Senior System Administrator at a government with 10,001+ employees
Real User
Top 10
Makes it easy to isolate endpoints and lets us know if something needs to be addressed
Pros and Cons
  • "Since they've done their most recent update, the ease to isolate endpoints is valuable. If we find one where there is a virus on it, we can easily isolate it. We don't even have to contact the user. We don't have to manually take them off the network. We can easily isolate them."
  • "We had a problem with getting our older endpoints up to date, but their newest updates have been really good. I've been pleased with it in terms of what our needs are. It's doing what we want it to do."

What is our primary use case?

We use it to make sure that our antivirus is up to par. 

It used to be on-prem, but now, it's completely on the cloud. In terms of the version, we've got some old endpoints that we had to manually bring up to date, but for the most part, it's up to date.

How has it helped my organization?

I don't have to do much monitoring with it. I don't have to have anybody manually looking at this. It gives us reports, and it lets us know if something needs to be addressed, and we can easily address it. I've been pleased with it. It's been a really good product for us.

What is most valuable?

Since they've done their most recent update, the ease to isolate endpoints is valuable. If we find one where there is a virus on it, we can easily isolate it. We don't even have to contact the user. We don't have to manually take them off the network. We can easily isolate them. The hash that they use is pretty comprehensive. I like WildFire. It gives us a better idea of what is a true virus and what is a false positive.

What needs improvement?

We had a problem with getting our older endpoints up to date, but their newest updates have been really good. I've been pleased with it in terms of what our needs are. It's doing what we want it to do.

Buyer's Guide
Cortex XDR by Palo Alto Networks
March 2024
Learn what your peers think about Cortex XDR by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.

For how long have I used the solution?

We've been using it for at least three years.

What do I think about the stability of the solution?

It has been stable. I have not had any issues with it.

What do I think about the scalability of the solution?

For our use, we didn't need scalability with it. It has just been working as we needed it to work.

How are customer service and support?

The only time we had to deal with their support was when we had a problem with getting our older endpoints up to date. They made the upgrades and gave us the solutions on what we needed to do, and that has been working for us. 

How was the initial setup?

It was pretty straightforward, and now that it does an automatic update, I don't even have to remember to update it anymore. Once a definition expires, it automatically goes in and puts in the newest definitions, and updates all the endpoints. It is way better than what it used to be.

What's my experience with pricing, setup cost, and licensing?

I don't recall what the cost was, but it wasn't really that expensive.

What other advice do I have?

The only thing I would advise is to get a solution for which you don't have to do a lot of monitoring. It helps when we don't have to have an extra person to manually go through and look at each endpoint to make sure things are up to date and all definitions are up to date. 

I would rate it a nine out of ten because it's a really stable platform, and it is doing everything that I need it to do. You can always have improvement, but I'm really not sure what that improvement would be.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Information Security Advisor, CISO & CIO, Docutek Services at Docutek Services
Consultant
You can quickly locate exceptions and can configure process exceptions
Pros and Cons
  • "If the user leaves our premises or network, Palo Alto Traps will still be on that endpoint and will still apply our policies."
  • "Traps doesn't work with McAfee. You need to remove McAfee to install Traps. This is very common, and its nothing that should be an issue. Some antivirus engines recognize Traps as an threat component, so maybe they need to shake hands somewhere."

What is our primary use case?

The primary use case is endpoint security. The product is my main endpoint, IP, and threat management.

How has it helped my organization?

In organizations where they don't implement a NAC, this product helps stop threats at the endpoint level. Everything goes through the endpoint. By the time you get something to a server, you are compromised at your perimeter, and you might be compromised at your ID or main control. With a third-party, you need a NAC, so you can put on something like McAfee or you need authorization so the organization can scan your computer, then you can connect to the network.

