Palo Alto Networks Extends SASE Reach to Unmanaged Devices
Palo Alto Networks this week extended its secure access service edge (SASE) platform to make it possible to apply cybersecurity policies to unmanaged devices.
Anand Oswal, senior vice president and general manager for network security for Palo Alto Networks, said Prisma SASE 3.0 will make it simpler to broadly apply zero-trust policies in minutes using a Prisma Access Browser.
In addition, Prisma SASE 3.0 is also taking advantage of large language models (LLMs) to enable organizations to classify data more accurately and ensure the right cybersecurity policies are applied.
Finally, Palo Alto Networks is working with cloud service providers and enterprise applications to accelerate the performance of specific applications hosted on either cloud services or via specific providers such as Slack, ServiceNow, Zoom and SAP by a factor of five.
It’s not clear at what rate organizations are adopting SASE as an alternative to virtual private networks. However, as more companies embrace zero-trust as a cybersecurity philosophy, the need for a method to better secure endpoints becomes increasingly apparent, especially as cybercriminals become more adept at exploiting VPN weaknesses.
The challenge is that, given the level of investment required to adopt SASE, progress has been relatively slow. However, in the last year, the pace of SASE adoption has significantly increased, thanks in part to a greater emphasis on implementing a zero-trust framework to secure endpoints, said Oswal.
No one knows for certain how many unmanaged devices are used to access corporate networks, but cybercriminals certainly are getting more adept at identifying vulnerable devices.
Less clear is the degree to which the management of security operations is shifting toward IT operations or whether cybersecurity teams are assuming more responsibility for managing IT. At the very least, IT leaders need to work more closely with CISOs as organizations implement zero-trust IT policies.
Each organization needs to define what zero-trust precisely means, as well as the best ways to enforce policies without impeding productivity. The expectation is that cybersecurity and IT teams can ensure cybersecurity without adversely impacting employees’ productivity. Given the level of risk from, for example, ransomware attacks, there’s more tolerance for some level of friction that might be created by the tools and platform being used to ensure cybersecurity — but only to a point. Of course, in the event of a breach it’s still the cybersecurity team that is held largely accountable.
In the meantime, the time interval that cybersecurity teams are expected to be able to respond to an attack is dwindling. Once a cyberattack is detected, organizations expect cybersecurity teams to respond in almost near real-time to contain it. Preventing breaches is more critical than ever if cybersecurity teams are to focus limited resources to meet containment expectations. Otherwise, it’s simply too easy for cybersecurity teams to be overwhelmed by multiple sophisticated cyberattacks.
Photo credit: charlesdeluvio on Unsplash