SlideShare una empresa de Scribd logo

Palo Alto Networks CASB

Alberto Rivai
Alberto Rivai

Palo Alto Networks CLoud Access Security Brokers

Tecnología
1 de 8
Descargar para leer sin conexión
Palo Alto Networks Cloud Access Security Brokers (CASB)
CASB Definition - Gartner • “Cloud access security brokers (CASBs) are on-premises, or cloud- based security policy enforcement points, placed between cloud service consumers and cloud service providers to combine and interject enterprise security policies as the cloud-based resources are accessed. CASBs consolidate multiple types of security policy enforcement. Example security policies include authentication, single sign-on, authorization, credential mapping, device profiling, encryption, tokenization, logging, alerting, malware detection/prevention and so on.”
Do Palo Alto Networks provide CASB solution ? • YES ! • Palo Alto Networks Security Operating Platform provides CASB solution by natively integrates Aperture, SAML Proxy, Palo Alto Networks NGFW and Globalprotect
How do Palo Alto Networks provide CASB solution? • All of these features are available natively in Palo Alto Networks NGFW • App-ID • User-ID • GlobalProtect • HTTP header insertion • Natively integrate with Wildfire • These features “interject” ( as per Gartner definition of CASB ) security policies as managed devices access cloud service provider 4 | © 2018, Palo Alto Networks. All Rights Reserved.
How about Aperture API ? • Aperture API is only a part of Palo Alto Networks CASB offering • Sits on the side and connect directly to SaaS applications to provide data classification, data leakage prevention and threat detection – so you can secure your sanctioned applications.
Managed users On Network Remote Users Always on VPN Managed Devices SaaS application visibility and granular enforcement delivered inline NGFW Internal Gateway Internal Network
Controlling access to enterprise sanctioned apps from un-managed devices Unmanaged Devices Identity Provider 1 2https://myApp Redirect to IDP for Auth SAML Assertion 3 5 SAML Proxy AuthN Request 4 HTTP redirect to proxy URL (NGFW) Aperture NGFW https://firewall-ip 6 https://myApp tenant.samlproxy.com
OUR APPROACH TO SAAS SECURITY Remote Users Branch Headquarters Unmanaged Devices Managed Devices GlobalProtect Cloud Service NGFW Aperture API Sanctioned Tolerated Unsanctioned SaaS application visibility and granular enforcement delivered inline Monitor in-cloud activity and protect data with Aperture

Recomendados

Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB Samrat Das
 
What is SASE
What is SASEWhat is SASE
What is SASEAdi Ruppin
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overviewBelsoft
 
Understanding SASE
Understanding SASE Understanding SASE
Understanding SASE Haris Chughtai
 
Secure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoSecure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoPrime Infoserv
 
Palo alto NGfw2023.pptx
Palo alto NGfw2023.pptxPalo alto NGfw2023.pptx
Palo alto NGfw2023.pptxahmad661583
 
Barracuda company and product presentation
Barracuda company and product presentationBarracuda company and product presentation
Barracuda company and product presentationSoftechms
 
Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Belsoft
 

Recomendados

Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB Cloud Access Security Brokers - CASB
Cloud Access Security Brokers - CASB Samrat Das
 
What is SASE
What is SASEWhat is SASE
What is SASEAdi Ruppin
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overviewBelsoft
 
Understanding SASE
Understanding SASE Understanding SASE
Understanding SASE Haris Chughtai
 
Secure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoSecure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoPrime Infoserv
 
Palo alto NGfw2023.pptx
Palo alto NGfw2023.pptxPalo alto NGfw2023.pptx
Palo alto NGfw2023.pptxahmad661583
 
Barracuda company and product presentation
Barracuda company and product presentationBarracuda company and product presentation
Barracuda company and product presentationSoftechms
 
Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Belsoft
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewallsCastleforce
 
Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)Cloudflare
 
F5 Web Application Security
F5 Web Application SecurityF5 Web Application Security
F5 Web Application SecurityMarketingArrowECS_CZ
 
Fortinet Corporate Overview Deck.pptx
Fortinet Corporate Overview Deck.pptxFortinet Corporate Overview Deck.pptx
Fortinet Corporate Overview Deck.pptxArianeSpano
 
ACI Hands-on Lab
ACI Hands-on LabACI Hands-on Lab
ACI Hands-on LabCisco Canada
 
Cisco Security portfolio update
Cisco Security portfolio updateCisco Security portfolio update
Cisco Security portfolio updateAtanas Gergiminov
 
SASE Future Proof sdwan 20 Sep2020 v2.1 BA
SASE Future Proof sdwan 20 Sep2020 v2.1 BASASE Future Proof sdwan 20 Sep2020 v2.1 BA
SASE Future Proof sdwan 20 Sep2020 v2.1 BAbourhan88100
 
What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?QOS Networks
 
User Expert forum Wildfire configuration
User Expert forum Wildfire configurationUser Expert forum Wildfire configuration
User Expert forum Wildfire configurationAlberto Rivai
 
Realizing the Full Potential of Cloud-Native Application Security
Realizing the Full Potential of Cloud-Native Application SecurityRealizing the Full Potential of Cloud-Native Application Security
Realizing the Full Potential of Cloud-Native Application SecurityOry Segal
 
Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Palo Alto Virtual firewall deployment guide on OpenStack Cloud Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Palo Alto Virtual firewall deployment guide on OpenStack Cloud Ajeet Singh
 
Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)Anwesh Dixit
 
Fortinet security fabric
Fortinet security fabricFortinet security fabric
Fortinet security fabricANSItunCERT
 
Cisco ASA Firepower
Cisco ASA FirepowerCisco ASA Firepower
Cisco ASA FirepowerAnwesh Dixit
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overviewCisco Canada
 
Network Access Control (NAC)
Network Access Control (NAC)Network Access Control (NAC)
Network Access Control (NAC)Forescout Technologies Inc
 
Aryaka Bringing SASE to Life with a Zero Trust WAN.pdf
Aryaka Bringing SASE to Life with a Zero Trust WAN.pdfAryaka Bringing SASE to Life with a Zero Trust WAN.pdf
Aryaka Bringing SASE to Life with a Zero Trust WAN.pdfKlausSchwegler
 
CASB: Securing your cloud applications
CASB: Securing your cloud applicationsCASB: Securing your cloud applications
CASB: Securing your cloud applicationsForcepoint LLC
 
Palo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation FirewallPalo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation FirewallMundo Contact
 
Understanding Cisco’ Next Generation SD-WAN Technology
Understanding Cisco’ Next Generation SD-WAN TechnologyUnderstanding Cisco’ Next Generation SD-WAN Technology
Understanding Cisco’ Next Generation SD-WAN TechnologyCisco Canada
 
casb_by_.pptx
casb_by_.pptxcasb_by_.pptx
casb_by_.pptxshahnawaz_pirates
 
Comprehensive Information on CASB
Comprehensive Information on CASBComprehensive Information on CASB
Comprehensive Information on CASBHTS Hosting
 

Más contenido relacionado

La actualidad más candente

Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewallsCastleforce
 
Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)Cloudflare
 
Fortinet Corporate Overview Deck.pptx
Fortinet Corporate Overview Deck.pptxFortinet Corporate Overview Deck.pptx
Fortinet Corporate Overview Deck.pptxArianeSpano
 
Cisco Security portfolio update
Cisco Security portfolio updateCisco Security portfolio update
Cisco Security portfolio updateAtanas Gergiminov
 
SASE Future Proof sdwan 20 Sep2020 v2.1 BA
SASE Future Proof sdwan 20 Sep2020 v2.1 BASASE Future Proof sdwan 20 Sep2020 v2.1 BA
SASE Future Proof sdwan 20 Sep2020 v2.1 BAbourhan88100
 