We can't do that for a daily operation. We can't just have personnel waiting for someone to connect, and say, "We need to scan your computer before you go into our network." We don't have time for that." So, you need to implement a NAC. However, if you don't implement a NAC from day one of your business, it is very complicated to do it after many years because the NAC is not like a security software. You have to go server by server and do an assessment. Meanwhile, you need to protect your organization. So, you can use tools like Traps to manage your security, even stopping the threat at the last contact. 

For organizations which do not have a NAC implemented, there has to be some type of endpoint security, and it needs to be tough, like Traps. With Traps, you can search events, manage them quickly, and locate any half exceptions. Trap's traffic is encrypted. 

We like the features where you can quickly locate exceptions and can configure process exceptions. You are building your own defense. Therefore, you are not only relying on Palo Alto, but you are applying day-to-day operations of configured language that a tool can understand.

What is most valuable?

If the user leaves our premises or network, Palo Alto Traps will still be on that endpoint and will still apply our policies. For example, if you take that endpoint out of our network, go to a Starbucks with a company laptop, then connect to our our virtualized gateway. That local endpoint will still have our network policies.

I'm so used to IPS IDS endpoint security that I don't see anything else that catches my attention other than it's working fine. It's a very good tool. It's the best one that we have.

It has Android support.

What needs improvement?

There are some limitations on the Traps agents. Traps for Windows has limitations and Traps for Linux too. Traps doesn't work with McAfee. You need to remove McAfee to install Traps. This is very common, and its nothing that should be an issue. Some antivirus engines recognize Traps as an threat component, so maybe they need to shake hands somewhere.

With Windows 7 and Windows 8 64-bit, when you want to install Traps, because its Windows, it will crash. They need a little more flexibility with antivirus engines.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

It is very stable.

What do I think about the scalability of the solution?

You can grow as much as you want.

We have four users: a cybersecurity analyst, two infrastructure security personnel, and a security administrator.

How are customer service and technical support?

The technical support is very good.

Which solution did I use previously and why did I switch?

We were previously using Malwarebytes and McAfee. We are still using them along with Traps.

How was the initial setup?

The initial setup was straightforward, after we had to remove McAfee first.

The deployment took a couple of weeks. We centralized all our perimeter firewalls first, then we started deploying the agent.

We needed two personnel for deployment and maintenance: an infrastructure security person and a security administrator.

What about the implementation team?

Our third-party installer was very efficient.

What was our ROI?

Traps pays for itself within the first 16 months of a three-year subscription. This is attributed to OPEX savings, as security teams spent less time trying to identify and isolate malware for analysis as a result of a reduction in malware incidents, false positives, and breach avoidance. Security teams will spend less time and effort managing and mitigating breaches. They will be able to avoid having to activate their organization’s incident response team.

What's my experience with pricing, setup cost, and licensing?

It is "expensive" and flexible.

Which other solutions did I evaluate?

We evaluated the following other large endpoint security companies: Kaspersky Endpoint Security, CrowdStrike Falcon Endpoint Protection, Symantec Endpoint Protection, and McAfee Endpoint Security.

If you have Malwarebytes and you want to control a malware that you have on your computer, Malwarebytes will quarantine that malware. However, it depends how infected you got.

What other advice do I have?

Test normal behavior of the Traps agents (injection and policy) and confirm that there has been no change in the user experience.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Cortex XDR by Palo Alto Networks
March 2024
Learn what your peers think about Cortex XDR by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.
Network Security Engineer at I Dream networks pvt ltd
Real User
Top 5
A useful solution to combat the growing cyberattacks
Pros and Cons
  • "The solution allows control over the user and his machine through Cortex XDR security policies."
  • "Palo Alto Networks Cortex XDR does not detect malicious activity like in other anti-virus solutions like Trend Micro and Windows with Cisco."

What is our primary use case?

Cortex XDR is an artificial intelligence-based solution that automatically detects malicious activity performed by users or user machines, blocking it with the help of AI. We also create security policies on Cortex XDR that can be managed by Cortex XDR. Let's say that a company wants a security policy to work for a home user or VPN client user. It also includes an enterprise network at home.

