We performed a comparison between Fortinet FortiClient and Prisma Access by Palo Alto Networks based on real PeerSpot user reviews.
Find out in this report how the two Enterprise Infrastructure VPN solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The most valuable features of Fortinet FortiClient are ease of use and simple configuration."
"It's got a very friendly user interface."
"From Forticlient, the EMS, the central management is easy to use."
"The solution is stable, we have not had any issues in the time we have been using it."
"Starting from FortiGate and from the EMS server, you have to begin at the endpoint, and that's the most useful thing about using FortiClient."
"It is not at all interesting for me as a standalone product, but as a product that is integrated with FortiGate with all features, it is actually a great tool and a great experience. I had test installed FortiClient working from home. I remembered and knew which web categories were denied or allowed. All those policies were correctly reflected standalone, for example, on my laptop."
"The solution's TNA feature blocks devices from entering the network that do not meet compliance protocols."
"Installation was easy."
"Prisma Access protects all app traffic, so that users can gain access to all apps and that's very important because we need to be able to access everything. It also allows us to access non-web apps; anything internal that we need access to, we can access."
"Being able to use the user ID or Active Directory Group is one of the great features for control and providing more flexibility without worrying about IP addresses."
"It's much faster and more secure than legacy solutions. It is also quite stable and scalable as well. We are able to see all the traffic in one place."
"The scalability of the solution is excellent."
"Security is absolutely spot-on, really top-notch. It's the result of all the components that come together, such as the HIP [Host Information Profile] and components like Forcepoint, providing end-user content inspection, and antivirus. It incorporates DLP features and that's fantastic because Prisma Access makes sure that all of the essential prerequisites are in place before a user can log in or can be tunneled into."
"There are plenty of features this solution provides and the most valuable would be the complete security protection we are receiving. We are provided with similar security that the Palo Alto AWS solution has. This includes features such as a firewall and machine learning AI."
"The solution has all its capabilities in a single cloud delivery platform which is great and it provides overall good protection."
"We're now able to go after contracts that require a Zero Trust solution and Prisma's other technology solutions."
"The solution should have faster turnaround when it comes to new technology."
"Its stability can be improved. It is not as reliable as I would like it to be. There are times when things don't work quite right. Our biggest pain point is not related to Fortinet FortiClient and the whole scheme of things. It is related to one of the additional services called FortiGuard. They are the arm that does all of the updates to definitions, keeps all the signatures updated, and responds to new threats and whatnot. What we have found is that they react quickly, but sometimes their solutions aren't compatible with all of the components of the Fortinet security suite, specifically around FortiSandbox."
"I have yet to find the benefits of the latest upgraded version."
"FortiClient is not great in Linux."
"There should be more frequent releases or updates."
"It would be extremely useful to have an automatic updating feature."
"The documentation could be improved."
"In terms of improvements, their SSL VPN tunnel can be a lot better. I've seen other products that have got much better VPN features than Fortinet. Some of my colleagues get this error called "License not available." When they get this error, they have to uninstall and reinstall it. This kind of problem is there, and sometimes, we have to open a case with Fortinet to resolve it. Their support is quick, so we are able to resolve and move forward. In terms of new features, when it is connecting, it should check the endpoint and say whether the end client is actually safe enough or whether there is a vulnerability. It should give a pop-up on the client itself. Because I'm on the admin side, I can also see this information in the log. However, if a non-IT user, such as a user from finance, is working on this and there is some problem, he or she would not know about this and would call IT admin to say that this is not working. If the users get a message explaining why and what is happening, it is easy for them to understand."
"When it comes to the VPN, it uses the global protect VPN functionality to connect remotely, but it has a feature limitation for assigning multiple IP sub-links to different user groups. It would be much better if we are able to assign the current IP blocks for the sub-links based on the user groups."
"There can be some latency issues with the solution that should be improved."
"The Cloud Management application has room for improvement. There are a lot of things on the roadmap for that application; things are going to happen soon."
"The one thing that I've been a little bit disappointed with is when we have had to open cases with Palo Alto about Prisma Access issues. Versus their other platforms, like their firewalls, where we tend to get really quick responses and very definitive answers, the few tickets I've had to open for Prisma Access have taken them longer to respond to. And they haven't necessarily given me the kind of answer I was looking for, meaning a fix to the problem."
"It is a managed firewall. When you run into issues and have to troubleshoot, there is a fair amount of restriction. You run into a couple of restrictions where you don't have any visibility on what is happening on the Palo Alto managed infrastructure, and you need to get on a call to get technical assistance from Palo Alto's technical support. You have to get them to work with you to fix the problem. I would definitely like them to work on the visibility into what happens inside Palo Alto's infrastructure. It is not about getting our hands onto their infrastructure to do troubleshooting or fixing problems; it is just about getting more visibility. This will help us in guiding technical support folks to the area where they need to work."
"When we deploy firewall rules via Panorama, we find it's a little bit slow. We have a global environment and might have 100 gateways or VPNs in the cloud. When we deploy something, it tries to deploy it one-by-one, and that can be slow."
"There is some particular traffic that the security team wants to filter out and apply their own policies and they cannot."
"While Palo Alto has understood the essence of building capabilities around cloud technology and have come up with a CASB offering, that is a very new product. There are other companies that have better offerings for understanding cloud applications and have more graceful controls. That's something that Palo Alto needs to work on."
