What’s Next for Prisma SASE with New AI-Powered Innovations

Mar 15, 2023
6 minutes
... views

With uncertain macroeconomic conditions putting pressure on organizations to do more with less, investing in IT solutions that reduce complexity and cost are more important than ever. For security and networking infrastructure, this means adopting a Secure Access Service Edge (SASE) strategy.

According to the Gartner® "Market Guide for Single-Vendor SASE," by 2025 80% of enterprises will have adopted a strategy to unify web, cloud services and private application access using a SASE/SSE architecture, up from 20% in 2021.

With the rise of hybrid work, this acceleration in SASE adoption has also meant organizations are seeking a more holistic approach, one that allows them to extend their security and networking infrastructure (all at cloud scale) while significantly improving the user experience at the same time.

At Palo Alto Networks, we strongly believe an integrated platform approach to SASE is the right choice for customers. This supports better security outcomes, reduces operational complexity, and leverages the power of AI/ML to share data across a unified platform. Prisma SASE is built to provide this unified experience.

By contrast, a mix-and-match approach, stitching together multiple vendor products, only increases complexity and makes it challenging to be proactive or isolate issues.

Today, we’re thrilled to announce new AI-powered innovations that make Prisma SASE even more powerful for our customers. The new capabilities will help organizations automate costly and complex IT operations with AI-powered Autonomous Digital Experience Management (ADEM); connect and secure branch offices and the hybrid workforce with next-gen SD-WAN, ZTNA 2.0, and Cloud SWG; and, unlock better ROI through consolidation of point products into a single cloud-delivered service.

Natively Integrating AIOps to Automate Complex IT Operations

Today, we announced the industry’s first AIOps solution that is natively integrated into SASE with ADEM. With its existing observability capabilities and the new addition of AIOps, ADEM will help customers automate complex IT operations, increase productivity, and reduce Mean Time to Resolution (MTTR). Since ADEM is integrated within Prisma SASE, it does not require additional appliances or agents to be deployed.

IT teams can now leverage AI-based problem detection and predictive analytics to proactively remediate issues that can cause service interruption. Additionally, customers can get a holistic view of the health of their endpoints, applications, network and security policies in a single dashboard. With an easy-to-use query interface, administrators can isolate the issues faster, and the native integration with leading ITSM solutions automates the end-to-end incident management process.

Extending Zero Trust to the Branch of the Future with SD-WAN Innovations

Branch locations have never been as digitized and hyper-connected as they are today. As a recognized leader in the industry, Prisma SD-WAN is a key element of any SASE deployment, and we’re excited to announce a new set of innovations:

  • Prisma SD-WAN Command Center provides AI-powered and segment-wise insights, as well as always-on monitoring for network and apps, for proactive problem resolutions at the branch level. With a comprehensive Command Center dashboard, IT gets visibility into organization-wide application experience and health, enabling expedited root cause analysis.
  • Prisma SD-WAN with integrated IoT security allows existing Prisma SD-WAN appliances to help secure IoT devices. This enables accurate detection and identification of branch IoT devices. Customers can now leverage robust security controls from within the familiar cloud management for Prisma SASE. Other SD-WAN solutions require additional appliances and sensors to be deployed in the network to gain visibility into IoT devices and prevent threats.
  • On-Prem Controller for Prisma SD-WAN helps meet customers’ industry specific security compliance requirements to control and manage Prisma SD-WAN deployments.

Strengthening Internet Security with Cloud SWG’s Industry-First Phishing Protections

We’re raising the bar in the industry for Cloud Secure Web Gateway (SWG), with agent-based explicit proxy support and first-of-its-kind phishing detections. The agent-based proxy enables organizations with proxy-based architectures to benefit from superior cloud-delivered security while enabling coexistence with third-party virtual private network (VPN) agents.

With the rise of SaaS platforms used to carry out phishing attacks, attackers are leveraging proxies to relay the end user’s original login page to the target server while stealing login credentials as they authenticate. To make matters worse, Man-in-the-Middle (MitM) phishing attacks can now easily be deployed with phishing kits. Prisma Access Cloud SWG uses Palo Alto Networks Advanced URL Filtering to provide the industry’s only real-time prevention of unknown and highly evasive MitM phishing attacks. Advanced URL Filtering can also help prevent SaaS platform phishing attacks. With the rise in the sophistication and scale of modern web attacks, Prisma Access Cloud SWG stays ahead of threat actors to secure customers with its AI/ML-powered detections.

Enhancing ZTNA Connector for Secure Access to Private Apps

Our new ZTNA Connector provides industry-leading scalability and auto-app discovery to securely connect organizations to all of their private applications.

The new connector automatically discovers and onboards private applications into Prisma Access, providing deep enterprise application understanding to specify access policies in alignment with the principle of least privilege.

ZTNA Connector automates tunnel management and supports networks with overlapping IP ranges, which is especially useful for reconciling network infrastructures during mergers and acquisitions, or for facilitating application access on partner networks. And, with industry-leading SLAs, a resilient multi-cloud architecture, and best-in-class security, the enhanced ZTNA Connector ensures secure access to critical private applications.

Expanding Traffic Replication Capabilities and Forensics Analysis with SASE CloudBlades

We’ve expanded our Prisma SASE CloudBlades platform – our platform that enables third-party service integration with Prisma SASE. With two new partnerships, Palo Alto Networks is the first SASE provider to offer cloud-based traffic replication, a crucial feature for certain regulated industries and migrating from on-prem to cloud environments.

Some large financial, utilities, manufacturing and regulated organizations need traffic replication for the purposes of forensic analysis, determining breach impacts, and validating threat signatures. Current SASE solutions don’t offer these capabilities, putting such companies at risk of not meeting their industry’s requirements.

Our new work with Netwitness and Corelight enable Prisma Access customers to replicate traffic across from any application within their Prisma SASE environment to an external cloud-based service for forensic analysis, breach impact evaluation and threat signature profiling. In addition, all application traffic can be replicated to regional cloud storage instances for visibility and company security policy compliance.

Palo Alto Networks has built a robust ecosystem of third-party services with partners like Zoom, Google Cloud, ServiceNow and others that elegantly integrate into Prisma SASE through the CloudBlades platform.

Modernizing Without Compromise

The new AI-powered SASE innovations we announced today enable organizations to benefit from the latest advancements in cloud-delivered security and networking, simplifying operational complexity and driving better ROI.

Join us on April 5 (for the Americas) or April 6 (for Europe and Asia-Pacific) at our virtual Prisma SASE event. You’ll hear directly from Palo Alto Networks executives and industry leaders on how to harness AI-powered SASE to achieve your modernization initiatives.


Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.