We use Prisma Cloud by Palo Alto Networks for architecture and design.

We found Prisma Cloud by Palo Alto Networks very important in solving architecture and design problems within the company, and it improved our company because it showed us different ways of doing things and gave us a better understanding of an architectural entity.

Prisma Cloud by Palo Alto Networks has helped our company progress.

From the time of deployment, it took a few months for our company to realize the benefits of the solution.

Prisma Cloud by Palo Alto Networks is a valuable solution. It is useful as it provides some security on multi and hybrid cloud environments, which is very important to my company.

Prisma Cloud by Palo Alto Networks is also a comprehensive solution that helps protect the full cloud-native stack and helps us secure the entire cloud-native development, which is another reason it is useful for the company.

The solution also has good security automation capabilities and is useful for helping my company take a preventive approach to cloud security.

It provides the visibility and control we need, and it helps a lot in giving us confidence in our security and compliance postures.

Prisma Cloud by Palo Alto Networks also enabled the company to integrate security into our (CI/CD) pipeline.

We also found how seamless Prisma Cloud by Palo Alto Networks touchpoints are to our DevOps processes, and we find them very helpful.

The solution even serves as a single tool to protect my company's cloud resources. It does not affect our operations.

Prisma Cloud by Palo Alto Networks provides risk clarity at the runtime and across the entire pipeline. It shows us the issues, and the developers can correct them without affecting our operations.

The solution also helped in reducing runtime alerts very quickly. It also reduced our alert investigation time because it's all automated.

We had some teething issues with Prisma Cloud by Palo Alto Networks, but overall, it did what we expected. It has some areas for improvement, but I cannot remember exactly off the top of my head.

I've worked with Prisma Cloud by Palo Alto Networks for four years.

I found Prisma Cloud by Palo Alto Networks stable. I'm impressed by its stability. I cannot recall any downtime with the solution. I rate it as eight out of ten, stability-wise.

I found Prisma Cloud by Palo Alto Networks scalable, and it's an eight out of ten for me, scalability-wise.

The technical support for Prisma Cloud by Palo Alto Networks was very good. I would rate its technical support eight out of ten.

Positive

Prisma Cloud by Palo Alto Networks is what my company has. It's the solution my company wants to use.

I was involved in the deployment of Prisma Cloud by Palo Alto Networks, and I found its initial setup straightforward. It took a few months to deploy the solution.

Our team deployed the solution.

Prisma Cloud by Palo Alto Networks has helped the company save some money. Cost-wise, it's okay.

I advise others who may want to implement Prisma Cloud by Palo Alto Networks to check it in a test environment first to ensure it does what they expect.

My rating for Prisma Cloud by Palo Alto Networks, overall, is eight out of ten.

Financial companies want to restrict user access, which means the users need to go through a subnet to access their services. When the user connects to the internet via the Prisma Cloud VPN, they can use different types of IP addresses globally. The changing IP addresses can be pretty complex. It costs a lot for the application site to apply for access.  

We negotiated with Palo Alto to get 20 servers, and the customers will be added to those 20 subnets. On the Spectrum Access side, we only need a white list of those twenty subnets, and we won't have issues in the future. 

The solution is managed by Palo Alto. We're using Panorama, a popular management tool, for managing the connection between the physical portal, firewall, and VPN, as well as Prisma Cloud.

The user experience is better than our previous solution. It gives us visibility into all the traffic. 

The most valuable feature is the closed VPN connection, which provides better performance than traditional VPN boxes. For example,  let's say a user in New York State normally connects in the East, but if they travel to the UK, they can connect to the same portal, which automatically redirects to any VPN gateway. We can control traffic based on Active Directory groups instead of the user's IP. That means a user in New York can access his application based on his user ID and AD group access when he travels to the UK or anywhere else.

Prisma Cloud can provide decent security across cloud environments, depending on how each company sets security policies. Prisma Cloud makes adding new users and managing access more flexible.  

I like Palo Alto's automated tool for migrating user data from other systems. We previously did this manually most of the time, but now we can update twice hourly automatically. 

During deployment, we created a tunnel from the cloud to our gateway in the data center because the users need some way to connect with the resources there, but all other traffic goes directly to the Palo Alto cloud. When the traffic goes to the Internet, sometimes it will come up with different IPs, causing some financial websites to be blocked. We needed to work with Palo Alto closely to solve this problem. 

