- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
This blog written in collaboration with Jason Baucom, Victoria Wright, Jerry McLaughlin, Ashley Hood, Olivia Vort.
Welcome to Always Innovating Network Security - June/July 2024 edition. This time we have a very broad array of innovations to share, from PAN-OS innovations, to Cloud Identity Engine, IoT risk vulnerability prioritization, to Cloud NGFW and Advanced Wildfire. Read on, and stay on top of all the innovations in Network Security from Palo Alto Networks.
1. Overlapping IP Address support - Beginning with PAN-OS 11.1.4, duplicate (overlapping) IP address support allows the use of the same IP address on multiple firewall interfaces when the interfaces use different logical routers and also use one of the following combinations:
PA-1400 Series, VM-Series firewalls, and Panorama template stack support overlapping IP addresses. Overlapping IP address support requires the Advanced Routing Engine. For more details, refer to the TechDocs article on Duplicate IP Address Support.
2. Enabling Encrypted DNS
Beginning with PAN-OS 11.2.1, you can now enable encrypted DNS by configuring DNS-over-HTTPS (DoH) or DNS-over-TLS (DoT).
3. Cloud Identity Engine IP-Tag Collection - Cloud Identity Engine, a free service, now supports harvesting IP-Tags from GCP, as it has for AWS and Azure, to your firewalls. Using IP-Tags, customers can use Dynamic Address Groups (DAGs) with their GCP labels to create granular security policies that accommodate the ephemeral nature of VMs in the cloud. For more details, refer to TechDocs
4. Risk-based vulnerability prioritization for IoT, OT and MIoT devices - This month we announced our new risk-based vulnerability prioritization, which reduces vulnerability noise for IoT, OT, and MIoT devices by up to 90% and enables network and security teams to focus on what matters. The vulnerability prioritization ranks all the CVEs identified in the customer’s tenant using a multifactor risk assessment and provides a priority classification (Top, Medium or Low) for each CVE. Risk is measured taking into account the vulnerability severity level, the likelihood of exploitation indicators and the potential impact given specific factors unique to the organization environment. This framework also allows us to extend the prioritization methodology to additional contextual data that may be considered relevant as the model evolves and continues to be fine tuned for more meaningful calculation and insights. For more details, checkout our Live Community Blog and also TechDocs (IoT Vulnerabilities)
5. Cloud NGFW for AWS and Azure - This month we announced several key updates for Cloud NGFW for AWS and Azure, enhancing functionality, improving visibility, and expanding regional support.
Cloud NGFW for Azure enhancements:
For more details on Cloud NGFW enhancements, check out the "What's New" section for Cloud NGFW in TechDocs:
6. Advanced WildFire Public Sector Cloud has achieved “authorized” status for FedRAMP moderate This month we announced that the Advanced WildFire Public Sector Cloud is now "authorized" for FedRAMP Moderate. This upgrade will replace the WildFire US Government Cloud for all existing customers.
Why the Change?
Get started now by preparing to use the Advanced WildFire Public Sector Cloud environment with your firewalls. If no action is taken, the old URL will automatically update to the new platform on November 30, 2024. Please reach out to your sales representative to discuss any additional costs at your renewal date. For more detailed information, visit the Advanced Wildfire Public Sector Cloud - What's New Guide on TechDocs and FedRAMP.gov.
7. Advanced WildFire Government Cloud has achieved the “In Process” status for FedRAMP High authorization
We’re thrilled to announce that the Advanced WildFire Government Cloud is now “In process” for FedRAMP High. This significant milestone underscores our dedication to being the top cybersecurity partner for federal organizations, providing unparalleled support and tools for a secure digital environment. For more detailed information, visit our Live Community blog post and Advanced Wildfire Government Cloud - What’s New Guide on Tech Docs.
Thank you for reading our latest edition of the Always Innovating in Network Security Blog. We covered several innovations in this edition, but that’s just from June and July. If you want to look at the last few editions, you can find them here, here and here.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Subject | Likes |
---|---|
4 Likes | |
3 Likes | |
2 Likes | |
1 Like | |
1 Like |