Article by Chris Wilder.
I kept a close eye on Palo Alto Networks , even prior to launching the cybersecurity practice at Moor Insights & Strategy at the beginning of 2019. Companies like PAN continue to innovate and keep up with this changing industry, while others are more complacent. Recently, Palo Alto Networks provided the analyst community with an update on its recent announcements and outlined its three-point strategy for 2019 to secure the enterprise, secure the cloud, and secure the future. Let’s take a closer look.
1. Secure the Enterprise
On the back of PAN’s Secure the Enterprise strategy is the PAN 9.0 solution—the company’s flagship software solution to power firewalls and related infrastructure. This solution provides security operations centers (SOCs) and enterprises the ability to provide analytics, automation, and visibility across the enterprise. PAN 9.0 focuses on improving security policies and thwarting domain name server (DNS) and other attacks.
PAN has always stood out from the competition, with its ease of integrating and automating security functionality, especially DNS, URL Filtering, and policy/workflow. One of the things that impressed me about the strength of PAN’s strategy is its understanding of a multi-cloud/cloud-native future. Security requires a holistic approach and can never be a one-stop-shop. PAN 9.0 is a strong solution for securing the enterprise to the cloud, with over 60 features geared towards strengthening its customers security posture.
2. Secure the Cloud
One of the key highlights of Palo Alto’s cloud security solution is its RedLock and Evident solutions. The RedLock solution supports over 125 security policies and over 10 compliance templates to create a robust offering. RedLock enables organizations to deploy and enforce security policies and compliance across multi-cloud environments. RedLock correlates information from multiple sources, such as security information and event management (SIEM), threat intelligence tools, scanners, etc., to provide visibility and contextual information across various networking environments.
In addition to RedLock, PAN announced two versions of its GlobalProtect cloud service (1.3 and 1.3.1), which allows organizations to roll-out cloud-based security policies to remote networks, mobile users, and remote offices. Some of the key functionality enhancements made to GlobalProtect cloud service include reverse security assertion mark-up language (SAML) proxy (which in essence makes it easier to manage traffic going to SaaS applications), clientless VPN for unmanaged devices, and an expansion of the number of global locations, allowing customers to secure devices, offices, and mobile users.
One of the areas that impresses me the most about PAN’s cloud strategy is its understanding that networks are more distributed now than at any other time. While pretty much everyone understands that all networks today are distributed, many of PAN’s competitors are still designing solutions for centralized networking environments.
3. Secure the future
A key area of focus for PAN’s strategy is its open, integrated, AI-based, continuous security platform, Cortex XDR. One of the key pieces of this plan will be delivered through PAN’s acquisition of security orchestration, automation, and response (SOAR) vendor Demisto. Palo Alto Networks believes it can automate much of the process and operations of security operations centers (SOCs). While I agree that tier 1 and 2 (monitor and detection) could be automated, tier 3-4 (remediation, intelligence, and forensics) must combine technology with human interaction to be proactive and comprehensive. Regardless, Cortex XDR will be a significant differentiator, especially in distributed IoT and multi-cloud environments.
Palo Alto demonstrates impressive revenue and margin numbers compared to Cisco Systems CSCO +0%, Symantec SYMC +0%, Check Point, Fortinet FTNT +0%, and Juniper. I believe this is due to the clarity of its message and its viable vision for how security operations are and will be managed in the future. It will be interesting to track how PAN competes against up and coming endpoint security firms like Carbon Black, CrowdStrike, Cylance, eSentire, or Sophos. This is a complicated and confusing industry for most, and many of today’s flash-in-the-pan companies will be relegated to the dustbin. I believe PAN, however, has the chops, experience, and vision to remain a major player. Over the next few months, I will be profiling other key players in the industry, highlighting their various strengths, weaknesses, and opportunities. Stay tuned.
Chris Wilder is a Moor Insights & Strategy senior analyst focused on the Internet of Things and cybersecurity.