Sometimes, when you assign subnets to regions, the IP address will jump from one location to another because it will automatically change substantially. Then, we need to add those IP subnets to our firewall for existing access. The need to update those subnets potentially causes maintenance or access issues. So far, we can only provide bigger customers with six subnets, and a small company may not be able to access those services. 

I rate Palo Alto customer service 10 out of 10. 

Positive

The migration takes time because we're typically not starting from scratch. We need to migrate everything from the existing VPN. I've used Prisma Cloud for a large financial enterprise with a complex infrastructure, and we worked on that for almost two years. It's less complicated for a mid-sized company, but the migration might take six to nine months.

It's hard to tell if there is an ROI in the short term. It may take a long time before you realize a return because there is a substantial initial investment. You can see a significant improvement in performance, but it may not necessarily save money. However, you'll ultimately improve service.

I rate Prisma Cloud nine out of 10. We would recommend it to any large global enterprise because it improves performance and offers a better user experience. It also gives you application-level control instead of regular IP address control. The latest version has many new features. So they can use the in-app Application ID and point to MAC applications instead of regular TCP/IP ports.

I do not personally use it in my organization. I am a consultant, and I support my clients. I understand the environment, and based on that, I suggest they implement Prisma Cloud. My job is to do a technical evaluation of the product and recommend it to my clients. I give my recommendation to the client as an advisor. I tell them about the features and capabilities of Prisma Cloud and how they can utilize it. I also do a price or cost-effectiveness comparison of different products, but in the end, my clients decide whether they want to choose the technology over the cost or vice versa.

There have been multiple use cases of Prisma Cloud. The use cases vary based on a client's requirements. It is not necessary to implement all the features and capabilities of Prisma Cloud, but generally, it is for continuous compliance monitoring. The Cloud Security Posture Management (CSPM) feature identifies vulnerabilities within your IT organization or ITOps environment. The main part is to ensure compliance with industry standards such as GDPR and CIS Benchmarks.  

Vulnerability scanning has been a major problem for clients. Nowadays, clients do not have just one cloud. They are not using just AWS or Azure. They have multiple clouds. For example, the primary site is on Oracle, the disaster recovery site is sitting on AWS, and some of their applications are on Azure, so there are three hybrid cloud environments. We try to identify the best solution that can seamlessly integrate with all three cloud providers. Our clients want a centralized Cloud Security Posture Management solution for monitoring vulnerabilities and threats. This is one of the major use cases for which we recommend the Prisma Cloud CSPM solution to our clients.

Prisma Cloud can seamlessly integrate with all clouds. When you go into a cloud, there are multiple landscapes. Some are Windows machines, and some are Linux machines. There are different APIs, different databases, and different types of environments with microservices, Kubernetes, etc. Prisma Cloud has the capability to integrate with all these. That is the beauty. This seamless integration is very critical in every product.

There are multiple CSPM products in the market. The key feature of Prisma Cloud is seamless integration. They have thousands of in-built APIs. You do not need to do much customization. It can seamlessly integrate with multiple clouds. It can integrate seamlessly with Azure, AWS, Oracle, Alibaba Cloud, etc. This is the main feature and the key selling point of Prisma Cloud. For example, today, the client is using only Azure Cloud, but tomorrow, the requirement might come for AWS or Oracle Cloud. It does not mean that they are going to buy a new product for CSPM. That is the beauty of Prisma Cloud, and this is where Prisma Cloud scores. It integrates seamlessly. It does not mean that other products cannot integrate. They can integrate, but they might not seamlessly integrate, or they might integrate only with AWS and Azure but not with Oracle or Alibaba Cloud. All of my client base is in the GCC region. I have clients in UAE, Saudi Arabia, Qatar, Kuwait, and Oman. Oman has Google Cloud. Saudi Arabia has Alibaba Cloud and Oracle Cloud. UAE has AWS Cloud and Azure Cloud. In Saudi Arabia, there are even private clouds. Prisma Cloud can even integrate with your private cloud. You can integrate your on-premise cloud.

Prisma Cloud can protect the full cloud-native stack. It is great, and it can solve your needs from a security point of view. The whole purpose of Prisma Cloud is to scan vulnerabilities.

Prisma Cloud's security automation capabilities are good. For example, you can define a policy for virtual machines. The policy hits an API and scans all your virtual machines. It can identify a virtual machine that is not supposed to have access to the Internet, but its ports are open. If you have set the rules, it can also remove the access of the port or the VM to access the Internet. This capability is definitely there, but it is based on the defined rules and policies and how you do the configuration.