What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?QOS Networks
 
User Expert forum Wildfire configuration
User Expert forum Wildfire configurationUser Expert forum Wildfire configuration
User Expert forum Wildfire configurationAlberto Rivai
 
Realizing the Full Potential of Cloud-Native Application Security
Realizing the Full Potential of Cloud-Native Application SecurityRealizing the Full Potential of Cloud-Native Application Security
Realizing the Full Potential of Cloud-Native Application SecurityOry Segal
 
Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Palo Alto Virtual firewall deployment guide on OpenStack Cloud Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Palo Alto Virtual firewall deployment guide on OpenStack Cloud Ajeet Singh
 
Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)Anwesh Dixit
 
Fortinet security fabric
Fortinet security fabricFortinet security fabric
Fortinet security fabricANSItunCERT
 
Cisco ASA Firepower
Cisco ASA FirepowerCisco ASA Firepower
Cisco ASA FirepowerAnwesh Dixit
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overviewCisco Canada
 
Aryaka Bringing SASE to Life with a Zero Trust WAN.pdf
Aryaka Bringing SASE to Life with a Zero Trust WAN.pdfAryaka Bringing SASE to Life with a Zero Trust WAN.pdf
Aryaka Bringing SASE to Life with a Zero Trust WAN.pdfKlausSchwegler
 
CASB: Securing your cloud applications
CASB: Securing your cloud applicationsCASB: Securing your cloud applications
CASB: Securing your cloud applicationsForcepoint LLC
 
Palo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation FirewallPalo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation FirewallMundo Contact
 
Understanding Cisco’ Next Generation SD-WAN Technology
Understanding Cisco’ Next Generation SD-WAN TechnologyUnderstanding Cisco’ Next Generation SD-WAN Technology
Understanding Cisco’ Next Generation SD-WAN TechnologyCisco Canada
 

La actualidad más candente (20)

Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewalls
 
Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)
 
F5 Web Application Security
F5 Web Application SecurityF5 Web Application Security
F5 Web Application Security
 
Fortinet Corporate Overview Deck.pptx
Fortinet Corporate Overview Deck.pptxFortinet Corporate Overview Deck.pptx
Fortinet Corporate Overview Deck.pptx
 
ACI Hands-on Lab
ACI Hands-on LabACI Hands-on Lab
ACI Hands-on Lab
 
Cisco Security portfolio update
Cisco Security portfolio updateCisco Security portfolio update
Cisco Security portfolio update
 
SASE Future Proof sdwan 20 Sep2020 v2.1 BA
SASE Future Proof sdwan 20 Sep2020 v2.1 BASASE Future Proof sdwan 20 Sep2020 v2.1 BA
SASE Future Proof sdwan 20 Sep2020 v2.1 BA
 
What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?
 
User Expert forum Wildfire configuration
User Expert forum Wildfire configurationUser Expert forum Wildfire configuration
User Expert forum Wildfire configuration
 
Realizing the Full Potential of Cloud-Native Application Security
Realizing the Full Potential of Cloud-Native Application SecurityRealizing the Full Potential of Cloud-Native Application Security
Realizing the Full Potential of Cloud-Native Application Security
 
Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Palo Alto Virtual firewall deployment guide on OpenStack Cloud Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Palo Alto Virtual firewall deployment guide on OpenStack Cloud
 
Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)
 
Fortinet security fabric
Fortinet security fabricFortinet security fabric
Fortinet security fabric
 
Cisco ASA Firepower
Cisco ASA FirepowerCisco ASA Firepower
Cisco ASA Firepower
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overview
 
Network Access Control (NAC)
Network Access Control (NAC)Network Access Control (NAC)
Network Access Control (NAC)
 
