Servicio Posventa at a security firm with 11-50 employees
Real User
Top 5
A pinpoint evasive threats with patented behavioral analytics solution with a useful policy extension feature
Pros and Cons
  • "One of the things that I enjoy the most is using policy extensions. It's like having host firewalls to control USB connections. I think it's a wonderful tool to restrict use when connecting to our computers. Another important tool is Home Insights. That is an add-on to the Cortex solution. I like that because we can see all the vulnerabilities in the environment and control what assets are connected to our network."
  • "I don't like that they have different types of licenses. For example, if users select a license, they think they will have all the platforms they need to improve their network or security. But after some time, Palo Alto Networks changed their licensing, and some of the features that, for example, were free at the beginning now have a cost. I think the integration can be improved. For example, a lot of tools are just integrated through APIs."

What is our primary use case?

Our clients want to correlate information they have in their network. Many engineers or companies have different tools like CMs, firewalls, VPNs, and some other things related to networks. They mentioned that after they acquired the Cortex XDR solution they have all of the information in one place. That is important because they improved the time to solve security issues.

What is most valuable?

One of the things that I enjoy the most is using policy extensions. It's like having host firewalls to control USB connections. I think it's a wonderful tool to restrict use when connecting to our computers. 

Another important tool is Home Insights. That is an add-on to the Cortex solution. I like that because we can see all the vulnerabilities in the environment and control what assets are connected to our network.

What needs improvement?

I don't like that they have different types of licenses. For example, if users select a license, they think they will have all the platforms they need to improve their network or security. But after some time, Palo Alto Networks changed their licensing, and some of the features that, for example, were free at the beginning now have a cost. I think the integration can be improved. For example, a lot of tools are just integrated through APIs.

For how long have I used the solution?

I have worked with Cortex XDR by Palo Alto Network for about four years.

Buyer's Guide
Cortex XDR by Palo Alto Networks
March 2024
Learn what your peers think about Cortex XDR by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.

What do I think about the stability of the solution?

Cortex XDR by Palo Alto Network is a stable solution. I have been working with it for years, and it only went down once.

On a scale from one to ten, I would give stability a nine.

What do I think about the scalability of the solution?

Cortex XDR by Palo Alto Network is a scalable solution.

How are customer service and support?

Technical support is okay.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup is straightforward and not very complicated. I think it takes about two hours to deploy this solution. The number of personnel needed depends on the company. For example, banks usually have five cybersecurity engineers installing and maintaining this solution.

On a scale from one to ten, I would give the initial setup a seven.

What's my experience with pricing, setup cost, and licensing?

I don't like that they have different types of licenses.

On a scale from one to nine, I would give licensing costs a seven.

What other advice do I have?

I consider Cortex XDR by Palo Alto Network a good solution. They have good support, and they listen to customer feedback. 

On a scale from one to nine, I would give Cortex XDR by Palo Alto Network a nine.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Information Technology Consultant at Trillennium (Pvt) Ltd
Reseller
Excellent technical support, straightforward implementation, and cutting-edge technology
Pros and Cons
  • "When the pandemic started, Palo Alto came up with many solutions, which helped with the quick shift from on-premises to the cloud."
  • "In general, the price could be more competitive."

What is our primary use case?

We are not using it for our purposes because we are a Palo Alto partner. We propose it for our customers based on their requirements.

We are both a service provider and a reseller.

When the pandemic first began, the use cases were mostly for remote users. We deployed this for the majority of remote users.

What is most valuable?

When the pandemic started, Palo Alto came up with many solutions, which helped with the quick shift from on-premises to the cloud. We have a lot of advantages as a result.

It's a very simple implementation, and I have direct Palo Alto implementation available as well. So it's very simple. We haven't found any issues, so far the implementation is going well, I don't see any gaps.

What needs improvement?

In general, the price could be more competitive.

For how long have I used the solution?

In Palo Alto, we also work with all product lines, including Prisma and other product lines as required. Is a mix, it's a subproduct, we work with the mix of products.

We have been working with Cortex XDR by Palo Alto Networks for two to three years.

We get updates from Palo Alto directly.

What do I think about the stability of the solution?

Cortex XDR by Palo Alto Networks is a stable product.