Prisma Cloud provides good visibility. The dashboard or UI is user-friendly. You get a holistic view of your entire infrastructure. 

Prisma Cloud integrates security into our CI/CD pipeline at the resource,  component, and infrastructure levels, but at the application level, it is limited. For application-level security, you need to do something else. You need to have an additional capability or additional security solution.

It provides a single tool to protect all of our cloud resources and applications, without having to manage and reconcile disparate security and compliance reports.

It provides risk clarity at runtime and across the entire pipeline, showing issues as they are discovered during the build phases. It discovers issues at the scanning level. It also has the capability to rescan. For example, if you have discovered an issue or vulnerability, after resolving it, you can rescan the same resource to identify whether it has been mitigated or not.

Prisma Cloud has reduced runtime alerts by 60% to 70%. It has also reduced alert investigation time by 60% to 70%. With these time savings, you also save money. By preventing any vulnerabilities or threats, you also save your organization's reputation.

It has a feature for customized security policy. I implement it in banking, health insurance, and other sectors, and every organization has its own customized policies and procedures. In Prisma Cloud, you can customize policies, and based on that, you can do monitoring. 

It has multiple capabilities, such as threat detection and remediation. You can even orchestrate. For example, you can set a rule that a specific set of users need to have XYZ access. If any user is identified as having an additional level of privilege, which he or she is not supposed to have, Prisma Cloud can scan and identify it. If you have set the policy, it can also do mitigation. It can remove the access accordingly.

One major observation is that it is not possible to implement Prisma Cloud on-premises. This is the limitation. Prisma Cloud itself is on a cloud. It is sitting on AWS and Google Cloud. It is a SaaS solution, but some of my clients have a local regulatory requirement, and they want to install it locally on their premises. That capability is not there, but government entities and ministries want to have Prisma Cloud installed locally.

It is stable. It is a leading product.

It is a SaaS-based application, so we need not to worry about scalability. It is their responsibility. They have to ensure its scalability and high availability.

From what I know, their support is good enough. They meet the SLAs. They have been good so far. That could be because they are new in the GCC market, and someone from Europe or the UK might have different feedback. 

I did not use any similar solution previously.

We provide consultancy. We do the implementation but with the support of the vendor. It is not just about buying the product. It is about how you design and configure it. We ensure that the implementation is done as per the defined design.

The key point for a successful product implementation is how you configure it and what is your use case. Every client has different requirements and different use cases. It depends on how you drive it. You need to define the use cases, the policies, and the procedures, and you need to ensure they are aligned with your business objective. You may have the best product in the world, but if you do not know how to configure it based on your use cases and your environment, it will not work for you. You will have vulnerabilities in your environment even after you have invested millions.

The vendor takes care of the implementation, and we validate and guide them with the implementation.

In terms of maintenance, it is not a set-it-and-forget-it solution. It is based on your IT environment. Generally, small organizations do not use a CSPM solution. It is used by mid to large organizations. In such organizations, there are multiple changes in the IT resources. The environment is agile. Every day you add something or change something, and you need to ensure that it is integrated with Prisma Cloud. It is an ongoing operational activity.

We evaluated multiple products. Zscaler was one of them.

My clients are quite happy with this solution. Some of my clients are also based in the UK and Europe. So far, it has been good. It met their expectations. Their use cases are met, and they are able to monitor all their infrastructure. It has been good so far, and it worked for all the generic or standard use cases. That does not mean that it is going to solve all the use cases for all customers. If you want to go for a CSPM solution, you need to do a technical evaluation.

If you are looking into implementing a CSPM solution, I would advise first understanding your existing cloud landscape or your on-premise landscape. Understand your local regulatory requirements and local laws. After that, define the use cases. Define what exactly you are looking for and then go to market and evaluate different products. You can check whether there is an integration with AWS, Oracle, Alibaba, or any other cloud. If your regulatory requirements are that you cannot host your solution outside your country or you need to have it on-premises in your data center, not someone else's data center, you have to choose accordingly. You cannot go for Prisma Cloud. If you do not have any such regulatory requirements, you can go with Prisma Cloud or any other solution. 

You should also understand your future landscape in terms of:

• Over the next five or ten years, how do you want to grow? 
• What is your current IT strategy? 
• How are you evolving? 
• What would be your technology? 
• Would there be any major digital transformation? 
• How seamlessly can it integrate? 

You need to consider multiple parameters. It is also about money. It should also meet your financial budget.

