Securing headquarters, data centers, branch offices and mobile users isn’t easy – especially when organizations take a traditional approach toward networking infrastructure using firewalls, VPNs and proxies. With the onset of cloud, businesses must account for new threats and larger attack surfaces, it’s even more of a struggle to secure your data in the cloud, considering the sheer volume of users and devices who are accessing your cloud resources – from literally anywhere across the globe.
Deploying hardware (e.g. firewalls) at each location, routing all traffic back over an MPLS connection in hub-and-spoke back to headquarters for inspection and policy enforcement is one approach to branch security. That approach has rapidly gone out of favor because sending traffic to headquarters adds latency as applications shift to the cloud. This strategy is also costly as it requires constant infrastructure and hardware updates and consumes significant IT resources.
Other traditional alternatives, such as utilizing internet connections with site-to-site VPN to connect the branch office to headquarters, also establish the same hub-and-spoke architecture and recreate the same latency issues.
Mobile users also present a problem. These users require fast and easy access to apps and data, regardless of whether they are at a corporate location or on the road. The users might connect to the data center with remote access VPN, but then they disconnect when accessing a cloud application, leaving them vulnerable to attack.
Companies have attempted to remediate some security risk by using proxies to protect users when they are not connected via VPN. Proxies only inspect web browser traffic, leaving users and devices without protection for non-web applications and attacks using non-standard ports. DNS filtering and CASB (cloud access security broker) proxies provide limited amounts of security to protect a limited number of applications, thus aggravating the security problem.
These traditional methods of securing branch locations and mobile users are not cost effective, efficient or very secure. Let’s not forget about the IT overhead that would be required to deploy and manage hardware and remediate problems. We need a better way to ensure consistent security across different business locations, while also maintaining a simple, seamless user experience.
Optimum Security & Performance from Anywhere
Palo Alto Networks is revolutionizing secure access to cloud applications. Prisma, the industry’s most complete cloud security suite, consistently provides access, protects data and secures applications as organizations move to the cloud. With Prisma, organizations can securely connect branch offices and mobile users using cloud-based infrastructure.
Prisma Access, part of the Prisma suite, provides cloud-delivered security to dramatically simplify cloud access and networking, without compromising on security or performance. Organizations can eliminate on-premise security appliances, saving operational costs and IT resources, and utilize existing routers, firewalls or SD-WAN edge devices to connect to Prisma Access where policies are applied across all traffic in the cloud. Prisma Access provides organizations key security and networking benefits, including:
- Secure traffic across all ports, protocols and applications
- Support for complete networking and security needs for both mobile and remote networks
- Complete visibility across the enterprise and mobile users that far exceed the limited security capabilities of traditional, best of breed point products
Prisma Access delivers consistent cloud-delivered security from a multi-cloud architecture. With over 100 locations in 76 countries, users are always getting protection that they need with low-latency access to all of their public cloud, SaaS and data center applications. The Prisma multi cloud architecture makes it possible to get a localized, in-country user experience in order to avoid language issues often seen with other types of traditional proxy-based solutions.
To find out more about Prisma Access and the multi-cloud architecture, check out this on-demand webinar.
The post Protecting People from More and More Places appeared first on Palo Alto Networks Blog.