We performed a comparison between Prisma SaaS by Palo Alto Networks and Zscaler Internet Access based on real PeerSpot user reviews.Find out what your peers are saying about Cisco, Microsoft, Netskope and others in Cloud Access Security Brokers (CASB).
"There is much differentiation within the licensing so if anyone wants DNS security from the DNS security log, we are there already, and if anyone wants to go to a secure internet gateway, that is also available. We can get the integrated cloud DLP license keys. That is a good benefit with Cisco Umbrella. You can get a complete solution in a single licensing."
"A single pane of glass saves time... This does have a lot of options available for us to see who's doing what, what trends, what errors. We can set up our alerting through it as well. It is definitely a great dashboard."
"If it didn't have a single pane of glass, we would not be using it. The single pane of glass gives you a one-stop shop. It's like going to Home Depot. You find all your stuff there. You can see all your threats and your endpoints. It's a very important feature and makes things very simple."
"I was able to implement it myself. It was really easy to install. You could install it on a server locally if you want to. If you have the biggest site, you would do that, but for my site, it was just directing all the traffic out through the Cisco Umbrella DNS. It was really handy. When the owners of the company went overseas, I knew that they would be secure because even if they were not on the company network, they would still go through the Cisco Umbrella servers. It was a complete solution for protecting the company with outgoing data."
"It enables us to go granular in the customization of blocking some categories on the DNS."
"Any time someone went off the network, the AnyConnect client had the Umbrella agent built in, and it would realize when their computer connected that they were not on the corporate network. It would monitor and they would have pretty close to the same rules that they had to follow when they were in the office, regarding what kind of website browsing they could do."
"We like Cisco Umbrella because of DNS security. It's one step ahead of whatever we are using for regular web filtering. In that way, it's more secure than other web filtering products."
"One valuable feature is definitely its simplicity in terms of deployment. It is very easy to integrate it into the environment without any heavy lifting. Users didn't notice that we implemented it. You can start with a very low monitoring mode and start observing what Cisco Umbrella sees."
"Prisma SaaS is very easy to use; it's common sense — it's the best-in-class."
"You have the ability to create your own expressions for your data. Palo Alto understands that DLP is not the same for all consumers. You might have a particular need to fulfill, and they give you the opportunity to create a custom expression to match the specific format that you have. For a confidential file property that you have in your files, you can add a metadata field. It gives you that opportunity to create that."
"It has predefined or preconfigured rules, which are getting periodically updated. They are providing continuous improvements and periodically updating all search queries that they are looking for. That is one thing that helps us to stay vigilant and focused. If we query our AWS account for any breaches or vulnerabilities with any of the cloud tests, and it alerts us based on these predefined rules. It also provides an option to configure our own rules, and based on these rules, it can query the cloud trail logs, pull the information, and trigger alerts in real-time. I haven't explored this feature much because there are multiple accounts, and we don't have enough time to explore this feature. It also provides multiple integrations. When vulnerabilities or breaches are happening, you should be aware of them immediately. It provides integration with tools such as Slack, PagerDuty so that you can get alerted as soon as the high severity stuff comes up. For example, you have a security group that has allowed public traffic on port 22. As TechOps, you should be aware of this immediately. You cannot scan each machine or look into all security groups to identify it. So, Prisma helps us and alerts us when this kind of high-priority stuff comes up. It has different statistics, analytics, and graphs for data. The description of alerts is also pretty good. They describe what are the possible causes for this and what are the solutions. From Prisma Cloud, you can directly go to the AWS account. When you click on an alert, a resource, or a resource ID, it takes you to the AWS console where you need to log in. If you are already logged in, it will take you to that instance directly, and you can fix the issue there. I have found this feature very useful."
"It is easy to use, easy to integrate, and is stable. It's scalable as well."
"Prisma's most valuable feature would be its ability to identify bad or risky configurations."
"To quarantine and clean a malware file provides a lot of security."
"The stacked policies, event policies, and routing policies are easy to understand for someone with general knowledge."
"The remediation process is easy compared to other platforms."
"The most valuable features of Zscaler Internet Access are it's on the cloud, high network performance, and the interception of users is very easy."
"The solution is scalable and stable."
"Zscaler Internet Access has helped us reduce the time that we spend managing security policies by about four hours a week. We can use this time to focus on other things, especially the IT team."
"The cloud proxy and integration are some of the key features. Since there is cloud waste, we can quickly provision it and start working on the configuration. On top of that, they have added a few more features. They have integrated CASB, and file sandboxing is part of it."
"The data loss prevention feature is the most valuable. It stops our users from inadvertently leaking our customers' data to the Internet or anywhere else it shouldn't go."
"Zscaler Internet Access's best feature is the granular policy controls."
"The most valuable feature of Zscaler Internet Access is that it is a consolidated solution, it comes with many features, such as DLP."
"The initial setup is very straightforward."
"Having ready-to-go templates with best practices is definitely something that would be an improvement. Deployment, from day one, is something that definitely needs to be improved for Cisco customers."
