Palo Alto Networks Makes a Case for Zero-Trust IT

Palo Alto Networks today announced it has extended its security portfolio as part of an effort to streamline the time and effort required for organizations to create and maintain a zero-trust IT environment across an extended enterprise.

New capabilities include a cloud access security broker (CASB) that extends access control to software-as-a-service (SaaS) applications and a Cloud Identity Engine feature that enables IT organizations to streamline identity management processing spanning frameworks based on, for example, Microsoft Active Directory or cloud services such as Okta or Ping.

The company has also integrated advanced URL filtering infused with machine learning algorithms and domain name security (DNS) security in addition to expanding the number of hardware-based firewalls infused with machine learning algorithms it makes available.

Anand Oswal, senior vice president and general manager for firewall as-a-platform at Palo Alto Networks, said that these capabilities will ultimately reduce the total cost of implementing a zero-trust IT architecture by more tightly integrating capabilities that many organizations now view as core requirements.

The challenge organizations face is that while there is a greater appreciation of the need for a zero-trust approach to managing IT, the number of platforms being deployed in the enterprise is becoming more distributed with each passing day. Employees working from anywhere are now accessing cloud applications, while at the same time more workloads are being deployed at the network edge. As a result, organizations of all sizes are revisiting their approach to cybersecurity, noted Oswal.

Less clear right now is to what degree that shift may drive organizations to rely more on a single vendor to provide an integrated security platform versus continuing to rely on a wide range of tools from different vendors that are integrated to varying degrees. Palo Alto Networks is making a case for an integrated approach that reduces both the cost of acquiring security platforms and integrating them. In addition, providing all these capabilities in-line on a firewall reduces the amount of overhead that might adversely impact application performance compared to employing multiple external platforms, noted Oswal.

This perennial debate over the best approach to cybersecurity is coming to a head as more organizations invest in digital business transformation initiatives. At the same time, government scrutiny of cybersecurity is starting to increase in the wake of the recent executive order issued by the Biden administration. The challenge is that, in the wake of the economic downturn brought on by the COVID-19 pandemic, many organizations are also a lot more sensitive to the cost of security.

Of course, much of that cost is tied to the cost of security expertise that is hard to find and retain. Security vendors are now in an arms race to add AI capabilities that will reduce the cost of managing security by automating low-level tasks. It’s unlikely those AI capabilities will eliminate the need for cybersecurity expertise any time soon, but it’s also apparent cybersecurity professionals will migrate toward organizations that invest in AI if for no other reason than the job at hand should be a lot less tedious than it is today.

Avatar photo

Michael Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

mike-vizard has 746 posts and counting.See all posts by mike-vizard