We performed a comparison between Cisco Umbrella and Prisma SaaS by Palo Alto Networks based on real PeerSpot user reviews.
Find out in this report how the two Cloud Access Security Brokers (CASB) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."One of the most important features is the security posture check which Umbrella offers when a user accesses any website. That is one of the most unique features that it offers."
"It has excellent resilience in cybersecurity. Cybersecurity for my organization is very important because we are a banking organization. We need this security to protect the personal information of our clients. This is very important for our security."
"The most valuable features for us include tenant lock, content filtering, and DLP solutions, looking for PII and information being exfiltrated."
"You can manage and create policies based on a group of users. It can permit some URLs and block others."
"It is user-friendly. It is easy to manage the solution."
"It has improved our organization from a security posture perspective. We feel more confident now knowing that we can block phishing attempts or any type of malware that is DNS-related. This is a very nice feature that provides peace of mind."
"I like the original functionality, which allows for providing secure DNS services."
"When it comes to hybrid work it's pretty effective. We've got the agents. We can protect people inside our building and, when they're using their laptops out in the field, they're still protected. It's working well."
"The remediation process is easy compared to other platforms."
"The stacked policies, event policies, and routing policies are easy to understand for someone with general knowledge."
"You have the ability to create your own expressions for your data. Palo Alto understands that DLP is not the same for all consumers. You might have a particular need to fulfill, and they give you the opportunity to create a custom expression to match the specific format that you have. For a confidential file property that you have in your files, you can add a metadata field. It gives you that opportunity to create that."
"Prisma SaaS is very easy to use; it's common sense — it's the best-in-class."
"Overall, the cost savings, ease of deployment, and better VPN user experience and performance are valuable."
"The most valuable feature of Prisma Cloud-native, in my opinion, is that it assists in identifying, analyzing, and remediating vulnerabilities."
"To quarantine and clean a malware file provides a lot of security."
"It has predefined or preconfigured rules, which are getting periodically updated. They are providing continuous improvements and periodically updating all search queries that they are looking for. That is one thing that helps us to stay vigilant and focused. If we query our AWS account for any breaches or vulnerabilities with any of the cloud tests, and it alerts us based on these predefined rules. It also provides an option to configure our own rules, and based on these rules, it can query the cloud trail logs, pull the information, and trigger alerts in real-time. I haven't explored this feature much because there are multiple accounts, and we don't have enough time to explore this feature. It also provides multiple integrations. When vulnerabilities or breaches are happening, you should be aware of them immediately. It provides integration with tools such as Slack, PagerDuty so that you can get alerted as soon as the high severity stuff comes up. For example, you have a security group that has allowed public traffic on port 22. As TechOps, you should be aware of this immediately. You cannot scan each machine or look into all security groups to identify it. So, Prisma helps us and alerts us when this kind of high-priority stuff comes up. It has different statistics, analytics, and graphs for data. The description of alerts is also pretty good. They describe what are the possible causes for this and what are the solutions. From Prisma Cloud, you can directly go to the AWS account. When you click on an alert, a resource, or a resource ID, it takes you to the AWS console where you need to log in. If you are already logged in, it will take you to that instance directly, and you can fix the issue there. I have found this feature very useful."
"There are some situations where we would like to block things for specific user groups. I know that Umbrella does that, but it's not that easy.... when you want a specific task for specific rules and policies for user groups, you have to go three levels down in the menu, and it's hard to find where you do that task."
"The main issue that we have is with the final steps or the full integration and getting rid of Zscaler. The company still has to fall back to Zscaler when something in Umbrella is not working as expected, such as when we enable SSL inspection. When something is not working 100%, the company is falling back to Zscaler."
"There are a couple of different pieces that have different portals. I know they're working on getting them all into one portal, but that's probably the biggest thing that needs improvement right now. It's not a single pane of glass yet."
"We would like them to add more features to Cisco Umbrella."
"They can maybe simplify the configuration. For example, sometimes, the proxy part is quite difficult, and that's why we didn't deploy that."
"We faced an issue regarding virtual appliances (VAs) during deployment. They could improve the quality and management of the virtual appliances offered right now. You can't see much because it is a Linux machine, and they have customized it. You don't have any route access to the machine, only seeing limited things in it. When we opened a ticket, they didn't know much about VAs themselves. So, that is where it is lacking right now. I know this will improve in the long run."
"There are a couple of interface issues. I know that they say that there are feature enhancements that are noted. For example, we've got the Cisco Meraki security appliances, and there, we geofence our company to where we're allowed to send and receive traffic. So, in our case, by default, we only allow traffic to six different countries, which allows us to effectively prevent traffic for the majority of bad players in the world, but they don't give you an easy way to do that in Cisco Umbrella. With Cisco Meraki, I can specify or pick the countries. I can say that I want to only allow traffic from these six countries, and I'm done. With Cisco Umbrella, I have to rely on the fact that they're going to prevent traffic to other countries. They're going to decide if it's good or bad."
"The integration with other solutions is a little complex. If you want to integrate with something like ArcSight or LogRhythm or Splunk, you need to do a lot of configuration. There are no easy ways to implement it."
"The frequency of updates could be reduced."
"My clients would like to see a more feature-rich product."
"Sometimes, you have these notifications sent out about changes in App-IDs, modifications in App-IDs, or even the introduction of entirely new App-IDs to replace. Sometimes, the recommendations are followed, but even then, when the package is installed on the firewall, it gets messed up. I remember a particular one was with Tableau, and suddenly, people weren't able to use Tableau, which is an analytics tool for business."
"Lacks a hybrid model which has API plus in-line security."
"One area for improvement is for them to stay on top of keeping their CVEs on their platform up to date."
"They can add some new characteristics. For example, when an incident triggers, they can automatically send a template for a particular match that is related to the policy. We don't have that right now. It is something to improve. There could be more automation for certain actions. For example, for a particular group, it can send an administrator alert to their manager. It was one of the concerns of our customers."
"Prisma would be a stronger solution if it could aggregate resources by project or by application. So say we have an application we've developed in AWS and five applications we've developed in Azure. The platform will group it according to those applications, but it's based on the tags we use in Azure, which means I have to rely on development teams to tag resources properly."
"When it comes to integration mechanisms, Prisma SaaS does not support reverse proxy type of integrations."
More Prisma SaaS by Palo Alto Networks Pricing and Cost Advice →
Cisco Umbrella is ranked 1st in Cloud Access Security Brokers (CASB) with 39 reviews while Prisma SaaS by Palo Alto Networks is ranked 5th in Cloud Access Security Brokers (CASB) with 10 reviews. Cisco Umbrella is rated 8.8, while Prisma SaaS by Palo Alto Networks is rated 8.4. The top reviewer of Cisco Umbrella writes "We can see all of our locations in one place and only have to make changes once for all our locations". On the other hand, the top reviewer of Prisma SaaS by Palo Alto Networks writes "Supports custom expressions, helps with compliance, and integrates well with Azure AD". Cisco Umbrella is most compared with Zscaler Internet Access, Microsoft Defender for Cloud Apps, Palo Alto Networks DNS Security, Fortinet FortiGate SWG and Zscaler SASE, whereas Prisma SaaS by Palo Alto Networks is most compared with Netskope CASB, Microsoft Defender for Cloud Apps, Zscaler Internet Access, Zscaler CASB and Qualys VMDR. See our Cisco Umbrella vs. Prisma SaaS by Palo Alto Networks report.
See our list of best Cloud Access Security Brokers (CASB) vendors.
We monitor all Cloud Access Security Brokers (CASB) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.