Palo Alto Networks Cortex XDR vs. Palo Alto Networks WildFire

Malware that doesn’t leave files behind has become widely available. Anyone who can afford to reverse this trend should purchase technology. Application whitelisting isn’t for everyone, and Palo Alto Networks Traps can help. Enterprises looking for a low-affected, next-generation solution with high protection should consider it. PAN Traps is a great product at a reasonable price, and I highly recommend it.

Incentivized

Palo Alto Networks Wildfire is well suited for pretty much anywhere that you need the latest and greatest network security. It is extremely good at protecting you from the latest malware threats that might pose a potential problem for your network/endpoints. We've been very please since we installed it and I would say cost of the Palo Altos is the only drawback. If money were no object I'd go with a Palo Alto with Wildfire every time. But unfortunately in some smaller branches it just doesn't make financial sense.

Incentivized

• Direct Access to devices via Live Terminal which provides operations with scripting, triage, and preservation of artifacts.
• Behavioral Indicators of Compromise which provides alerts on events regarding groups of hosts and their signatures.
• Querying complex data sets involving a variety of devices for network connections, hashes, DNS, etc.

Incentivized

• This is could base and easily manageable for our collocation. While working within the could can review in live time potential treats that it has reported from other devices.
• Worked very well with existing Palo Alto devices.
• Another huge plus is the simplicity of managing and ease of scalability.
• Its cost is competitive with similar/like products available.

Incentivized

• Traps doesn't seem to function as a traditional A/V very well, so it's better as another layer to your endpoint protection
• Traps can cause issues with some legacy or custom programs, so exceptions may have to be made
• Traps falsely identifies things as malicious at times, this is not often though

Incentivized

• WildFire, like other sandboxes, has to stay up with malware sandbox evasion techniques, which necessitates larger file size limits.
• More file formats should be able to be submitted and scanned by WildFire, which needs improved initial administration and setup.
• It's quite pricey, and there's no warning choice for performance on the cloud.

Incentivized

It works very well and takes care of protecting us from threats new and well-known. It's been a game changer in terms of threat detection & prevention.

Incentivized

Day to day, Cortex is easy to use when you have no alerts and when an agent upgrade doesn't go south. Alerts are far too "clicky", there's too many steps to drilling down to what actually happened to trigger an alert. Investigating alerts in Cortex takes about 5x longer than it should.

Easy to use and works well. For the most part it's set it and forget it, but there's also some flexibility for high security environments and those with extra privacy concerns.

Incentivized

The support we receive from Palo Alto is one of the best aspects of Traps. It is very easy to recommend their support. It seems much easier to connect directly with someone with a deep understanding of the product rather than other companies where you basically have to make an airtight case that it is some kind of non-standard issue that can't be solved with existing documentation. Palo Alto digs deep and helps with advanced troubleshooting to get things working.

Incentivized

PAN support is very good. You can get the reasonable and timely support on any conditions. When the product is already integrated with the PAN firewalls, you can choose the severity levels based on the effect. The customer service/TAC is very helpful, they even have additional recommendations of advises for product usability. Local partners are also assisting the cases and give their expertise.

Incentivized

Traps is the slickest interface, easy to use and intuitive rule making, and the rest just didn't quite stack up to the performance level of Traps. McAfee and Kaspersky just hog processor and RAM power. I didn't like the interface and functionality of SentinelOne as much as Traps. Palo Alto really put a lot of time into the development of this software, and had some of the founding fathers of IT Security heading the development process. Can't beat that.

Incentivized

We wanted a single device to handle numerous jobs, such as antivirus, antimalware, vulnerability detection, url filtering, etc. Palo Alto provides this, while TippingPoint IPS is a more dedicated product. Caveat: I used TippingPoint over 5 years ago, so things may have changed.

Incentivized

• After putting Palo Alto Networks Cortex XDR on a user's system, users came back with a positive response that there are no performance issues now.
• We are able to track and control granular suspicious and malicious activities.
• Web controls are missing, which if they would have been there would have been very helpful.

Incentivized

• As we all know the product of Palo Alto is little bit expensive but its performance is far better than any of its competitors. So as I previously mentioned, Palo Alto should not sell WildFire Licence seperately.
• If the firewall is internet facing then only we should buy WildFire Licence.
• WildFire Licence is not necessary for internal firewall. If you are planning to buy a firewall for internal network where your traffic is not going towards internet so no need to buy WildFire Licence.