The days of working exclusively from a corporate office are gone. At the same time, an increasing number of applications now reside in the cloud, so many employees and apps are outside of the traditional data center perimeter. While organizations have largely adapted to the new normal, it continues to pose challenges for network and security teams worldwide.
Unfortunately, many organizations still rely on security appliances from multiple vendors in order to protect their users, applications, and data. This poses a challenge, since separate security products result in non-integrated management interfaces, no centralized visibility or threat prioritization, and disparate security policies. As a result, it is very time consuming for security teams to gain visibility across thousands of users, applications, and devices in order to quickly identify and resolve threats.
Cloud SWG Capabilities Within Prisma Access Protects a Large Pharmaceutical Company
For many years, a global pharmaceutical company used on-premise web proxy appliances, along with other security appliances from multiple vendors, to provide access and security for web and non-web traffic. When the pandemic hit, they needed to quickly support over 90,000 users in order to maintain employee productivity and business continuity. Some of the key challenges faced by the organization:
- Incomplete security. The data centers housed web proxy appliances and other multi-vendor legacy products, and each product had its own management interface, security policies, and threat prioritization tools. As a result, it became extremely challenging to identify and prioritize threats across thousands of global remote workers and cloud-based apps, especially since their on-premise appliances weren't designed to support remote workers and apps outside the data center.
- Limited app coverage. The organization used a web proxy appliance for internet access and security, a separate security appliance for non-web based access and applications, and other vendor products. Not only did this increase complexity with managing multiple vendors and solutions, but security teams couldn’t block what they couldn’t see. Without consistent security for all apps (web and non-web), the risk of a data breach increased.
- Poor end-user experience. With the majority of employees working remotely, backhauling internet traffic to the data center for access and threat inspection created network bottlenecks. Poor performance along with inconsistent app access–which varied depending upon the user’s device, permissions, and location–resulted in frustrated users, reduced productivity, and more calls to the IT support desk.
This pharmaceutical company isn't alone in their frustrations with their on-premise web proxy appliances. Research from ESG Global shows that many organizations are open to a new secure web gateway (SWG) approach, with only 8% of research respondents indicating they are very satisfied with their current solution and not planning to change anytime soon.
The pharmaceutical company immediately realized three key benefits by consolidating their multi-vendor, on-premise web proxy appliances into the Cloud SWG capabilities available in the singular, modern, cloud-delivered security platform of Prisma Access:
- Centralized threat visibility. Rather than relying on multiple point-product dashboards, the company now has the ability to view threats in a single pane of glass, enabling the team to quickly identify and resolve advanced threats.
- Consistent security policies. Prisma Access delivers consistent security policies across users, locations, and devices to eliminate security gaps that can occur when organizations use multiple security products from different, non-integrated vendors and platforms.
- Lower costs and greater scalability. By moving away from legacy appliances, the company was able to free up datacenter space, and lower maintenance and management costs. In addition, they are now able to quickly scale to meet future needs worldwide without the complexity associated with deploying physical appliances.
Today, organizations require a modern secure web gateway solution that provides best-in-class threat protection along with deep visibility, centralized management, and unified policies to protect users, data, and applications wherever they reside. Web security is an essential part of a modern secure access service edge (SASE) architecture, so it shouldn’t be managed in isolation. The Cloud SWG capabilities within Prisma Access deliver modern, complete cloud security including:
- Complete, best-in-class security. Prisma Access provides access to all apps and secures against all threats, not just for web-based apps and threats. In addition, enable industry-leading capabilities converged into a single cloud-delivered platform, providing more security coverage than any other solution. Prisma Access delivers more than 4.3M unique security updates per day, 24.5x more than our nearest competitor.
- Unified security product. Prisma Access provides comprehensive protections such as SWG, zero trust network access (ZTNA) 2.0, autonomous digital experience management (ADEM), firewall as a service (FWaaS), and cloud access security broker (CASB) converged into a single unified product with single-pane-of-glass visibility and management, consistent policy, and shared data for all users and all apps to dramatically reduce the risk of a data breach.
- Best user experience. Prisma Access has a truly cloud-native architecture built to secure today’s digital enterprises at cloud scale, providing uncompromised performance backed by leading SLAs that deliver exceptional user experiences. Prisma Access provides 10x more total encrypted tunnel throughput than the nearest competitor with performance SLAs 10x better than any other cloud-delivered service.
Organizations with legacy web proxy appliances can easily transition to Cloud SWG in Prisma Access by leveraging the cloud explicit proxy option. This approach enables existing PAC files to be quickly updated so that internet-bound traffic is directed to the Prisma Access cloud explicit proxy for user access and internet threat protection, without requiring any network architecture changes. Enabling cloud explicit proxy can be accomplished in just three easy steps with Prisma Access Cloud Management:
- Configure Infrastructure Settings
- Configure User Authentication Settings
- Configure Prisma Access Locations
The setup process takes just a few minutes and includes an intuitive administrator interface. Additional details are available via TechDocs online resources for cloud explicit proxy setup.