Cisco Secure Web Appliance vs. Palo Alto Networks Advanced Threat Prevention

We have both scenarios where we can describe that. For example, in the HQ, where we have about 3,000 users, Cisco IronPort Web Security Appliance is the ideal solution, because we can consolidate all the Internet access, policies, rules, etc. in the same box. However, if you have small offices with a few users, it's hard to justify one big and expensive box that could cost more than the whole office infrastructure.

Incentivized

Palo Alto NTP is an appropriate suite of protection for any enterprise environment or anyone that truly needs some serious perimeter protection in a one-stop, all-in-one unit. There are no modules or add-ons or clunky interfaces to deal with it; everything works out of one management plane, licensing, implementation, monitoring. updating, etc. As a network admin, that is immensely valuable to me. Additionally, I get real-time reporting on all the stuff NTP is catching, and it is nothing to shirk at. The real value in NTP comes in only after you begin doing SSL-decryption, however, to truly inspect the traffic. Short of that, you are just seeing a bunch of encrypted data and the NTP suite of tools isn't going to avail you. NTP plus decryption, though, is invaluable!

Incentivized

• SMA gave us central control over multiple servers, simplifying management.
• Performance of the Appliance VM exceeded that of our old physical appliance-based solution.
• Convenient licensing for virtualized environments that allows easy scaling.

Incentivized

• The threat engine has constant updates for important threats.
• Wildfire helps supplement the Threat engine to help protect against 0 day threats.
• The way the threat engine can be added at different levels to different zones and policies helps to ensure business essential traffic can have policies that are tuned to ensure traffic will flow.

Incentivized

• I think that the interface could need updates to adapt it to a much more current system, achieve quick access to necessary tools and adapt the platform to a much more customizable and comfortable system to work with.
• It is undoubtedly a platform that is worth having, however, the license costs could be better adjusted to small businesses so that it can be accessed more easily.
• It could be a bit complex to use, the use of codes is quite extensive, it could be adjusted to something much more practical but just as efficient.

Incentivized

• Cost is high, but it is a premium product
• Endpoints are still vulnerable.
• TAC engineers aren't always equipped with ATP knowledge

Incentivized

Because it's one of those products you almost don't realize it exists from the end user. From the administrator perspective, you can do everything on its web interface and it's very intuitive to manage, once you know the concepts behind identities, acls, etc. Also, once you build the control structure, I mean, you link 'local' groups with your own Active Directory groups, as we did here, you don't need to be managing those things on the appliance itself.

Incentivized

The reason to give ATP this rating is it specialises in detecting command control traffic whose primary role is to identify unusual outbound traffic patterns which blocks the command control communication and notifies to different security team to take necessary actions. ATP Global protect holds the responsibility of inspecting all the inbound and outbound traffic going to and from corporate system regardless of the network they are on. ATP plays a major role to identify the threats that blocks threats that could lead to data breach also it identifies any malicious file enter the system will be blocked proactively

Incentivized

Our experience with Cisco's support was terrible. Other than the fact that they don't respond to service-related emails with urgency, they also keep on changing the policies that affected us. Recently, they came up with a new look for the same software, which was insanely slow. Renewal of keys for the old interface took months. Overall, the support was not very friendly from the users' point of view.

Incentivized

At home I have a McAfee service that does similar tasks and helps manage the users of my internet. McAfee seems more user friendly and easier to set exceptions.

Incentivized

Having used Palo Alto Firewalls for years, implementing threat protection was the next step in perimeter security. Works much better than the few competitors I have personally used. Frequent content updates occur which may impact some policy rules, but that is normal across most vendors.

Incentivized

• Security! Security! Security! We are financial company that work with very sensitive information. A lot of unsafe traffic was blocked on the Cisco IronPort WSA over years of using it. We did not earn on it but absolutely sure that we did not lose 'gazillion' of dollars being infected or scammed.
• Easy to configure and use, no need to teach new personnel how work with this product (hopefully saving time = saving money).
• Unfortunately the price of license subscription made financial managers push IT dept. to look for something cheaper.

Incentivized

• After adding PA Threat Protection, we are now getting our network traffic completely inspected.
• We are now applying security checks and scans like AV scan and Anti Spyware checks.
• This is also giving visibility into threat and attack vectors that are using vulnerabilities and exploits to enter our environment.

Incentivized