What is most valuable?

User control in Cortex XDR allows users to restrict access to certain websites from a company laptop used over a home network. The solution allows control over the user and his machine through Cortex XDR security policies.

What needs improvement?

Cortex XDR is not that smart compared to Check Point. We also deal with Check Point. Check Point solutions, Check Point Firewall, Check Point solution WAF technology, or anti-virus technology can be considered smart because of Palo Alto. The detection of malicious activities performed by Check Point is good. Artificial intelligence is not a good match for Check Point because sometimes Palo Alto Networks Cortex XDR does not detect malicious activity like in other anti-virus solutions like Trend Micro and Windows with Cisco.

I also want a better detection feature like the one in Check Point and any other anti-virus, for a matter of fact.

For how long have I used the solution?

I am a consultant for the solution. I work with Palo Alto, our solution provider, and offer Cortex solutions and Palo Alto firewalls. We also sell Cortex XDR at Mac Global. It has been approximately six months to a year since I started working with this solution. Speaking about the version, it is the Cortex XDR client. Our responsibilities are centered around the client-based solution, including managing clients and installing software and rules. Palo Alto’s team manages the other aspects of the solution.

What do I think about the stability of the solution?

It is a stable solution since it is on the cloud. CPU utilization and hardware requirements are not necessary. According to some user licenses, when we purchase them, we get much utilization of hardware requirements through the cloud.

What do I think about the scalability of the solution?

Cortex XDR is a scalable solution with around 500 to 600 users. User visibility, user policy, and security policy can be implemented in one view on Cortex XDR. The approximate number of clients constantly using Cortex XDR is between 200 to 250.

How are customer service and support?

I am working with iDream Networks, and we are partners of Palo Alto Networks.

How was the initial setup?

I will give 50 out of 100 points since the setup of Cortex XDR is neither too easy nor too difficult to implement. Its dashboard is very easy to manage since no other sites need to be opened to manage it. Also, it can be managed from anywhere. I am not involved in the deployment process as I only manage the solution.

What about the implementation team?

The configuration and implementation are done by Palo Alto’s team.

What's my experience with pricing, setup cost, and licensing?

Licensing for Palo Alto Networks Cortex XDR can be costly, especially when it comes to a hundred users. A license is required for each user, and the subscription must be renewed on a yearly basis.

What other advice do I have?

I recommend Palo Alto Networks Cortex XDR as a dependable option for future requirements. Cyberattacks are on the rise, and so that's why I have Palo Alto’s XDR. I also suggest Palo Alto Networks Cortex XDR to all customers. On a scale of 100, I rate this solution at 85, and on a scale of one to ten, I give it an eight.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Ahmed Sief - PeerSpot reviewer
System Engineer at a logistics company with 5,001-10,000 employees
Real User
Top 10
Easy to set up, reliable, and always scanning
Pros and Cons
  • "The initial setup is easy."
  • "Every 30 or 40 days, there's a new version and we need to go and make sure our customer's laptops are upgraded."

What is our primary use case?

We're using it just to make sure that the customers, or our users, don't use any prohibited applications. We make sure that every application they use is on the allowed list. Any other application that is not only allowed is blocked until further notice. It's mainly to make sure that our organization is secure and that the software that the users are working on is secured too. This is the main reason. also to be aware and secured from any potential attack or ransomware etc.

What is most valuable?

The good thing about the product is that it's always scanning. It does real-time scanning for customers. If there's anything related to the applications that it's installed, for example, if an application needs some upgrades, or updates, or add-ons, we already have a server that is downloading this for the users, the computers. In terms of the laptops, we are not managing the laptops from the servers, since the users take the laptops with them and they are managing their laptops by themselves. There is any variability. The application gives us a notification on the Cloud so that we can handle this problem or make sure that the laptop is secured. The customers or the users don't have much experience to pick what is right and know what is wrong. It's a very, very informational application. 

