We performed a comparison between Fortinet FortiClient and Prisma Access by Palo Alto Networks based on real PeerSpot user reviews.Find out in this report how the two Enterprise Infrastructure VPN solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The integration of VPN services with endpoint security is valuable."
"The stability is pretty good."
"The most valuable feature is the single pane of glass, single point of management."
"You can scale the product."
"I find it very easy to configure and also very stable."
"It is very simple to use. I've used some of the others in the past, such as Cisco AnyConnect, which was a nightmare. I've used a couple of others, but FortiClient is very simple to use."
"I use the tool to connect server to an ISP Data Center."
"It works well and the performance is good."
"The protection for web-based applications was helpful for my colleagues who didn't want a particular application on their devices. And the non-web access protection was more for our developers because they were writing and building code on their computers. Prisma Access was able to protect them."
"The solution is not very complex and is easy to manage for people who may or may not have knowledge about Palo Alto Networks."
"The solution also provides traffic analysis, threat prevention, URL filtering, and segmentation. That combination is important because it enhances the protection and makes the traffic more secure. It also keeps things more up-to-date, enabling us to deal with more of the current threats."
"The always-on feature is fantastic for the users. They don't have to think about it. When they go to a coffee shop to do work, there's no need to remember to toggle the VPN on. We'll protect them. URL filtering is the same at home as it is in the office."
"The solution improved the consistency of our security controls and the BCP. There has been a 20 percent reduction in TCO. Prisma Access also enabled us to deliver better applications by centralizing security management."
"Overall, the cost savings, ease of deployment, and better VPN user experience and performance are valuable."
"Prisma helped us build a moat around our production systems. It's now impossible to log into our production from a non-MDM laptop. Prisma Access provides decent security overall."
"There is a system for monitoring the traffic. You can monitor the traffic of the connected people and point out any issues on the connection part."
"While we like patch management, it would be nice if it could handle patch management for other solutions, like Microsoft."
"The software inventory part is not yet up-to-date. It doesn't have a great interface, which is a disadvantage. I wish we could leverage it, but we don't use it at all because it's not that reliable."
"Cloud services are very expensive for us."
"With the lower-end licenses, it tends to kick you out after eight hours. There is a function where it automatically kicks you out after eight hours. They could improve that and not kick you out after eight hours. Other than that, it is already pretty good."
"We've got one client where it was blocking the smartphones, and there's a way to set it up on Fortigate that's supposed to do that. However, it didn't work with them since they had a 2FA multi-factor."
"There should be more frequent releases or updates."
"FortiClient's encryption key could be stronger so that it's not broken too easily."
"The solution requires skillful users."
"Sometimes, we encountered a portal crash. When we told Palo Alto they said it might be the browser or cache, but I think they need to improve it on their side."
"There should be a dedicated portal or SASE-based solution. They're trying to add a plugin but it needs a dedicated portal because it is now an enterprise solution for multiple organizations. People should be able to directly log in to a dedicated page for Prisma Access, rather than going into a Panorama plugin, and always having to update the plugin."
"The frequency of updates could be reduced."
"While Palo Alto has understood the essence of building capabilities around cloud technology and have come up with a CASB offering, that is a very new product. There are other companies that have better offerings for understanding cloud applications and have more graceful controls. That's something that Palo Alto needs to work on."
"The initial support team is not very good. Most of the time, I have found that they are one to three years experienced only. They don't have network expertise. They know about Palo Alto products but don't know how to troubleshoot the issues. We have to guide them most of the time to troubleshoot correctly since their approach is not developed."
"Palo Alto needs to improve the GlobalProtect agent to work as a secure web gateway agent, not only as a VPN agent because some companies would want only a secure gateway. They wouldn't want a full VPN. So, Palo Alto has to make the VPN agent work as a secure web gateway agent for those customers who want only the secure web gateway solution."
"It applies commits to the firewalls slowly. There isn't an API you can use for anything. We've previously had trouble with the egress IP addresses though we expressed to engineering that those mustn't change. They changed several times without warning, causing a lot of headaches."
"There is room for improvement in the multi-environment visibility, especially around containers."
FortiClient is a fabric agent that delivers endpoint protection, endpoint compliance, and secure access in a single, lightweight, lightweight client, providing visibility, information, and control to your endpoints. In addition, it enables secure, remote connectivity to the security fabric. It also integrates network and endpoint with segmentation and automation. FortiClient enables unified endpoint awareness by sharing endpoint telemetry with the security fabric. It is compatible with third-party EDR (endpoint detection and response and anti-malware solutions.
The FortiClient fabric agent can:
• Report on the status of a device, including firmware version and applications running.
• Send all suspicious files to a fabric sandbox.
• Enforce USB control, application control, URL filtering, and firmware upgrade policies.