Aryaka Bringing SASE to Life with a Zero Trust WAN.pdf
Aryaka Bringing SASE to Life with a Zero Trust WAN.pdfAryaka Bringing SASE to Life with a Zero Trust WAN.pdf
Aryaka Bringing SASE to Life with a Zero Trust WAN.pdf
 
CASB: Securing your cloud applications
CASB: Securing your cloud applicationsCASB: Securing your cloud applications
CASB: Securing your cloud applications
 
Palo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation FirewallPalo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation Firewall
 
Understanding Cisco’ Next Generation SD-WAN Technology
Understanding Cisco’ Next Generation SD-WAN TechnologyUnderstanding Cisco’ Next Generation SD-WAN Technology
Understanding Cisco’ Next Generation SD-WAN Technology
 

Similar a Palo Alto Networks CASB

Comprehensive Information on CASB
Comprehensive Information on CASBComprehensive Information on CASB
Comprehensive Information on CASBHTS Hosting
 
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeCloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeHimani Singh
 
Workshop: Threat Intelligence - Part 1
Workshop: Threat Intelligence - Part 1Workshop: Threat Intelligence - Part 1
Workshop: Threat Intelligence - Part 1Priyanka Aash
 
01-Chapter 01-Introduction to CASB and Netskope.pptx
01-Chapter 01-Introduction to CASB and Netskope.pptx01-Chapter 01-Introduction to CASB and Netskope.pptx
01-Chapter 01-Introduction to CASB and Netskope.pptxssuser4c54af
 
Shared responsibility - a model for good cloud security
Shared responsibility - a model for good cloud securityShared responsibility - a model for good cloud security
Shared responsibility - a model for good cloud securityJisc
 
Addressing Cloud Security with OPA
Addressing Cloud Security with OPAAddressing Cloud Security with OPA
Addressing Cloud Security with OPADiemShin
 
Shared responsibility - a model for good cloud security
Shared responsibility - a model for good cloud securityShared responsibility - a model for good cloud security
Shared responsibility - a model for good cloud securityAndy Powell
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsViresh Suri
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud securityRaj Sarode
 
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...Amazon Web Services
 
ShareResponsibilityModel.pptx
ShareResponsibilityModel.pptxShareResponsibilityModel.pptx
ShareResponsibilityModel.pptxBabatundeAbioye2
 
8 major facts you must know before you buying a casb
8 major facts you must know before you buying a casb8 major facts you must know before you buying a casb
8 major facts you must know before you buying a casbciphercloud1
 
Apache Knox Gateway "Single Sign On" expands the reach of the Enterprise Users
Apache Knox Gateway "Single Sign On" expands the reach of the Enterprise UsersApache Knox Gateway "Single Sign On" expands the reach of the Enterprise Users
Apache Knox Gateway "Single Sign On" expands the reach of the Enterprise UsersDataWorks Summit
 
451 Research Client Event Nov 10
451 Research Client Event Nov 10451 Research Client Event Nov 10
451 Research Client Event Nov 10stavvmc
 
Private, Managed, Public - All Things WSO2 Cloud
Private, Managed, Public - All Things WSO2 CloudPrivate, Managed, Public - All Things WSO2 Cloud
Private, Managed, Public - All Things WSO2 CloudWSO2
 
Cyber Security in The Cloud
Cyber Security in The CloudCyber Security in The Cloud
Cyber Security in The CloudPECB
 
SaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsSaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsKannan Subbiah
 

Similar a Palo Alto Networks CASB (20)

casb_by_.pptx
casb_by_.pptxcasb_by_.pptx
casb_by_.pptx
 
Comprehensive Information on CASB
Comprehensive Information on CASBComprehensive Information on CASB
Comprehensive Information on CASB
 
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeCloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
 
Workshop: Threat Intelligence - Part 1
Workshop: Threat Intelligence - Part 1Workshop: Threat Intelligence - Part 1
Workshop: Threat Intelligence - Part 1
 
