Palo Alto Networks Simplifies SASE Management
Palo Alto Networks today announced it has added a range of artificial intelligence (AI) and security capabilities to its secure access service edge (SASE) platform that promises to make remote access both simpler to deploy, maintain and secure.
Anand Oswal, senior vice president for network security at Palo Alto Networks, said updates to the Prisma SASE platform will reduce the total cost of remote access via the platform.
Palo Alto Networks has infused machine learning algorithms in Prisma SASE to enable IT teams to take advantage of AIOps. That will help eliminate manual tasks and enable IT teams to discover the root cause of any issue along with offering best practice advice to troubleshoot issues. Predictive analytics also detects anomalies and enables more efficient capacity planning, said Oswal. There is also a query-based interface to automate troubleshooting and change analysis.
Security capabilities added to Prisma SASE include an ability to both configure in software-as-a-service (SaaS) applications and then identify and remediate misconfigurations using an existing cloud access security broker (CASB) from Palo Alto Networks. Prisma SASE is also now integrated with version 2.0 of the zero-trust network access (ZTNA) platform from Palo Alto Networks, which enables organizations to take advantage of an intrusion prevention system (IPS) and URL filtering capabilities augmented by machine learning algorithms that Palo Alto Networks previously developed.
Finally, Palo Alto Networks has added ION 1200-S and ION 3200 appliances to provide additional bandwidth to remote offices. Those offering include a fully integrated switch and Power over Ethernet (PoE) ports along with support for both 5G and LTE wireless connections. In the wake of the COVID-19 pandemic, more organizations require more robust appliances to support a much larger percentage of the workforce that now routinely works from home, noted Oswal.
In general, the transition away from virtual private networks (VPNs) to SASE platforms is occurring more gradually than anticipated in the wake of the COVID-19 pandemic. Despite well-known VPN vulnerabilities, organizations continue to employ VPNs to secure remote access mainly because they already know how to provision and manage them. SASE platforms are more a secure alternative that eliminates the need to backhaul network traffic via a local data center, but the cost of acquiring these platforms has slowed mass adoption. The overall growth of SASE adoption continues to steadily increase but the overall transition will be measured in years rather than months.
In the meantime, the relationship between IT teams and providers of SASE platforms will continue to evolve. VPNs are largely managed by internal IT teams while platforms such as Prisma SASE are managed by vendors such as Palo Alto Networks as a service. The internal IT team, however, still co-manages which end users are given access to specific Prisma SASE capabilities.
It may be still a while before the bulk of organizations will have migrated away from VPNs to embrace SASE platforms that are consumed as a service. However, as SASE platforms become more automated the pace at which that transition is made should accelerate as organizations determine that attempting to manage insecure VPNs at scale is an exercise in futility.
