Every vendor coming to market with a new security solution claims to provide better security, but none seems to solve the complexity created by multiple, independent point products that neither fully integrate nor work together in an automated way.
Combine that with enormous amounts of largely uncorrelated data – impossible to fully sift through, hampering response times — and you have operational gaps between where most organizations are and where they need to be.
Today, we’re announcing key updates to the Palo Alto Networks Security Platform intended to bridge these gaps, which we view as the following:
- First, there’s the gap between when a security alert is received and when action is taken. Organizations are inundated with data, but the data deluge won’t help if they can’t easily determine what’s minor from what’s major. The Target breach is a perfect example: the company had the data it needed to take action but it was hidden in mountains of other information. According to a recent Ernst & Young study, 33 percent of all companies are not even aware of how long it takes their organization to organize a response to a threat.
- A second gap is between what’s known and unknown. As the threat landscape grows increasingly complex, we are facing a growing number of unknown threats, and many security teams are struggling to keep pace. Discovering these threats quickly is crucial, but once discovered, security professionals also need to be able to quickly differentiate between the critical and the non-critical. The 2015 Verizon DBIR report found that 75 percent of all attacks spread from victim 0 to victim 1 within 24 hours. This is largely due to the slow detection rate of unknown threats.
- A third gap is between the idea of security and the implementation of security to prevent breaches. Networks are growing fast and complexity is increasing. Many companies have huge numbers of policies, many of them outdated, because the complexity of provisioning and managing a security network simply has become too overwhelming. According to AlgoSec, 64 percent of all organizations are consumed with complex security policies, reducing the effectiveness of operations. Streamlining the management process is a priority in closing this gap.
With new enhancements to PAN-OS 7.0, the Palo Alto Networks Security Platform helps close these operational gaps. All security teams should be able to quickly identify and take preventative action on threats of all kinds in various stages of the attack lifecycle and across any network segment, and that’s what our platform achieves.
Here are some of the enhancements we’ve made in PAN-OS 7.0:
- We are reducing response times from alert to action with visual and actionable data in the Application Command Center (ACC). Easy-to-use, interactive and customizable widgets enable customers to get to the bottom of an alert with just a few clicks.
- We are closing the gap of the unknown to known through discovery, by introducing automated multi-version application analysis in WildFire. And with the addition of malware classification by threat level, teams can better prioritize their threat response for quick preventative action when needed.
- Our new Automated Correlation Engine identifies and prevents compromised hosts in an organization’s network by correlating patterns to pinpoint malicious activity.
- We are closing the gap from policy to implementation with new streamlined management capabilities within Panorama. Template stacking and device hierarchy groups allow for the creation of security policies and device configurations that can be easily and appropriately applied to many next-generation firewall instances, physical or virtual, reducing the chances for human error and gaps in the policy or configuration.
There are many more enhancements in this release which focus on closing these operational gaps and helping you improve operations and security throughout your network. Watch this space over the next few days as we look at these enhancements in details.
For more information on PAN-OS 7.0, head to our resources page: http://go.paloaltonetworks.com/panos7
[Palo Alto Networks Blog]