Palo Alto Networks Moves to Secure SD-WANs

Palo Alto Networks today launched a software-defined wide area network (SD-WAN), Palo Alto Networks Next-Generation SD-WAN, based on the platform it gained by acquiring CloudGenix earlier this year.

Anand Oswal, senior vice president of product management and engineering for firewall as a platform at Palo Alto Networks, said the SD-WAN gained via that acquisition has been integrated with Prisma Access, the cloud-based framework Palo Alto created for enforcing security policies at the network edge.

The Palo Alto Networks SD-WAN can be deployed via a small form-factor device intended for small officers and retail outlets or a larger offering designed for campus networks. Each device has been infused with machine learning algorithms to automate network operations and optimize capacity planning. Those algorithms identify common root cause events when there are multiple event alarms, which Oswal noted reduces both costs and time to resolution anytime there is an issue. Palo Alto Networks is also committing to applying those algorithms across its portfolio to simplify security operations as well.

Oswal said Palo Alto Networks Next-Generation SD-WAN also differs from rival platforms in that cybersecurity teams can apply policies to applications at the Layer 7 level that will be enforced across the SD-WAN.

Adoption of SD-WANs is accelerating in the wake of the COVID-19 pandemic as many organizations adopt cloud applications to enable end users to work from home more effectively. The SD-WAN automatically routes traffic to cloud applications versus forcing IT organizations to backhaul that traffic through a local data center. That approach improves the overall application experience by eliminating network latency.

While SD-WANs have been around for some time, security vendors such as Palo Alto Networks are challenging many of the existing providers by rolling out offerings that converge the management of security and networking. Rather than requiring security teams to deploy and manage a separate network of firewall appliances, security capabilities are embedded in the SD-WAN.

It’s not clear to what degree security vendors such as Palo Alto Networks will be able to usurp the many incumbent providers of SD-WAN platforms. However, by deploying the control plane of its SD-WAN in the cloud, Palo Alto Networks is also making a case for simplifying the management of SD-WAN appliances across an extended enterprise.

Of course, it’s not clear to what degree organizations will decide to deploy SD-WANs themselves versus relying on a telecom carrier or managed service provider (MSP) to provide SD-WAN capabilities as a service. A cloud-based framework should make it possible for cybersecurity teams to co-manage security policies alongside an external service provider.

Longer-term, networking and security services will continue to converge at the edge starting with the management plane employed to manage both the SD-WAN and the wireless network in a remote office. Beyond that lies the brave new world of wireless 5G networks that might eliminate the need for a dedicated wireless network in a remote office. Whatever the path forward, however, securing the SD-WAN in the age of COVID-19 has become a major priority regardless of where any employee or device is located.

Avatar photo

Michael Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

mike-vizard has 747 posts and counting.See all posts by mike-vizard