Palo Alto Networks announces Prisma Access 2.0, expanding the industry’s most complete cloud-delivered security platform.
Prisma Access is the only solution that protects all apps with best-in-class security while delivering an exceptional user experience with new cloud-delivered management experience, ML-powered (machine learning-powered) security, Cloud SWG, Autonomous DEM, CloudBlades capabilities that enable Remote Browser Isolation support via partnerships, plus industry-leading scale and performance enhancements.
Prisma Access provides:
Access to all apps and protection against all threat vectors, not just web-based apps and threats, helping organizations reduce the risk of data breach by up to 45% (2020 Forrester TEI)
Complete best-in-class security that provides more security coverage than any other solution, receiving more than 4.3M unique security updates per day, 24.5x our nearest competitor (Internal Testing)
High-performance access with optimized user experience, supporting 10x more total encrypted tunnel throughput than the nearest competitor, with performance SLAs that are 10x better than any other cloud-delivered service (Datasheet and SLA document comparison)
Problem: Over the last 10 years, the industry’s focus has been to shorten the time it takes to react to a new attack and make a policy change, from weeks to days, to hours, and in the case of Palo Alto Networks, even minutes. On the other hand, attacks are constantly and automatically morphing while new devices join the network that are accessing applications that could be anywhere, in the cloud or the data center. The ability for security administrators to adapt security policy fast enough using manual methods isn’t possible.
Positioning: Palo Alto Networks is the first vendor to introduce ML-Powered capabilities to network security. Prisma Access leverages machine learning for proactive real-time and inline zero-day protection, introducing multiple industry firsts:
Prevent up to 95% of unknown file and web-based threats instantly with inline ML.
Prevent other unknown threats in near real-time using zero-delay signature updates.
Extend visibility and security to all devices, including never-seen-before IoT devices, using ML-based detection. No need to deploy additional sensors.
Automate policy recommendations that save time and reduce the chance of human error.
New Cloud Secure Web Gateway (SWG) capability with Explicit Proxy
Problem: As enterprises continue to adopt hybrid cloud strategies and offer flexible work-from-anywhere options for their employees, they need a security solution that can secure all their apps. The unique approach of Prisma Access has played a key role in securing all app traffic, including web app traffic, since Palo Alto Networks first launched the product. However, customers are often migrating from legacy proxy-based SWG solutions, which have previously required them to make network architecture changes in order to adopt the industry-leading web security that Prisma Access offers.
Positioning: Prisma Access now provides flexible remote worker connection choices, including a new explicit proxy connection method, to securely connect users to the industry-leading cloud-delivered security platform. With the addition of explicit proxy to the Prisma Access Cloud SWG, customers can now easily migrate from legacy proxy-based solutions to a complete cloud-delivered security platform, without the need for network architecture changes. Over time, customers can easily transition to a more secure connection method in Prisma Access that protects all apps, ports and protocols, not just web. The Prisma Access Cloud SWG supports all the web security protections that Prisma Access offers, including Threat Prevention, WildFire, URL Filtering, DNS Security, and DLP.
CloudBlades with Remote Browser Isolation Support
Problem: As customers adopt multiple cloud-based services from different vendors, integrating them has become complex. Manual configuration was often required, with limited vendor support.
Positioning: Prisma SD-WAN (formerly CloudGenix SD-WAN) customers have enjoyed the Palo Alto Networks CloudBlades platform for a long time, simplifying the integration of 3rd party services into the SD-WAN. With the latest Prisma Access release, Palo Alto Networks has extended the CloudBlades platform to enable 3rd party services to be integrated with the Prisma Access platform. The first integrations supported are Remote Browser Isolation services from vendors including Ericom, Menlo Security and Authentic8.
Autonomous Digital Experience Management
Problem: Digital experience defines success today, with nearly every organization undergoing digital transformation and the need to enable their employees to work from anywhere. Yet IT teams are struggling to ensure a great digital experience and maximum productivity. Existing monitoring tools lack external network visibility, and require additional agents or appliances to be deployed in the infrastructure. Additionally, responding to digital experience problems requires operations teams to manually troubleshoot and remediate, increasing support effort and cost.
Positioning:The new Autonomous Digital Experience Management (ADEM) add-on for Prisma Access provides native end-to-end visibility and insightsfor SASE, and the ability to drive autonomous remediationof digital experience problems when they arise. With Autonomous DEM, you gain segment-wise insights across the entire service delivery path, with real and synthetic traffic analysis.
Problem: Unmanaged internet-of-things (IoT) and operational technology (OT) devices make up more than 30% of the devices on enterprise networks. Organizations require these devices to enable their business, yet they cannot trust them. IoT devices often ship with vulnerabilities, are difficult to patch, are open to a broader range of threats, and have unfettered access to the network, posing an immense cybersecurity risk. Securing them has traditionally required security teams to deploy and manage IoT security sensors and appliances, creating operational burden and increasing costs.
Positioning:The new IoT Security add-on for Prisma Access provides the industry’s most comprehensive solution completely delivered from the cloud to secure remote branches, sites, and workers. This new capability is the first to combine machine-learning with crowdsourcing for accurate device discovery, risk assessment, inline prevention, automated policy recommendations, and enforcement, without the need to deploy and manage single-purpose sensors or appliances.
Scale and Performance Enhancements
Problem: Many existing cloud-delivered security platforms introduce crippling limitations when it comes to the throughput they can support per encrypted tunnel. This inhibits the ability of many large-scale enterprises to adopt cloud-delivered security for bandwidth-intensive locations like data centers, headquarters, and public clouds.
Positioning: With the latest release, Prisma Access furthers its leadership in securing all apps by supporting up to 5 Gbps of total encrypted throughput when using aggregated service connections. This provides tunnel performance that is 10x the nearest competitive offering, enabling high-performance access to private apps, whether in the cloud or the data center, meeting the needs of even the very largest enterprises. Additionally, Prisma Access guarantees security processing SLAs of less than 10 ms averaged over a 1-hour period, which is the lowest latency of any cloud-delivered security platform in the industry.
Cloud-delivered Management Experience
Problem: Enterprise customers want a cloud-delivered management experience for their security with simple and intuitive workflows, helping them increase time to value from day one. They also need comprehensive visibility into all users, applications, threats, and security posture to ensure that their end-users have the best possible digital experience while keeping the organization secure.
Positioning: Palo Alto Networks has introduced a best-in-class unified management experience for Prisma Access that is delivered from the cloud, to streamline configuration, security posture, reporting and digital experience monitoring. The new cloud management capability increases operational efficiency with simplified workflows and ready to use out-of-the-box configuration, making day-to-day management effortless. It reduces risk with automated continuous configuration assessment against best practices and provides recommendations to improve security postures. Customers gain visibility into all applications, users, and threats, with actionable insights to improve security effectiveness.