Palo Alto Networks has added a variety of new features to its SASE and SD-WAN packages to help enterprises streamline network operations and better secure distributed WAN resources.
The updates center around new automation capabilities in Palo Alto’s Prisma SASE, IoT support for its Prisma SD-WAN, and a new connector for its zero-trust offering.
Coined by research firm Gartner, secure access service edge (SASE) refers to a network architecture that integrates SD-WAN and security functionality in a unified cloud service.
Prisma SASE combines Palo Alto’s SD-WAN technology with its cloud-based security products, which provide secure access control, advanced threat protection, user-behavior monitoring, and zero-trust network access (ZTNA) support. Secure web gateway, cloud-access security broker (CASB) and firewall-as-a-service (FWaaS) are part of the Prisma SASE bundle.
New to the Prisma SASE bundle are increased AI capabilities as part of Palo Alto’s autonomous digital experience management (ADEM) monitoring and management system. ADEM provides visibility into endpoints, WAN links, cloud resources, applications, and traffic levels to help troubleshoot performance issues.
“Previously, ADEM in SASE only provided visibility. IT teams can now leverage AI-based problem detection and predictive analytics to proactively remediate issues that can cause service interruptions,” according to Matt De Vincentis, vice president of SASE marketing at Palo Alto.
Since ADEM is integrated with the SASE package, customers do not need additional appliances or agents.
“Additionally, customers can now get a holistic view of the health of their endpoints, applications, network, and security policies in a single dashboard. With an easy-to-use query interface, administrators can now isolate the issues faster, and the native integration with leading ITSM [IT service management] solutions automates the end-to-end incident management process,” De Vincentis said.
Palo Alto has third-party agreements with ServiceNow, Google Cloud, Zoom and others.
In addition to the ADEM enhancement, Palo Alto added to its cloud-based secure web gateway (SWG) for Prisma Access customers an explicit proxy for those customers with proxy-based architectures that are looking to migrate to a SASE environment. The agent offers cloud-based security and integrates with third-party VPN agents.
The SWG uses advanced URL filtering for the prevention of unknown and evasive man-in-the-middle and SaaS platform phishing attacks to help address the rise in the sophistication and scale of modern web attacks, according to De Vincentis.
For its Prisma SD-WAN offering, Palo Alto added an AI-based command center dashboard that lets customers gather details about particular WAN segments and monitor network and application performance. The idea is to provide IT administrators with a central view of their branches and expedite root cause analysis of problems, according to De Vincentis.
Palo Alto also added an on-premises controller for SD-WAN operations to give enterprises more choice in how they manage their Prisma SD-WAN deployments.
“We had on-prem controllers for our next generation firewalls (NGFW), but SD-WAN was managed through a cloud control panel, [and] some organisations needed an on-prem solution,” De Vincentis said.
“The on-prem controller for Prisma SD-WAN helps meet customer regulatory and compliance requirements and works with on-prem and cloud controller deployments. Customers can now choose to deploy Prisma SD-WAN using the cloud-management console, on-prem controllers, or both in a hybrid scenario,” De Vincentis said.
Lastly, the vendor added support for securing branch IoT devices via its Prisma SD-WAN appliances. The appliances can now detect and identify IoT devices and apply security policies locally without requiring additional agents.
All of the new capabilities will be available by May, except the Prisma SD-WAN Command Center, which will be available by July.