The following post is by Anupam Upadhyaya, VP of Product Management at Palo Alto Networks. We thank Palo Alto Networks for being a sponsor.
Businesses today not only have to deal with the increased onslaught of cyber attacks brought about by the pandemic, but also the arduous task of modernizing their infrastructures to accommodate their new hybrid workforces while preparing for the next wave of growth. Fortunately, a modern infrastructure approach already exists and it’s called the Secure Access Services Edge, or SASE.
To be effective, SASE must converge best-of-breed security and SD-WAN capabilities in the cloud to deliver exceptional user experiences while reducing security risks. And when it comes to best-of-breed security, Prisma Access from Palo Alto Networks consolidates essential point-products into a single cloud-delivered platform, transforming network security and allowing organizations to securely enable their hybrid workforces. Prisma Access provides comprehensive protections for all application traffic—not just web based applications—while also ensuring an exceptional user experience.
With the latest 2.2 release of Prisma Access, securing our hybrid workforces and their demand for “everywhere access” became even easier. The release includes several key enhancements to this market-leading platform, including:
Autonomous Digital Experience Management (ADEM) for Remote Networks
In 2021, Palo Alto Networks introduced Autonomous Digital Experience Management (ADEM) to monitor and manage the digital experience for mobile users. With Prisma Access 2.2, Palo Alto Networks has extended ADEM to all users—including users at branch or remote offices—by integrating ADEM directly into all Prisma SD-WAN appliances.
This enhancement provides end-to-end visibility for all users and devices from a single management console without the need to deploy additional agents or appliances. ADEM for Remote Networks ensures the best digital experience for branch users by providing observability in the cloud, applications, and across the entire service delivery path, including all WAN links.
Source: Palo Alto Networks
Secure Web Gateway (SWG) Policy Workflow Optimization
As the workforce transforms to a hybrid model and apps continue to move to the cloud, businesses are finding it increasingly difficult to enforce consistent policies for all their users. Traditionally, Secure Web Gateways (SWGs) have been managed separately from other security controls, creating policy inconsistencies while increasing complexity. This ultimately leads to security gaps and increased risk.
Prisma Access provides a natively integrated cloud SWG and the 2.2 release introduces a completely re-imagined, user-centric workflow that facilitates simple and easy-to-define web security rules. With predefined recommendations and continuous assessments based on best practices, businesses can now achieve consistent and optimal security regardless of whether their users are mobile or at branch offices. Network and security teams can effectively go beyond traditional “allow” or “block” rules to enable more granular action controls to accommodate the emerging needs of their hybrid workforces.
Source: Palo Alto Networks
IPv6 Support For Private App Access
Prisma Access 2.2 includes support for IPv6 traffic inspection to private applications to enable secure internal IPv6 traffic between endpoints and private applications for our enterprise customers and solution providers. We will continue announcing extended IPv6 capabilities in future Prisma Access releases.
Cloud Access Security Broker (CASB) With Enhanced SaaS Security Visibility
As SaaS application usage explodes across enterprises, securing all of them with traditional CASB solutions has become inadequate. These legacy solutions are complex, require multiple tools, and lack scale, resulting in mediocre security with a high total cost of ownership (TCO). To alleviate these challenges, Prisma Access offers natively integrated CASB with SaaS Security Inline.
With the 2.2 release, Prisma Access now enables rapid discovery of new SaaS applications to keep pace with their explosion. The platform now provides visibility into more than 15,000 SaaS applications. It also leverages the Palo Alto Networks crowdsourced cloud App-ID™ technology, allowing Prisma Access to tap into the power of a global community to provide automated and continuous discovery and categorization of new and emerging SaaS applications. When combined with advanced Machine Learning (ML)-powered Threat Prevention and integrated Data Loss Prevention (DLP) technology, businesses now realize better security outcomes without unmanageable and costly patchworks of disparate products.
Source: Palo Alto Networks
Support For OCR And EDM In DLP
A best-in-class DLP should be able to scan a plethora of documents and file types, as well as extract information from graphic formats like images of photo IDs, passports, and credit cards leveraging advanced Optical Character Recognition (OCR) algorithms.
In addition, modern DLP solutions should also leverage Exact Data Matching (EDM) techniques to detect and monitor specific sensitive data sets, as well as protect that data from malicious exfiltration or loss. EDM is designed for scale, allowing it to accommodate very large data sets, as well as “fingerprint” an entire database of known personally identifiable information (PII)—like bank account numbers, credit card numbers, addresses, medical record numbers and other personal information—stored in structured data sources, like databases, directory servers, CSV files, or spreadsheets.
The 2.2 release of Prisma Access brings powerful OCR and EDM functionality to its already impressive array of DLP capabilities.
Learn More About Prisma Access 2.2
Interested in seeing the new Prisma Access 2.2 capabilities in action and learning more? Sign up to watch the on-demand replay of SASE Converge 2021, the premier summit for what’s next in SASE. You’ll hear from leading voices within the networking and security industries, get details on the impact SASE technologies have made for organizations today, and learn what new innovations are to come.