IoT Security Solution Overview

Community Team Member

IoT Security Solution Overview.png

Palo Alto Networks unveils our new IoT Security Solution that can help keep your network secure as you implement safer cybersecurity measures across your entire platform. Read the IoT overview and find answers on LIVEcommunity.

 

 

IoT Security Solution Overview

As technology advances, so do cyberattacks. And the latest targets that seem to be the most unprotected are IoT devices—everything from security cameras to smart appliances. Palo Alto Networks has been able to keep up with the changing times while helping to secure our digital way of life more by protecting all of the IoT devices on your networks.

 

What is the IoT Security Solution?

  • IoT Security subscription is sold as an attached subscription to the firewall  
  • New IoT subscriptions provide IoT device visibility, risk management, and security anomaly detection
  • Subscriptions are on a per firewall basis
  • Requires PAN-OS 8.1.x or later
  • Cortex Data Lake is required to use IoT Security Solution (Log Forwarding to CDL)

 

Again, the IoT Security subscription is supported on PAN-OS 8.1+. Additionally, PAN-OS 10.0 provides automated enforcement using new Device-ID capability.

 

IoT Security Solution Overview

Understand IoT Assets.png Assess Risk.png Apply Risk Reduction Policies.png Prevent Known Threats.png Detect and Respond to Unknown Threats.png
1. Understand IoT Assets 2. Assess Risk 3 Apply Risk Reduction Policies 4. Prevent Known Threats 5. Detect & Respond to Unknown Threats

Combining Machine Learning with Palo Alto Networks App-ID to provide the deepest IoT visibility and normal behaviors

Learn device vulnerabilities, risk level, and risky behaviors

Automated policy recommendations that allow trusted behavior

Actively detects and prevents known IoT attacks with Machine Learning and Threat Intelligence from Palo Alto Networks subscriptions

Continuously detects and responds to zero-day attacks using threat modeling, anomaly detection, and crowdsourcing

On IoT SaaS App

On IoT SaaS App

Both IoT SaaS App and
Next-Generation Firewall

On Next-Generation Firewall

On IoT SaaS App

An overview of data taken from the IoT devices, showing how Cortex Data Lake uses data to protect your network.An overview of data taken from the IoT devices, showing how Cortex Data Lake uses data to protect your network.

Deployment Considerations, Next-Generation Firewall placement and collecting the right metadata (EALs and session logs), and DHCP

 

IoT Activation

Please see the following video that walks you through Onboarding IoT Security

 

IoT with PAN-OS 10.0 will give you the following abilities:

 

View IoT Assets

  • Full device discovery
  • Identification and Classification of all IoT devices
  • Deep Insights

IoT View of AssetsIoT View of Assets

Assess IoT Risks

  • 24x7 Risk monitoring (behaviors, weak security posture, alerts, and vulnerabilities)
  • Integrated with CVE Inventory
  • Automated risk-based policy recommendations

View of IoT Risks and VulnerabilitiesView of IoT Risks and Vulnerabilities

Prevent Known Threats

  • Threat prevention happens on the firewall, IoT app creates alerts based on policies
  • Threat Prevention blocks known IoT malware
  • URL Filtering provides safe web browsing access for IoT devices
  • DNS security blocks attacks on IoT that use DNS
  • WildFire detects and prevents unknown threats

IoT view of Alerts and Known ThreatsIoT view of Alerts and Known Threats

Detect Unknown Threats with Recommendations

  • Machine Learning enhanced with threat modeling to detect unknown threats in real-time
  • Provide detail incident context and clear recommendations for actions
  • Anomaly detection using ML for threat identification and recommendations

IoT View of Alerts by Device CategoryIoT View of Alerts by Device Category

 

See Also

For the IoT Security resource list, please see the following Knowledge Base article:

IoT Security Resource List On Configuring And Troubleshooting

 

Keep coming back, we will have more information on IoT available in July.

 

Thanks for taking time to read my blog.
If you enjoyed this, please hit the Like (thumbs up) button, don't forget to subscribe to the LIVEcommunity Blog.

 

As always, we welcome all comments and feedback in the comments section below.

 

Stay Secure,
Joe Delio
End of line

2,082 Views
Comments
Community Manager

Great blog @jdelio 

1,739 Views
Labels