What do I think about the scalability of the solution?

It's a scalable solution, we have not had any challenges with the scalability of Cortex XDR by Palo Alto Networks.

Our customers range from medium to large enterprise companies. The adoption rate in small businesses is much less, but the majority of our requirements come from mid-to enterprise-sized businesses.

How are customer service and support?

Technical support is the best in class, in my opinion, because they have invested heavily in research and development. In terms of comparison and today's challenges, such as security and layers, Palo Alto complies with all of the challenges.

Which solution did I use previously and why did I switch?

In terms of Security, we are working with a few products and a few brands.

We use Palo Alto and we also work with Barracuda. These solutions are used on the web firewall and for email protection.

We work with the entire Barracuda product line, but specifically for email protection and web filtering.

Barracuda Essentials is included with O365 protections, we work with those solutions. 

Palo Alto is part of a different vertical layer than Barracuda. It's distinct. They are very different.

How was the initial setup?

The initial setup depends on the environment, but as a technology, I would say it's simple. It's not that difficult.

The length of time it takes for deployment is determined by the project and the surrounding environment. We can only determine the timeframe based on that, pinpointing a specific time period is difficult.

It does not require maintenance because regular updates and monitoring are required. So if there is anything, new patches and the like, it is done automatically, and there is no additional implementation unless there are any infrastructure changes.

What's my experience with pricing, setup cost, and licensing?

In comparison to other competing products, it is based on the customer's needs and the environment. However, when compared to other products, the price is slightly higher, but when considering technology and new innovation, that is the plus I would say when it comes to being XDR.

The price could be more competitive because it is not on the price wall when you go and question Palo Alto XDR. It is present, but when compared to other competitive products, I would say it is not less expensive; however, when all of the other added values are considered, the price is reasonable.

What other advice do I have?

So far, it has met all of our requirements, and it should be able to cater to a wide range of product lines.

We must first determine what their business requirements are, as well as what other technical layers we are considering, and then propose the appropriate sizing and solution.

We mostly promote Palo Alto, but it depends on the customer's needs, as well as their budget, infrastructure, and what their business requires, all of those factors come into play when recommending a solution.

When you compare it with other products, I would rate Cortex XDR by Palo Alto Networks a nine out of ten.

It's close to being rated a ten out of ten because of their level of support, and the other is the solution and the most recent technology.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
Buyer's Guide
Cortex XDR by Palo Alto Networks
March 2024
Learn what your peers think about Cortex XDR by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.
System Manager at a consumer goods company with 10,001+ employees
Real User
This is a recommended solution for total end-to-end protection
Pros and Cons
  • "Being a cloud solution it is very flexible in serving internal and external connections and a broad range of devices."
  • "The connection to the internet has not performed as expected."

What is our primary use case?

We are still in the testing stages so there is not currently any primary use case beyond the base use of endpoint protection.  

What is most valuable?

Cortex has several good features that I am interested in. There is a nice Sandbox function that is very strong, there is the Traps (endpoint protection) solution, the real-time filtering of suspect linkages is good, and the automatic blocking of suspect behavior is always active and protecting the network.  

What needs improvement?

As an improvement, I would like to see enhanced connection speeds. On China's side, we need to set up a local server for the definition updates, and the performance has not been very good for the company when directly connected to the internet. We are a little disappointed with that.  

For how long have I used the solution?

We have been using Cortex XDR (Extended Detection and Response) for around two months.  

What do I think about the stability of the solution?

It is stable. From the moment we installed it has been up with no restarts of maintenance until now.  

What do I think about the scalability of the solution?

I think that this product is scalable. The testing environment we use right now has around 200 users. In the future, when we deploy it to the company we will move up to around 4,000 users.  

How are customer service and technical support?

The technical support is okay. They have already helped us to fix the installation and then we had an issue and they were available for correction of the problem. They also have made some useful suggestions. So the support team is okay in my estimation.  

Which solution did I use previously and why did I switch?

We have been exploring a similar solution. Right now I am also doing testing on Sentinel at the center. This is a similar solution. But we have only just begun testing Sentinel, so we do not really have enough experience with it to comment on the product.  

How was the initial setup?

As we just started with Cortex and we are using a cloud solution, I do not have the impression that it was difficult to install and begin using.  

What's my experience with pricing, setup cost, and licensing?

The setup costs are a bit higher than some other solutions. Overall it is a little bit expensive, I think. If we could get it for around a 10% discount then that would be a better price point for us.  

For our pricing plan, we are not on a subscription, so we do not have to pay every month. We have a yearly license for the product.  

The approximate amount we pay per license is around $80 per user per year.  

What other advice do I have?

My suggestion for people considering this product is that Cortex is a very good total solution on the endpoints. Because I needed Cortex to work for external and internal users and devices, it helps that it is cloud-based because it is good for working in the office or other locations. So we wanted to have the total end-to-end protection including on the mobile devices, that is what we got. This product will be a good suggestion for people who need the same capability.  

On a scale from one to ten where one is the worst and ten is the best, I would rate Cortex XDR as around nine-out-of-ten. The cost is the reason it would not be higher. Nine is good but this is a very good product except for the cost.  

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Lead IT Security Analyst at a mining and metals company with 1,001-5,000 employees
Real User
Its multi-layer approach helps my organization with anti-malware, exploit protection, and restrictions
Pros and Cons
  • "The multi-layered approach to the product gives you confidence that it will stop exploits, ransomware, worms, or viruses from compromising endpoints, essentially providing peace of mind."
  • "Previously, the endpoint would leave the environment, not being on our VPN, essentially unable to interact with the server to upload files. It was unable to retrieve new file verdicts. It was using a thing called "local analysis" to determine if something was a malicious file or not. There was no dynamic analysis."

What is our primary use case?

We use it for primary endpoint protection.

How has it helped my organization?

Its multi-layer approach helps my organization with anti-malware, exploit protection, and restrictions. A good analogy would be like peeling back an onion, getting through those layers. It gives you the confidence that it will stop exploits, ransomware, worms, or viruses from compromising endpoints, essentially providing peace of mind.

What is most valuable?

The multi-layered approach to the product is its best feature. Each layer has a different method of protecting its endpoint. 

What needs improvement?

With cloud integration, there were several improvements made:

  • Previously, the endpoint would leave the environment, not being on our VPN, essentially unable to interact with the server to upload files. It was unable to retrieve new file verdicts. It was using a thing called "local analysis" to determine if something was a malicious file or not. There was no dynamic analysis. With the cloud implementation, we now have connectivity to the server at any moment, as long as we have an internet connection.
  • A new user interface, which is a lot easier to use. Making it similar to managing a firewall.
  • Additional OS support.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

Stability has improved over the years, as there were noticeable bugs in earlier releases, such as 3.x. With the later releases, versions 4.1 through 5, they have polished the product. It has gotten much better.

When major releases come out with new features, it is a fairly simple process to upgrade these releases.

It is 100 percent utilized with every feature turned on. We leverage their product to the fullest extent.

What do I think about the scalability of the solution?

Scalability is great with servers and workstations. At a moment's notice, you can add hundreds of endpoints. With Traps 5 being on the cloud, there is no scalability risk. You're not going to overload it, as it is a cloud portal. It is their problem, not yours. If you have any issues, call support. I'm confident I can push the client out to 1000 machines, and it will still check in.

We have over 2500 people in our organization using Traps (the entire organization).

How are customer service and technical support?

The technical support has gotten better over the years. When they first started Traps, the support was overseas, and there was a language barrier being from the United States. Over the years, they have distributed that support throughout their company. Now, we will call and get someone in the United States, so there is no language barrier, which is an improvement. 

I feel like the support group has definitely improved over the years. If I call now, I'm positive I'm going to get someone who knows the product very well and is going to help me to resolve whatever issue I'm seeing. We have had weird issues, and they actually have done forensic analysis of what was going on. They have adjustments to future dynamic updates because of these issues. Thus, we have had an impact on the product by bringing them an issue, then having them correct it.

Which solution did I use previously and why did I switch?

We previously used McAfee vs Palo Alto. McAfee is a traditional antivirus. It provided little to no value. We didn't see it stop anything. It wasn't blocking anything. The management was difficult to use because of the virus definitions, where you had to sync every endpoint each day with these updates.

How was the initial setup?

I set up Traps 5 without even looking at the administrative guide. I set it up using logic. Looking at it, reading it, testing it and pushing it out. I set it up in an afternoon with a colleague of mine.

It is easy to implement. It also has dynamic updates, making it smarter. Therefore, there is not much work to be done once you get it configured and pushed out. You can manage it with a small crew of people. Because of its ease of use, businesses might require a full-time employee to manage it. 

It's just one of the tools in the toolbox, and it save us time.

They made it very easy to set up, because you just log into the portal and activate it. They have an automated process to spin up your environment in the cloud. It all happens behind the scenes. 

From a user perspective, it is a click of a button. You just put in the key that was paid for and click a button, then it runs through the setup. Then, they essentially give you a button on your portal, you click it, and it brings you to your management console. Everything is already set up. They manage the upgrades, which is another bonus when being in the cloud, because when it was on-premise, you have to care and feed the server, patch it, upgrade it, and manage the database.

It takes 10 minutes for everything to initialize, since it is a brand new environment. You get to pick your URL, and Palo Alto manages the certificates. When your endpoints connect to the URL, it's just a trusted signed public certificate authority. As long as your endpoints are patched and up-to-date, they trust that certificate. 

Palo Alto is making it easier to implement and manage. They're making it easier to upgrade. The dynamic updates came within the last year or two. Previously, you have to upgrade the actual endpoint software to get more features. 

With dynamic updates, it's an automatic process. It makes the software logic smarter. 

When I first set up Traps four years ago, it took a lot longer because I had to set up a server with the operating system. That takes time. I had to install the software and configure it. I had to have a database, which took time and involved other people. There was a client to deploy to endpoints. Then, there was a certificate to set up for the portal to have our endpoints to communicate with the portal over our SSL. There were a lot of steps.

What about the implementation team?

We did our implementation in-house. We required three to four people for the initial deployment: database administrator, network engineer, server administrator, and security analyst. Afterwards, it takes two people to maintain the solution, but it could be done with one person. We use two people for quality control.

For implementation strategy, if it was a new push or a build, set up your cloud portal, then do a test group, such as a pilot. Set up your policies how you would want them. From there, with your test group, you want to see if any alerts come in and what your endpoints are doing. Then, depending on your company, do a site-by-site implementation. It is integrated with Active Directory, so you can also do group implementation.

What was our ROI?

We have peace of mind knowing that ransomware isn't spreading through our environment.

The product checks a lot of boxes for compliance efforts. The value is there, because these days no one can afford to experience a breach or have a compromised endpoint. Since these would have to be reported, depending on your industry, it would look bad for the company.

What's my experience with pricing, setup cost, and licensing?

We didn't have to pay any additional fee for the cloud instance. It just came with the renewal, which was nice.

What other advice do I have?

If ransomware were to spread throughout your company, you would not want your file shares to be encrypted nor your servers to be affected. My advice would be get Traps on your servers and on your workstations. Go with version 5 and the cloud instance, then turn on all the features that you can. Some of them come by default disabled out-of-the-box, but you want to turn on all of the features, such as local analysis, file quarantine, WildFire, malicious and grayware blocking and quarantine, restrictions (don't allow executables to run from USB drives, unless it's whitelisted). Turn on all the exploit protections with dynamic updates, and just let it just update. Since we all know the next version of Flash Player is going to have a vulnerability which no one knows about until it's discovered. Then, at that point, it could have already been out there for a while.

With Traps, it could potentially determine the exploit before it's even a known vulnerability. Turn on every single feature you can without taking an impact to performance. Once it's fine-tuned and doing its thing, I have never witnessed Traps not working properly.

They have put in improvements over the years. We have been using the product for over four years now (since I've been with the company). They have added support for additional operating systems, such as Android, macOS, and Linux. They used to be Windows only. They put improvements where they no longer require you to have an on-premise server, so you can host it on the cloud. Thus, when endpoints leave the environment, they can connect to a cloud host and have full connectivity to your policies.

When Traps does sandbox tests, it checks the verdict against their sandbox: WildFire. Having it in the cloud is great, because then the machine doesn't have to be on a VPN or within the company walls with connectivity to an on-premise server. Therefore, having the cloud implementation was definitely an improvement.

When Palo Alto acquires a technology, they implement it into Traps and make the product better. They have done this in the past, and there are cool things coming in the future from these acquisitions.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Prathamesh Samant - PeerSpot reviewer
Presales Manager at Doyen
Real User
Easy to set up with great policy configuration and is an excellent addition to the Palo Alto ecosystem
Pros and Cons
  • "It has pretty much everything we need and works well within the Palo Alto ecosystem."
  • "The GUI could be improved."

What is our primary use case?

The main use case was the integration with their Palo Alto firewall and Panorama. Apart from that, they also had integration with the FIM solution that they had. Overall, having it at the endpoint and having network integration for the overall threat scenario has been where we use it.

What is most valuable?

The policy configuration is great. The granularity of policies that are available is very helpful.

It is straightforward to set up.

It has pretty much everything we need and works well within the Palo Alto ecosystem.

What needs improvement?

The GUI could be improved. It's a little bit cumbersome. It could be more user-friendly.

For how long have I used the solution?

I've been using the solution for around two years. 

What do I think about the stability of the solution?

The solution is quite stable. The only hiccup we had experienced was related to some false alerts where there was no detection, yet still the product showed that it detected something. There were a few false positives. Apart from that, it is quite stable.

What do I think about the scalability of the solution?

For cloud purposes, scaling is not an issue. Even with the on-premises deployments, we have not faced any scaling issues. 

How are customer service and support?

Technical support is great. We haven't had any problems with them. 

How would you rate customer service and support?

Positive

How was the initial setup?

The solution is very simple and very straightforward to set up. It's not overly difficult or complex.

I'd rate it four out of five in terms of ease of setup.

What's my experience with pricing, setup cost, and licensing?

I do not deal with licensing costs. That is taken care of by our sales team.

What other advice do I have?

We do hybrid deployments. For some customers, it was on the cloud and for some, it was on-prem.

It's a good solution to go with. If you are dealing with the ecosystem of Palo Alto, like Palo Alto firewall, Palo Alto Prisma Access, and Palo Alto XDR, if you have a Palo Alto ecosystem, it's a must to have Cortex XDR. Individually, it also works well. However, having Palo Alto everywhere will be a better scenario or a better fit if you want to deploy Cortex.

I'd rate the solution eight out of ten. 

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Senior IT Specialist at a manufacturing company with 1,001-5,000 employees
Real User
Useful for monitoring, but its implementation is quite complex
Pros and Cons
  • "Monitoring is most valuable."
  • "In terms of areas of improvement, we have not completed our review of the product. We're also looking at other products. So, it's a little bit hard to tell what could be different because we have not completed the review of this product, but based on our experience so far, its implementation is quite complex."

What is our primary use case?

It has just been about a month.

How has it helped my organization?

It is mainly for monitoring and/or logging. We look at it to see if there are any log incidents. 

We are using its latest version. It is deployed as a hybrid.

What is most valuable?

Monitoring is most valuable.

What needs improvement?

In terms of areas of improvement, we have not completed our review of the product. We're also looking at other products. So, it's a little bit hard to tell what could be different because we have not completed the review of this product, but based on our experience so far, its implementation is quite complex.

In terms of new features, we don't have any functions or features that we would like to add at the moment. 

What do I think about the scalability of the solution?

It is looking promising in terms of scalability, but we have not looked into it further because we are still in the process of learning and getting some experience.

Currently, there are just two users of this solution. They are IT specialists.

How was the initial setup?

Its initial setup is quite complex. In terms of complexity, I would rate it a four and a half out of five.

What's my experience with pricing, setup cost, and licensing?

I am using the Community edition.

What other advice do I have?

My advice for people who are looking into implementing this system is that they should be aware of the complexity of the installation and the management of the system. I would preferably buy this from a partner.

We have not yet completed our review of the product. At this time, I would rate it a five out of 10.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Sr. Technology Architect at Incedo Inc.
Real User
A stable part of our security solution that correlates logs from relevant sources
Pros and Cons
  • "The most valuable for us is the correlation feature."
  • "There are some third-party solutions that are difficult to integrate with, which is something that can be improved."

