GlobalProtect™
delivers the protection of next-generation security platform to the mobile
workforce in order to stop targeted cyberattacks, evasive application
traffic, phishing, malicious websites, command-and-control traffic, and known
and unknown threats.
N/A
Zscaler Private Access
Score 8.9 out of 10
N/A
Zscaler Private Access™ (ZPA) gives users secure access to private apps and OT devices while enabling zero trust connectivity for workloads.
Palo Alto Networks Prisma Access is better than all the choices we looked at. With our in-house knowledge, ease of use, and Palo track record for innovating and having excellent security, it was a no-brainer to go with Palo Alto Networks Prisma Access. That being said, watch …
We had a nightmare experience with Prisma Access. The tool was not the most intuitive, and their peripherals to make it more secure were not efficient. Their integration with other tools to provide MFA was mediocre at best. That is the main reason we decided to explore …
I still think Palo Alto Networks Prisma Access is the best SASE/SSE product out there. It just has such good granular controls and up to date security definitions that you can feel absolutely secure in your purchase. GlobalProtect was a lifesaver for me when COVID hit so yes I had to work my butt off to get it up and running quickly and as secure as I possibly could but it worked amazing and had excellent performance after we got it running and tied to MFA, certificates and security policies.
Zscaler Private Access works really well in environments setup for FQDNs and where you know what users should/shouldn't be accessing on what ports. You can use Zscaler Private Access to figure out these kinds of features but that doesn't always mean you'll be correct. It also provides a consistent experience for users as they can access their materials anywhere. It also makes the user the last line of defense. If a user's account is compromised then the attacker has access to everything they already did. It doesn't work great in OT environments or Server based environments. Flows have to be initiated from the client and not the server for stuff to behave properly.
Application Segmentation and Listener Configuration - The way applications are defined and listened for is fundamental to ZPA, but can be a source of frustration, especially when dealing with legacy or non-HTTP protocols
The ZCC is the user's primary gateway, but its control over local system network behavior can sometimes clash with enterprise requirements.
I still say that Palo Alto Networks Prisma Access is the best. I love their GUI, their policies are easy to manage, the sales team is VERY helpful (especially when support is not). I still recommend them to everyone I talk to.
The environment feels more secure, and we are seeing that users are adapting to it fast. The fact that we have tools to assist the users with their day-to-day access helps, as we can hand it off to the helpdesk without any escalations to the Network team. It is a work in progress for our agency, but we are seeing the benefits from the solution.
The McAfee product really isn’t a great option. The configuration is a nightmare and requires a lot of time. The policy management has a high learning curve.
Well ZPA is a good solution, however everyone has their own advantage and disadvantages, with ZPA you can deploy ZTNA model, which will help you better control on access, however Palo Alto, Fortinet they are also market leading firewall solution, and you can not deny if they are not providing the same features.
Positive: We have now charged users internally for the service
Negative: Dealing with users who also have the Zscaler Client Connector for their company, can cause confusions
Negative: Enabling the Zscaler Internet Access entitlement has been a major headache for us because Zscaler Private Access users can't autheniticate through ZIA on a non corporate device.
