Prisma Access 3.0: The Industry’s Only Next Generation CASB, Fully Integrated Into SASE

Prisma Access 3.0

The Prisma Access 3.0 is the only solution that protects all apps with best-in-class security while delivering an exceptional user experience. The new Next Generation CASB functionality automatically keeps pace with the SaaS explosion with proactive visibility, real-time data protection, and best-in-class security.

Prisma Access Provides:

• Access to all apps and protection against all threat vectors, including thousands of SaaS and modern collaboration applications—not just web-based apps and threats—helping organizations reduce the risk of data breach by up to 45 percent (2020 Forrester TEI)

• Complete best-in-class security that provides more security coverage than any other solution, receiving 4.3 million-plus unique security updates per day, which is more than 24 times our nearest competitor (Internal Testing)

• High-performance access with optimized user experience, supporting 10x more total encrypted tunnel throughput than the nearest competitor, with performance SLAs that are 10x better than any other cloud-delivered service (Datasheet and SLA document comparison)

What’s new in Prisma Access 3.0?

Next Generation CASB

Problem: Today’s digital businesses with hybrid workforces are struggling to keep up with the explosion of SaaS application usage across their organization. Their sensitive data is increasingly exposed across multiple applications and cloud-based threats have increased in volume and sophistication.

Positioning: Current CASB solutions only solve part of the problem as they fail to provide adequate visibility and control along with robust security to help organizations monitor SaaS usage, protect their sensitive data, and prevent SaaS application risks. Also, they are disjointed from the security infrastructure and are quite complex to deploy and manage.

Palo Alto Networks is the first vendor to introduce a Next Generation CASB to help organizations automatically keep pace with the explosion of SaaS applications. Delivered in Prisma Access 3.0, the SASE-native NG CASB introduces several innovations:

1. The industry’s only automatic discovery of SaaS applications and the largest number of APIs for sanctioned and collaboration apps to help businesses stay ahead of the SaaS explosion
2. The industry’s most comprehensive cloud-delivered enterprise DLP powered by ML provides more accurate detection and real-time protection of sensitive data across the entire enterprise
3. Proven best-in-class security to proactively prevent all threats, every time, leveraging our global network of 80K customers with millions of sensors across SaaS, IaaS, Endpoint, Network, and world-leading Unit 42 research

Other Enhancements to Prisma Access

ZTNA with Cloud Identity Engine (CIE) Integration

Problem: Enterprises find it difficult to consistently verify user identities and enforce identity-based policies. Identity stores are distributed across on-premises, multiple clouds, and hybrid identity providers. At the same time, employees need global access to applications, regardless of where they are. Eighty-seven percent of organizations use or plan to move to cloud-based directory service, which has led to network security operators struggling to secure their workforce and enable safe and secure access to applications and data. Implementing zero trust requires accurate and adaptive access control policies, and continuous identity verification. Many identity solutions introduce friction on users with voluminous MFA requests that negatively impact user experience as they move between branch and home networks.

Positioning: Identity-based security controls are a foundational requirement to achieve Zero Trust. These enable organizations to implement consistent and accurate access control policies wherever users or apps are located. Prisma Access integrates with the Cloud Identity Engine to provide:

• Unified policy and identity: Integrate with on-prem (Microsoft AD) and cloud (Okta, Azure AD, Google ID) identity providers (IdP) to enable a unified identity source to write and enforce policy. Customers that leverage different IdP for employees, contractors, partners, etc. can now federate identity across the entire deployment with CIE. With CIE, Prisma Access can effortlessly and accurately enforce security decisions across the deployments to quickly move towards a Zero Trust security posture
• Accelerated transition to cloud-based identity: knowing that your network security infrastructure is future proof
• Simplified Setup: Save time in deployment and management of identity-based with point and click configuration. Configure the identity sources just once! Incremental changes to identity information and any changes by Identity providers are addressed automatically 
• Frictionless authentication and access control: Authentication that continuously verifies user identity without negatively impacting user experience. CIE leverages device, location, and connection risk attributes from Prisma Access to challenge users with appropriate level and method of authentication. 
• Competitive differentiation: Prisma Access is the only ZTNA solution that offers integrated cloud identity management for accurate and frictionless ZTNA enforcement across hybrid environments. Unlike competitors, CIE enables near real-time, infinitely scalable identity and policy management for ZTNA and greatly simplified management and configuration.

More Information

Read this overview of the Prisma Access cloud-delivered security platform and new Next-Generation CASB. They will also be showcased at Ignite ‘21, happening Nov. 15–18.

All of the new capabilities mentioned in this release are generally available now.

Thanks for taking time to read this blog.

Don't forget to hit that Like (thumbs up) button and don't forget to subscribe to the LIVEcommunity Blog.

Stay Secure,
Kiwi out!