The initial setup is easy.

What needs improvement?

They need to do definition updates. Instead of the version, they just put an update on the portal, and each time we need to upgrade it. Sometimes it's hard to upgrade the offsite clients. Sometimes the internet that they are using is not that stable. It gives us a hard time. Every 30 or 40 days, there's a new version and we need to go and make sure our customer's laptops are upgraded. 

It would be ideal if the updates would happen like Symantec updates or other antivirus solutions. The upgrade needs to deploy directly to the users.

For how long have I used the solution?

We've been using the solution for two years. 

What do I think about the stability of the solution?

It's very stable. There are no errors or problems, even if there is something we need to do on the machine. Due to the configuration we already do, it's locking a lot of things that the users cannot do. Even if the administrator is working, it needs the Cortex XDR permission first. It's very stable and the configuration is easy in the portal. They are enhancing their configuration and its security constantly. 

The only thing that is giving us a hard time is they have a lot of version upgrades. I don't know if it's better to do it as update packages and make the upgrades half-year, quarter a year, or every year. It should be done more regularly.

From an administrative perspective, it'll give us less headache. Each time you need just to go to the portal and make sure that you're testing the product, the upgrade before you deploy it, and then you deploy it. And then you figure out which computer doesn't have the version, and you figure out how to install it. 

If it's a laptop on the other side, it'll take a long time, sometimes a week, to get the customer the upgrade. For installing the upgrade, we must do it. The users can't install this product by themselves. That's why it takes a while. 

What do I think about the scalability of the solution?

The solution is scalable. We are using it for 80 or 90 people. It's a variety of different positions, from engineers to accountants. 

We're changing solutions and moving to SentinelOne. We won't be increasing usage.

How are customer service and support?

They are very helpful and they respond very fast. If there's any ticket open they make sure that they fix the problem the first time. I didn't face any problems with them.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We are currently moving to SentinelOne.

How was the initial setup?

It is a straightforward setup. It's not overly complex or difficult. The deployment took a maximum of two hours. 

I just installed it first on one of the testing machines and I tested the software package to see if it was still working. Then I just deployed it to the users and I made sure that it was working fine. It might take one day to deploy to the users if I test the version on the test machine first.

What about the implementation team?

I handled the implementation myself. 

What's my experience with pricing, setup cost, and licensing?

Corporate is responsible for licensing. I don't know anything about the pricing.

What other advice do I have?

We are customers and end-users. 

We're using the latest version of the solution. 

Palo Alto is a big company. They are very good at security, so it's good if it's the first time a company is using this product. However, we are moving to SentinelOne as we are corporate. That means, if there is one branch upgraded or moved to something, we must follow. We are following our corporate instructions. If I was given the choice, I would be still using Cortex XDR as it's fulfilling my need. 

I'd rate the solution eight out of ten. The downside is each time I go to the portal and I check the versions, it's outdated. You need to upgrade each month or every forty days and it's a lot.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Rustam-Rustamli - PeerSpot reviewer
CISO at International Bank of Azerbaijan
Real User
Top 20
Provides great security with its machine-learning technology and behavior-based analytics features
Pros and Cons
  • "Palo Alto is constantly adding new features."
  • "The solution lacks real-time, on-demand antivirus."

What is our primary use case?

This solution has replaced our traditional antivirus solutions; it protects our environment and safeguards our endpoints from any malware or exploitation. We are based in Azerbaijan, I'm the CISO of the company and we are customers of Palo Alto. 

How has it helped my organization?

We've seen benefits because the solution includes a big data approach to cyber security. All information is collected from the network, the endpoints, and the logs and analyzed by applying a big-data approach that shows up anomalies. 

What is most valuable?