Overall, I would rate Prisma Cloud a seven out of ten.

Our primary use cases are for container security and for auditing purposes. 

We have multiple clusters. 

Palo Alto enables us to know what security threats are happening in the background. 

It provides the visibility and control we need regardless of how complex or distributed our cloud environment becomes.

Prisma Cloud provides us with a single tool to protect all of our cloud resources and applications, like what we need to manage and reconcile security and compliance reports.

We have been enabled to reduce runtime.  

Prisma Cloud provides risk clarity at runtime and across the entire pipeline. It shows issues as they're discovered during the build phases.

The most valuable features are code security and container security.

It gives us awareness about any security breaches and if there are any vulnerabilities. 

Palo Alto provides security scanning for multi and hybrid cloud environments. We need to know where there is a threat. Palo Alto monitors and reports it.

It can be integrated into any alerting tool that has enough automation and capability. It can pull some of the metrics without an agent.

Prisma Cloud provides risk clarity at runtime and across the entire pipeline, like, showing issues as they're discovered during the build phases.

There are some operational issues but testing it is good. 

The UI is the worst. 

I have been using Palo Alto Networks for two years.

The stability is good. I would rate it an eight out of ten. 

The scalability is good. 

Their technical support isn't on an expert level. They need to improve. 

Neutral

The deployment time takes around two to four weeks. The understanding of the product takes around six months.

The initial setup was straightforward. 

It does not require regular maintenance. You need to do maintenance around every six months by updating the agent. 

I would rate Prisma Cloud by Palo Alto Networks a seven out of ten.

We were using it for remediation. I was working on a client's project on behalf of our company, and they had multiple subscriptions. They were using not only Azure but also AWS. Rather than managing remediation and governance separately through different clouds, it was proposed to use Prisma Cloud as a single place for remediation of everything.

Prisma Cloud provided a single window for all security issues, irrespective of the subscription, account, or service provider I was trying to see. The information was totally transparent with Prisma Cloud. Otherwise, it was a daunting task for us to manage everything within AWS itself because each region's or subaccount's data needed to be moved over to another account to see a full picture, and a similar approach was required in Azure as well. The data from a different subscription needed to be copied, which required a batch process to do this job on a daily basis. By integrating AWS and Azure subscriptions with Prisma Cloud, the same task became easier. It was as simple as adding a new account and a credential. That was it. Prisma Cloud took care of the rest of the functions

Prisma Cloud provided security spanning multi-cloud and hybrid-cloud environments. We integrated it with AWS and Azure with multiple subscriptions for each.

With both AWS and Azure, the presentation of the native cloud data was not good. We were more comfortable looking at the same data in Prisma Cloud.

Automation is possible with Prisma Cloud, and that is why we liked it. Automation is still not that good in the native clouds, and Prisma Cloud definitely has an edge compared to the facility that AWS or Azure provides. Although it is an additional cost for IT, overall, there are cost savings. I am not aware of the features provided by GCP. I did not integrate it with Prisma Cloud, but at least with AWS and Azure, Prisma Cloud works much better.

Prisma Cloud provides an agent that can scan container images or Docker images. Otherwise, for Docker images and accounts, AWS provides its own tool and its own format for the report. Similarly, Azure provides its own format to scan those images. We used the agent provided by Prisma Cloud. It unified the approach. Irrespective of the provider, the format of the output and reports was similar. It was easy to compare apples to apples rather than comparing apples to oranges, which definitely is a challenge when we use different cloud providers. Prisma Cloud solved that problem for us.

The level of abstraction is sufficient enough. The complexity is hidden. Only the information that is relevant is displayed, which is better from a developer's perspective because developers do not need to handle that complexity. If architects, like me, need to understand those complexities, they can go into a respective subscription and get the details. The level of abstraction was good enough with Prisma Cloud.

Prisma Cloud provides a single tool to protect all of our cloud resources and applications, without having to manage and reconcile disparate security and compliance reports.

Prisma Cloud reduced the alert investigation time because now, we have a single window. It is quite easy for anyone. A single resource can work on the alerts and memorize similar issues in the past and work on the current issues faster. It has improved productivity.

Prisma Cloud reduced costs. With the different service providers and different subscription models that we had previously, we divided the subscriptions between the analysts. They were responsible for the issues related to the subscription. We had a team of six people previously. After the implementation of Prisma Cloud, all the issues got consolidated, and our team size got reduced to two. The productivity increased because the same analyst could see past issues, revisit those issues, learn quickly, and fix similar issues. They got an idea of how to fix a similar issue, so the overall productivity increased, which reduced the cost.

