Episode Transcript:
John:
Hello PANCasters and welcome back. Today we have Amit and Nripendra back to talk about Strata Cloud Manager and how it can help with observability, security posture and operational stability. Welcome back Amit and Nripendra.
Just as a reminder Amit, leads our SRE team in Palo Alto Networks. The SRE team, or Site Reliability Engineering, manage the infrastructure for Prisma Access and Nripendra is the SASE Product manager for JAPAC.
Amit:
Thanks John. Excited to be back here.
Nripendra:
Thanks John. PANCasters - hello again !
John:
So Nripendra, what is Strata Cloud Manager and why do we have it?
Strata Cloud Manager?
Nripendra:
Let me start by giving some background here. In … our customer engagements, customers have shared with us - the challenges of integrating diverse security tools … which are deployed in their environments. As per them, this has led to gaps in their security posture. Multiple patchwork activities have led to manual and error-prone configuration. And this has resulted in ineffective monitoring and troubleshooting. Meaning .. they are not timely, accurate and useful. Now there are even further obstacles regarding skilled manpower. When you have multiple point products to manage .. the network and security, your operations teams need to be trained across multiple products. And to reach a meaningful finding, you have to jump across these products and integrate data from each point product.
Based on the research done by Gartner and Microsoft - we have confirmed that our customers are not alone in this experience. Gartner predicts that 99% of security breaches will occur due to misconfiguration. Multiple products means multiple configurations and multiple points of failure. As such in a typical outage - on average - an enterprise may lose around $1.3M.
John:
Wow, that is significant. Go on Nripendra.
Nripendra:
Through this session, we aim to deepen the understanding of our PanCast listeners on how Strata Cloud Manager can act as a catalyst or an enabler to alleviating and resolving these pain points. It provides a simple and intuitive user experience - unified observability and makes AI powered operations possible.
John:
Great, so why is observability so important and what problems does it solve?
Importance of Observability
Amit:
Observability is insights into a service operation that will give you information about the service's health and guidance on optimally running the service and handling error states.
This is true not only for the operator running the service but for the user, albeit with different views.
Services today are complex and involve multiple heterogeneous systems working together to deliver them. Each of the different systems working in a silo emitting information about its vitals and service health for their silo could be rendered meaningless when looking at the larger service this small system is a part of.
In essence, the larger service that the end user is availing, may, almost always, need a correlation of data from a multitude of systems that work together to deliver the service. This means that observability that makes sense to a user or operator will need logs, traces, metrics, and data from various heterogeneous systems co-related and analyzed to a service level. This will give the user and the operator a service-level visibility into the system's health and operation. AND that’s what the user is looking for !
The best example of this that comes to my mind is an airplane cockpit. Until the late 1980s, an airplane cockpit had more than 2 crew members. There will be the two flying pilots and in addition to them, there will be a flight engineer. The role of the flight engineer was to ‘monitor’ the various parameters of the aircraft and give the ‘flying’ pilots a correlated view of all the systems running on the plane so that the flying pilots could fly the plane! With better ‘observability’ over the years, the flight engineer gave way to a glass cockpit where computers co-relate the information from the various data sources and give the flying pilots a view they can comprehend and quickly make operational decisions.
John:
So how can we apply this approach to operating Prisma Access?
Amit:
Running a service like Prisma Access can draw similis from the aircraft cockpit operation. There are layers of heterogeneous systems at work and the service rendered needs an observability platform that gives operators and users a view of the service. Since ‘access’ is an essential service for all customers today, end users need service insights that help them use the service optimally. At the same time, Prisma Access operators and SRE teams need a ‘glass cockpit view’ of the service that allows them to operate it optimally.
With network and security operations combined, customers are asking for meaningful insights into what is now considered a basic infrastructure service.
John:
Good info. In your experience, what is the primary challenge faced by organizations adopting SASE, and how does Palo Alto Networks aim to address it?
Nripendra:
Good questions John. Some of the challenges - I have already mentioned when we talked about background. As for the primary one, we have seen that customers deploy multiple fragmented point products .. from multiple vendors to secure their environment. This is because there are not many products available in the market from a single vendor .. that can comprehensively address customers' network and security needs.
We have customers who use, for example, CASB from one vendor … then SD-WAN from another. Then for Secure Web Gateway, they use products from a completely different vendor. This is the primary challenge for organizations who want to adopt SASE. Palo Alto Networks is one of the few vendors .. who are able to deliver full SASE capability by a single product. Most of the vendors do not have a unified UI for configuration and monitoring .. and unified policy that is compatible across all these components. And we have a unified data lake - which we call Strata Logging Services or SLS - for all these components in a single place. We have built Strata Cloud Manager as a technology that unifies all these components … and provides our customers with a unified experience - for threat detection, threat response and maintaining overall unified security posture.
John:
OK. So what are the core capabilities of Strata Cloud Manager?
Amit:
Right. SCM's capabilities can be grouped into three key areas. Again these are based upon the learnings we’ve had as a Prisma Access SRE team
- Predicting and preventing disruptions
- Strengthening real-time security
- Single visibility and management portal
1. Predicting and Preventing Operational Disruptions:
SCM eliminates blind spots by providing a unified view of users, applications, infrastructure, and network connectivity. At the same time AI-powered analytics forecast potential issues like resource constraints, enabling proactive remediation and preventing user experience disruptions.
An intuitive interface lets operators quickly investigate and resolve issues using plain English queries.
