- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
As organizations transition to a Secure Access Service Edge (SASE) architecture to support work-from-anywhere initiatives, their traditional on-premises tools for network traffic visibility and security analytics become obsolete. This fundamental shift creates significant visibility gaps for security teams, challenging their ability to perform in-depth forensic investigations, detect zero-day exploits, and gather the necessary evidence required to meet stringent regulatory deadlines, such as the SEC's four-day breach disclosure mandate. To bridge this gap and regain the essential insight, enterprises need more than just cloud-delivered security; they require a robust capability to replicate and analyze the full packet traffic that is now traversing the SASE cloud.
A powerful new solution emerges by combining Palo Alto Networks Prisma Access, featuring its Traffic Replication service, with Fidelis Security's advanced Network Detection and Response (NDR). This integrated approach provides organizations with unparalleled protection, visibility, and control.
This end-to-end integration enhances threat detection, response, and prevention capabilities while ensuring secure and seamless access to applications and data for all users, regardless of location. Key benefits of this partnership include:
The joint solution creates a powerful, continuous workflow for capturing, analyzing, and responding to threats within your SASE environment.
Step 1: Realtime Full Packet Capture in Prisma Access Prisma Access provides cloud-delivered protection for all application traffic. The Prisma Access Traffic Replication Service captures all traffic packets traversing the SASE environment.
Step 2: Secure Transfer to Fidelis The collected traffic is encrypted and stored within an encrypted file in a Palo Alto Networks GCP data bucket. The Fidelis Google Cloud bucket then retrieves this encrypted file.
Step 3: Traffic Replay and Deep Session Inspection Using a built-in replay capability, the traffic is replayed from the Fidelis bucket to the Fidelis Network sensor. The sensor decrypts the files and PCAP data , rebuilds the sessions, and conducts Deep Session Inspection (DSI) and anomaly detection to analyze the packets for threats.
Step 4: Alerting and Response The Fidelis Network sensor generates alerts and sends them to the Fidelis CommandPost. The CommandPost provides a central dashboard for managing network sensor policies and viewing alerts, and it includes an interface to forward alerts to a customer's SIEM system for a unified response.
This deep level of inspection and analysis enables critical security functions that are often difficult to achieve in a cloud-native environment:
By combining Palo Alto Networks Prisma Access with Fidelis Network NDR, organizations can create a powerful security architecture that protects against sophisticated cyberthreats. This integrated solution provides consistent, secure, and high-performance access to applications and data across the enterprise, giving security teams the deep visibility and advanced threat detection needed to secure the future of work. To see how this powerful integration can strengthen your organization's security posture, visit
https://technologypartners.paloaltonetworks.com/English/integration/Prisma-Access-Fidelis-Security.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Subject | Likes |
---|---|
2 Likes | |
2 Likes | |
2 Likes | |
1 Like | |
1 Like |