Realize better application performance, integrated security with Zero Trust and branch simplicity with best-in-class SD-WAN.
events analyzed per day 5.43B events from 70,000 customers
Each day we detect up top 8.95M new attacks detected daily with AI
Each day we prevent up to 30.9B attacks blocked inline each day
The Industry’s Only Complete Secure Access Service Edge Solution
It is clear that three fundamental shifts are driving network and security transformation in the enterprise: hybrid work, cloud and digital transformation, and branch transformation. As a result, we believe
that a differentiated approach is needed: secure access service edge (SASE).
SASE converges best-of-breed networking and security into a single solution purpose-built for agile,
cloud-enabled organizations. Prisma SASE is the industry’s only complete SASE solution, converging
network security, SD-WAN, and Autonomous Digital Experience Management (ADEM) in the cloud.
Only Prisma SASE uniquely and consistently delivers cloud-delivered security services to secure all
apps used by your hybrid workforce, regardless of whether users are remote, mobile, or working from
a branch office. The industry’s only SASE-native DEM helps ensure an exceptional user experience for
all users. With ADEM on Prisma SASE, your employees will be happier and more productive, regardless of where they work.
The Branch has Evolved
Three fundamental shifts are driving the need for branch transformation in the enterprise - Hybrid
workforce that is here to stay, ubiquitous adoption of modern collaboration and videoconferencing
apps, and protection for all users, apps, and devices in an ever-increasing threat landscape. This has
seen the rise of the software-defined wide area network (SD-WAN), which promises to enable organizations to seamlessly embrace the benefits of network transformation and remove any limitations
from legacy WAN architectures.
Legacy SD-WAN Solutions Fall Short
No Active-Active Connections:
Legacy SD-WAN solutions lack application awareness that enables
accurate identification, prioritization, and forwarding. As a result, directly access apps cannot leverage
these WAN links in an active-active fashion to deliver better WAN capacity and lower latency to ensure
improved user experience.
No Application SLAs:
Legacy SD-WAN solutions only compute network SLAs to make traffic-forwarding decisions on all WAN links. As a result, performance for directly accessed apps that require application SLAs like transaction failures, app response time, and round trip delays are impacted significantly
No Zero-Trust Security:
With modern apps distributed, legacy SD-WAN solutions fail to deliver the
security that provides Zero Trust at the cloud scale to protect apps, users, and devices.
Highlights
Elastic networks—
delivering a zero-routing network with a centralized controller-based architecture that seamlessly builds, manages, and updates the network while flexibly supporting carrier-independent WAN connections like 5G, MPLS, broadband, and satellite.
App-defined fabric—p
providing direct-to-app access that ensures an exceptional user experience
for all applications like SaaS, cloud, and business-critical/private applications while delivering application availability based on application performance SLAs.
Zero Trust security—
providing integrated and cloud-delivered security services to branch offices
The security needs to be granular (Layer 7) to enforce true least-privileged access and ensure only
the right people get access to the right information and assets, including IoT.
AI-powered operations—
leveraging the latest advancements in observability and AI/ML built
natively to help customers automate complex IT and network operations center (NOC) functions
with the power of AI/ML to increase productivity and reduce MTTR
Application SLA Assurance Framework
Prisma SD-WAN’s app-defined fabric is now enhanced with a new policy-driven SLA framework to
deliver Application SLA assurance delivering the ability to measure, enforce and alert that ensures an
exceptional user experience for all apps. With the ability to identify apps and measure SLAs, Prisma
SD-WAN allows enforcement like prioritization, switch flows and link conditioning like adaptive Forward Error Correction (FEC). FEC can dynamically turn on or off for a specific application along with
the ability to control the number of recovery packets based on the performance SLAs.
Broadest Support for Network Segmentation
Prisma SD-WAN supports segmentation with network contexts and techniques like Virtual Routing
and Forwarding (VRF). It provides the simplicity of defining unique policy rules per segment for the
same application using network contexts while supporting overlapping IP addresses with VRF.
SD-WAN with Integrated IoT Security
Palo Alto Networks introduces the industry’s first SD-WAN with integrated security for IoT devices.
The existing Prisma SD-WAN appliances provide visibility and help secure all IoT devices with Prisma
Access by acting as sensors and control points, unlike other SD-WAN solutions that require additional sensors to be deployed in the network to gain visibility and prevent threats. This enables accurate
detection and identification of all IoT devices and security controls from within the familiar cloud
management for Prisma SASE.
Security
Prisma SD-WAN seamlessly integrates with our cloud-delivered security platform, Prisma Access, delivering the industry’s most comprehensive SASE solution. With Prisma Access combined with Prisma
SD-WAN, you’ll be able to consolidate ZTNA, Cloud SWG, CASB, FWaaS, and SD-WAN into a single
integrated service, reducing network and security complexity while increasing organizational agility.
Additionally, Prisma SD-WAN ION devices include an application-based, zone-based firewall (ZBFW),
ensuring compliance across different network circuits and interfaces.
Key Benefits
Leveraging Prisma SASE with Prisma Access Browser yields substantial benefits in
both security and cost savings:
Prisma SD-WAN Bandwidth On-Demand
Palo Alto Networks is revolutionizing how organizations can consume SD-WAN by becoming the first
vendor in the industry to offer Prisma SD-WAN Bandwidth On-Demand. This game-changing, flexible, subscription-based model for Prisma SD-WAN enables customers to reduce WAN cost by up to
45%, enabling them to purchase bandwidth on a per-Mbps basis and effortlessly allocate bandwidth
from an aggregated pool. In addition, customers can now easily activate Prisma SD-WAN as a simple
module for Prisma Access to expedite their journey to SASE. Existing a la carte consumption models
with Prisma SD-WAN and Prisma SASE bundles are also supported to ensure the ultimate flexibility
for organizations.
Integrated 5G
Prisma SD-WAN is expanding its lightweight appliance portfolio to include the ION 1200 and ION
1200-S with integrated 5G. With this new appliance, organizations can ensure optimal uptime with
5G leveraged as a backup WAN transport for business-critical applications. In addition, businesses
with ATMs and kiosks that require cellular as their primary WAN can simply deploy this appliance and
ensure rapid deployment without the hassle of adding additional appliances to leverage 5G.
Features:
Secure Workspace
Create a secure workspace on any device
Protect work on any device
Protect against advanced phishing attacks
Identify and block advanced malware
Support forensics and threat hunting
Reduce risk of tampering
Visibility & Control
Boost visibility and control with last-mile data protection
Block transfer of data from business to personal accounts
Enforce MFA on sensitive actions
Leverage over 1000 data classifiers
Protect data according to content and context
Get admin approval when it
User Experience
Enjoy a delightful experience
Access any app
Keep essential tools easily accessible
Access from any browser
Build your own workspace
Secure and simplify passwords
See how customers browse bravely with the only SASE-native secure browser.
A full-stack insurance company needed a way to secure remote access to its enterprise systems.
99% Decrease in onboarding time
8.95 new and unique attacks identified
"It’s the central part of our Zero Trust strategy. It’s both the entry to the outside world and the gatekeeper of anything coming into the company."
- Jonathan Jaffe
Chief Information Security Officer, Lemonade Insurance
This leading data infrastructure company needed a single way to provide consistent protection across managed aand unmanged devices.
347K New and unique malicious urls blocked
237KNew and unique malicious files blocked
"I can control who has access to what and what they do. That aligns with Zero Trust…It’s like a one-size-fits-all solution for our environment."
- Sarah Mignona Cote
Chief Information Security Officer, NetApp
