Scaling GlobalProtect for Mobile Users with Prisma Access

Dec 17, 2020
4 minutes
... views

GlobalProtect is Palo Alto Networks industry-leading secure remote access solution, and one of the most popular in the world, connecting remote users to their Prisma Access and Next-Generation Firewall (NGFW) products. According to Okta’s February “Business @ Home Report,” GlobalProtect was ranked as the most downloaded remote access app at the onset of the COVID-19 pandemic. As the number of remote workers continues to grow, a question many GlobalProtect customers ask is if there’s a cloud SaaS option for scaling out additional remote access capacity. Prisma Access provides GlobalProtect customers with a cost-effective, cloud-based solution for scaling secure remote access on demand – all with the same capabilities of a Palo Alto Networks NGFW. 

First, let’s level-set on what GlobalProtect is and how it works. GlobalProtect provides customers’ remote users with encrypted tunnel access to their VM-Series and PA-Series firewalls, and is available in agentless and agent-based form factors. It not only provides internal and external gateways, but with a GlobalProtect subscription, customers get additional capabilities like host information profile (HIP), which provides a pre-connect trust and vulnerability assessment of a managed device before it connects. Customers also get mobile app access, split tunnel capabilities, and much more. 

Prisma Access is Palo Alto Networks cloud-delivered security offering and a key component to the Palo Alto Networks secure access service edge (SASE) platform. It is a cloud-based SaaS service that combines native networking and security capabilities to seamlessly connect and secure any user, device, and app. Prisma Access leverages all a customer’s existing GlobalProtect deployments for secure remote access. Instead of connecting back to HQ firewalls, however, users now connect to the Prisma Access cloud service. Because Prisma Access is built on a global, high-performance network with over 100 points of presence, it provides infinite scalability. By leveraging the combined infrastructure of AWS and Google Cloud, Prisma Access ensures that users have the highest service availability and most seamless connectivity possible, all ensured with our industry-leading SLAs. Best of all, there’s no compromising on security. Prisma Access runs on PAN-OS to provide the same Layers 3-7 single-pass inspection of all web and non-web network traffic as the Palo Alto Networks NGFW. This includes detection of malware signatures, intrusion behaviors, and indicators of data loss. 

There’s also the benefit of leveraging all of an organization’s existing investments and infrastructure. Users who want to access public and private apps do so in the same way they’ve been doing through GlobalProtect, either clientlessly or with an agent on the endpoint. Because Prisma Access is treated as another enforcement point, this allows customers to use the same consistent Palo Alto Networks security capabilities, policy management, and reporting. It also means that customers won’t have to retrain network and security architects on deploying and configuring new technology, and with integrated networking and security capabilities, this gives organizations the option of seamlessly migrating legacy routing and networking capabilities to the cloud. Customers can also connect their branch or retail locations to the Prisma Access cloud service rather than using expensive MPLS routing, leased lines, or complex site to site VPN configurations. 

We’re also offering a financial incentive making it even more economical for GlobalProtect customers to use Prisma Access to scale secure remote access for mobile users. The incentives include:: 

  • Trade-in credit: We are offering trade-in credit for those customers with paid GlobalProtect subscriptions, allowing them to apply those dollar credits toward the cost of a Prisma Access subscription.
  • Additional free six months: Get six months of additional Prisma Access subscription with the purchase of a three-year subscription.
  • Product migration discount: Customers will also get a $9,000 discount toward product migration, including QuickStart professional services.

The combination of networking and security capabilities in a single cloud-based SaaS offering gives GlobalProtect customers a cost-effective solution for scaling mobile user capacity. It also gives customers the option of transitioning hardware-based networking for branch and retail locations to a software-defined model over time. 

For more information about the GlobalProtect migration program, check out our webinar: Scale Your Remote Workforce: Leverage Your GlobalProtect Investment. 


Subscribe to Sase Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.