We compared Duo Security and Prisma Access by Palo Alto Networks across several parameters based on our users' reviews. After reading the collected data, you can find our conclusion below:
Comparison Results: Duo Security is praised for its easy setup, user-friendly interface, and detailed documentation. It excels in providing two-factor authentication and integration capabilities. However, it needs improvement in terms of compatibility, user-specific permissions, and technical support. On the other hand, Prisma Access is highly valued for its accessibility, strong security features, and global performance. It offers protection for all app traffic and integrates well with other Palo Alto platforms. However, it can be challenging to configure and has mixed reviews regarding customer support. Duo Security is considered competitively priced, while Prisma Access is seen as more expensive but worth it for its quality.
"It's a lot easier for our end users to connect to our network. You don't have to type in a code. You get push notifications, that's probably the best thing about it. The fewer clicks they have to do to be online, the better it is. They can easily get into the network and do remote work."
"It's pretty easy for users to figure it out."
"Multifactor authentication and secure two-factor authentication are the most valuable features. It's been around for a while, but now it's becoming an enforced behavior as opposed to something that you used to do as optional."
"Cisco Secure solutions are great for detecting and remediating threats across our infrastructure from end to end. The integration of Talos in SecureX is great. Everything is clear in one dashboard. You have a dashboard there, your dashboard, and now you can have one look in your dashboard and see everything. It's on one pane of glass."
"The app has greater stability than rival solutions such as Google Authenticator, and Duo Push authentication is a valuable feature."
"Another feature is the single pane of glass management. That's important for analytics and also for troubleshooting. It means there's one place that you go to at least start the troubleshooting process."
"The integration with Azure Active Directory and the AWS cloud is amazing, as most products nowadays require the creation of a customized integration. With Duo Security, it was more like native integration, and it took me five minutes to register."
"It is a good solution for hybrid environments and VPN."
"The features I find most valuable is WildFire, user integration, and the basic technology features."
"The visibility perspective is pretty cool. If I want to know how much data is being used for a specific project, I can look at how much data has been used, from which region, and which users have been connected. That visibility is very good so that I can see how many licenses we have and how many are used."
"The remediation process is easy compared to other platforms."
"You have the ability to create your own expressions for your data. Palo Alto understands that DLP is not the same for all consumers. You might have a particular need to fulfill, and they give you the opportunity to create a custom expression to match the specific format that you have. For a confidential file property that you have in your files, you can add a metadata field. It gives you that opportunity to create that."
"The most valuable feature is the ability to join your network and provide access through the VPN."
"It has predefined or preconfigured rules, which are getting periodically updated. They are providing continuous improvements and periodically updating all search queries that they are looking for. That is one thing that helps us to stay vigilant and focused. If we query our AWS account for any breaches or vulnerabilities with any of the cloud tests, and it alerts us based on these predefined rules. It also provides an option to configure our own rules, and based on these rules, it can query the cloud trail logs, pull the information, and trigger alerts in real-time. I haven't explored this feature much because there are multiple accounts, and we don't have enough time to explore this feature. It also provides multiple integrations. When vulnerabilities or breaches are happening, you should be aware of them immediately. It provides integration with tools such as Slack, PagerDuty so that you can get alerted as soon as the high severity stuff comes up. For example, you have a security group that has allowed public traffic on port 22. As TechOps, you should be aware of this immediately. You cannot scan each machine or look into all security groups to identify it. So, Prisma helps us and alerts us when this kind of high-priority stuff comes up. It has different statistics, analytics, and graphs for data. The description of alerts is also pretty good. They describe what are the possible causes for this and what are the solutions. From Prisma Cloud, you can directly go to the AWS account. When you click on an alert, a resource, or a resource ID, it takes you to the AWS console where you need to log in. If you are already logged in, it will take you to that instance directly, and you can fix the issue there. I have found this feature very useful."
"Prisma helped us build a moat around our production systems. It's now impossible to log into our production from a non-MDM laptop. Prisma Access provides decent security overall."
"It supports auto-scaling for mobile users. It auto-scales depending on the mobile user traffic. For example, if 1,000 people are working from home today, and tomorrow, the number increases to 2,000, it is not going to be an issue."
"We were considering purchasing other products, like AMP for Endpoints, and it was not properly integrated with the firewall function. It might be better now with SecureX."
"Duo was clearly purchased, and Cisco has a lot of other panels for their Firepower products, et cetera. They need to continue bringing it, Umbrella, and the endpoint pieces even more together and make the integration a little more seamless among all of them."
"I'd like to see it integrated into other applications. I know there are some integrations, but I haven't been able to explore that any further."
"Smart Licensing needs improvement. It's terrible. We have problems with it every year and we need to involve support to fix it."
"When you come to the push in Duo Security, there are some integrations where you have to use the code instead of the push functionality."
"For the back-end, there could be a few more security features applied."
"More automation and device insights would be helpful in achieving a seamless single pane of glass. Having the additional capability to streamline processes would also make things better."
"The technical engineers in the first line of support should improve their knowledge."
"Its integration with non-Palo Alto products can be improved. Currently, it is easy to integrate it with other Palo Alto products such as Cortex XDR. It integrates well with other Palo Alto products. A major part of our network is based on Palo Alto products, but for those companies that use multi-vendor products in their infrastructure, Palo Alto should optimize the integration of Prisma Access with the network devices from other vendors."
"It's not really Prisma's fault, but when you try to create exceptions you don't really have those abilities. You cannot say, on the management platform, "Hey, for these users I want to create these exceptions." That is one thing that I have gotten some complaints about, and we have faced some challenges there."
"It would be nice to manage Prisma Access through the cloud instead of through Panorama. You can use the cloud version to monitor Prisma Access, but it doesn't have all the features yet, and it's not 100% done."
"There is some particular traffic that the security team wants to filter out and apply their own policies and they cannot."
"It applies commits to the firewalls slowly. There isn't an API you can use for anything. We've previously had trouble with the egress IP addresses though we expressed to engineering that those mustn't change. They changed several times without warning, causing a lot of headaches."
"The BGP filtering options on Prisma Access should be improved."
"Sometimes, we encountered a portal crash. When we told Palo Alto they said it might be the browser or cache, but I think they need to improve it on their side."
"When it comes to the VPN, it uses the global protect VPN functionality to connect remotely, but it has a feature limitation for assigning multiple IP sub-links to different user groups. It would be much better if we are able to assign the current IP blocks for the sub-links based on the user groups."
More Prisma Access by Palo Alto Networks Pricing and Cost Advice →
Cisco Duo is ranked 3rd in ZTNA as a Service with 55 reviews while Prisma Access by Palo Alto Networks is ranked 2nd in ZTNA as a Service with 55 reviews. Cisco Duo is rated 8.8, while Prisma Access by Palo Alto Networks is rated 8.4. The top reviewer of Cisco Duo writes "Helps reduce the risk of a breach and is easy to deploy and onboard". On the other hand, the top reviewer of Prisma Access by Palo Alto Networks writes "Integration with Palo Alto platforms such as Cortex Data Lake and Autofocus gives us visibility into our attack surface". Cisco Duo is most compared with Microsoft Entra ID, Fortinet FortiToken, Fortinet FortiAuthenticator, Yubico YubiKey and UserLock, whereas Prisma Access by Palo Alto Networks is most compared with Zscaler Zero Trust Exchange, Netskope , Cisco Umbrella, Zscaler Internet Access and Prisma SD-WAN. See our Cisco Duo vs. Prisma Access by Palo Alto Networks report.
See our list of best ZTNA as a Service vendors.
We monitor all ZTNA as a Service reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
