Start with Identity
Zero Trust

Palo Alto Prisma Access

Founded 2005Santa Clara, CA, USAPublic (NASDAQ: PANW)Score 4.3/5Evaluated 2026-01-15Website ↗

Capability scores

Methodology →
Authentication
3.5
SSO & Federation
3.5
Authorization
4.0
Lifecycle & Provisioning
3.0
MFA & Passwordless
3.0
Governance & Audit
4.0
Developer Experience
3.0
Deployment Flexibility
3.5
Pricing Transparency
2.5
Support & Ecosystem
4.5

Scored 0–5 against a published rubric. Independent analysis, no vendor sponsorship.

Overview

Prisma Access is Palo Alto Networks' Security Service Edge (SSE) and SASE platform, extending its next-generation firewall heritage into the cloud. Its natural buyer is the large enterprise already standardized on Palo Alto firewalls that wants the same threat-prevention and policy model applied to remote users and branches. Palo Alto's pending acquisition of CyberArk signals a deeper move into identity security.

What it is good at

Consistent, best-in-class network security. Prisma Access brings PAN-OS threat prevention, URL filtering, and DLP to a cloud-delivered edge, so security teams keep one policy and threat model from data center to remote worker. ZTNA provides identity-aware per-application access, and integration with the broader Palo Alto platform (Cortex, firewalls) is a major draw for existing customers. Support and enterprise credibility are strong.

Where it falls short

The value is highest if you are already a Palo Alto shop; for greenfield teams without that investment, the platform is heavy and the pricing is enterprise-tier and quote-based. It consumes identity from your IdP rather than providing it, and developer-centric, self-serve access is better served by Cloudflare or Tailscale. It competes head-on with Zscaler and Netskope at the top of the market.

Pricing

Quote-based and enterprise-tier, typically by user and module, often bundled with broader Palo Alto commitments.

Best for, and who should look elsewhere

Choose Prisma Access when you run Palo Alto firewalls and want unified policy and threat prevention across a cloud edge. Choose Zscaler for the largest pure-SSE consolidations, Netskope for data-centric needs, or Cloudflare and Tailscale for value and simplicity.

Bottom line

A strong SASE choice for Palo Alto enterprises that value one consistent security platform, less compelling for greenfield or lightweight needs.

More Zero Trust vendors

All Zero Trust

By SWI Community Team · Last evaluated 2026-01-15

Independent, community-driven analysis. No vendor sponsorship. Compiled from public research and community input and verified on a best-effort basis, so details may be incomplete or out of date. Scores are opinions, not advice. Trademarks belong to their owners; mention does not imply affiliation or endorsement. See the full disclaimer, or send corrections to [email protected].