Simplifying Identity-Based Security in a Cloud-First World

An all-encompassing Zero Trust approach to network security is critical for safeguarding productivity in the new reality of remote, mobile and hybrid work. To achieve Zero Trust Network Security, you need to be able to easily and consistently secure users across your branch, data center, public clouds and remote workforce. How do you consistently identify your users when the identity is fragmented in so many different identity stores, like Active Directory (on-premises), Okta (cloud), Azure AD (cloud) and more? According to ESG report Trends in IAM: Cloud-driven Identities” December 2020, 87% of organizations are already moving or plan to move to cloud-based identity sources in the next 24 months. Put another way, enterprises in this day and age find it difficult to consistently verify users and enforce identity-based security at all times.

360 Mobile Vision - 360mobilevision.com North & South Carolina Security products and Systems Installations for Commercial and Residential - $55 Hourly Rate. ACCESS CONTROL, INTRUSION ALARM, ACCESS CONTROLLED GATES, INTERCOMS AND CCTV INSTALL OR REPAIR 360 Mobile Vision - 360mobilevision.com is committed to excellence in every aspect of our business. We uphold a standard of integrity bound by fairness, honesty and personal responsibility. Our distinction is the quality of service we bring to our customers. Accurate knowledge of our trade combined with ability is what makes us true professionals. Above all, we are watchful of our customers interests, and make their concerns the basis of our business.

To meet these needs, Palo Alto Networks is introducing a completely new cloud-based architecture for identity-based security, called the Cloud Identity Engine. With the introduction of this capability, we’re simplifying Zero Trust adoption. The Cloud Identity Engine enables you to consistently authenticate and authorize your users regardless of where user identity lives – on-premises, in the cloud or a hybrid of the two. As a result, users can securely access applications and data regardless of their location.

Existing solutions are designed for a single source of identity, either on-prem or cloud identity stores, leading to inconsistent security across the infrastructure. Moreover, every identity store and any changes by them have to be manually added and managed on the firewalls. Moving from on-prem to cloud or other identity sources can take months or years.

With the new Cloud Identity Engine, identity stores only need to be configured once. New identity sources can be configured and made ready for a large enterprise within a few minutes. The Cloud Identity Engine is used as the single point to synchronize user, group and authentication data across all firewall form factors, such as physical, virtual and cloud-delivered firewalls. This allows organizations the ability to provide secure access to applications from everywhere.

Simplifying Identity-Based Security in a Cloud-First World
Instant Multi-Factor Authentication for all your data center apps.

In PAN-OS 8.1, we introduced the ability to enable multi-factor authentication (MFA) for your data center applications at the network layer, using the firewall and its integrations with existing MFA providers like Ping and Okta. With the Cloud Identity Engine in PAN-OS 10.1, organizations can now use their cloud identity provider’s MFA for all their data center apps instantly.

Every organization’s cloud journey is different. But we all need a cloud-based architecture path to get there. The Palo Alto Networks Cloud Identity Engine paves the way for your organization’s cloud journey through the enablement of identity-based security for Zero Trust and identity enforcement for every location where users work.

To learn more about identity-based security for Zero Trust, register for our upcoming event series, Complete Zero Trust Network Security, and get ready to secure productivity wherever it takes place.

 

 

The post Simplifying Identity-Based Security in a Cloud-First World appeared first on Palo Alto Networks Blog.

By admin