There’s a lot of technology involved in a modern enterprise network. Some of it is a part of the network itself, some of it is to keep it reliable and secure, and some of it is to keep it running like clockwork. In the best case scenario, these parts snap together like Lego. On the other hand, there are times when it seems like no amount of sweat and glue can get the parts working together.
It shouldn’t be that difficult, and for the most part, it isn’t.
In order to provide our customers with the Lego experience, the Palo Alto Networks Technology Partner Program helps customers choose products from 3rd party vendors that work together with the next-generation firewall. We take care of the testing and the documentation so that you can count on getting solutions with the functionality that you need.
The Technology Partner Program covers products from 6 core categories:
- Mobile Device Management
- Security Information and Event Management
- Network Access and Monitoring
- Network Security Configuration Management
- Network Forensics
Let me give you an example about the importance of integrated solutions. A lot of our customers love Apple iOS devices, like the iPhone and the iPad. Employees love these devices so much that they are now choosing the technology they use at work, whether or not IT provided it to them. IDC research found that 40.7% of users surveyed are accessing business applications with a personally owned device. IT now has to adapt to provide access from devices that they didn’t initially plan on supporting in the first place.
GlobalProtect provides organizations with the ability to securely connect to an enterprise network to leverage the next-generation firewall’s application visibility and control. This solves two critical parts of the security puzzle: ensuring that the network traffic stays private, and that business applications are made available to users in a safe manner in accordance to policy, regardless of the device they use. In order to connect an iOS device, a user will need to set up a VPN connection back to the GlobalProtect Portal.
Have you ever tried to help a non-technical user set up the VPN configuration in iOS? It’s not for the faint of heart. Even though Apple is renowned for its ease of use, there’s no getting around the fact that iOS’s IPSec settings control panel has a lot of stuff that most users won’t understand.
Apple iPhone Configuration Utility provides enterprises with a portion of the solution. It can generate an XML-formatted profile that can be delivered to the phone over the air, in an email attachment or delivered through a website. Not only does it save a lot of typing, it also makes sure that all the settings covered by the policy are in force. Still, it can be tough developing and managing different profile variants for a larger community that needs more flavors than just vanilla. Apple iPhone Configuration Utility is a great tool for creating a configuration profile, but enterprises need to be able to handle issues that crop up while managing larger user populations.
Mobile device management (MDM) solutions fill that market need perfectly. It goes beyond just the ability to create profiles by helping organizations deal with the particular needs for various communities. It can also check that the device conforms to the policy that you expect it to be running, providing continuous compliance. MDM can set the dials in all the right places, as well as manage the profile variations that come into play as user populations grow.
Today, we’re announcing partnerships with MobileIron and Zenprise, who are leaders in the MDM market segment. Both solutions work together with GlobalProtect to install the VPN profile in iOS devices for both IT and employee owned devices. The VPN profile includes information such as where to connect, as well as including the authentication certificate. The enterprise can make sure access to business applications is available and safe, and the user doesn’t have to spend a lot of time getting the VPN to work. We’re working on more as well, and VPN configuration is just one part of what an MDM can do.
In addition to the mobile device management partners MobileIron and Zenprise, we’re also announcing partnerships in infrastructure (Brocade and Avaya), network access and monitoring (Plixer International and Network Critical), security information and event management (LogRhythm) and network security configuration management (AlgoSec). I’m going to cover other partnerships in depth in future blog entries, so stay tuned. In the meantime, check out the press release for additional details, and contact your local Palo Alto Networks sales representative if you’d like to learn more. The goal of our partnerships is to help our customers get the best integration possible, and we think you’re going to be excited about the way the pieces fit in your architecture.