Palo Alto Networks SASE Converge updates enhance security, UX

SASE continues to be a network and security priority as IT leaders seek to improve security effectiveness, support network innovation, and reduce infrastructure complexity.

Palo Alto Networks recently held its SASE Converge 2023 virtual event November 15-16 and unveiled several updates to its SASE portfolio to support these goals. The vendor categorizes its updates under two main themes: security and user experience. Here are five of the most important announcements.

Taking the Falls

While this deal was first announced on November 6, SASE Converge first, Palo Alto Network intends to acquire enterprise browser provider Talon was the most important news discussed during the event. Talon technology enables Prisma SASE customers to protect unmanaged devices.

While Prisma Access supports a single-agent approach for zero trust network access (ZTNA), the addition of Talon will provide customers with broader security capabilities to prevent attacks on unmanaged devices. early in the attack chain.

Native remote browser isolation

Not to be confused with Talon’s enterprise browser, Palo Alto Networks also launched native remote browser isolation (RBI) to protect customers against unknown web-based threats.

While not always considered a core SASE capability —Only 29% of Enterprise Strategy Group research respondents considered it a starting point — it is becoming increasingly important as part of a comprehensive architecture to protect against advanced and unknown web-based threats.

By building this capability directly into Prisma SASE, traffic does not need to be routed to third-party vendors, which affects the user experience.

Connected SaaS app visibility and control

SaaS ecosystems are more complex than a few years ago, with API integrations making it difficult for security teams to accurately assess their attack. To address this, Palo Alto added Interconnected SaaS Apps security to its Next-Generation CASB to provide visibility into third-party apps in use, as well as permissions, users, and other attributes to help security teams to understand their SaaS risk and adjust configurations or revoke access as needed.

Data security enhancements

Following the concept of risk identification and remediation, Palo Alto announced Data Risk Explorer to help organizations quantify data risk and provide actionable next steps to remediate those issue. Security teams can review data risk at a global level, or more based on application, location, user, or data profiles.

In addition, Palo Alto has expanded its capabilities to discover data from more than 100 pre-defined document types, to include custom machine learning models that can be trained to identify unique and proprietary documents.

Prisma Access App Acceleration

Finally, while security is obviously critical, it doesn’t come at the expense of performance. Palo Alto has long touted its network (built by Google) as a key differentiator. The addition of Prisma Access App Acceleration provides a faster than direct-to-app user experience through predictive modeling of user and app behaviors. It is able to anticipate user interactions and identify content that users will request before they request it.

The SASE space remains extremely crowded and competitive. Palo Alto Networks’ expansion of its SASE portfolio beyond ZTNA, CASB, firewall as a service, and SD-WAN shows that it is committed to innovation and continues to connect the dots between security and performance.

As such, the vendor should provide a clear vision of how customers should think about the enterprise browser, RBI, and agentless ZTNA to avoid confusion. This helps ensure that complexity is manageable and that security teams can quickly and effectively address the use cases that matter most to them.

Senior Analyst John Grady covers network security in TechTarget’s Enterprise Strategy Group.

Leave a comment