When we work on, for example, AWS, we need to consolidate the data from different regions, which is an exercise in itself. The same exercise or similar exercise can easily be done in Prisma Cloud. It is as easy as registering a new subscription to AWS, and you start seeing all that data. For example, it is very easy to do analysis of the Defender data, which can include warnings, errors, etc. Although it is natively AWS data, the presentation is not easy for a developer. Prisma Cloud makes it a bit easier. 

The first time I looked at Prisma Cloud, it took me a while to understand how to implement the integration and how to enable features by using the interface for integration. That portion can probably be improved. I have not looked at the latest version. I used the version that was available three months back. It is portal-based, and they might have changed it in the last three months, but at that time, integration was a bit tricky. Even though documentation was available, it took a while for a new person to understand what integration meant, what will be achieved after the integration, or how the integration needed to be done on the Azure or AWS side. That was a bit challenging initially.

I used it for eight or nine months. I last used it about three months ago.

It is stable.

The client's team interacted with the customer support team. We used to highlight the issue to them, and they used to contact Palo Alto's support. We required their support two or three times, but I or my team was not directly involved with their customer support for help.

Positive

I have not used a similar solution before.

I was involved in the implementation. It was all cloud-based. There is a bit of a learning curve when trying to understand how to integrate it. Although some good documentation is available for Prisma Cloud, it was still a bit difficult to understand the product initially. However, the UI that analysts use to work on issues and remediation is quite good. It is not complex. After you have done one or two integrations with your AWS or Azure account or subscription, it becomes a routine activity. It is easy to integrate more subscriptions, but the initial one or two subscriptions of the AWS or Azure account will take some time because some features need to be enabled on the respective cloud as well. It is not only the configuration on the Prisma Cloud side. Some configuration is required on the AWS or Azure side as well.

It is a website, so deployment is not a challenge. It is as simple as registering an account and making the payment, which the IT team already did before they created an account for us, so, as such, there is no deployment. If we want to use an agent, then certainly some deployments are required on the machines, but that is the agent deployment. The product itself does not require any deployment.

From a maintenance perspective, not much maintenance is required. It is a one-time integration. It will then be set for a few years unless you want to remove some of the subscriptions or something changes in Azure or AWS. There is a limitation on the Azure or AWS side but not on the Prisma side, so maintenance is there, but it is low.

There was a cost reduction. That was the benefit that we had visualized while evaluating Prisma Cloud as one of the possible solutions. The complexity of IT operations had also reduced, and the team size had also reduced after implementing Prisma Cloud.

We used the enterprise edition. A standard edition is also there. I am aware of these two editions. I know that there is some cost, but I do not have the exact figures with me. The cost was not on the higher side. Overall, the cost gets recovered with its implementation.

I have not compared it with other tools, but overall, I found it to be pretty good when resolving the challenges that we were facing early on. I did not get a chance to look at the Gartner report in terms of where it stands, but based on my experience with this solution, I was quite satisfied.

It is a good solution. Each team should utilize it. Every good organization is now moving towards or trying to be provider agnostic, so if you are using multiple providers, you should at least give Prisma Cloud a try.

Prisma Cloud enables you to integrate security into your CI/CD pipeline and add touchpoints into existing DevOps processes. I know it is possible, but we were already using some other tools, so we did not try this feature. We already had a good process utilizing other scanning tools, so we did not try that feature, but I know that they have this feature.

Prisma Cloud provides risk clarity at runtime and across the entire pipeline, showing issues as they are discovered during the build phases, but this is linked to the CI/CD pipeline, which we did not implement. We looked at the risk level of the infrastructure deployed. We also looked at which cloud platform is having issues. The risk-level clarity was certainly there. It was possible to see the risk level and prioritize the activities or other items with a higher risk, but we never tried CI/CD pipelines.

Overall, I would rate Prisma Cloud a nine out of ten.

We use it for mobile access, and we probably will also adopt a direct connection to our small branch offices across Europe.

Prisma Cloud has improved the response time and the availability of our applications on-premises and on the cloud for our users in many different countries in Western Europe, Eastern Europe, and the United States.

We use it for our mobile users. Prisma Cloud is a very strong and robust platform that improves endpoint security. The COVID-19 pandemic made us realize that we should be able to permit more or less 50% of our employees to work confidently and securely from home.

