CN-Series Container Firewall Now Integrated with Cloud-Delivered IoT Security

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
L2 Linker

Title_CN-Series-Container-Firewall-Integrated-Cloud-Delivered-IoT-Security_palo-alto-networks.jpg

 

We are pleased to announce the integration of the CN-Series Container Next-Generation Firewall with IoT Security Subscriptions. This support enables customers to achieve comprehensive Layer 7 Kubernetes container traffic visibility and protection within their Kubernetes clusters, ensuring enhanced insight into their applications as they ingest and interact with IoT device data to carry out business-critical tasks in Enterprise IoT and OT device network security use cases.

 

IoT Brings About Unique Security Challenges

Recent business advancements have prompted organizations to implement IoT and OT sensors for gathering information about their environment to develop crucial applications. Examples include shelf sensors for inventory management systems or medical device sensors for surgical procedures. Despite their significant role, IoT devices have become the most susceptible network device for external attacks.1 These devices have unrestricted access to business-critical applications relying on their data feeds, introducing  new avenues for threats to proliferate within an organization's environments.

 

How CN-Series Container Firewalls Solves the New Risks Containerization Brings

Containerization, particularly with Kubernetes, has been gaining popularity in organizations as a scalable and lightweight solution for hosting applications. Consequently, businesses are increasingly deploying IoT data ingestion apps on Kubernetes platforms, whether in the cloud, data centers, or local sites using white boxes. However, the containerization of these applications presents unique security challenges, as traditional firewall form-factors, such as hardware or virtual machines, struggle to secure Kubernetes environments. The issue arises because Kubernetes clusters often share private IP spaces, and when traffic exits the cluster, it is NAT'd to the Node IP. Consequently, the firewall cannot distinguish between different apps and pods, as they all appear with the same NAT'd Node IP address of the Kubernetes cluster.

_______________________

The State Of IoT Security, 2023” May 18, 2023, Forrester

 

 

Fig 1_CN-Series-Container-Firewall-Integrated-Cloud-Delivered-IoT-Security_palo-alto-networks.png

The Palo Alto Networks CN-Series container firewall is the first next-generation firewall designed to secure Kubernetes orchestration environments. Its containerized form-factor enables organizations to establish comprehensive Layer 7 and K8s-label-based policies for cloud-native container applications, incorporating content inspection based on Kubernetes labels such as namespaces and services.  When used with the IoT subscription, CN-Series automatically identifies your IoT devices on the network, providing comprehensive visibility and security at the device level.

 

Deployed by HELM charts with just one command, CN-Series seamlessly autoscales horizontally in alignment with cluster traffic, all without necessitating alterations to the cluster's core networking or Container Network Interface (CNI). Furthermore, the CN-Series ensures a smooth deployment process within the continuous integration, continuous deployment (CI/CD) pipeline, providing real-time network protection. This is achieved through a unified management experience via Panorama, offering a single pane-of-glass oversight across multiple firewalls.

 

Fig 2_CN-Series-Container-Firewall-Integrated-Cloud-Delivered-IoT-Security_palo-alto-networks.png

Get Started Today With These Resources

Now, CN-Series can secure your Kubernetes applications as they process data from your IoT applications. Click here to learn more about the IoT Security subscription and here to see how it integrates with CN-Series container firewalls.

 

  • 2303 Views
  • 0 comments
  • 0 Likes
Register or Sign-in
Labels
Top Liked Authors