Transcript
PALO ALTO NETWORKS: Technology Partner Solution Brief
Aruba Networks and Palo Alto Networks® Integration Technology Segment: Infrastructure
The Palo Alto Networks Technology Partner Program includes a select group of partners that deliver solutions or products that interoperate with the next-generation firewall. HIGHLIGHTS ■
■
■
■
Enforces IT policies across all users, devices, applications, and locations Enables safe use of corporate-, employee-, and guest-owned mobile devices and Internet of Things machines Protects both corporate and guest Wi-Fi networks Identifies all traffic by user, device and application for full visibility and control of network resources
SOLUTION OVERVIEW
The advent of the mobile workforce has dissolved traditional enterprise network boundaries. Users today expect to access their corporate networks from personally- and enterpriseowned mobile devices used at locations both inside and outside the corporate walls. While the corporate workforce is increasingly roaming away from the office, an ecosystem of contractors, consultants, and visitors needs network access inside the office. Today’s anytime, anywhere workplace is driving productivity gains and fostering innovation. The downside is that it’s also creating serious IT security challenges as managers struggle to provide differentiated access based on user, device-type, application, and location. Traditional port and protocol-based security architectures focus on attacks directed from the outside in, erecting port and IP-based defenses like a moat at the network’s edge. This approach assumes that devices and users inside the network are trusted, and does not further scrutinize how the workforce is using the network across user types by time, day, or location. Port and protocol-based security policies are coarse, allowing access to open ports without consideration for the user’s identity, the device type, or the application in use. In short, the defenses are inadequate for today’s anytime, anywhere workplace. Aruba ClearPass Access Management System™
Aruba WLAN Controller
XML API Joe’s Devices
ipad - 11.11.11.11 Win - 12.12.12.12
Joe’s Roles/Groups IT Administrator Employee
Report & Enforce Policy
Aruba Instant
PALO ALTO NETWORKS: Technology Partner Solution Brief
Aruba Networks and Palo Alto Networks have teamed to deliver security solutions tailored for today’s mobile users. In this paradigm no user, device, or application inside or outside the enterprise is trusted until proven otherwise. There are no unprotected backwaters.
• Unprecedented Visibility: IT gains unprecedented visibility into how its networks and applications are being used and by whom. These data can be used for a diverse range of tasks including resource planning, support staffing, and security threat management; and
Access to a network requires identification, authentication, and validation of every user, device, and application based on contextually-based policies defined by IT. These policies are rigorously enforced by Aruba’s Mobility Defined Network and the Palo Alto Networks next-generation firewall. Working in concert, these solutions map user and device information to network security policies, enabling IT to govern what a user can access with a particular device and authorized application. Policies can be very fine grained, including, among other parameters, Wi-Fi bandwidth, Quality of Service, and location awareness.
• Internet of Things: a combination of active and passive methods enables the network to distinguish between corporate, employee-owned, or guest devices and enforce policies accordingly. These benefits accrue to devices with and without user interfaces, including office equipment, medical monitors, and industrial controls. Components of the architecture are available today, and encompass Aruba controller- and cloud-based Wi-Fi, Aruba ClearPass, and the Palo Alto Networks next-generation firewall. PALO ALTO NETWORKS
As new users and devices connect to the network, Aruba’s Mobility Defined Network architecture shares contextual data (IP address, device type, user role) with the Palo Alto Networks next-generation firewall. When applications are launched, the firewall monitors for policy violations to the network based on who and what is connected to the infrastructure. Applications can be controlled based on who and what is connected to the infrastructure, or blocked if there’s no legitimate use.
Palo Alto Networks is leading a new era in cybersecurity by protecting thousands of enterprise, government, and service provider networks from cyber threats. Unlike fragmented legacy products, our security platform safely enables business operations and delivers protection based on what matters most in today's dynamic computing environments: applications, users, and content. Find out more at www.paloaltonetworks.com.
Enhanced cybersecurity against known and unknown malware, zero-day exploits, and advanced persistent threats is provided by WildFire™ from Palo Alto Networks. WildFire automatically implements and enforces protection in near real-time to defend against dynamic cyber attacks.
Aruba Networks is a leading provider of next-generation network access solutions for the mobile enterprise. The company’s Mobile Virtual Enterprise (MOVE) architecture unifies wired and wireless network infrastructures into one seamless access solution for corporate headquarters, mobile business professionals, remote workers and guests. This unified approach to access networks enables IT organizations and users to securely address the Bring Your Own Device (BYOD) phenomenon, dramatically improving productivity and lowering capital and operational costs. For more information please visit www.arubanetworks.com.
Benefits of this holistic approach to security include: • Proactive Security: identity is established prior to granting access to wired or wireless network services; • Threat Prevention: identifies known and unknown malware, breaking the lifecycle of advanced, targeted attacks on computers and mobile devices;
ARUBA NETWORKS
• Granular Policies: fine grained control extends to wireless bandwidth, location-based services, and device types—not just IP addresses and port numbers;
4401 Great America Parkway Santa Clara, CA 95054 Main: +1.408.753.4000 Sales: +1.866.320.4788 Support: +1.866.898.9087 www.paloaltonetworks.com
Copyright ©2015, Palo Alto Networks, Inc. All rights reserved. Palo Alto Networks, the Palo Alto Networks Logo, PAN-OS, App-ID and Panorama are trademarks of Palo Alto Networks, Inc. All specifications are subject to change without notice. Palo Alto Networks assumes no responsibility for any inaccuracies in this document or for any obligation to update information in this document. Palo Alto Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice. PAN_TPSB_ARUBA_041615
