We performed a comparison between Palo Alto Networks Advanced Threat Prevention and Vectra AI based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The sandboxing tools offer great prevention for cloud feeds."
"Most of the features of Palo Alto Threat Prevention are alright. I recommend features like content filtering, IP address, & intelligent firewalls. The reporting feature is very good."
"The stability of Palo Alto Networks Threat Prevention is good."
"The user interface is a bit more professional than some free products."
"The most valuable feature of Palo Alto Threat Prevention for our company is the next generation firewall."
"For those who want a next-gen firewall that's easy to configure and easy to operate, I think you should go for Palo Alto."
"It's very easy to use and configure. What is nice about Palo Alto is that even if you don't understand how to use it, you can just click on upload and upload everything that needs to be blocked."
"I like the solution's interface."
"It has reduced the time it takes to respond to attacks. That comes back to the proactive point. It makes us able to lower down in the kill chain, we can react now, rather than reacting to incidents that happened, we can see an instant, in some cases, as it's being implemented, or as it's being launched."
"The automatic filtering that they provide is valuable. The logic inside that makes some detections instead of us is very useful. We are confident that if we are just looking into it and there is nothing, nothing could happen."
"What I like best about Vectra AI is that it alerts you about suspicious activities."
"The most useful feature is the anomaly detection because it's not signature-based. It picks up the initial part of any attack, like the recon and those aspects of the kill chain, very well."
"Vectra AI helped our team be more productive and save time. We have less work thanks to it."
"One of the most valuable features of the platform is its ability to provide you with aggregated risk scores based on impact and certainty of threats being detected. This is both applied to individual and host detections. This is important because it enables us to use this platform to prioritize the most likely imminent threats. So, it reduces alert fatigue follow ups for security operation center analysts. It also provides us with an ability to prioritize limited resources."
"The initial setup was pretty straightforward."
"The dashboard gives me a scoring system that allows me to prioritize things that I should look at. I may not necessarily care so much about one event, whereas if I have a single botnet detection or a brute force attack, I really want to get on top of those."
"I think they can use some improvement on FID."
"Palo Alto's maintenance needs to be improved."
"Palo Alto Networks Threat Prevention could improve the commercial offing. Other solutions, such as Fortinet provide better commercial features."
"The documentation needs to be improved. I need better information about how to configure it and what the best practices are."
"Mission learning techniques should continue to expand and detect unknown threats on the fly."
"In terms of what needs improvement, the only thing I don't like is the support."
"The technology firewall anomaly network could stand improvement."
"The installation was complicated."
"A blind spot that I have is around the ease with which you can automate threat intervention."
"You are always limited with visibility on the host due to the fact that it is a network based tool. It gives you visibility on certain elements of the attack path, but it doesn't necessarily give you visibility on everything. Specifically, the initial intrusion side of things that doesn't necessarily see the initial compromise. It doesn't see stuff that goes on the host, such as where scripts are run. Even though you are seeing traffic, it doesn't necessarily see the malicious payload. Therefore, it's very difficult for it to identify these type of host-driven complex attacks."
"ExtraHop has better features that seem more advantageous when compared to Vectra."
"Vectra is still limited to packet management. It's only monitoring packet exchanges. While it can see a lot of things, it can't see everything, depending on where it's deployed. It has its limits and that's why I still have my SIEM."
"The rules for threats are not always precise and Vectra AI should improve this."
"The solution needs to become more proactive. When Vectra AI is the primary solution in an environment - like it is in our case - you must work on response time. We have a small team so response time at endpoint level is vital."
"I think Vectra AI's automation, reporting, and integration could be improved."
"They use a proprietary logging format that is probably 90% similar to Bro Logs. Their biggest area of improvement is finishing out the remaining 10%. That 10% might not be beneficial to their ML engine, but that's fine. The industry standard is Zeek Logs or Bro Logs, or Bro or Zeek, depending on how old you are. While they have 90% of those fields, they're still missing some fields. In very rare instances, some community rules do not have the fields that they need, and we had to modify community rules for our logs. So, their biggest area of improvement would be to just finish their matching of the Zeek standard."
More Palo Alto Networks Advanced Threat Prevention Pricing and Cost Advice →
Palo Alto Networks Advanced Threat Prevention is ranked 7th in Intrusion Detection and Prevention Software (IDPS) with 24 reviews while Vectra AI is ranked 2nd in Intrusion Detection and Prevention Software (IDPS) with 42 reviews. Palo Alto Networks Advanced Threat Prevention is rated 8.8, while Vectra AI is rated 8.6. The top reviewer of Palo Alto Networks Advanced Threat Prevention writes "A good amount of granularity and advanced URL filtering capabilities". On the other hand, the top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". Palo Alto Networks Advanced Threat Prevention is most compared with Check Point IPS, Fortinet FortiGate IPS, Arista NDR, Trend Micro TippingPoint Threat Protection System and Cisco Secure Network Analytics, whereas Vectra AI is most compared with Darktrace, ExtraHop Reveal(x), Cisco Secure Network Analytics, Arista NDR and Check Point IPS. See our Palo Alto Networks Advanced Threat Prevention vs. Vectra AI report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.