01-Chapter 01-Introduction to CASB and Netskope.pptx
01-Chapter 01-Introduction to CASB and Netskope.pptx01-Chapter 01-Introduction to CASB and Netskope.pptx
01-Chapter 01-Introduction to CASB and Netskope.pptx
 
Shared responsibility - a model for good cloud security
Shared responsibility - a model for good cloud securityShared responsibility - a model for good cloud security
Shared responsibility - a model for good cloud security
 
Addressing Cloud Security with OPA
Addressing Cloud Security with OPAAddressing Cloud Security with OPA
Addressing Cloud Security with OPA
 
Shared responsibility - a model for good cloud security
Shared responsibility - a model for good cloud securityShared responsibility - a model for good cloud security
Shared responsibility - a model for good cloud security
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentals
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud security
 
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
 
Security As A Service In Cloud(SECaaS)
Security As A Service In Cloud(SECaaS)Security As A Service In Cloud(SECaaS)
Security As A Service In Cloud(SECaaS)
 
Cloud Security Alliance's GRC Stack Overview
Cloud Security Alliance's GRC Stack OverviewCloud Security Alliance's GRC Stack Overview
Cloud Security Alliance's GRC Stack Overview
 
ShareResponsibilityModel.pptx
ShareResponsibilityModel.pptxShareResponsibilityModel.pptx
ShareResponsibilityModel.pptx
 
8 major facts you must know before you buying a casb
8 major facts you must know before you buying a casb8 major facts you must know before you buying a casb
8 major facts you must know before you buying a casb
 
Apache Knox Gateway "Single Sign On" expands the reach of the Enterprise Users
Apache Knox Gateway "Single Sign On" expands the reach of the Enterprise UsersApache Knox Gateway "Single Sign On" expands the reach of the Enterprise Users
Apache Knox Gateway "Single Sign On" expands the reach of the Enterprise Users
 
451 Research Client Event Nov 10
451 Research Client Event Nov 10451 Research Client Event Nov 10
451 Research Client Event Nov 10
 
Private, Managed, Public - All Things WSO2 Cloud
Private, Managed, Public - All Things WSO2 CloudPrivate, Managed, Public - All Things WSO2 Cloud
Private, Managed, Public - All Things WSO2 Cloud
 
Cyber Security in The Cloud
Cyber Security in The CloudCyber Security in The Cloud
Cyber Security in The Cloud
 
SaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsSaaS Challenges & Security Concerns
SaaS Challenges & Security Concerns
 

Más de Alberto Rivai

FUEL - Strata Cloud Management - Master Deck.pdf
FUEL - Strata Cloud Management - Master Deck.pdfFUEL - Strata Cloud Management - Master Deck.pdf
FUEL - Strata Cloud Management - Master Deck.pdfAlberto Rivai
 
Palo Alto Networks authentication
Palo Alto Networks authenticationPalo Alto Networks authentication
Palo Alto Networks authenticationAlberto Rivai
 
Palo alto networks NAT flow logic
Palo alto networks NAT flow logicPalo alto networks NAT flow logic
Palo alto networks NAT flow logicAlberto Rivai
 
Cisco Wireless LAN Controller Palo Alto Networks Config Guide
Cisco Wireless LAN Controller Palo Alto Networks Config GuideCisco Wireless LAN Controller Palo Alto Networks Config Guide
Cisco Wireless LAN Controller Palo Alto Networks Config GuideAlberto Rivai
 
Palo Alto Networks PANOS 5.0 Radius Authentication OTP using Yubikey
Palo Alto Networks PANOS 5.0 Radius Authentication OTP using YubikeyPalo Alto Networks PANOS 5.0 Radius Authentication OTP using Yubikey
Palo Alto Networks PANOS 5.0 Radius Authentication OTP using YubikeyAlberto Rivai
 
User id installation and configuration
User id installation and configurationUser id installation and configuration
User id installation and configurationAlberto Rivai
 