Prisma Cloud provides security across multi-cloud and hybrid-cloud environments. We already have developed a direct connection between the Prisma Cloud platform and the Azure Cloud solution. We also have integration with the AWS cloud where most of our servers are now located. It was absolutely a strategic choice for us.

We have decided to adopt almost all the security features that Prisma Cloud offers, such as DNS security, threat prevention, vulnerability analysis, anti-phishing, email, and so on. We did not use Prisma Cloud for security automation capabilities. We have a very specific application for the OTC environment, and we prefer to maintain this environment completely separate from the other world of traditional information technology applications.

Prisma Cloud helps with cloud security, but we are also managing security at many different levels. We have endpoint protection, firewalls, SIEM, and log collectors. We also have dedicated probes that work silently to discover any anomalies, such as zero-day threats, that could be there. We have a Palo Alto firewall, and this cloud solution also has some predefined level of security managed by the cloud provider.

Prisma Cloud provides the visibility and control we need, regardless of how complex or distributed our cloud environments become. We can very quickly and easily analyze the clusters, the connections, and so on. We have very good control over the data flow and any possible security problems. It increases our confidence in our security and compliance postures.

About 50% of our people work from a private network, not inside the company. The protection of the endpoints is more difficult than the protection inside the office. Prisma Cloud can elevate the level of security for people who are working from home or are traveling to another country and so on.

Prisma Cloud provides us with a single tool to protect all of our cloud resources and applications, without having to manage and reconcile disparate security and compliance reports. Prisma Cloud is used by remote users that are working from home, and that is it. It makes our operations easier.

I have daily evidence of any possible new threats that could appear. I get to know how often a threat was blocked and from which client these threats were blocked. We can then very quickly contact the user if there is a compromised endpoint.

Prisma Cloud sends the email and data to the administrative IT staff in case a very severe threat appears. So far, we have not received any alerts related to severe threats.

Prisma Cloud has reduced a lot of our alert investigation time. We have perfect visibility of every single connection from our colleagues who are working from home, a hotel, or any other place. We have activated a mechanism by which the VPN connection is mandatory as soon as the end users switch their computers on. If I have a severe alert, I could investigate the related bad behavior and node in 10 to 15 minutes.

We found it to be easy and flexible. We could easily configure it for our needs, and we could spread the Prisma Cloud platform to 16 countries without encountering any kind of problem.

It can be too expensive for small companies.

In terms of features, I wouldn't add anything specific. They did a major improvement in the field of reporting. It can automatically produce statistics on usage and so on. This aspect was not very well developed at the beginning of the project, but now, there is a very big improvement in this specific field. Reporting is better than the previous versions, so at the moment, for our needs, the solution is good enough. We might need something in the future, but at the moment, we are not asking Palo Alto for any new developments.

We have been using this solution for half a year. We started the project at the beginning of this year, and at the moment, we have about 2,100 people who use this solution.

It is very stable. The platform is quite robust and available. From the time the project was released to other countries, we received one or two tickets for a sporadic problem for some users.

We have 4,000 licenses. We have Prisma Cloud in 16 different countries with a total of about 2,100 people. We do not have a large presence in the Extreme East or Middle East, but we have people connecting from Europe and also from Russia. It works perfectly.

Its usage will increase when there is a new acquisition or there is a new office somewhere in the world. 

The customer support is good and professional. I would rate them a ten out of ten.

Positive

We did not use any similar solution before. We adopted the same VPN technology based on the on-premise firewall that we already had, but there was a very big consumption of bandwidth. It was sometimes a little bit difficult to manage a high number of remote users, and this problem was completely solved by Prisma Cloud.

I was involved in its deployment. It took us about nine months to implement it.

In terms of the implementation strategy, we started with deciding about the site of our company that should be directly connected to Prisma Cloud. We produced an inventory of the applications and identified whether they are located on-premise, on Azure cloud, or on AWS cloud. We then started to configure the server and endpoints inside Prisma Cloud. We established the service connection between the site and Prisma Cloud, and we started to develop the solution for the end users. We selected a subset of users. We selected about 100 people from different departments in different countries to be sure that the solution was working properly in every country and every application environment.

We received very professional and qualified support from both Palo Alto technicians and a platinum partner that normally assists us in developing Palo Alto technologies.

We had two people from Palo Alto for implementation. We had one senior engineer and one junior engineer from Palo Alto. We had two engineers from our partner. We did not have a lot of staff.

In terms of maintenance, Prisma Cloud is subject to periodic updates, and we follow what is required by Palo Alto. For maintenance, we have a colleague of mine and one person from our partner.

It was a good investment because now we can manage so many remote users without any problems.

The platform is not famous for being cheap. It is quite expensive, but we know that we have the protection, so there is enough value for what we pay for. It is worth the money.

It takes more or less nine months to realize its benefits.

This solution is good for a company with at least 400 people that must be connected remotely. For smaller companies, it can be too expensive.

There are no costs in addition to standard licensing. We pay based on the number of users. We have 4,000 user licenses, and we use more or less 60% of our licenses.

We evaluated solutions from Cato Networks and Palo Alto. Because we have quite a large installation of Palo Alto's firewall and in-depth knowledge of this technology, we decided to adopt Prisma Cloud.

I am very satisfied with Prisma Cloud, and we do not have any plans to change to anything else. I am confident that we will retain this solution for a long time.

Overall, I would rate Prisma Cloud a ten out of ten. We have received very positive feedback regarding this solution. I would recommend it to others.

We are a Palo Alto Alliance partner and our clients are Fortune 500 companies. We utilize a multi-cloud network architecture, with the primary constraint being the inability to manage everything through a single interface. By implementing uniform guardrails, we address the issue of inconsistent security policies when using native cloud security controls. This is one of the key considerations. Additionally, we employ micro-segmentation using cloud network security modules of Prisma Cloud to minimize the attack surface for various workloads.

The primary use case that was lacking was a single pane of glass. Additionally, prior to implementing Prisma Cloud, we used to manually perform these tasks using AWS CloudFormation Templates or Azure Resource Manager Templates. However, Prisma Cloud helped us address this issue by providing a unified administration interface. One of the problems we faced was the inability to view vulnerabilities across different cloud workloads and compare risks across different platforms. These were the challenges we encountered before deploying Prisma Cloud. While we didn't completely solve all of them after implementing Prisma Cloud, we did make significant progress in that regard.

Prisma Cloud offers security scanning for various cloud environments. In some client environments, there is only a single cloud, so the fact that Prisma Cloud can scan multiple clouds doesn't make a significant difference. These clients have a limited presence in the cloud, with few workloads or resources deployed. Consequently, it doesn't provide substantial value in such cases. However, for large companies, manufacturing companies, or companies with significant IT intellectual property in the cloud, with multiple tenants and a widespread cloud presence across different regions and replication, deploying a solution like Prisma Cloud becomes necessary.

Prisma Cloud enables us to adopt a proactive approach to cloud security. It goes beyond providing visibility and monitoring capabilities by offering a wide range of auto-remediation features. It provides numerous security controls and the ability to enforce commonly configured guardrails, primarily in monitoring mode. It is a comprehensive product that caters not only to detection but also prevention.

Prisma Cloud has helped reduce the number of people required to support or manage these cloud platforms, especially in terms of security. So now, instead of needing three different individuals to manage three different clouds, it may be possible to use just one resource to handle all three clouds, particularly focusing on security. This approach facilitates resource reduction, which is especially beneficial for clients operating within tight budgets. Additionally, there's the advantage of having a single pane of glass, where we can access various informative graphs, charts, and reports. These resources assist in explaining technical matters to non-technical leadership, making it easier to articulate concepts and insights to executives and other non-technical individuals. Personally, this has been helpful for me and our organization. The benefits for clients vary depending on the size of the environment. Personally, when we started using Prisma Cloud as an offering, it took two and a half to three months, which was the rough estimate. However, back then, not all the modules that are available today existed. So those numbers might have changed if all the modules were available at that time.

Prisma Cloud offers the visibility and control we require, regardless of the complexity or distribution of our cloud environments. Since it is built on top of these existing clouds and utilizes many of the services provided by large-scale cloud platforms, there is typically no issue with visibility. Regardless of the complexity of the environment, we always achieve visibility. The way we store and analyze the data, as well as how we visualize information, depends on the operator of the tool. Prisma Cloud is a reliable tool that never fails.

Prisma Cloud enables us to integrate security into our CI/CD pipeline. We primarily use it for the container. We have integrated image scanning and registry scanning into our CI/CD pipelines, specifically Azure DevOps. The DevSecOps team is responsible for managing this process.

Prisma offers us a unified tool that safeguards all our cloud resources and applications, eliminating the need to handle and reconcile separate security and compliance reports, with the exception of billing costs and management. From a security perspective, we haven't encountered any other reports for the majority of our clients. While a few clients may have additional requirements, Prisma Cloud efficiently handles all of those as well.