FortiClient is a fabric agent that delivers endpoint protection, endpoint compliance, and secure access in a single, lightweight, lightweight client, providing visibility, information, and control to your endpoints. In addition, it enables secure, remote connectivity to the security fabric. It also integrates network and endpoint with segmentation and automation. FortiClient enables unified endpoint awareness by sharing endpoint telemetry with the security fabric. It is compatible with third-party EDR (endpoint detection and response and anti-malware solutions.
The FortiClient fabric agent can:
• Report on the status of a device, including firmware version and applications running.
• Send all suspicious files to a fabric sandbox.
• Enforce USB control, application control, URL filtering, and firmware upgrade policies.
• Provide application firewall service and malware protection.
• Enable devices to connect securely to the security fabric over either ZTNA tunnels or VPN (IPsec or SSL), both encrypted. The connection to the security fabric can be either a SASE service or a FortiGate next-generation firewall.
You can purchase FortiClient with one of three levels of capability:
Zero Trust security - The ZTNA edition enables both VPN and ZTNA encrypted tunnels, as well as USB device control and URL filtering.
Endpoint security - The EPP/APT edition adds AI-based NGAV (next-generation antivirus), application firewall, endpoint quarantine, and support for cloud sandbox.
Cloud-based endpoint security
Benefits and Features
• Fabric agent leverages integrations and provides telemetry information to the rest of the Fortinet security fabric.
• SAAS control and web/content filtering
• Dynamic access control helps with automation and simplifies compliance.
• Software inventory management enables visibility as well as management of licenses.
• Automated response detects and isolates any endpoints that may be compromised.
• ZTNA delivers better remote access and consistent application access policies
• Managed endpoint security services remotely assist with setup, configuration, deployment, vulnerability monitoring, and overall monitoring of endpoint security.
Reviews from Real Users:
IT Central Station users like that FortiClient is easy to use and integrates well with other solutions. They also appreciate the richness of its features and find it to be inexpensive in comparison to other products that require separate purchases for separate features.
Prisma Access by Palo Alto Networks provides consistent security for all users and applications across your remote networks. Prisma Access grants users safe access to the cloud and data center applications and the internet as well. In addition, the solution combines all of your security and networking capabilities into a single cloud-delivered platform, enabling flexible hybrid workforces.
Prisma Access can be managed two ways:
Prisma Access delivers both networking and security services, including:
Prisma Access by Palo Alto Networks Features
Prisma Access by Palo Alto Networks has many valuable key features including: App-ID, User-ID, Device-ID, SSL Decryption, Dynamic User Group (DUG) Monitoring, AI/ML-Based Detection, IoT Security, Reporting, URL Filtering, Enterprise Data Loss Prevention (DLP), Digital Experience Monitoring (DEM)*, Logging, Policy Automation, Intrusion Prevention System (IPS), and many more.
Prisma Access by Palo Alto Networks Benefits
Some of the benefits of using Prisma Access by Palo Alto Networks include:
Reviews from Real Users
Below are some reviews and helpful feedback written by Microsoft Azure Synapse Analytics
users who are currently using the solution.
PeerSpot user Partha D., Global Network Tech Lead at a computer software company, speaks about his experience using the product, saying, "It protects all app traffic so that users can gain access to all apps. Unlike other solutions that only work from ports 80 and 443, which are predominantly for web traffic, Prisma Access covers all protocols and works on all traffic patterns... The most sophisticated attacks can arise from sources that are not behind 80/443."
Tejas J., a Sr. Cloud Security Architect at a computer software company, mentions that "it is geographically dispersed, and it sits on top of Google and AWS platforms. Therefore, you don't face the standard issues, such as latency or bandwidth issues, that you usually face in the case of on-prem data centers.”
Another PeerSpot reviewer, Max I., Associate Director at Cognizant, comments that "Security is absolutely spot-on, really top-notch. It's the result of all the components that come together, such as the HIP [Host Information Profile] and components like Forcepoint, providing end-user content inspection, and antivirus. It incorporates DLP features and that's fantastic because Prisma Access makes sure that all of the essential prerequisites are in place before a user can log in or can be tunneled into."
Fortinet FortiClient is ranked 1st in Enterprise Infrastructure VPN with 49 reviews while Prisma Access by Palo Alto Networks is ranked 2nd in Enterprise Infrastructure VPN with 15 reviews. Fortinet FortiClient is rated 8.2, while Prisma Access by Palo Alto Networks is rated 8.4. The top reviewer of Fortinet FortiClient writes "Can be used to deploy security to endpoints and also control the endpoints". On the other hand, the top reviewer of Prisma Access by Palo Alto Networks writes "Makes us part of a bigger security ecosystem with updates taken care of for us, but pricing and support need work". Fortinet FortiClient is most compared with OpenVPN Access Server, Fortinet FortiEDR, Microsoft Defender for Endpoint, Microsoft Azure VPN Gateway and Pulse Connect Secure, whereas Prisma Access by Palo Alto Networks is most compared with Zscaler Private Access, Zscaler SASE, Cisco Umbrella, Prisma SD-WAN and Cato Networks. See our Fortinet FortiClient vs. Prisma Access by Palo Alto Networks report.
See our list of best Enterprise Infrastructure VPN vendors.
We monitor all Enterprise Infrastructure VPN reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.