Palo Alto shapes SASE package for hybrid enterprises

Palo Alto Networks has bolted together its SD-WAN and security technologies to offer an integrated, cloud-based, secure-access service edge (SASE) offering aimed at simplifying distributed enterprises.

Called Prisma SASE, the package brings together the company’s core Prisma Access package of cloud-based, next-generation security gateways with its Prisma SD-WAN technology it got when it bought CloudGenix for $420 million last year.

Prisma SASE gives customers an integrated bundle that supports everything from secure access control, advanced threat protection, and user-behavior monitoring to zero-trust network access support, a secure web gateway, a cloud-access security broker, firewall-as-a-service (FWaaS), and SD-WAN technology.

The idea is to offer a single cloud-based solution to secure all applications used by customers’ employees regardless of location—remote, mobile, or in the office, said Anand Oswal, senior vice president of products, Firewall as a Platform at Palo Alto Networks.

In addition to the core features of Prisma SASE, Palo Alto is adding a new Prisma SD-WAN appliance—the ION 1200—that can use 5G networks to link branch offices for networking and backup communications as well as connect ATM kiosks. It can utilize any carrier’s 5G network, and can fall back to 4G/LTE if 5G is unavailable, Oswal said.

The device can employ two SIM cards for active-active 5G interfaces that provide carrier redundancy for business-critical use cases. “We are seeing increased interest in using 5G as a primary WAN connection as a result of this new capability,” Oswal  said.

Prisma SASE also supports Palo Alto’s Autonomous Digital Experience Management (ADEM) monitoring and management platform that gives visibility into endpoints, WAN links, cloud resources, applications, and traffic levels to help troubleshoot performance issues. This lets organizations gain end-to-end visibility from a single management console without the need to deploy additional agents or appliances, Oswal said.

ADEM is also integrated into all Prisma SD-WAN appliances to help provide  the best digital experience for branch users by providing observability in the cloud and across the entire service delivery path, including all WAN links, Oswal said. “In addition, you can leverage real and synthetic traffic analysis for both user endpoints and IoT devices to pinpoint issues easily,” Oswal said.

Another new feature is integrated support for additional CloudBlades, which provide Prisma SASE with pre-integrated support for various cloud services.  The company has some 20 CloudBlades including support for AWS, Google Cloud and Microsoft Azure.  It has now added ServiceNow, Microsoft Teams and Zoom support.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.