I chose this solution because they constantly add new features and are very proactive about that. To my mind, signature-based antivirus is a thing of the past. These days it's machine-learning technology and behavior-based analytics features that make us more secure. XDR feels secure because of those features.

What needs improvement?

There are still a few gaps with this solution. For example, real-time, on-demand antivirus is not there. If you're looking for compliance XDR is somewhat lacking. There is also no recovery feature; if some endpoint is under attack there must be the possibility of recovering it or restoring it to a normal state. That is currently lacking in XDR. 

For how long have I used the solution?

I've been using this solution for about two years. 

What do I think about the stability of the solution?

The solution is stable. 

What do I think about the scalability of the solution?

This solution is scalable. 

How are customer service and support?

We have premium Palo Alto support and they provide good service. 

How was the initial setup?

The initial setup is straightforward. 

What other advice do I have?

I think any XDR technology is best for protecting an environment from cyber attacks. The visibility it provides is crucial and XDR gives us that, we can see all effect vectors. 

I rate this solution eight out of 10. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Sr. Network Engineer at a construction company with 10,001+ employees
Real User
Top 20
Low system resource usage, reliable, and flexible
Pros and Cons
  • "The most valuable feature of Cortex XDR by Palo Alto Networks is the low consumption of system resources. The solution uses a lot of AI and machine learning."
  • "Cortex XDR by Palo Alto Networks could improve by offering remote management. It would be useful to look at the client's issue to fix it."

What is our primary use case?

We are using Cortex XDR by Palo Alto Networks for all of our remote users because they are not connected to our on-premise data center.

What is most valuable?

The most valuable feature of Cortex XDR by Palo Alto Networks is the low consumption of system resources. The solution uses a lot of AI and machine learning.

What needs improvement?

Cortex XDR by Palo Alto Networks could improve by offering remote management. It would be useful to look at the client's issue to fix it.

For how long have I used the solution?

I have been using Cortex XDR by Palo Alto Networks for approximately two years.

What do I think about the stability of the solution?

Cortex XDR by Palo Alto Networks is stable.

What do I think about the scalability of the solution?

Cortex XDR by Palo Alto Networks is scalable. add license and add many clients.

We have approximately 300 users using this solution in my company.

How are customer service and support?

I have not had an issue to need the support.

Which solution did I use previously and why did I switch?

We have previously used antivirus solutions. We decided to use Cortex XDR by Palo Alto Networks because of its flexibility.

How was the initial setup?

The initial setup of Cortex XDR by Palo Alto Networks is straightforward because it is in the cloud. The whole deployment took approximately one day.

I rate the setup of Cortex XDR by Palo Alto Networks a four out of five.

What about the implementation team?

We used the vendor to do the implementation of the solution.

What other advice do I have?

After the deployment of this solution, there is no need for maintenance.

I recommend this solution to others because it is easy to manage, reliable, and overall good to use.

I rate Cortex XDR by Palo Alto Networks an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
System Administrator at NATIONAL ASSOCIATION OF REALTORS
Real User
Has a centralized console and does predictive analysis of malware
Pros and Cons
  • "I like the centralized console and the predictive analysis it does of malware. It is very stable and also scalable."
  • "It would be good if they could make an exception for applications. Sometimes, it can be a bit of a challenge to make exceptions for certain applications that have been used as rogue."

What is our primary use case?

The primary use case is mainly endpoint protection.

How has it helped my organization?

Previously, we had to install endpoint protection per machine and then scan and update. If there were any possible threats, then you would have to go manually to the machine and scan. Cortex XDR basically does that centrally and predictably.

We get notified, and if need be, we'll investigate an endpoint. For the most part, we haven't had to do a whole lot of that because most of the time, it just stops the threat before it even becomes one. So, we have more time to do day-to-day work rather than spend time chasing those endpoints.

What is most valuable?

I like the centralized console and the predictive analysis it does of malware.

It is very stable and also scalable.

It is easy to deploy and update. It does not require a lot of maintenance.

What needs improvement?

