchasing team dealt with it."
"In terms of pricing, considering that it is a two or three years old solution, they should apply big discounts for the next two or three years. This approach will be better for them to capture the market."
"Compared to other products, the price is slightly high."
"Prisma SaaS is more expensive than similar solutions but I think it's worth it."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
859,957 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
12%
Financial Services Firm
11%
Manufacturing Company
7%
Healthcare Company
6%
Financial Services Firm
13%
Computer Software Company
13%
Manufacturing Company
8%
Educational Organization
5%
Computer Software Company
14%
Manufacturing Company
13%
Financial Services Firm
12%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Zafran Security?
The current pricing of Zafran Security is fair overall. They were good to work with to accommodate our organization w...
What needs improvement with Zafran Security?
The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvement...
What is your primary use case for Zafran Security?
Zafran Security is helping reduce the amount of critical vulnerabilities in our environments that require prompt reme...
What is the better solution - Prisma Access or Zscaler Private Access?
We looked into Prisma Access before choosing Zscaler Private Access (ZPA). Palo Alto’s Prisma Access is a secure ac...
What do you like most about Prisma Access by Palo Alto Networks?
The most valuable features of the solution are in the areas of the secure remote access it provides while also being ...
What is your experience regarding pricing and costs for Prisma Access by Palo Alto Networks?
From my experience, Palo Alto is more expensive compared to solutions like Netskope and Triscale.
 

Also Known As

No data available
Check Point CloudGuard Posture Management, Dome9, Check Point CloudGuard Workload Protection, Check Point CloudGuard Intelligence
Palo Alto Networks Prisma Access, Prisma Access, GlobalProtect, Palo Alto GlobalProtect Mobile Security Manager, Prisma SaaS by Palo Alto Networks, Prisma Access
 

Overview

 

Sample Customers

Information Not Available
Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners
Concord Hospital, State of Colorado, Essilor International, RheinLand Versicherungsgruppe, University of Westminster, Universidade Nove de Julho, SPAR Austria, CAME Group, ZipRealty, Greenhill & Co., IKT Agder, Aviva Stadium, Animal Logic, Management & Training Corporation, Brigham Young University Hawaii, School District of Chilliwack
Find out what your peers are saying about Qualys, Wiz, Tenable and others in Vulnerability Management. Updated: June 2025.
859,957 professionals have used our research since 2012.