We changed our name from IT Central Station: Here's why
Zubair Ahmad
Chief Manager at Arcil
Real User
Top 5
Stable, scalable, and best for avoiding security issues
Pros and Cons
  • "Best solution for avoiding security breaches, malware attacks, and other kinds of security issues."
  • "Limited remote connection."

What is our primary use case?

I primarily use Cortex XDR for endpoint security.

How has it helped my organization?

PALO ALTO CORTEX XDR brings visibility of all activity going in end point system and server. This helps us to investigate and take corrective action by blocking and allowing necessary services in the system. 

What is most valuable?

Alerts regarding the incidence happening in system and easy to block and allow the services and external device control.

What needs improvement?

An area for improvement is the remote connection for administrators - this is available in the current version but is limited as it's a command-based model rather than GUI-based.

For how long have I used the solution?

I have been using Cortex XDR for around four months.

What do I think about the stability of the solution?

Cortex XDR is stable.

What do I think about the scalability of the solution?

The product is really easy to scale.

How are customer service and support?

Good support and services

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Previously, I used McAfee Antivirus, Memory utilization very high which doesn't yet have virtualization or a dashboard. I found that product to be a little difficult, and it was not linked to a real solution, so I decided to go with Cortex XDR as it's one of the best XDR solutions for security.

How was the initial setup?

The initial setup is a little complex because it requires a lot of preparation in terms of understanding each system and going through the documentation and dashboards.

What about the implementation team?

I implemented with the help of one partner who did the basic configuration of our firewall. Deployment took approximately ten days.

What was our ROI?

Security of systems

What's my experience with pricing, setup cost, and licensing?

This is a very costly product.

Which other solutions did I evaluate?

We have evaluated Cynet, Crowed Strike and Sentinel.

What other advice do I have?

Cortex is the best solution for avoiding security breaches, malware attacks, and other kinds of security issues. I would rate this solution as eight out of ten.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Assistant Superintendent with 51-200 employees
Real User
Top 20
Straightforward to set up and the support is highly-rated
Pros and Cons
  • "The interface is easy to use and it is more up to date than our previous solution."
  • "Although I would say this product is highly-rated, it could probably do more because nothing does everything that you want."

What is our primary use case?

This product is part of a package that makes up our security solution.

What is most valuable?

The interface is easy to use and it is more up to date than our previous solution.

What needs improvement?

Although I would say this product is highly-rated, it could probably do more because nothing does everything that you want.

For how long have I used the solution?

We have been using this product for about four months.

What do I think about the scalability of the solution?

We think that this product will help us grow. We think that it meets our needs currently, and we can grow with it over time. There 12 people in the IT department who currently manage it. 

How are customer service and technical support?

The support is excellent. We had a couple of issues that we had to call for and I would say that they are highly rated.

Which solution did I use previously and why did I switch?

Our older solution was from Fortinet. It was out of date and more difficult to use. The IT staff say that the Palo Alto product is better.

How was the initial setup?

The initial setup was straightforward.

What about the implementation team?

We worked with a reseller. They came in, we told them what we wanted to do and they set it up to our spec. The person who came in and helped support us was highly skilled and it worked seamlessly.

What's my experience with pricing, setup cost, and licensing?

We pay about $50,000 USD per year for a bundle that includes Cortex XDR.

Which other solutions did I evaluate?

We evaluated Palo Alto and Trend Micro, and we opted for the Palo Alto Cortex XDR.

What other advice do I have?

I don't use this product on a daily basis but we like what we have so far and I would definitely recommend it to other users.

My advice is to make sure that you have a good implementor and that the reseller you're purchasing from gives you a highly-qualified engineer.

Overall, we are happy with this product but that said, nothing does everything that you want.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Learn what your peers think about Cortex XDR by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: January 2022.
564,599 professionals have used our research since 2012.
MuhammadZubair
Digital Business Solutions Manager at Bahrain Telecommunication Company BSC (Batelco)
Real User
A stable and scalable extended detection and response platform, but it would be better if they educated their customers more
Pros and Cons
  • "It's a nice product that's stable and scalable."
  • "It would be better if they could educate the customers more. Some sort of seminars and roadshows will help educate the customers and show what the product can do. The price could be better. It would also help if they had a team for deployment and support."

What is our primary use case?

We don't have many customers moving to Cortex XDR by Palo Alto Networks. But recently, we started offering them both pro and basic options. 

What is most valuable?

It's a nice product that's stable and scalable.

What needs improvement?

It would be better if they could educate the customers more. Some sort of seminars and roadshows will help educate the customers and show what the product can do. The price could be better. It would also help if they had a team for deployment and support.

What do I think about the stability of the solution?

The product is stable. Palo Alto only works on security, and the product by default is stable. They are releasing new features, OS, and an ML-based thing on the firewall itself, which is quite impressive. Palo Alto is quite stable compared to other competitors in the market.

What do I think about the scalability of the solution?

It's scalable. I see whatever is written on their datasheets, and all it's real. If I talk to some other vendor and they say that they currently provide 20 Gbps reports, but when you activate it, IPSec and all, it goes to 2 Gbps. With Palo Alto, whatever is there is working, and it's scalable.

How are customer service and technical support?

Technical support is quite good. When compared to others, I feel it's quite impressive.

What's my experience with pricing, setup cost, and licensing?

The price is on the higher side, but it's okay.

What other advice do I have?

I would tell potential users that it's a complete solution from Palo Alto with firewalls and all to give you more precise logs and information. Product-wise, it's top of the line. If you have investment, always go for that and go for the best solution. 

Palo Alto is one of the tech vendors that always provides top-of-the-line products. Price-wise it will be on the higher side, but it depends on how you deal with the backend support or the account manager of Palo Alto to get that discount. 

On a scale from one to ten, I would give Cortex XDR by Palo Alto Networks a seven.

Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Flag as inappropriate
CyberSecurity Consultant at a tech services company with 51-200 employees
Real User
Top 5
A stable and scalable solution with an easy setup and out-of-the-box playbooks and integration
Pros and Cons
  • "The integrations are out-of-the-box, as are the playbooks."
  • "The solution should offer more dashboards and they should be better customized."

What is our primary use case?

I have deployed some customized playbooks and modified ones which are out-of-the-box with more integration with SIEM solutions such as ArcSight, QRadar, ADRs and Trend Micro.

What needs improvement?

The solution should offer more dashboards and they should be better customized. The case number of items should be addressed. 

I have found the interface of Azure to be more simple and customizable than that of the solution. 

For how long have I used the solution?

I have worked on Cortex XDR by Palo Alto Networks with my customers for a number of weeks. 

What do I think about the stability of the solution?

The stability is good. 

What do I think about the scalability of the solution?

The scalability is fine. 

We have plans to increase the usage. 

How was the initial setup?

The initial setup was simple. 

The deployment took no more than two hours. 

What's my experience with pricing, setup cost, and licensing?

So far, I have made use of the free license which is offered. Once it ended, I was able to buy a license based on the number of users or divisions. The license varies with the number of users or applications involved. 

If one wishes to work with another team or large number of users at a future point, he must purchase a license for them. 

Which other solutions did I evaluate?

The interface of Azure is more simple and customizable than Cortex XDR by Palo Alto Networks.

What other advice do I have?

I have found the solution to be very easy in respect of the integration and configurable. The integrations are out-of-the-box, as are the playbooks. 

The solution is deployed solely on-premises on a single server. 

As of now, there are six users making use of the solution. 

My advice is that the on-premises environments for the product's use should be increased. 

I rate Cortex XDR by Palo Alto Networks as an eight out of ten. 

Which deployment model are you using for this solution?

On-premises

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
AlbertoGonzaga
Account Manager at CIPHER
MSP
Easy to use and good for managed threat hunting and incident response
Pros and Cons
  • "Cortex XDR can integrate the firewalls and determine the tendencies of the attacks. It's a new generation antivirus, with protection endpoints and detection response. It is very easy to use and everybody can operate the solution."
  • "It is not easy to sell Cortex XDR, not because it isn't a good tool. Its marketing needs to be improved."

What is our primary use case?

My customer wanted to use EDR. We worked with the POC to demonstrate the antivirus and how it has more features for detecting threats.

How has it helped my organization?

It makes it easier and faster to investigate problems and incidents.

What is most valuable?

The most valuable features are that it can integrate the firewalls and determine the tendencies of the attacks.

It investigates problems and incidents quickly. Cortex is good at reducing alerts and for having a custom barrier. It's a new generation antivirus, with protection endpoints and detection response.

Cortex detects and shows what the problem is and how to resolve the problem or incident. Cortex is very easy to use and everybody can operate the solution.

It has tools for threat hunting and it has very good incident response features.

What needs improvement?

It is not easy to sell Cortex XDR, not because it isn't a good tool. Its marketing needs to be improved.

For how long have I used the solution?

I've been using it for a year.

How was the initial setup?

Setting it up is very simple.

What's my experience with pricing, setup cost, and licensing?

It has a higher cost than other solutions, like CrowdStrike or Microsoft’s EDR tools, but it reduces the cost of our operations because it’s a new generation antivirus tool.

What other advice do I have?