User expert forum user-id
User expert forum user-idUser expert forum user-id
User expert forum user-idAlberto Rivai
 

Más de Alberto Rivai (7)

FUEL - Strata Cloud Management - Master Deck.pdf
FUEL - Strata Cloud Management - Master Deck.pdfFUEL - Strata Cloud Management - Master Deck.pdf
FUEL - Strata Cloud Management - Master Deck.pdf
 
Palo Alto Networks authentication
Palo Alto Networks authenticationPalo Alto Networks authentication
Palo Alto Networks authentication
 
Palo alto networks NAT flow logic
Palo alto networks NAT flow logicPalo alto networks NAT flow logic
Palo alto networks NAT flow logic
 
Cisco Wireless LAN Controller Palo Alto Networks Config Guide
Cisco Wireless LAN Controller Palo Alto Networks Config GuideCisco Wireless LAN Controller Palo Alto Networks Config Guide
Cisco Wireless LAN Controller Palo Alto Networks Config Guide
 
Palo Alto Networks PANOS 5.0 Radius Authentication OTP using Yubikey
Palo Alto Networks PANOS 5.0 Radius Authentication OTP using YubikeyPalo Alto Networks PANOS 5.0 Radius Authentication OTP using Yubikey
Palo Alto Networks PANOS 5.0 Radius Authentication OTP using Yubikey
 
User id installation and configuration
User id installation and configurationUser id installation and configuration
User id installation and configuration
 
User expert forum user-id
User expert forum user-idUser expert forum user-id
User expert forum user-id
 

Último

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 

Último (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 

Palo Alto Networks CASB

  • 1. Palo Alto Networks Cloud Access Security Brokers (CASB)
  • 2. CASB Definition - Gartner • “Cloud access security brokers (CASBs) are on-premises, or cloud- based security policy enforcement points, placed between cloud service consumers and cloud service providers to combine and interject enterprise security policies as the cloud-based resources are accessed. CASBs consolidate multiple types of security policy enforcement. Example security policies include authentication, single sign-on, authorization, credential mapping, device profiling, encryption, tokenization, logging, alerting, malware detection/prevention and so on.”
  • 3. Do Palo Alto Networks provide CASB solution ? • YES ! • Palo Alto Networks Security Operating Platform provides CASB solution by natively integrates Aperture, SAML Proxy, Palo Alto Networks NGFW and Globalprotect
  • 4. How do Palo Alto Networks provide CASB solution? • All of these features are available natively in Palo Alto Networks NGFW • App-ID • User-ID • GlobalProtect • HTTP header insertion • Natively integrate with Wildfire • These features “interject” ( as per Gartner definition of CASB ) security policies as managed devices access cloud service provider 4 | © 2018, Palo Alto Networks. All Rights Reserved.
  • 5. How about Aperture API ? • Aperture API is only a part of Palo Alto Networks CASB offering • Sits on the side and connect directly to SaaS applications to provide data classification, data leakage prevention and threat detection – so you can secure your sanctioned applications.
  • 6. Managed users On Network Remote Users Always on VPN Managed Devices SaaS application visibility and granular enforcement delivered inline NGFW Internal Gateway Internal Network
  • 7. Controlling access to enterprise sanctioned apps from un-managed devices Unmanaged Devices Identity Provider 1 2https://myApp Redirect to IDP for Auth SAML Assertion 3 5 SAML Proxy AuthN Request 4 HTTP redirect to proxy URL (NGFW) Aperture NGFW https://firewall-ip 6 https://myApp tenant.samlproxy.com
  • 8. OUR APPROACH TO SAAS SECURITY Remote Users Branch Headquarters Unmanaged Devices Managed Devices GlobalProtect Cloud Service NGFW Aperture API Sanctioned Tolerated Unsanctioned SaaS application visibility and granular enforcement delivered inline Monitor in-cloud activity and protect data with Aperture