We are using Prisma Access by Palo Alto Networks as our ZTNA solution and I recommend it.
The fact that it secures not just web-based apps, but non-web apps as well, is valuable since there are so many. Nowadays, attacks are being generated through non-standard protocols, like DNS tunneling and newly-registered domain control names. There are also a lot of critical applications being accessed on a point-to-point basis, and they can be exposed to malicious behavior if those ports and protocols are not being inspected. You need to have the right security in place for your data to be protected all the time.
The security that Prisma Access provides us with is really top-notch. It is a very comprehensive combination of some excellent components, such as the HIP (Host Information Profile) as well as components like Forcepoint, which provides end-user content inspection, and antivirus. There are also DLP features which make sure that all of the essential prerequisites are in place before a user can log in or can be tunneled into. Other features include: Traffic analysis, threat prevention, URL filtering, and segmentation.
Once users are onboarded, they are subject to Palo Alto's firewall inspection. All their traffic is inspected well. Prisma Access gives us the flexibility to apply various policies and inspections on different users. This gives us a lot of peace of mind knowing that we are getting the best security features and tools.
We are using Palo Alto Panorama, which is a VM that sits in our Data Center, to monitor and manage our entire infrastructure. Palo Alto Panorama allows us to:
Manage our office and Data Center’s firewalls.
Manage our VPNs.
Perform traffic forwarding.
Apply deep packet inspection.
Allow or deny traffic.
Apply additional security features like threat prevention, DNS security, malware and anti-virus protection etc.
Since everything is connected to Prisma, we are very proactive, and can detect end-user or site connectivity issues much faster.
I would say that Prisma Access has three major components:
Connections to the remote offices.
Connections to mobile devices.
Links to Data Centers.
Everything is connected by establishing VPN tunnels using the Prisma Access Infrastructure. All edge devices send all traffic to Prisma and Prisma knows to route the traffic to the necessary destinations.
Since this is a cloud platform, you can seamlessly scale up by adding more mobile users or new remote offices. Prisma will just create additional instances in the cloud to support your load.
Another advantage of Prisma being a cloud platform is that we don’t have to deal with patches and upgrades. We automatically get all the new features as they come in. This really reduces our administrative overhead, and allows us to focus on other things.
We haven't encountered any connectivity issues. The Prisma Access infrastructure is high performing and stable. During upgrades we have zero downtime. It's very easy to use and set up and it takes very little time to train users on how to use it.
One thing that could improve is the support. Sometimes their response times are slow.
Overall, I would rate Prisma Access a nine out of ten. It just works really well and we find it to be a very comprehensive ZTNA solution that does exactly what we need.
ZTNA as a service enables consistent security for all users and applications across an organization’s remote networks. Users are given secure access to apps in the cloud, data centers, and the internet. The solution also creates flexible hybrid workforces by integrating all of your networking and security capabilities onto a single cloud-delivered platform.
Zero Trust Network Access (ZTNA) provides an organization's users with secure remote access to specific services, data, or applications based on defined access permissions.
The ZTNA service only grants access to requested networks, resources, or applications once a user has been properly authenticated to access the requested ZTNA resources. Once authentication is complete, the ZTNA then allows users to access servers or resources by using a secure, encrypted tunnel. This provides an extra layer of security protection by shielding them from publicly visible IP addresses.
ZTNA solutions analyze risks associated with many parameters, including user location, network traffic, the timing and frequency of certain requests, the resources being requested, and more.
Once access to an app or resource has been given, trust is continuously verified based on adjustments to device posture, user behavior, and app activity. Access will be suspended immediately if any unusual behavior is detected.
To stop all threats, including zero-day threats, deep and continuous inspection is done on all traffic, even for connections that have previously been approved. This is particularly crucial in situations where real user credentials are obtained and exploited to attack infrastructure or apps.
ZTNA is a trademarked term for a new type of secure authentication service. It is a cloud-based service that allows enterprises to quickly and easily deploy two-factor authentication for their employees, customers, or partners. With ZTNA, businesses can reduce the risk of data breaches and protect their customers' sensitive information.
ZTNA uses two-factor authentication methods such as SMS messages or one-time passwords to provide an extra layer of security for online transactions. It is easy to use and can be deployed quickly without requiring any hardware or software installation. ZTNA also offers robust reporting features that allow businesses to track activity and monitor user activity.
What Is SASE?
Secure Access Service Edge, or SASE (pronounced “sassy”), is an emerging cybersecurity concept that Gartner first described in the August 2019 report.
SASE is the convergence of wide-area networking or WAN, and network security services like CASB, FWaaS and Zero Trust, into a single, cloud-delivered service model.
According to Gartner, “SASE capabilities are delivered as a s...
What started out with hiring the workforce from different parts of the world to cut overhead costs and develop remote and hybrid working teams has become increasingly common, thanks to the COVID-19 pandemic.
Working from different locations has become the norm and has changed the way businesses operate. Also, the new normal may be here to stay as working from home benefits the employer and ...
The cybersecurity mesh is a key component of a zero-trust network philosophy, whereby any device is by default not trusted to access the broader network.
Cybersecurity mesh is an approach to cybersecurity that requires a shared responsibility among all stakeholders. Zero trust is a risk management model that was introduced by Forrester Research. It follows the principles of Separation of Duty, Least Privilege, and Defense in Depth. The concept of zero trust was introduced to clients by Forrester in 2002, and it was also Forrester's first new security model in 30 years.
Zero Trust is a concept that emphasizes the importance of protecting your organization's applications and data at the endpoint. Zero Trust networks are designed around the idea that each user, device, and service should be treated as a potential attacker and given only the level of access needed to perform its function and no more. Importantly, Zero Trust is not just about eliminating all user access to the enterprise network. It is about helping to ensure that the user has access only to the data they are authorized to use (privilege management) and blocking access to the rest (access control).
Cybersecurity mesh is a term for security models that use zero trust principles. With a cybersecurity mesh, there is no assumed trust between devices or users, regardless of location or relationship. Every action is verified and authorized, so that even if a hacker has gained access to one part of the network, they will not be able to gain access to any other part without authorization. This helps to protect businesses from data breaches and other cyberattacks.
Zero Trust Security is an approach to security that eliminates the need for trusts between devices or users, regardless of location or relationship. It is based on the idea that if you cannot trust anyone, then you must verify every action. This helps to protect businesses from data breaches and other cyberattacks.