Prisma Cloud introduces new capabilities to help security teams automate microsegmentation policy creation, accelerate the adoption of Zero Trust, and minimize human error.
Prisma Cloud is the only Cloud Native Security Platform (CNSP) to deliver Identity-Based Microsegmentation. We help companies secure their cloud-native applications with a Zero Trust architecture and prevent lateral movement of malware and ransomware. By delivering granular visibility into communications across hosts and containers and enforcing least-privilege network access, organizations can reduce risk as they migrate their workloads to the cloud.
As part of our commitment to helping security teams reduce the risk of lateral movement, we are excited to add new microsegmentation functionality to help simplify and accelerate the adoption of Zero Trust:
- Out of the Box Rules
- Application Profiling
This latest release allows us to continue to deliver best-of-breed Identity-Based Microsegmentation capabilities across private, public, and multi-cloud infrastructure.
Out of the Box Rules
Many enterprises run common applications which have a complex set of dependencies. For example, Windows machines need to fetch updates from several Microsoft domains. Kubernetes clusters run various control plane components which require reliable connectivity. Understanding dependencies and manually building policies for these use cases can become a burden for security teams.
Identity-Based Microsegmentation now offers Out of the Box Rules to secure common and critical cloud applications in just minutes. Prisma Cloud provides validated policies for broadly used applications and services such as Windows and Linux patch updates, Kubernetes applications, infrastructure services such as DNS and DHCP, and more. Security teams can deploy these rules in just minutes and simplify policy creation for common, critical applications.
Determining which applications should or should not be allowed to communicate is a monumental task not suited for manual security work and it comes with its own risk. If security teams create overly restrictive rules, they could break applications or create a network outage. On the other end of the spectrum, security teams can keep a flat network and never achieve Zero Trust results.
With Application Profiling, Prisma Cloud can now automatically generate the optimal microsegmentation rules for any cloud-native application. This new functionality maps machine-learned traffic flows with workload identity tags to ensure application flows are protected with least-privilege network access. This simple workflow allows security teams to visualize the impact of each newly generated ruleset before provisioning the rules.
DevOps teams can use this feature to generate policy-as-code files and embed rules into their deployment pipelines.
Application Profiling automatically suggests microsegmentation rules with a single click allowing security teams to accelerate their Zero Trust adoption, simplify policy creation, and minimize human error.
Begin Using the New Identity-Based Microsegmentation Capabilities
Out Of The Box Rules and Application Profiling are available as beta features. Current users of Identity-Based Microsegmentation can begin using these new capabilities right away.
If you do not use this module today and want to get valuable hands-on experience, then request a 30-day trial and let us know you’re interested in our Cloud Network Security capabilities.