Every Solution You Can Imagine – and More
What cybersecurity solution do you need? From Zero Trust to ADR, IAM, risk/privacy, data protection, AppSec and threat, securing digital transformation, to resiliency and remediation, we can build the right program to help solve your challenges.
A Single Partner for Everything You Need
Optiv works with more than 450 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv
Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner.
However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
June 26, 2023
Here’s a common scenario: an organization hosts a web-based application at a branch office that is protected by an on-prem firewall. The organization has also started looking at secure access service edge (SASE) technologies to better address the needs of its mobile users and remote locations accessing the Internet. The dilemma is that this organization inevitably now needs to support multiple security platforms, which exacerbates an already complex environment. One common theme we hear from customers who have many branch offices is that they’d “like to get out of the firewall business.”
Most firewalls deployed at branch locations are predominantly just acting as a perimeter gateway for outbound access to the Internet or a VPN connection back to a data center to reach a private application. Historically, distributed organizations get stuck continuing to support firewalls at all their branches because of the few locations that serve up a web-based application requiring firewall protections for those resources.
This blog post explores how distributed organizations can leverage Palo Alto Networks Prisma® Access to secure inbound traffic from the Internet for all their branch locations. This is a valuable feature for those that need to protect applications at a branch without having to deploy and manage on-prem firewalls.
On-prem firewalls are primarily deployed at a branch office locations for architectures where local network segmentation is necessary (think east-west), and select resources at that branch require additional protections from the internet. When segmentation is not a concern, but applications at remote locations need to be accessed from the internet, you can now use Prisma Access to secure inbound access to those applications.
See the following example use case:
In the example above, User 1 is accessing an online web server located at a remote network location via Prisma Access. User 2 is accessing the internet outbound from the same remote network location while also being secured by Prisma Access. Note that a separate remote network connection is required for inbound access and outbound access. Palo Alto provides some guidelines on utilizing Prisma Access to secure inbound access to a remote network location.
Important Note: Remote networks that are configured for secure inbound access can only be used for that purpose. If you require outbound as well as inbound access for a remote network site, create two remote network sites in the same location—one for inbound access and another for outbound access.
Below are a few example use cases for secure inbound access:
Optiv can help you decide whether it's more effective to keep on-prem branch firewalls in place or secure both outbound internet access and inbound application access at your branches using Prisma Access. Contact your Optiv client manager to inquire about our full suite of services for Palo Alto Networks Prisma Access.
Optiv Security: Secure greatness.®
Optiv is the cyber advisory and solutions leader, delivering strategic and technical expertise to nearly 6,000 companies across every major industry. We partner with organizations to advise, deploy and operate complete cybersecurity programs from strategy and managed security services to risk, integration and technology solutions. With clients at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can. At Optiv, we manage cyber risk so you can secure your full potential. For more information, visit www.optiv.com.
Let us know what you need, and we will have an Optiv professional contact you shortly.