The demand for business to be more agile to meet customer demands and stay competitive is driving a change in the way applications are developed, deployed and adopted. Applications, workloads, and the data that go with them are becoming more distributed among varying environments, including physical networks, virtual private clouds, migrations to public clouds as hybrid deployments or dedicated public clouds, and Software as a Service applications (SaaS). Each type of environment brings its own unique agility benefits – and security issues.
The challenge has become balancing the agility needs of the business with improving the security of the applications and, more importantly, the security of the data as it moves between the various clouds. Gaining visibility and preventing attackers from getting access to data, both from an external location and through a lateral attack, becomes imperative across all of the locations where the applications and data reside. And it has to be done without adding additional complexity or cost to the business.
Today, we’re announcing PAN-OS 7.1 with a set of important advancements to the Palo Alto Networks Next-Generation Security Platform that are designed to extend the breach prevention capabilities of the platform and address the security needs of businesses working with cloud-based environments and SaaS applications. Read on to find out what’s new in PAN-OS 7.1.
Securing Any Cloud
PAN-OS 7.1 adds even greater public cloud capabilities for the VM-Series with Microsoft Azure support. When combined with the physical firewalls and Aperture SaaS security, the addition of support for Azure enables the most complete security portfolio for Microsoft environments. Private cloud deployments are also expanded with support for Microsoft Hyper-V, enhancements to VMware NSX such as multi-tenancy, and OpenStack controller integration.
This breadth of cloud support enables you to move toward a hybrid environment with workloads that can be securely deployed in a private cloud, or an on-premise data center with the public cloud.
Enable SaaS Applications, Such as Office 365
Palo Alto Networks now adds to its extensive SaaS application capabilities with the release of PAN-OS 7.1, and the newest update to Aperture, to fully enable secure Office 365 deployments. Through App-ID, we’ve added the ability to identify Office 365 applications and how they are being used, even if they are encrypted, as well as the ability to decrypt Office 365 flows to inspect even deeper within the files being exchanged to look for threats. Aperture adds the ability to protect data from exposure and threats in the Office 365 cloud itself, stopping them at the source before they have a chance to move to the network or mobile devices.
Accelerated Threat Intelligence
The common need across all application deployments, no matter their location, is the ability to provide real-time threat protection and visibility. With PAN-OS 7.1, new capabilities supported in WildFire and AutoFocus greatly improve the speed of detection and remediation and improve IT’s ability to respond quickly to those threats.
WildFire malware analysis can now identify and prevent zero-day threats much faster than before – in as quickly as five minutes. Threat analysis has been enhanced with new machine-learning algorithms to instantly stop variations of known malware – even if they have never been seen by WildFire – and reduce analysis time for Portable Executable (PE) variants of known malware. This changes unknown threats into instantly stopped known threats.
New AutoFocus integration with PAN-OS 7.1 and Panorama brings advanced threat context to the entire IT organization, simplifying response efforts for the most critical attacks, in an easy-to-use console. This puts the largest collection of malware data at your fingertips, allowing you to automatically turn analysis efforts for unique, targeted attacks into proactive protections by blocking malicious domains, IP addresses, and URLs with AutoFocus and PAN-OS dynamic block lists. AutoFocus also adds the ability to bring threat intelligence into your existing security operations workflows with an improved API and support for the STIX information sharing standard.
Prevent Breaches with Secure User Credentials
Additionally, among the new features of PAN-OS 7.1 are advancements that help protect user credentials and make them unusable if they are stolen.
Credential theft is a growing concern among many organizations because of an attacker’s ability to bypass security controls and gain full access to the networks and cloud applications once authenticated. These credentials can be obtained in a number of ways, such as a phishing attack, a key logger on an endpoint, a packet sniffer on a network, or breaching a user database.
Once credential theft occurs, an attacker can impersonate the user and gain access to networks, applications and data. Then, once authenticated, further damage occurs from unauthorized access as the attacker initiates lateral movement to compromise other machines or exfiltrate data.
With the new features in PAN-OS 7.1, organizations can deliver protection against credential theft and phishing at all times, no matter where the user goes, and make credentials useless even if they are stolen.
That’s Just the Beginning
There are more than 50 new enhancements in the 7.1 release that are designed to extend the breach prevention capabilities of the platform. For more information on the new capabilities in PAN-OS 7.1, head over to our resources page.
[Palo Alto Networks Research Center]