I'm rating this solution a ten out of ten because it is very good for managed threat hunting and incident response. It is the best XDR solution. It's better than other tools because it uses enterprise architecture. Everybody will find that this solution is easy to use. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Sales Engineer at a security firm with 51-200 employees
Real User
Reliable with good support, but the installation should be simplified
Pros and Cons
  • "Stability is one of the features we like the most."
  • "The installation should be easier and the Palo Alto pre-sales and sales teams should have more information on the product because they don't know what they are selling."

What is our primary use case?

We use this solution to secure endpoints and to have more visibility on what is happening on the endpoints.

We have two customers who are using this solution currently.

What needs improvement?

The installation should be easier and the Palo Alto pre-sales and sales should teams have more information on the product because they don't know what they are selling.

They don't know the features of the products they sell.

For example, Cortex XDR includes Cortex XDR Prevent, Cortex XDR Pro, and Cortex XDR Pro per TB. They don't know the real differences between Cortex XDR Pro and Cortex XDR Pro per TB.

Sometimes, they will tell you about features for one edition that belong to another edition. They don't seem to know what features belong to what edition.

For how long have I used the solution?

I have been working with this solution for one month.

We are familiar with Cortex XDR Prevent and Cortex XDR Pro.

What do I think about the stability of the solution?

It's a stable product.

What do I think about the scalability of the solution?

It's a scalable solution.

How are customer service and technical support?

Technical support is okay.

How was the initial setup?

The initial setup is complex. It is not easy to install.

We have been deploying this solution for a month, but we are not finished yet.

We only need one engineer for the deployment and maintenance.

What other advice do I have?

I would recommend this solution to anyone who is interested in using it.

I would rate Cortex XDR a seven out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
IT Director at a energy/utilities company with 1,001-5,000 employees
Real User
Good protection, stable, it integrates well, and the support is good
Pros and Cons
  • "It integrates well into the environment."
  • "I would like to see them include NDR (Network Detection Response)."

What is our primary use case?

We had firewalls set up and it integrated but didn't meet with our regulations.

We were using this solution for endpoint protection.

What is most valuable?

It's a perfect solution. 

It integrates well into the environment.

What needs improvement?

I would like to see them include NDR (Network Detection Response). Then it would work well with SIEM Response. Also, if they could make an on-premises version we would definitely go with Cortes. At this time, they are not offering an on-premises solution.

For how long have I used the solution?

We had it in our environment for two days.

What do I think about the stability of the solution?

It's a stable solution.

What do I think about the scalability of the solution?

Cortex XDR by Palo Alto Networks is scalable.

How are customer service and technical support?

The technical support was good.

Which other solutions did I evaluate?

We evaluated Fideles and are currently using it, as it meets the regulations and is on-premises.

What other advice do I have?

We had to move away from working with Cortex XDR by Palo Alto Networks due to the regulations. They state that the logs have to be kept in Saudi Arabia. Also, the log is in the cloud, which is against the regulations. 

We chose Fidelis. They meet the regulations and they are on-premises.

We had no issues with Cortex. We were satisfied but it didn't meet with the regional regulations.

I would rate Cortex XDR by Palo Alto Networks an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT manager at a computer software company with 11-50 employees
Reseller
Provides ability to see what's going on with your assets and react to cyber attacks
Pros and Cons
  • "Its ability to react to cyber data attacks is awesome. That is pretty much the use of it. What blows your mind is the ability to access your assets remotely and see what is actually going on with them. You can not only see them in a console. You can also react very rapidly to your assets that are compromised."
  • "It should support more mobile operating systems. That is one of the cons of their infrastructure right now."

What is our primary use case?

I use it for visibility, mitigation, and analysis of advanced threat attacks.

What is most valuable?

Its ability to react to cyber data attacks is awesome. That is pretty much the use of it. What blows your mind is the ability to access your assets remotely and see what is actually going on with them. You can not only see them in a console. You can also react very rapidly to your assets that are compromised.

What needs improvement?

It should support more mobile operating systems. That is one of the cons of their infrastructure right now.

For how long have I used the solution?

I have been using this solution for more than four years.

What do I think about the stability of the solution?

It has been extremely stable.

What do I think about the scalability of the solution?

It is easily scalable. For example, if you have version 2, Palo Alto upgrades it automatically. The agents for your assets are also scalable for new operating systems. So, it is very scalable.

How are customer service and technical support?

Their technical support is very agile and very good. I would rate them a nine out of 10.

How was the initial setup?

It is way too easy to deploy it and set it up.

What other advice do I have?

I would highly recommend it unless you have iOS assets on your network.

I would rate Cortex XDR an eight out of 10.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: My company has a business relationship with this vendor other than being a customer:
Flag as inappropriate
Buyer's Guide
Download our free Cortex XDR by Palo Alto Networks Report and get advice and tips from experienced pros sharing their opinions.