"If we're trying to deploy it to a Mac through Meraki, it's impossible. The method of deployment for a Mac, and the features available in Meraki, are not compatible at all."
"One of the issues with Umbrella is as you get into endpoint detection and response, such as EDR point solutions, some of them will not integrate well with Umbrella. Sometimes when you want to use technology, such as Always On VPN, it will not work. There are some looming issues as one type of technology starts to crossover with Umbrella. That is the challenge and Umbrella should find a way to be more compatible with some of the endpoint response solutions that are coming out on the market."
"I'd like to see improvement in its overall integration with all the other platforms. There's some integration between Umbrella and Meraki, but an overall Cisco problem is that there are so many different tools, and finding easy, seamless ways of connecting everything together is always a challenge."
"Network connectivity was a bit of a challenge at the beginning, but we were able to get the right help from Cisco."
"Its on-prem rollout is quite challenging. It needs better coordination with the Internet Service Provider. It is a cloud-based solution, and any endpoint that connects to it has to go through all the gateway ISPs, but some of the ISPs block HTTPS-based DNS. That's where the challenge occurs with Umbrella."
"The integration with other solutions is a little complex. If you want to integrate with something like ArcSight or LogRhythm or Splunk, you need to do a lot of configuration. There are no easy ways to implement it."
"It's a very new product, so it's quite immature at the moment. It can be more user friendly."
"Prisma would be a stronger solution if it could aggregate resources by project or by application. So say we have an application we've developed in AWS and five applications we've developed in Azure. The platform will group it according to those applications, but it's based on the tags we use in Azure, which means I have to rely on development teams to tag resources properly."
"My clients would like to see a more feature-rich product."
"We are using the SaaS offering. We use our applications for microservices. We use Twistlock to scan containers, and it displays these results in Prisma, which is a good feature because we can see vulnerabilities with respect to these containers. We can see everything in a very detailed manner. However, when you have different environments for a single application, such as DEV, QA, PROD, and TEST, all these environments run multiple containers, which can lead to a very high number of containers. In such a scenario, it shows you the alerts for all those containers that have vulnerabilities. If you show the results of all the containers that share the same image, it is not going to add any value. Therefore, they should narrow down the alerts based on a container. It should show information for a single container. Otherwise, the person who is looking at the results gets the impression that he has to fix all these issues. This is something that they can improve."
"One area for improvement is for them to stay on top of keeping their CVEs on their platform up to date."
"They can add some new characteristics. For example, when an incident triggers, they can automatically send a template for a particular match that is related to the policy. We don't have that right now. It is something to improve. There could be more automation for certain actions. For example, for a particular group, it can send an administrator alert to their manager. It was one of the concerns of our customers."
"The frequency of updates could be reduced."
"Lacks a hybrid model which has API plus in-line security."
"When it comes to integration mechanisms, Prisma SaaS does not support reverse proxy type of integrations."
"Sometimes it's not easy to use during large deployments of workstations."
"The reporting functionality could be a bit easier to use. There is a reporting function, but it's quite hard to do any good reporting, from a user-management perspective. For example, if a department manager wants to know how his department is using the web, there is a way to get the data, but it's quite cumbersome to get it and show it well. And that's true for comparing between departments."
"The main issue with Zscaler Internet Access is proxy IP detection, which sometimes makes sites inaccessible."
"Sometimes, support isn't available."
"Zscaler needs to add client-to-client communication. It's always client-to-server communication. The cloud and branch connectors could be improved because we're still dependent on traditional firewalls. They should eliminate this. They should also provide WAN devices should to compete with the SD-WAN solutions also."
"If they can also integrate with the multi-factor authentication to prompt users to do another, second-factor authentication, that would be ideal."
"The solution can be improved by advancing some of the newer technologies such as the DLP feature, and adding email security."
"There are a few features that are not compatible with the Azure cloud."
Cisco Umbrella offers flexible, cloud-delivered security according to users’ requirements Cisco Umbrella includes secure web gateway, firewall, and cloud access security broker (CASB) functionality all delivered from a single cloud security service. Cisco Umbrella’s protection is extended to devices, remote users, and distributed locations anywhere. As company employees work from many locations and devices, Cisco Umbrella is the easiest way to effectively protect users everywhere in minutes.
Cisco Umbrella uses machine learning to search for, identify, and even predict malicious domains. By learning from internet activity patterns, this DNS-layer security solution can automatically identify attacker infrastructure being staged for the next threat. These domains are then proactively blocked, protecting networks from potential compromise. Cisco Umbrella analyzes terabytes of data in real time across all markets, geographies, and protocols.
Cisco Umbrella works with leading IT companies to integrate its security enforcement and intelligence. Built with a bidirectional API, Cisco Umbrella makes it easy to extend protection from on-premises security appliances to cloud controlled devices and sites.
Cisco Umbrella is suitable for small businesses without dedicated security professionals, as well as for multinational enterprises with complex environments.
