Palo Alto Networks SASE Converge updates boost security, UX

Talon acquisition

While this deal was first announced on November 6, ahead of SASE Converge, Palo Alto Network's intent to acquire enterprise browser provider Talon was arguably the most significant news discussed during the event. Talon's technology will enable Prisma SASE customers to protect unmanaged devices.

While Prisma Access has supported an agentless approach for zero trust network access (ZTNA), the addition of Talon will provide customers with broader security capabilities to prevent attacks on unmanaged devices earlier in the attack chain. 

Native remote browser isolation

Not to be confused with Talon's enterprise browser, Palo Alto Networks also launched native remote browser isolation (RBI) to protect customers against unknown web-based threats.

While not often considered a primary SASE capability -- only 29% of Enterprise Strategy Group research respondents consider it a starting point -- it is becoming more important as part of a comprehensive architecture to protect against advanced and unknown web-based threats.

By building this capability directly into Prisma SASE, traffic does not have to be routed to third-party vendors, which can impact user experience.

Connected SaaS app visibility and control

SaaS ecosystems are much more complex than even a few years ago, with API integrations making it extremely difficult for security teams to accurately assess their attack surface. To address this, Palo Alto has added Interconnected SaaS Apps security to its Next-Generation CASB to provide visibility into the third-party apps in use, as well as the permissions, users, and other attributes to help security teams understand their SaaS risk and adjust configurations or revoke access as needed.

Data security enhancements

Following on the concept of identifying and remediating risk, Palo Alto announced Data Risk Explorer to help organizations quantify data risk and provide actionable next steps to remediate issues. Security teams can review data risk at a global level, or more granularly based on application, location, user, or data profiles

Further, Palo Alto has expanded its data discovery capabilities from more than 100 pre-defined document types, to include custom machine learning models that can be trained to identify unique and proprietary documents.

Prisma Access App Acceleration

Finally, while security is obviously critical, it cannot come at the expense of performance. Palo Alto has long touted its network, built on Google, as a key differentiator. The addition of Prisma Access App Acceleration provides a faster than direct-to-app user experience through the predictive modeling of user and app behaviors. It is able to anticipate user interactions and identify the content users will request before they ask for it.

The SASE space remains exceptionally crowded and competitive. Palo Alto Networks' expansion of its SASE portfolio beyond ZTNA, CASB, firewall as a service, and SD-WAN has shown it is committed to innovation and continues to connect the dots between security and performance.

That said, the vendor will need to provide a clear vision around how customers should think about enterprise browser, RBI, and agentless ZTNA to avoid confusion. This will help ensure complexity is managed and security teams can easily and efficiently address the use cases most important to them.

Senior Analyst John Grady covers network security at TechTarget's Enterprise Strategy Group. 

Enterprise Strategy Group is a division of TechTarget. Its analysts have business relationships with technology vendors.