The new features and additional cloud support will provide stronger security and simplified management across the three major public clouds, said Chris Morosco, product marketing director at Palo Alto Networks.
“A couple things you need for the cloud: No. 1 is good security. But you also need to be able to deploy security in a very frictionless way,” Morosco said. “It needs to be built for the cloud.”
To address this, the company added automation integrations including improved auto-scaling for AWS and new support for Azure Security Center and Google Cloud Deployment Manager. The new Azure integration “gives you a unified view of your private and public cloud deployments,” while the Google integration provides “a single view for customers to manage services,” Morosco said.
The security platform also integrates with software from Terraform and Ansible to automate workflows and policy management. “You can do multi-cloud with one management instance to orchestrate this whole thing through Terraform, across all three public clouds,” Morosco said.
Additionally, the company added additional public cloud support to Aperture, its cloud access security broker (CASB) product. Aperture previously provided protection for software-as-a-service (SaaS) and some AWS-based workloads. It now works across all three public clouds.
“The third thing we added was Traps to be able to secure public cloud workloads and look for zero-day attacks,” Morosco said.
Zero-day attacks means there are zero days between the time the flaw is discovered and the first attack.
Traps is Palo Alto Networks’ endpoint protection product. Previously it supported Windows workloads. New capabilities will protect Linux workloads across the three major public clouds.
Finally, the company’s Panorama network security management now works across the three clouds. The multi-device management tool was already available as a hardware device or a virtual device, which customers used for private cloud deployments, Morosco said. “Now we’ve moved Panorama into the public cloud so your management and logging server are all within that same cloud environment,” he explained.
The company announced the new cloud security capabilities today at its online Epic Cloud Security event. All of the updates are slated for general availability next month.