Palo Alto Networks extends security to the ‘Big 3’ public clouds
14 February 2018 | 0
Over the past five years, the cloud has gone from being something that augments a business’s IT strategy to being the core of it. It is now commonplace to hear organisations, small and large, say they have a “cloud-first” strategy. The cloud offers unprecedented scale, elasticity and agility for digital organisations to build apps on and be able to change on the fly.
For most companies, though, there is no single thing called “the cloud”. It is likely the term “cloud” means multiple public clouds with some private cloud thrown into the mix.
ZK Research recently ran a cloud security survey and found that 86% of respondents store and manage data across multiple cloud service providers. Each cloud provider has its own unique strengths and weaknesses, so it makes sense that a business would orient its cloud strategy around multiple providers.
Multi-cloud headaches for security teams
Using multiple cloud providers makes the life of the application developer much easier because they can pick and choose the cloud provider that meets their needs best. But it wreaks havoc with security professionals. Trying to maintain any kind consistency across multiple cloud environments can be a nightmare.
It’s important to understand this does not imply that companies such as Amazon and Microsoft aren’t secure – because they are. In fact, the cloud providers are some of the most secure environments around. However, the security capabilities available to customers are designed to protect that specific environment. The business is at risk of a breach when the data and workloads leave the cloud provider or from endpoints accessing cloud resources.
Also, each cloud service is its own silo, making ongoing management a headache because policies and configuration settings must be made on a per-cloud basis. Security teams should definitely leverage the cloud-native capabilities but then augment them with a solution that can span the entire environment.
The challenge is there’s no single “cloud security” switch businesses can just flick on. Instead, securing the cloud means deploying multiple security tools, possibly from multiple vendors.
Extending Security Platform to the public cloud
Recently, Palo Alto Networks held its Epic Cloud Security Event where it announced a security solution that specifically addresses the struggles of adopting multiple cloud services. The cloud enables greater agility, and traditional security is far from agile, so it’s fair to say that security is actually holding businesses back. The Palo Alto Networks solution is designed to bring the same level of agility to security that the cloud brings application development.
Palo Alto Networks has made its Security Platform its primary solution. Customers can deploy it and then easily add the required functions as required. It should be no surprise, then, that it is also the foundation for Palo Alto Networks’ cloud solution. This latest release brings new capabilities to the ones it already had for Amazon Web Services (AWS) and Microsoft Azure, and it adds Google Cloud Platform (GCP).
All points protection
The following Palo Alto Networks security functions are now available to its customers:
- Panorama network security management is now supported in AWS, GCP and Azure. This had been available as a hardware appliance or a virtual workload for private clouds, but it is now deployable in public clouds. This feature enables IT managers to centrally manage Palo Alto Networks security capabilities regardless of form factor or location.
- Aperture provides risk information for cloud assets by monitoring and analysing user and data activity. Aperture is Palo Alto Networks’ cloud access security broker. Its dashboard shows the state of cloud resources, and it flags administrators when it identifies risky or suspicious behaviour, as well as protects against misconfigurations and the spreading of malware. Palo Alto Networks has added automated discovery, monitoring features and compliance reporting, and it has beefed up its storage services. Aperture is now available across the three major cloud platforms.
- Traps support extended. Traps is a lightweight endpoint protection agent. Legacy antivirus solutions solely reside on the endpoint, so they can’t identify malware until it is on the user’s device. Traps uses a dual-prong approach that includes a cloud agent that looks for and blocks exploits before they reach end endpoints. Palo Alto Networks recently added support for Linux workloads across all major clouds, in addition to the existing Windows support.
The combination of these services protects customers at every point in the cloud environment. Panorama-managed VM-series firewalls protect against in-line threats, Traps looks for host-based attacks, and Aperture thwarts application-level exploits.
Also, Palo Alto Networks has improved its automation capabilities with improved auto-scaling in AWS, support for Azure Security Center and support for Google Cloud Deployment Manager. The integration with Azure gives customers a single view of a hybrid Microsoft cloud deployment.
Palo Alto Networks’ Next-Generation Security Platform also now integrates with Terraform and Ansible to automate workflows and policy management, enabling the management of the three public clouds to be orchestrated to ensure there are no gaps.
Hybrid, multi-clouds are a way of life, and that fundamentally changes the way businesses approach security. Companies that manage their cloud, endpoint and on-premises security infrastructure independently will find that security is holding the business up. By extending its Security Platform to the public cloud, Palo Alto Networks brings a higher level of agility to security that is necessary for companies to maximise their investment in public clouds.
IDG News Service