Sayers And Palo Alto Networks: Advancing Network Security With Prisma SASE 3.0

Secure Access Service Edge (SASE) first made headlines years ago with the concept of converging networking and security services into one unified offering from the cloud. This integrated approach enables organizations to connect and protect their users wherever they are, while controlling what those users can access. 

In those early days, SASE vendors mainly focused their expertise on either the networking or the security side. Today, you can choose from multiple vendors who deliver a full range of SASE capabilities, including Gartner Magic Quadrant Single-Vendor SASE Leader Palo Alto Networks. 

Below, we spotlight Prisma SASE 3.0, the company’s latest SASE evolution that extends Zero Trust to unmanaged devices, secures data with AI, and boosts applications to perform up to five times faster.

Prisma SASE 3.0: The Next Chapter of SASE

Palo Alto Networks has integrated multiple security and networking technologies, either purchased or developed in-house, into their Prisma SASE offering.

John Miller, SASE Channel Solutions Engineer at Palo Alto Networks, says:

“Data and devices are everywhere, which potentially increases productivity but requires consistent security controls and visibility to protect users and data from risks such as malware, phishing, and insider data sharing.”

Prisma SASE 3.0 builds on the company’s previous evolutions to deliver their most comprehensive SASE capabilities to date:

• Prisma SASE 1.0:  Third-party SD-WAN along with GlobalProtect virtual private network to protect mobile users. 
• Prisma SASE 2.0: Prisma SD-WAN (integrated from their CloudGenix acquisition), GlobalProtect VPN, and Autonomous Digital Experience Management (ADEM) to monitor and remediate user connectivity issues.
• Prisma SASE 3.0: Adds AI Security, Application Acceleration, Prisma Access Browser for secure, customizable access to applications and data, and ADEM with AIOps for faster root cause analysis.

Even before the 3.0 version, a Total Economic Impact study by Forrester cited an ROI of 107% over three years with Prisma SASE and a 50% decreased likelihood of a data breach.

AI-Powered Data Security Secures Corporate Data With Greater Accuracy

With Prisma SASE 3.0, Palo Alto Networks has introduced new AI-powered capabilities to protect data anywhere on managed and unmanaged devices. 

Whether at company headquarters, branch offices, home offices, or remote locations, AI-powered data protection capabilities include:

• Data classification powered by large language models and context-aware machine learning
• Data labeling that integrates with the Microsoft suite of products and applies granular policies automatically based on data sensitivity within files
• Browser-based Data Loss Prevention prevents sensitive data loss on managed and unmanaged devices. This feature can mask sensitive data, prevent screenshots, block printing, prevent data sharing via collaboration tools, and make a website read-only, among other capabilities
• End-user coaching provides next-generation Cloud Access Security Broker (CASB) pop-up notifications to let the user know when an action is needed
• Data Security Dashboard provides visibility and control of enterprise data across SaaS applications, cloud, email, and other network workflows
• Machine Learning-Powered Behavior Threats detect suspicious activities such as excessive uploads and downloads or abnormal access, and monitor high-risk users based on specific watchlist criteria
• AI-Powered Strata Copilot provides a simplified conversational UI for networking and security teams to stay up-to-date while dealing with heavy workloads. Strata Copilot provides quick answers, product documentation, and troubleshooting guidance to resolve issues
• AI Access Security gives visibility into employee and contractor use of more than 500 GenAI apps across category filters such as writing assistants and code generation. Classify GenAI apps as sanctioned, tolerated, or unsanctioned and granularly protect your data. 

Miller says:

“We’re truly protecting any user, on any device, for any application. It’s not just us saying we are a true leader in the SASE space. In evolving SASE, Palo Alto Networks went from being a Challenger in the 2022 Gartner Magic Quadrant for Security Service Edge to a Leader in 2023 and 2024. You’ll see that trend continue as we add more functionality that speaks to our users to make their lives easier and more secure.”

Prisma Access Browser Secures Work Where It Happens

Enterprise browsers secure your organization’s most-used application. According to a Gartner report on The Future of Enterprise Browsers:

“By 2030, enterprise browsers will be the core platform for delivering workforce productivity and security software on managed and unmanaged devices for a seamless hybrid work experience.”