• Provide application firewall service and malware protection.
• Enable devices to connect securely to the security fabric over either ZTNA tunnels or VPN (IPsec or SSL), both encrypted. The connection to the security fabric can be either a SASE service or a FortiGate next-generation firewall.
You can purchase FortiClient with one of three levels of capability:
Zero Trust security - The ZTNA edition enables both VPN and ZTNA encrypted tunnels, as well as USB device control and URL filtering.
Endpoint security - The EPP/APT edition adds AI-based NGAV (next-generation antivirus), application firewall, endpoint quarantine, and support for cloud sandbox.
Cloud-based endpoint security
Benefits and Features
• Fabric agent leverages integrations and provides telemetry information to the rest of the Fortinet security fabric.
• SAAS control and web/content filtering
• Dynamic access control helps with automation and simplifies compliance.
• Software inventory management enables visibility as well as management of licenses.
• Automated response detects and isolates any endpoints that may be compromised.
• ZTNA delivers better remote access and consistent application access policies
• Managed endpoint security services remotely assist with setup, configuration, deployment, vulnerability monitoring, and overall monitoring of endpoint security.
Reviews from Real Users:
PeerSpot users like that FortiClient is easy to use and integrates well with other solutions. They also appreciate the richness of its features and find it to be inexpensive in comparison to other products that require separate purchases for separate features.
Prisma Access by Palo Alto Networks provides consistent security for all users and applications across your remote networks. Prisma Access grants users safe access to the cloud and data center applications and the internet as well. In addition, the solution combines all of your security and networking capabilities into a single cloud-delivered platform, enabling flexible hybrid workforces.
Prisma Access can be managed two ways:
Prisma Access delivers both networking and security services, including:
Prisma Access by Palo Alto Networks Features
Prisma Access by Palo Alto Networks has many valuable key features including: App-ID, User-ID, Device-ID, SSL Decryption, Dynamic User Group (DUG) Monitoring, AI/ML-Based Detection, IoT Security, Reporting, URL Filtering, Enterprise Data Loss Prevention (DLP), Digital Experience Monitoring (DEM)*, Logging, Policy Automation, Intrusion Prevention System (IPS), and many more.
Prisma Access by Palo Alto Networks Benefits
Some of the benefits of using Prisma Access by Palo Alto Networks include:
Reviews from Real Users
Below are some reviews and helpful feedback written by Microsoft Azure Synapse Analytics
users who are currently using the solution.
PeerSpot user Partha D., Global Network Tech Lead at a computer software company, speaks about his experience using the product, saying, "It protects all app traffic so that users can gain access to all apps. Unlike other solutions that only work from ports 80 and 443, which are predominantly for web traffic, Prisma Access covers all protocols and works on all traffic patterns... The most sophisticated attacks can arise from sources that are not behind 80/443."
Tejas J., a Sr. Cloud Security Architect at a computer software company, mentions that "it is geographically dispersed, and it sits on top of Google and AWS platforms. Therefore, you don't face the standard issues, such as latency or bandwidth issues, that you usually face in the case of on-prem data centers.”
Another PeerSpot reviewer, Max I., Associate Director at Cognizant, comments that "Security is absolutely spot-on, really top-notch. It's the result of all the components that come together, such as the HIP [Host Information Profile] and components like Forcepoint, providing end-user content inspection, and antivirus. It incorporates DLP features and that's fantastic because Prisma Access makes sure that all of the essential prerequisites are in place before a user can log in or can be tunneled into."
Fortinet FortiClient is ranked 2nd in Enterprise Infrastructure VPN with 40 reviews while Prisma Access by Palo Alto Networks is ranked 4th in Enterprise Infrastructure VPN with 27 reviews. Fortinet FortiClient is rated 8.0, while Prisma Access by Palo Alto Networks is rated 8.2. The top reviewer of Fortinet FortiClient writes "Gives us more visibility over our network to see which users are connected to the firewalls and what they're accessing". On the other hand, the top reviewer of Prisma Access by Palo Alto Networks writes "Makes us part of a bigger security ecosystem with updates taken care of for us, but pricing and support need work". Fortinet FortiClient is most compared with OpenVPN Access Server, Fortinet FortiEDR, Microsoft Defender for Endpoint, Microsoft Azure VPN Gateway and Cisco AnyConnect Secure Mobility Client, whereas Prisma Access by Palo Alto Networks is most compared with Netskope , Cisco Umbrella, Zscaler Private Access, Prisma SD-WAN and Microsoft Intune. See our Fortinet FortiClient vs. Prisma Access by Palo Alto Networks report.
See our list of best Enterprise Infrastructure VPN vendors.
We monitor all Enterprise Infrastructure VPN reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.