Paloalto VM-700
Microsoft Azure ® migration initiatives are rapidly transforming data centers into hybrid clouds, yet the risks of data loss and business disruption jeopardize adoption. The VM-Series on Azure solves these challenges, enabling you to:
-Protect your Azure workloads through unmatched application visibility and precise control.
-Prevent threats from moving laterally between workloads and stop data exfiltration.
-Eliminate security-induced application development bottlenecks with automation and centralized management.
Introduction
Microsoft Azure® migration initiatives are rapidly transforming data centers into hybrid clouds, yet the risks of data loss and business disruption jeopardize adoption. The VM-Series on Azure solves these challenges, enabling you to:
-Protect your Azure workloads through unmatched application visibility and precise control.
-Prevent threats from moving laterally between workloads and stop data exfiltration.
-Eliminate security-induced application development bottlenecks with automation and centralized management.
Palo Alto Networks VM-Series Virtualized Next-Generation Firewalls protect your Azure workloads with next-generation security features that allow you to confidently and quickly migrate your business-critical applications to the cloud. ARM templates and third-party automation tools allow you to embed the VM-Series into your application development lifecycle to prevent data loss and business disruption.
Azure Network Security Groups or VM-Series?
Organizations are migrating their enterprise applications onto Azure for many reasons, including business agility and a desire to reduce data center footprints. Security best practices dictate that your public cloud security posture should be as strong as your data center security approach: understand your threat exposure through application visibility, use policies to reduce your attack surface area, and prevent threats and data exfiltration within allowed traffic.
Native Azure security features perform port-based filtering to control access to the Azure resources deployed. They are unable to use the application identity to control traffic nor can they prevent threats within the content allowed. The VM-Series complements Azure Network Security Groups and Azure Firewall security controls by reducing your attack surface through enabling applications regardless of port, preventing threats, and stopping data exfiltration.
VM-Series on Azure
The VM-Series allows you to embrace a prevention-based approach to protecting your applications and data on Azure. Automation and centralized management features enable you to embed next-generation security in your Azure application workflow so security can keep pace with development.
Complete visibility improves security decisions. Understanding the applications in use on your network, including those that may be encrypted, helps you make informed security policy decisions.
Segmentation and application whitelisting aid data security and compliance.Using application whitelisting to enforce a positive security model reduces your attack surface by allowing specific applications that align to your business needs (e.g., allow SharePoint® documents for all, but limit SharePoint administration access to the IT group). Whitelisting policies also allow you to segment applications that communicate across subnets and between virtual networks (VNets) to stop lateral threat movement and meet compliance requirements.
User-based policies improve security posture. Integration with on-premises user repositories—such as Microsoft Exchange, Active Directory®, and LDAP—lets you grant access to critical applications and data based on user credentials and need. For example, your developer group can have full access to the developer VNet while only IT administrators have RDP/SSH access to the production VNet. When deployed in conjunction with Palo Alto Networks GlobalProtect™ for network security at the endpoint, the VM-Series on Azure can extend your corporate security policies to mobile devices and users regardless of their location.
Applications and data are protected from known and unknown threats. Attacks, like many applications, can use any port, rendering traditional prevention mechanisms ineffective. Enabling Threat Prevention and DNS Security as well as WildFire®, Palo Alto Networks malware prevention service, as segmentation policy elements will protect you against exploits, malware, and previously unknown threats from both inbound and lateral movement perspectives.
Multiple defenses block data exfiltration and unauthorized file transfers. Data exfiltration can be prevented using a combination of application enablement, Threat Prevention, and DNS Security features. File transfers can be controlled by looking inside files, not only at their file extensions, to determine whether transfer actions should be allowed. Command and control, associated data theft, and executable files found in drive-by downloads or secondary payloads can also be blocked. Data filtering features can detect and control the flow of confidential data patterns, such as credit card and Social Security numbers, in addition to custom patterns.
| MFG Number | MFG.PART: PAN-VM-700-PERP-BND1-PREM-1YRR |
|---|---|
| Condition | Item Condition : Brand New |
| Price | $1,000.00 |