It would be good if they could make an exception for applications. Sometimes, it can be a bit of a challenge to make exceptions for certain applications that have been used as rogue. So, making exceptions would be easier and would probably be better for logging.

It would be nice if it were easier to use and if there were some free training hours.

As for additional features, I would suggest having mobile access to the console, perhaps through a mobile app for the console.

For how long have I used the solution?

I've been using it for about three years now.

What do I think about the stability of the solution?

The stability is great. I think they set the standard for SDR solutions at the moment.

What do I think about the scalability of the solution?

It's very scalable. We have it on Macs, Windows, Windows servers, and multiple flavors of Linux.

We have about 460 endpoints deployed. As far as technical users, we have a team of about 10, and that's mixed between server admins and their subsupport users.

The usage is extensive, and we've recently deployed it everywhere. We do plan on probably increasing usage because we have current consultants who use the product in order to access our systems.

How are customer service and technical support?

I wish there could have been more live contact with technical support rather than updated tickets and possible notifications via email. When I've had live encounters, it's been amazing. Sometimes, I think they could be a little bit more responsive live wise, but for the most part, it's been good.

Which solution did I use previously and why did I switch?

We previously used Sophos, and it was okay. The only thing I liked about Sophos was that it was easier to deploy to the desktop, but with Cortex XDR, once you have it already deployed, updating it is easy.

We needed something that was going to work with Macs and Linux, different products. Also, we needed something that would be more predictive versus relying on definition files that are publicly available. You don't want to be in a zero-day attack. With Cortex XDR, it's one of those where you can download any virus. It's just not going to run on your machine. Most malware products rely on a database to tell you that there's a virus file.

Sometimes, there are false positives. If it's a legit file or application that an end user is trying to download and use on their machine, it won't allow that. With Cortex XDR, however, they can download the file. It's just going to be rendered useless until you enable it and make an exception for it. It can run what identifies it and just sends you a notification saying that it's a malicious file and that it's there. It's not going to do anything to the system. That was a huge selling factor with Cortex XDR.

How was the initial setup?

The initial setup is pretty straightforward. It took a couple of hours and was pretty easy to deploy.

Once it's deployed in your system, you can push updates yourself. In the case of Macs, when you get new releases you sometimes have to tweak it and then push it out manually to end users. One admin could dedicate a couple of hours a week at best because there's not much maintenance.

What about the implementation team?

Palo Alto got on the phone with us and walked us through it. They were very helpful.

What's my experience with pricing, setup cost, and licensing?

It's about $55 per license on a yearly basis.

What other advice do I have?

Learn the product because once you deploy it and a lot of people look at it from an endpoint perspective, they get the endpoint protection instantly. However, there are other things that you need to learn more about. Once you deploy Cortex XDR, you get a subscription to a data lake, which helps you retain logs. We have Palo Alto firewalls and later on learned that we can also integrate our firewalls and get the logs.

You have a limited amount of space for log retention, but things like that are important in cases where you need to have PCI compliance or have a company policy of retaining a certain amount of logs.

So, learn all the features and ask questions, and perhaps if it's going to be something that you're going to use as an investment for your company, take a training class.

On a scale from one to ten, I would rate Cortex XDR at nine.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user1237689 - PeerSpot reviewer
Network Designer at a computer software company with 1,001-5,000 employees
Real User
Easy to set up with excellent trend analytics and isolation feature
Pros and Cons
  • "The initial setup is pretty easy."
  • "In reporting they should have a customizable dashboard due to the fact that C-level people don't like reporting to the IT department. They prefer to have a real-time dashboard. That kind of dashboard needs to have various customizations."

What is our primary use case?

We primarily use the product as endpoint security which we have deployed on all servers and locations. This is not limited to the endpoint, however, as it has further integration with the firewalls and email solutions. Therefore, it can give us quick visibility in case there is any malicious or suspicious activity happening.

