PAN-OS 7.1, which we officially announced this week, offers new ways for Managed Security Service Providers (MSSPs) to differentiate and strengthen their offerings without adding complexity or new resources. Below are a few highlights that Palo Alto Networks MSSP customers will be particularly interested in:
1. Identifying and neutralizing zero-day threats in five minutes or less
For MSSPs, preventing cyberattacks from impacting customers is job No. 1. MSSPs are successfully using Palo Alto Networks Next-Generation Firewall to proactively protect customers against known threats. Now there are more reasons to layer WildFire advanced threat analysis on a next-generation firewall for protection against unknown threats. With PAN-OS 7.1, we’ve cut the global window of zero-day attack opportunity down to just five minutes.New machine-learning algorithms, and the largest community of shared threat intelligence on unknown attacks, allow WildFire to identify and automatically neutralize attacks in minutes for all subscribers globally. Together, MSSPs and Palo Alto Networks can automatically stop advanced attacks from spreading and causing harm.
2. Speeding analysis, forensics, and action against targeted attacks without additional resources
Every organization struggles to separate truly targeted attacks from the more commoditized, everyday threats. AutoFocus cloud-based threat intelligence service was built for fast searching, data analysis, and correlation over large data sets. AutoFocus organizes and presents the largest collection of unknown malware data in the world. Customers use it to identify targeted attacks on their organization and view how their data compares to others in the same industry or the world at large. Now AutoFocus brings advanced threat context to every SOC team member. New integration with PAN-OS and Panorama accelerates analysis and response by letting security administrators easily determine if suspicious domains, IP addresses or ULRs have been identified as key threats. AutoFocus also adds the ability to bring threat intelligence into your existing security operations workflow with an improved API and support for the STIX information-sharing standard.
3. Securing private, public and hybrid clouds as part of on-premise services
With the latest updates to our Next-Generation Security Platform, it’s easier for MSSPs to secure both on-premise and cloud environments. PAN-OS 7.1 extends the security platform to all major virtualization environments, including Microsoft Azure and Hyper-V. This release also contains enhancements that automate scaling and deployment, and it improves availability in virtual environments. With the same PAN-OS in physical and virtual security platforms, MSSPs can offer the same consistent, up-to-date security posture for their customers no matter where their applications and data reside.
4. Providing visibility and enabling safe usage of Office 365
SaaS has often been a security blind spot. With updates to Aperture and PAN-OS 7.1, we’ve added to our extensive SaaS security capabilities. App-ID can now identify Microsoft Office 365 applications and how they are being used, even if they are encrypted. It also can decrypt Office 365 flows and inspect the files being exchanged to look for threats. Aperture protects data from exposure and threats in the Office 365 cloud itself, stopping those threats at the source before they have a chance to move to the network or mobile devices.
With this release, we further enhances SaaS security with the ability to tag SaaS applications as sanctioned, or unsanctioned, and generate a detailed, SaaS-specific report on applications, users and usage. MSSPs and their customers gain greater visibility and control of SaaS applications, with no extra hardware, network changes or client software required.
- Technical Documentation: Five Minute WildFire Updates
- Technical Documentation: PAN-OS Log Integration with AutoFocus
- Technical Documentation: AutoFocus API STIX Support
- Technical Documentation: VM-Series Firewall in Microsoft Azure
- Technical Documentation: VM-Series for Microsoft Hyper-V
[Palo Alto Networks Research Center]