Prisma has reduced runtime alerts.

Prisma has reduced the time required for alert investigation. We now have a comprehensive understanding of the entire lifecycle of where things went wrong or which part of the runtime or execution for a specific process went wrong, particularly in terms of security.

Prisma Cloud has saved us money by reducing resources. 

Cloud security posture management is the preferred feature among other vendors.

There is room for improvement on the logging and monitoring front because it's still not as holistic as I would want it to be. Especially in the sense that we have different modules within Prisma Cloud, but then the visibility that we get from the output of each of these modules cannot be stitched together. Perhaps we could deploy something like a SIEM or SOAR platform to get this telemetry. As of now, we are lacking that part. So now I'm sure that was not the primary intent for that. It would really make a difference if Palo Alto Networks improves this.

The identity-based micro-segmentation in our cloud-native services requires a significant improvement. It fails to address many of the problems that its predecessor used to solve. Previously, there was identity-based micro-segmentation, but it was phased out, reaching its end-of-life and end-of-support. Now, we have cloud network security, which lacks a crucial feature that IBM used to offer. This is something we strongly desire, as we have had multiple discussions with Palo Alto regarding this matter. I am uncertain if there is a roadmap for implementing this feature, but the cloud network security module requires a substantial upgrade.

I have never encountered any challenges regarding any modules. Occasionally, they do undergo planned maintenance outages, but those are well-communicated in advance. Therefore, I don't consider them to be challenging. Prisma Cloud is reliable, and I would rate its stability at nine out of ten.

I would rate the scalability of Prisma Cloud as an eight out of ten. The only concern lies not with Prisma itself, but rather with the existing client environment. Many clients have flawed infrastructures, making it challenging to achieve the level of optimization required to fully realize the benefits of Prisma Cloud. However, this issue cannot be attributed to Prisma.

We extensively contacted technical support because we used to experience numerous issues. However, our main purpose is to inquire about additional capabilities and make minor tweaks. The tech support provided by Palo Alto is excellent, without a doubt. This could be one of the reasons why Prisma Cloud is relatively expensive. 

We are an advanced partner, rather than an end user, which grants us easier access to technical support compared to clients. However, based on feedback from our clients, their technical support is exceptional.

Positive

The initial setup is straightforward. In the beginning, we used professional services for a couple of clients but now we do it all in-house. 

The implementation is completed in-house.

From a security standpoint, we have significantly enhanced our client's security posture by implementing Prisma Cloud. However, we still need to assess the return on investment. While we have achieved notable resource reduction, it remains uncertain whether it has yielded a better long-term ROI.

Prisma Cloud is remarkably expensive. Not everyone can afford it, without a doubt. Although we don't directly sell the product, we occasionally engage in reselling certain components, and it requires significant effort to make sales. There's no denying that it's expensive.

I evaluated Snyk, which is a competitively priced product. However, I personally am not very familiar with how it works or the benefits gained by the different clients I've worked with, as I haven't had much experience with it. I conducted a couple of use cases and found it to be quite similar to Prisma Cloud in terms of features, although the interface has a different look and feel. I have been informed that Snyk is considerably cheaper compared to Prisma Cloud.

I would rate Prisma Cloud by Palo Alto Networks a seven out of ten, primarily due to the need for improvement in identity-based micro-segmentation and cloud network security. I appreciate the potential it offers for deployment, but the new module has yet to reach a point where we can effectively reduce risks.

All the cloud environments existed before Prisma Cloud came in. I don't believe we can build many things using Prisma Cloud, except for implementing guardrails. For instance, we can secure these workloads, but it will take time for them to be fully developed. The scanners, such as the infrastructure as code scanners that Prisma Cloud can certainly check, are capable of performing static and code analysis, among other tasks. However, I don't think Prisma Cloud is designed specifically for that purpose.

Prisma offers risk clarity from a core security perspective, but it does not cover the entire pipeline. To cover the entire pipeline, we would need to utilize a SaaS or DaaS tool. Prisma Cloud cannot serve as a substitute for those tools.

I used to primarily work with cloud-native services. So, I would leverage cognitive services across all three clouds. That was my main focus initially. However, now I have started using other tools such as Snyk and various reports. Additionally, I have also recently started using CSPM. I'm not entirely familiar with all of them yet, but I have been working on them since the beginning.

No maintenance is required from our end.