What is most valuable?

The solution offers a very high-performance. 

The solution has analytics that watch patterns and trends. If there is a change in user behavior or communication, it has the ability to track that. 

The solution has a very helpful isolation feature. If any system gets compromised, with one click I can access the system and isolate it from other networks, and then go into further forensic investigation of the current threat without compromising anything else.

There are a lot of lead solutions in this space, however, Palo Alto is number one.

The initial setup is pretty easy.

What needs improvement?

The solution should enhance the ADR and reporting. As of right now, they are giving reports, which are okay, however, there are other ways to get better reporting. That is an area where I already requested that Palo Alto work on.

In reporting they should have a customizable dashboard due to the fact that C-level people don't like reporting to the IT department. They prefer to have a real-time dashboard. That kind of dashboard needs to have various customizations. 

They should extend the solution for URL filtering, as other endpoint security products are doing that already. Nowadays, users are working from home and therefore we have plenty of traffic back through the data center just for URL filtering security. If that functionality could be there in the endpoint, then we would be happy. It would ensure users working from home couldn't access malicious websites. 

For how long have I used the solution?

We've been using the solution for one year. Before that, we were using Palo Alto Trap.

What do I think about the stability of the solution?

The solution is very stable. I pretty much depend on product stability. Over the last six months, we have been able to see it's that Palo Alto is more stable than most. There is no such issue in that regard. 

This is a very stable product, whether it is running on a database or email system or on any platform. It works perfectly fine.

What do I think about the scalability of the solution?

The solution is very scalable. This is due to the fact that it is being managed through the cloud making it easy to deploy to a thousand endpoints. There is no issue at all. As long as there's enough space for the solution to expand, it can grow out to any size you need.

How are customer service and technical support?

Technical support from Palo Alto is perfect. However, we have first-level support from a third-party. They sometimes take time to respond, which is not ideal. That said, when we get aligned with the tech support from Palo Alto, that really works well. Their level one support is with other vendors, and level two and level three support is with Palo Alto. That's how they are set up. They deal with bigger issues.

Overall, we've been pretty satisfied with technical support.

Which solution did I use previously and why did I switch?

We're service providers. We offer a variety of solutions to our clients, including Palo Alto, Cisco, Microsoft, and McAfee, depending on their needs. We don't just use or recommend one particular endpoint protection product.

About a year back I implemented Cisco and Palo Alto for our customer. Cisco AMP is also a good solution while it is running with the grid, however, I have not been involved with using it for three years.

In routing and switching, Cisco is good. However, Cisco AMP, which is an endpoint security, requires you to work with many other AMP solutions from Cisco. 

My first preference would be Palo Alto and my second preference would be Cisco AMP.

How was the initial setup?

The initial setup is not complex at all. It is very straightforward and very easy to implement. I implemented it for 1000 or so users, and it took only about one month to execute. Even when we were in a pandemic situation where users were at home, we did it that quickly. It is very easy to deploy.

What's my experience with pricing, setup cost, and licensing?

The pricing is actually very reasonable. Palo Alto is very invested in some commercial endeavors and they have simplified their license. A team license can be used on-cloud, or on-prem. We have not faced segregation on any technologies, so a simple license gets any user anywhere without limitations. It is easy to increase the license as it's a cloud service. You just speak to your account manager and they can increase the licenses for you.

What other advice do I have?

While we deal with the cloud deployment model, we've also often used the on-premises deployment.

I'd advise other companies to use the solution. It really is the best one out there.

Overall, I'd rate the solution nine out of ten. The reporting is a bit weak, and it's my understanding they are working on that. However, performance-wise and security-wise, this is the best product.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Cortex XDR by Palo Alto Networks Report and get advice and tips from experienced pros sharing their opinions.
Updated: March 2024
Buyer's Guide
Download our free Cortex XDR by Palo Alto Networks Report and get advice and tips from experienced pros sharing their opinions.