Why use Cisco Umbrella?
Reviews from Real Users
Cisco Umbrella stands out among its competitors for a number of reasons. Some of the major ones are its DNS-based protection, ability to protect users no matter where they are located, stability, and high performance.
Daniel B., a network specialist at Syswind Kft, writes, “We primarily use the solution as cloud security for our branches. It protects us from direct internet outbreaks. It makes for good flexibility. The solution is very easy to manage. We found the initial setup, for example, to be quite simple. Efficient protection on the DNS level and even higher. The sandboxing feature analyses and handles the complicated security risks.”
Victor M., SOC & Security Services Director at BEST, notes, “It provides security for the remote workers and it helps to improve enterprise security in a very easy way. We mainly enjoy web software protection capabilities. It prevents the end-users from getting into bad sites or sites that potentially could have malware or could be phishing. It helps end-users avoid the wrong sites. The solution works very smoothly. The user interface is good.”
Prisma SaaS by Palo Alto Networks is a powerful cloud access security brokerage (CASB) and SaaS solution that is designed to fully handle an organization’s SaaS security needs. It is a comprehensive package that offers both in-line as well as API-based protection. Users can use Prisma SaaS to complement whatever security tools they currently employ.
Prisma SaaS Benefits
Some of the ways that organizations can benefit by choosing to deploy Prisma SaaS include:
Prisma SaaS Features
Reviews from Real Users
Prisma SaaS by Palo Alto Network is a solution that stands out when compared to many of its competitors. Two major advantages it offers are the ability to customize data search expressions and the ability to identify, analyze, and troubleshoot threats from a single solution.
Gabriel F., the senior service delivery engineer at the Netdata Innovation Center, writes, “You have the ability to create your own expressions for your data. Palo Alto understands that DLP is not the same for all consumers. You might have a particular need to fulfill, and they give you the opportunity to create a custom expression to match the specific format that you have. For a confidential file property that you have in your files, you can add a metadata field. It gives you the opportunity to create that.”
Angell D., a senior engineer at Cloudrise, says, "The most valuable feature of Prisma Cloud-native, in my opinion, is that it assists in identifying, analyzing, and remediating vulnerabilities."
Zscaler Internet Access is a cloud-native security service edge (SSE) platform. Its main purpose is to provide AI-powered protection for all users, all applications, and all locations. The solution replaces other legacy network security solutions to stop advanced attacks and prevent data loss by using a comprehensive zero trust approach.
Zscaler Internet Access Features
Zscaler Internet Access has many valuable key features. Some of the most useful ones include:
Zscaler Internet Access Benefits
There are several benefits to implementing Zscaler Internet Access. Some of the biggest advantages the solution offers include:
Reviews from Real Users
Below are some reviews and helpful feedback written by Zscaler Internet Access users.
A Service Manager at a construction company says, "There are a bunch of different capabilities that are valuable within the platform. We use quite a lot of them, but not everything. The ones that are most important to us are the URL Filtering and the application control. For our needs, the cloud-native proxy architecture is a very good solution. This architecture helps with cyber threats because we inspect most of the traffic and we can see that a lot of threats are stopped directly in the secure web gateway."
Owen N., Security Architect at Claro Enterprise Solutions, explains that the solution’s most valuable features include “The integration of the gateway that inspects all ports and protocols. So, there is threat prevention; The cloud sandbox; VNS security; Access control that will protect URL filtering and the cloud firewall; Data protection that will protect your gateway, like your CASB or your cloud DLP; The capabilities of this will point your traffic to Zscaler Cloud.”
An Architecture Senior Manager at an insurance company mentions, "The data loss prevention feature is the most valuable. It stops our users from inadvertently leaking our customers' data to the Internet or anywhere else it shouldn't go." He also adds, “The solution provides quick access to cloud services, securing our data and allowing us to inspect all our traffic.”
Prisma SaaS by Palo Alto Networks is ranked 5th in Cloud Access Security Brokers (CASB) with 9 reviews while Zscaler Internet Access is ranked 2nd in Secure Web Gateways (SWG) with 23 reviews. Prisma SaaS by Palo Alto Networks is rated 8.4, while Zscaler Internet Access is rated 8.6. The top reviewer of Prisma SaaS by Palo Alto Networks writes "Supports custom expressions, helps with compliance, and integrates well with Azure AD". On the other hand, the top reviewer of Zscaler Internet Access writes " AI decision-making on quarantined documents reduces manual work". Prisma SaaS by Palo Alto Networks is most compared with Netskope CASB, Microsoft Defender for Cloud Apps, Zscaler CASB, Skyhigh Security and Qualys VM, whereas Zscaler Internet Access is most compared with Netskope CASB, Microsoft Defender for Cloud Apps, Forcepoint Secure Web Gateway, Palo Alto Networks WildFire and Fortinet FortiGate.
We monitor all Cloud Access Security Brokers (CASB) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.