Palo Alto Networks - cloud security

Published: June 13th, 2017

Vancouver-based Palo Alto Networks is the latest enterprise IT vendor to pitch itself as a developer platform, with the launch of a cloud-based application framework that it says could disrupt how security products are consumed.

The firm is moving away from its roots as a provider of hardware firewalls and towards a cloud infrastructure and security provider, while resisting the “service provider” designation to make clear its preferred sales route is still through the channel. The Palo Alto Application Framework is intended to give customers a sort of ‘app store’ of security applications that can be integrated to the security infrastructure that it’s been building for a decade, serving an install base of 40,000.

To do that, they’re providing developers with a host of tools and services that will allow them to rapidly build and deploy specific security solutions to the platform. Independent Software Vendors (ISVs) and Managed Security Service Providers (MSSPs) are likely to take advantage, says Scott Simkin, senior group manager of the threat intelligence cloud for Palo Alto. Reaching the Palo Alto customer base will provide incentive.

Palo Alto Networks - Security cloud

“You can reach those customers natively right away with us,” he says. “You can commercialize something in a year instead of a decade.”

Developers will be able to launch their capabilities and get to market very quickly through this route, he adds, shortening their time to the point of earning revenue.

If that’s not enough incentive, Palo Alto is also forming a $20 million security venture fund that will provide early stage capital to those developing applications for its Next-Generation Security Platform. For companies in the early stage or seed stage, the funds will help developers build high-level functionality for customers, rather than worry about building out infrastructure and data stores needed for their applications.

“We believe we have the responsibility to supply the funding and the tools to develop security applications,” Simkin says.

Palo Alto Networks’ Ignite conference is underway in Vancouver.

Palo Alto will provide cloud-based APIs to developers to allow developers to hook into its platform. Developers also get access to the customer data (anonymized and normalized) that provides threat intelligence from more than 17,000 WildFire threat analysis service users, and other telemetry. A Logging Service provides a central cloud-based repository for application data and logs of any type of data, without need for local compute and storage.

“That data is absolutely mindblowing” Simkin says. It includes more than 3.1 billion malware samples, for example.

Security apps on the platform will help customers solve problems in security areas that Palo Alto hasn’t traditionally played, he says. For example, IoT and mobile security could be areas apps are develped.

The availability of the Application Framework is slated to be generally available in early 2018.

Palo Alto says it’s already working with 30 security vendors to develop applications on its new platform, including:

Accenture
AlgoSec
Anomali
Aruba, a Hewlett Packard Enterprise company
Attivo Networks
BlackStratus
Booz Allen Hamilton
Carbon Black
CrowdStrike
ExtraHop
Fidelis
FireMon
ForeScout
FourV Systems
HYAS
IBM
Phantom
PhishMe
Portnox
Proofpoint
ProtectWise
Recorded Future
SafeBreach
SecurityScorecard
Siemplify
Sift Security
Sisense
Splunk
Sqrrl
Swimlane
Tanium
Telstra
Tenable
ThreatQuotient
Tufin
Wandera

New cloud option for security

Palo Alto also announced a GlobalProtect cloud service, offering its security infrastructure as a cloud service to remote offices and mobile users. It provides the capabilities of its Next-Generation Security Platform, such as application visibility and control, Threat Prevention, URL filtering, and WildFire threat analysis.

“It takes everything we can provide in a hardware device and puts it in a cloud-based infrastructure,” says Matt Keil, director of product marketing for public cloud, Palo Alto.

Channel partners will be able to resell this offering the same way as Palo Alto’s virtual firewalls, he adds. There’s also no products being phased out in favour of the new offering, it’s just another alternative.

Palo Alto will manage and maintain a multi-tenant cloud that will enable customers to quickly add or remove remote locations and users, helping them meet growth demands at a predictable cost.

General availability is planned for August 2017, and licences are provided based on bandwidth requirements – from 200 Mbps up to 100,000 Mbps.