After acquiring Talon Cyber Security, a pioneer of enterprise browser technology, Palo Alto Networks integrated the Prisma Access Browser into Strata Cloud Manager. As part of Prisma SASE 3.0, Prisma Access Browser provides advanced, cloud-delivered security services for the four “any’s” – protect any user, on any device, in any location, using any web application.

The Chromium-based Prisma Access Browser looks and feels like Google Chrome, customizable with your company’s logo, background preference, and application shortcuts. With no admin privileges required, contractors can easily install and use the browser.

Brian Frett, Channel Business Manager at Palo Alto Networks, was on paternity leave when Prisma Access Browser rolled out to the company’s employees and contractors. He says:

“I was coming back to a mountain of work and, like most employees, the majority of work I do on a day-to-day basis is from a browser. As a non-technical person, it took me all of three minutes to migrate my bookmarks, favorites, and other settings. My first-hand user experience was seamless.” 

Among its many capabilities, Prisma Access Browser:

• Provides unified visibility in a single policy. Prisma Access Browser becomes the on-ramp to the security services managed and controlled from Strata Cloud Manager.
• Boosts visibility and control across SaaS and web applications.
• Extends zero trust policies across all actions, in all apps.
• Applies policy tags to specific application IDs or category groups. 
• Collects insights for threat hunting and forensics.
• Achieves up to 85% less Total Cost of Ownership compared to shipping corporate laptops or building a VDI environment for users to access internal resources.
• Delivers faster performance with App Acceleration built into the browser.
• Performs security posture checking to detect criteria such as screen lock, encryption, decryption, certificates, OS, and device models. 
• Uses advanced URL filtering and restrictions to block potentially malicious websites or require the user to request access to certain sites.
• Securely manages privileged remote access regardless of application type.
• Incorporates event logging for visibility and troubleshooting.

Application Acceleration Delivers A Fast, Secure User Experience

The dynamic, personalized content of modern applications can be slow to load. Users get frustrated, productivity drops, and some workers even try to bypass security controls to get time back.

Prisma SASE 3.0 uses AI technology that learns how users interact with each application, so it can accelerate apps individually for every user. Prisma SASE App Acceleration predicts the dynamic content the users are requesting and delivers that content up to five times faster than accessing applications directly through the internet. 

App Acceleration maintains security by preparing and fully scrubbing the predicted content using Prisma SASE’s full suite of security capabilities.

SASE Deployments For The Modern Workplace

Sayers engineers project manage and install Prisma SASE deployments as part of our long-standing partnership with Palo Alto Networks. Such work has earned Sayers distinctions including Palo Alto Networks Diamond Innovator NextWave Partner, Certified Professional Services Partner, and Prisma Access Approved Services Partner.

Frett says:

“As a strategic partner, Sayers brings a tremendous amount of value-add to our mutual customers, with the end goal of making them more secure.”

Sayers services focus on building, securing, and supporting solutions for the modern workplace. Recent SASE implementations span several industries, including:

• Transportation. Migrated more than 10,000 mobile users from a legacy VPN solution to SASE in less than a week.
• Manufacturing. Deployed more than 100 sites and 12,000 users for global WAN / firewall / SASE. 
• Consulting. Deployed 80 sites and more than 10,000 mobile users for global WAN / SASE, ZTNA, and cloud with multi-tenancy, always-on implementation.
• Real estate. Deployed SASE for remote sites and mobile users with Secure Web Gateway, CASB, ADEM, and SSL.
• Medical. SASE deployment for 1,000 mobile users with CASB and enterprise browser.

Ken Wisniewski, Senior Cyber Security Architect at Sayers, says:

“We work closely with Palo Alto Networks to stay on top of the latest innovations, changes, and enhancements to their firewall and SASE products, while ensuring our clients can take good advantage of them.” 

Sayers also offers recruiting services and staff augmentation for clients who require engineering and operational resources for SASE and other deployments.

Questions? Contact us at Sayers today to discover extensive technology solutions, services, and expertise to cover all areas of your business.