SCM also provides AI-driven playbooks and automated support ticket remediation to streamline incident response and reduce resolution times.
2. Strengthening Security in Real Time:
SCM helps identify unused or underutilized security resources, suggesting optimizations to maximize your ROI. ML-powered analysis detects and remediates Prisma SASE and NGFWs misconfigurations, ensuring continuous security posture improvement. SCM also guides administrators in implementing security policies that align with best practices during configuration.
3. Comprehensive Visibility and Management:
Strata Command Center provides a centralized control center. This visualization tool provides real-time, unified visibility across all deployments, offering contextual insights into applications, users, and devices. SCM streamlines complex configurations, increasing administrator efficiency. Tools like snippets and hierarchical folders ensure consistent policy enforcement across multiple tenants and segments.
John:
Sounds like Strata Cloud Manager has a lot of useful tools, what Palo Alto Networks products can be managed by it?
Amit:
Yes. SCM provides centralized management for a wide range of Palo Alto Networks solutions within the SASE product portfolio including:
- Cloud Managed Prisma Access
- Panorama Managed Prisma Access
- Next-Generation Firewalls (NGFWs)
- VM-Series Firewalls
- Prisma SD-WAN
John:
And what are the specific benefits of using Strata Cloud Manager for Prisma Access deployments?
Nripendra:
Let me respond to that. This is something we have already alluded to when we talked about our philosophy.
- We provide users - a comprehensive monitoring and alerting mechanism.This in turn - helps users to gain deep visibility into their network security environment.
- Users can also leverage out-of-the box AI-powered tools .. to automate threat detection, analysis and response. This reduces manual effort and improves effectiveness.
- The users are able to manage all aspects of their deployment from a single, unified user interface.
Simply said, they don't have to jump across multiple tools and UIs and data sources to manage and monitor their network security. This is the core benefit of using Strata Cloud Manager. And Strata Cloud Manager is a Palo Alto managed infrastructure. That means, customers do not have to manage the config and monitoring infrastructure on their own. This saves a lot of cost and effort for our customers.
John:
So for new customers wanting to start using Strata Cloud Manager or if existing customers want to move to Strata Cloud Manager, how can Palo Alto Networks support them?
Amit:
Nripendra:
So… We offer a multi-faceted approach to support this.
- We provide comprehensive documentation i.e., detailed guides, tutorials, and knowledge base articles, and these are readily available for our customers on the web.
- Then we provide demos and evaluation programs: Our interactive demos and evaluation programs provide users the hands-on experience into Strata Cloud Mananger's capabilities.
- Some of our customers and partners may not know this - we also provide professional services: Our team of experts can assist with deployment, configuration, and optimization, and provide all kinds of support.
Hope this answers your questions.
John:
Great, so we can help our customers with adopting Strata Cloud Manager. What are some common challenges organizations might encounter when implementing SCM, and how can they be addressed?
Amit:
Yes of course there are challenges. While SCM is designed for ease of use, organizations might face challenges related to:
- Data Granularity: Fine-tuning data presentation to meet specific needs might require adjustments.
- User Awareness: Ensuring that security teams are aware of SCM's capabilities and benefits is crucial for successful adoption.
We address these challenges through:
- Professional Services: Our experts can help tailor SCM to your specific requirements and provide guidance on data visualization and analysis.
- Training and Enablement: We offer comprehensive training programs to educate security teams on SCM's features, benefits, and best practices.
John:
What are some of the planned enhancements and future directions for Strata Cloud Manager?
What's Coming Next on Strata Cloud Manager?
Nripendra:
This sounds like a roadmap question. So I will take it.
- We are adding new dashboards for our NextGen-CASB, … application acceleration,data leakage protection to GenAI tools - in order to provide even deeper insights.
- Then, we are on path to roll out our NetSec Copilot. Copilot will deliver more intelligent assistance and automation for users. We have been running this Copilot with our support teams already.
- Also, we want to make sure that Strata Cloud Manager is usable to a global audience. We want to support multiple languages such as Japanese, Chinese, Korean, etc.
This is how we have planned our near-to-mid-term future.
John:
Great info. So finally Amit and Nripendra, what are some of the key takeaways?
Episode Key Takeaways
Amit:
In my word, Strata Cloud Manager represents a paradigm shift in network security management and operations. By unifying visibility, automating tasks, and leveraging the power of AI, SCM empowers organizations to stay ahead of threats, simplify security operations, and focus on what truly matters – their business.
Nripendra … What do you say ?
Nripendra:
I would say - this is something of a revelation I had - in a recent SASE user forum we had in Tokyo and Osaka. Most of our existing customers did not know that Strata Cloud Manager exists and that they have access to it ! Guess what .. even if you have a legacy Panorama based deployment, the visibility dashboards - such as Insights and Command Center - which are the integral parts of Strata Cloud Manager - are accessible out-of-the-box… by default .. for free. Accessing these already available portions of Strata Cloud Manager can help you explore further and adopt better.
And in a future PANCast™, we hope to discuss on - how we are utilizing AI and ML to protect our customers from zero-day vulnerabilities … and uncontrolled usage of GenAI apps. We would also like to discuss more on - how … our Strata Copilot - will help to support your network and security operations.
John:
Thanks again Amit and Nripendra. We look forward to having you back soon for more great info. PANCasters, as always the transcript will be available on live.paloaltonetworks.com.
Amit:
Great to be here. See you.
Nripendra:
