We performed a comparison between Prisma Access by Palo Alto Networks and Zscaler Zero Trust Exchange based on real PeerSpot user reviews.
Find out what your peers are saying about Zscaler, Palo Alto Networks, Cisco and others in ZTNA as a Service."On the outside, the main differentiation is because Lookout ingest. They have ingested basically all of the apps for the last ten years and all the versions of all the apps, and we have that in a corporate database that allows us to do very large-scale machine learning and analysis on that data set. That's not something that any of the competitors really have the capability to do because they don't have access to the data set. A lot of the apps you can no longer get them because that version of the app is five or six years old, and it just doesn't exist anywhere anymore, except within our infrastructure. So, the ability to have that very rich dataset and learn from that dataset is a real differentiator."
"The protection offered by the product is the most valuable feature. It detects vulnerabilities or traps on our users' phones and then prompts them to clean up their devices. Tools we used previously would only discover, which required us to gather information on the backend, so Lookout is a welcome upgrade."
"The most valuable features are the antivirus as a whole, the anti-malware, and all of the protection features that scan our enterprise devices."
"The solution is stable."
"The always-on feature is fantastic for the users. They don't have to think about it. When they go to a coffee shop to do work, there's no need to remember to toggle the VPN on. We'll protect them. URL filtering is the same at home as it is in the office."
"The solution's most valuable features were the model's reduced complexity on the client side and its capability to provide security."
"Prisma helped us build a moat around our production systems. It's now impossible to log into our production from a non-MDM laptop. Prisma Access provides decent security overall."
"Palo Alto Firewall is one of the best firewalls in the world."
"The solution improved the consistency of our security controls and the BCP. There has been a 20 percent reduction in TCO. Prisma Access also enabled us to deliver better applications by centralizing security management."
"You have the ability to create your own expressions for your data. Palo Alto understands that DLP is not the same for all consumers. You might have a particular need to fulfill, and they give you the opportunity to create a custom expression to match the specific format that you have. For a confidential file property that you have in your files, you can add a metadata field. It gives you that opportunity to create that."
"A feature I've found very helpful is run time security because most of the products on the market will look at security during the build time, and they don't really look at what happens once you're going into production."
"The remediation process is easy compared to other platforms."
"The most valuable feature of Zscaler Private Access is the categorization of the dynamic URLs which keeps the customer's environment protected. The threats and the malware are correctly categorized."
"I find all Zscaler Private Access features valuable because each replaces flawed technologies, such as EPAs being replacements for VPN and PR as a replacement for PAM, so I can't mention only one valuable feature. Overall, Zscaler Private Access is a good solution."
"The ZPA is a unique feature which offers VPN along with all the additional security needed."
"It is easy to use."
"With SASE, we have a single platform that covers multiple task services with which we need to control access. All the features are equally valuable."
"The solution offers a simplified network infrastructure and security functions and it enables secure remote access for the users"
"The most valuable feature is the manageability of the micro tunnels."
"It does the job. What it is needed for. I can use it for VPN, I can use it for secure connections, I can use it as a firewall. So the solution does the job."
"We just submitted an enhancement request reflecting the main area we want to see improvement in; the APIs. Currently, we're able to build dashboards, but it's somewhat backward because we use our MDM API to create them. Lookout should provide API to customers so we can query our data and use it in our cloud, and this is the only outstanding area for improvement with the product right now."
"The stability depends on the service from where you access it. Because sometimes, the place you are in, you have Gateway. You don't have Gateway. The gateway is overutilized. At the end, you need to go through their gateways. And this is the key point here. You have a tracking point. If it's not well orchestrated, and it scales up as you add more to the existing team, you will suffer"
"From the analysis that we've done, they do seem to be maybe a step behind in trying to enter the market with a new solution. But when they do pick up, they do come out with some good products."
"Lookout was moving into the SSE space. And so their work on SecureWeb Gateway and SD-WAN is still sort of evolving."
"When it comes to the VPN, it uses the global protect VPN functionality to connect remotely, but it has a feature limitation for assigning multiple IP sub-links to different user groups. It would be much better if we are able to assign the current IP blocks for the sub-links based on the user groups."
"If you compare Prisma SaaS against other products, such as Cloud Log, it's a little bit tricky to understand, but it offers different functionality that other products don't have. From a user usability point of view, you need some training for this product, as an admin, you need a couple of demos."
"We've run into some challenges, having hit a lot of bugs over the past year in the deployment of GlobalProtect. We've had our fair share of issues that I haven't been happy with. We're working with the support organization to remediate them and waiting for updated releases. The response on getting the bugs fixed has not been what I would consider adequate for a product like this."
"We are using the SaaS offering. We use our applications for microservices. We use Twistlock to scan containers, and it displays these results in Prisma, which is a good feature because we can see vulnerabilities with respect to these containers. We can see everything in a very detailed manner. However, when you have different environments for a single application, such as DEV, QA, PROD, and TEST, all these environments run multiple containers, which can lead to a very high number of containers. In such a scenario, it shows you the alerts for all those containers that have vulnerabilities. If you show the results of all the containers that share the same image, it is not going to add any value. Therefore, they should narrow down the alerts based on a container. It should show information for a single container. Otherwise, the person who is looking at the results gets the impression that he has to fix all these issues. This is something that they can improve."
"Palo Alto needs to improve the GlobalProtect agent to work as a secure web gateway agent, not only as a VPN agent because some companies would want only a secure gateway. They wouldn't want a full VPN. So, Palo Alto has to make the VPN agent work as a secure web gateway agent for those customers who want only the secure web gateway solution."
"The cloud setup is straightforward, and the onboarding process is much better, but the on-premises initial setup is slightly complex."
"Palo Alto Prisma 10 came out over a year ago. Palo Alto added this identity management feature. The legacy way Palo Alto selected which user is sitting on an IP address it passes through has been clunky."
"I would like to see support for custom applications."
"There are latency issues with the solution. They are small, however, they are there when you compare it to other vendors."
"Users report application access or latency issues with Zscaler Private Access."
"To enhance their offering, it is advisable for them to focus on strengthening the foundation of their architecture. Additionally, they should consider integrating a broader range of services that go beyond what managed service providers typically offer independently."
"The DX layer could be better if it had improved visibility."
"We would like to extend the SASE applications for Zscaler."
"The granularity in blocking is not sufficient, as new domains are automatically blocked for 30 days without further information."
"We'd like to have two-factor authentication that is quite simple."
"It has massive room for improvement. The Zscaler product itself is okay, but it doesn't give enough granularity for us as an organization to stipulate rules or processes, especially for data-driven services. For instance, we can stick on SSL inspection, but it's just a click box. It doesn't allow us to go any further into the detail of the SSL inspection. We also can't pull it out without having an additional logging server. It just doesn't give us enough granularity. They should give us more control over the interfaces because it is all backend. They weren't very open to discussing their backend architecture with us in terms of their own data centers. They can maybe a little bit more open about what components are there and how the backend infrastructure works alongside Zscaler. Its licensing can be better. Some of the additional licensing costs are quite high, and they should have certain features ready and available as a baseline rather than having to purchase additional licenses for it. Their support should also be improved. I initially had a consultant from Zscaler for its deployment, but the support that I had throughout the deployment of the project wasn't the best."
More Prisma Access by Palo Alto Networks Pricing and Cost Advice →
Prisma Access by Palo Alto Networks is ranked 2nd in ZTNA as a Service with 57 reviews while Zscaler Zero Trust Exchange is ranked 1st in ZTNA as a Service with 34 reviews. Prisma Access by Palo Alto Networks is rated 8.2, while Zscaler Zero Trust Exchange is rated 8.4. The top reviewer of Prisma Access by Palo Alto Networks writes "Integration with Palo Alto platforms such as Cortex Data Lake and Autofocus gives us visibility into our attack surface". On the other hand, the top reviewer of Zscaler Zero Trust Exchange writes "Allows for strict access control, granting access to specific applications at a URL level rather than at the physical IP level". Prisma Access by Palo Alto Networks is most compared with Netskope , Cisco Umbrella, Zscaler Internet Access, Prisma SD-WAN and Microsoft Defender for Cloud Apps, whereas Zscaler Zero Trust Exchange is most compared with Cato SASE Cloud Platform, Axis Security, Cisco AnyConnect Secure Mobility Client, Cloudflare Access and Perimeter 81.
See our list of best ZTNA as a Service vendors and best Secure Access Service Edge (SASE) vendors.
We monitor all ZTNA as a Service reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.