Digital transformation, cloud adoption, and remote work have eroded physical perimeters. With applications and data stored everywhere, organisations need a scalable way of securing remote access for every user and branch location. Modernise your infrastructure with Palo Alto Networks Prisma® Access to seamlessly extend consistent, centralised, best-in-class security controls to every user and location.
Prisma Access consolidates all of the networking and security capabilities organisations need into a single cloud-delivered platform, transforming network security and allowing organisations to enable flexible remote workforces. It provides complete security for all application traffic while ensuring an exceptional user experience.
Prisma Access includes comprehensive security capabilities consolidated into a single service edge.
Firewall as a Service
Prisma Access provides firewall-as-a-service (FWaaS) capabilities with the full functionality of Palo Alto Networks Next-Generation Firewalls (NGFWs). This includes inbound and outbound protection, native user authentication and access control, and Layer 3–7 single-pass inspection to secure branch offices against threats.
Cloud Secure Web Gateway
Prisma Access provides cloud secure web gateway (SWG) functionality for remote users across all web traffic protocols and applications in hybrid environments. It also provides URL and content filtering for users based on dynamic group monitoring, allowing you to implement granular behaviour-based policies. Integrated proxying gives users maximum flexibility for how they connect to the Prisma Access service. Advanced DNS security prevents command-and-control (C2) callback and DNS tunnelling attacks.
Zero Trust Network Access (ZTNA)
ZTNA authenticates and connects users to applications based on granular role-based access control (RBAC) and provides a single pane of glass to create and enforce policies. Prisma Access supports both agent-based and agentless connection methods regardless of a user’s location. Unlike standalone VPN or proxy solutions, Prisma Access performs single-pass traffic inspection for malware, data loss, and malicious behaviour after users connect.
Cloud Access Security Broker (CASB)
Prisma Access natively provides inline visibility and control of software-as-a-service (SaaS) applications. With the addition of Prisma SaaS, API-based security and contextual controls can be introduced for sanctioned SaaS applications. These controls are implemented together in an integrated manner and applied throughout all cloud application policies.
Prisma Access provides consistent, secure access to all applications; in the cloud, in your data centre, or on the internet.
Networking for mobile users
Connect mobile users with the GlobalProtect™ app, which supports user-based always-on, pre-logon always-on, and on-demand connections. Prisma Access supports split tunnelling based on access route and the type of application, including its associated risk and bandwidth utilisation.
Networking for remote networks
Connect branch offices to Prisma Access over a standard IPsec VPN tunnel using common IPsec-compatible devices, such as your existing branch router or software-defined wide area network (SD-WAN) appliance. You can use Border Gateway Protocol (BGP) or static routing from the branch, and you can use equal-cost multipath (ECMP) routing for faster performance and better redundancy across multiple links.
Digital experience monitoring
The Autonomous Digital Experience Management (ADEM) add-on for Prisma Access provides native end-to-end visibility for SASE. With ADEM, you gain segment-wise insights across the entire service delivery path, with real and synthetic traffic analysis that enables autonomous remediation of digital experience problems when they arise. The complementary Prisma Access Insights lets you monitor and get on-demand visibility into the health of your Prisma Access deployment.
Prisma Access supports two management options:
- Panorama™ network security management for centralised policy management across all Palo Alto Networks Next-Generation Firewalls and Prisma Access. Panorama saves time and reduces complexity by managing network security through a single pane of glass.
- Prisma Access Cloud Management to streamline Prisma Access configuration management with seamless onboarding, continuous assessment of security posture, digital experience monitoring, and reporting through a unified experience delivered from the cloud.
- Firewall as a Service (FWaaS)
- FWaaS protects your remote locations from threats and provides the full spectrum of security services delivered by our NGFWs, including threat prevention, URL filtering and sandboxing.
- Cloud Secure Web Gateway (SWG)
- SWG secures web-based threats with static analysis and machine learning while simplifying the onboarding experience for customers migrating from legacy solutions.
- Autonomous Digital Experience Management (ADEM)
- Gain end-to-end visibility and insights across your network traffic and experience autonomous remediation with ADEM.
- Zero Trust Network Access (ZTNA)
- Enable Zero Trust Network Access for your employees anywhere in the world with encrypted application access, authentication, policy management and threat detection in a single solution.
- Cloud Access Security Broker (CASB)
- Manage your SaaS applications with security controls that combine inline security and API-based security, along with contextual controls that can determine access levels for sensitive information.
- Internet of Things (IoT)
- Utilise machine learning and automated policy enforcement to secure IoT devices without the need to deploy and manage multiple sensors or appliances.
Protection for all app traffic
- Ensure secure access to all apps and protect against all threats to reduce your risk of a data breach.
Complete, best-in-class security
- Benefit from a single cloud-delivered platform that provides more security coverage than any other solution.
Exceptional user experience
- Provide users with consistent security while enhancing productivity with an optimal digital experience.
Cyber readiness & XDR: Progress, challenges & opportunities
Trellix pays particularly close attention to how EDR and XDR are being implemented across the public and private sectors.
WAF F5 Networks
WAF technology needs to adapt now that apps are increasingly distributed
As workload deployments expand across diverse environments and app architectures, organisations want to be able to enforce consistent security controls across all applications, anywhere.
Frank Kyei-Manu from F5
ZTNA 1.0 vs ZTNA 2.0
ZTNA 2.0 provides a new era of secure access. It solves trust problems by removing implicit trust to help ensure organisations are properly secured.