What is our primary use case?

We use Cortex XDR as part of our security solution.

How has it helped my organization?

its a very good solution and single solution for entire infrastructure, give us good co-relation of incident. Single solution for Network, Endpoint, Servers. 

What is most valuable?

The most valuable for us is the correlation feature. You are able to correlate data that is coming from the firewall, network, server, and endpoints. This is one of our main requirements and makes for a good product.

It works with the data lake in an agent-based or agentless manner.

It is easy to integrate most with network devices, including firewalls, and Active Directory. We use firewalls from different vendors including Palo Alto and Check Point, and it supports them.

What needs improvement?

There are some third-party solutions that are difficult to integrate with, which is something that can be improved.

What do I think about the stability of the solution?

We have not experienced any issues with respect to stability at this point.

What do I think about the scalability of the solution?

Scalability has not been a problem.

How are customer service and support?

We have been in contact with technical support and are satisfied with them.

How would you rate customer service and support?

Positive

How was the initial setup?

its a Straightforward

What about the implementation team?

We have an in-house team for deployment and maintenance.

What was our ROI?

It replace multiple solution and due to this it will reduce the Administrative effort.

Which other solutions did I evaluate?

I have run a PoC with both CrowdStrike and Cortex XDR, and from my observation, I felt that Cortex was much better at meeting our requirements. It is also easier to use.

CrowdStrike was difficult when it came to integrating with other products and it does not work on mobile devices.

What other advice do I have?

My advice for anybody who is considering Cortex XDR is that it is a complete solution, and has very good features. From my experience, it is one of the better ones in the market. That said, no product is 100%.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
IT-Administration at a mining and metals company with 51-200 employees
Consultant
Offers a complete overview of all our PCs and it's very easy to handle and use the interface
Pros and Cons
  • "We have a complete overview of all our PCs and it's very easy to handle and to use the interface. It has a lot of benefits for us."
  • "Currently, if you use Palo Alto endpoint protection as the only solution it's very complicated to remove pre-existing threats."

What is most valuable?

We have a complete overview of all our PCs and it's very easy to handle and to use the interface. It has a lot of benefits for us.

What needs improvement?

The one area which should improve is not on the user side but on the product itself. Currently, if you use Palo Alto endpoint protection as the only solution it's very complicated to remove pre-existing threats. For example, if you had something that was not detected by the former solution, and you install Palo Alto, you will have some difficulty removing the virus with the Palo Alto tool. It would be helpful if they had a tool for removing a virus or threat in these cases.

For how long have I used the solution?

I've been using the solution for two years.

What do I think about the stability of the solution?

The solution is very stable. We have about 350 licenses across all our PCs, and of course, only administrators are allowed to plug in.

What do I think about the scalability of the solution?

Scalability is not an easy question. For us, Palo Alto traps is running on a good environment, so if we have a plan to expand we just adjust the environment and from the Palo Alto side, it is not a problem at all. The only thing I have to do is update the license file and it should work. But in the case of a bigger expansion, you have to separate the servers. For us, it is not a problem at all if we decide to scale Palo Alto traps.

How are customer service and technical support?

Support response was very fast. I'm satisfied with the support.

How was the initial setup?

If you have been educated in Palo Alto, the initial setup is very easy. Without an education it depends. It can be difficult, it depends on the knowledge of the installer.

What other advice do I have?

We use the on-prem version, not the cloud version of Palo Alto.

We use it daily but we have logs. Normally, if we have an incident in detection from a wire system, there's more effort. But typically it would take about ten minutes in order to check the logs and it's not complex at all. But if you have some threats or viruses then, of course, maintenance takes longer.

In terms of advice, I'd say it depends on the usage of the PCs. For us to use in the main production, Palo Alto benefited us. It was easy to install and performance of the traps themselves are very good. In most cases, you don't have to worry about the performance of the PC at all. Palo Alto Traps takes up very few resources.

I would rate this solution 9 out of 10.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Cortex XDR by Palo Alto Networks Report and get advice and tips from experienced pros sharing their opinions.
Updated: March 2024
Buyer's Guide
Download our free Cortex XDR by Palo Alto Networks Report and get advice and tips from experienced pros sharing their opinions.