Cisco 1000 Series Aggregation Services Routers (ASR 1000) vs. Palo Alto Networks Cortex XDR

- It is well suited for companies that have a big WAN environment, this devices can fit in there easily and have multiple provider circuits. - Well suited for private cloud environments where multi tenancy is required, - Device can be used as IPN/ISN device as it supports jumbo frames for an ACI multi-site/remote leaf deployment. - Device is well suited for branches that have their own DIA and MPLS circuits.

Malware that doesn’t leave files behind has become widely available. Anyone who can afford to reverse this trend should purchase technology. Application whitelisting isn’t for everyone, and Palo Alto Networks Traps can help. Enterprises looking for a low-affected, next-generation solution with high protection should consider it. PAN Traps is a great product at a reasonable price, and I highly recommend it.

Incentivized

• These routers are very good at performing 24x7! This is key to running an organization where employees are working 24x7.
• The ZBFW feature works especially well to help lockdown and protect your network.
• Having the ability to perform in-service upgrades is a key feature in keeping your network up at all times.

Incentivized

• Direct Access to devices via Live Terminal which provides operations with scripting, triage, and preservation of artifacts.
• Behavioral Indicators of Compromise which provides alerts on events regarding groups of hosts and their signatures.
• Querying complex data sets involving a variety of devices for network connections, hashes, DNS, etc.

Incentivized

• The ASR 1000 series routers can, as with most devices, improve with additional memory capacity and upgraded chip sets for faster processing.
• There seems to be limitations on the number of routing sessions the smaller ASR devices can handle, which can be overcome with proper planning and placement within the network.

Incentivized

• Traps doesn't seem to function as a traditional A/V very well, so it's better as another layer to your endpoint protection
• Traps can cause issues with some legacy or custom programs, so exceptions may have to be made
• Traps falsely identifies things as malicious at times, this is not often though

Incentivized

The device without a doubts performs at the level required and expected, we can renew it and use it as we have been using it for years. The device can be used as DCI, IPN/ISN, or even private cloud for customer circuit handoff, it also supports IPSec properly. The device is well suited in multiple segments of the network.

All our modular contingency service exercises use this equipment, it allows us to perform this type of exercises very easily, in a controlled and effective way. It is used at least once a month for these types of events. It also allows configuration replication in computers that are under the same model.

Incentivized

Cortex XDR does a very good job of blocking suspicious and threatening items. However, as with all software of this nature, it will sometimes block known-good items. The difficulty is in manually whitelisting these known-good items. The interface to whitelist is confusing even for a seasoned IT professional and has been the single most frustrating experience of using Cortex XDR

Incentivized

We have received training on the equipment, which has made us add more networks on our own, we provide first level support, we validate the publication of the equipment and we can satisfy the needs of our internal clients in terms of the prompt recovery of the affected services

Incentivized

The support we receive from Palo Alto is one of the best aspects of Traps. It is very easy to recommend their support. It seems much easier to connect directly with someone with a deep understanding of the product rather than other companies where you basically have to make an airtight case that it is some kind of non-standard issue that can't be solved with existing documentation. Palo Alto digs deep and helps with advanced troubleshooting to get things working.

Incentivized

Implementation was as per design and all best practice configuration was followed.

Incentivized

Before standardizing on the Cisco ASR 1000 we had explored the idea of using Juniper routers. Ultimately we felt the Cisco ASR 1000 was a better fit at the time. We have been very happy with this decision, but it might not be the right decision for everyone. It fit our environment and our needs very well, Juniper is also a very good choice.

Traps is the slickest interface, easy to use and intuitive rule making, and the rest just didn't quite stack up to the performance level of Traps. McAfee and Kaspersky just hog processor and RAM power. I didn't like the interface and functionality of SentinelOne as much as Traps. Palo Alto really put a lot of time into the development of this software, and had some of the founding fathers of IT Security heading the development process. Can't beat that.

Incentivized

• It is a healthy return on investment with planned packed size data. Average unicast latency is low and consistent with small and large packets (barring mid-sized).
• Cisco devices last longer and also have a decent trade-in policy to recover some value when equipment is replaced.
• Higher concurrent IPSec tunnels are offered, we tested for 1500+, fielding both encrypted and a mix of encrypted and cleartext traffic.

Incentivized

• After putting Palo Alto Networks Cortex XDR on a user's system, users came back with a positive response that there are no performance issues now.
• We are able to track and control granular suspicious and malicious activities.
• Web controls are missing, which if they would have been there would have been very helpful.

Incentivized