In brief
ON2IT
The Netherlands and USA
Technology
More than 300 clients worldwide
Stop new threats and reduce the risk of breaches in the Azure MSSP environment. Enable managed security services clients to reduce complexity and cost.
This solution uses the Palo Alto Networks® Network Security Platform:
As a forward-thinking MSSP, ON2IT is reluctant to add operational overhead as it secures a fast-growing portfolio of client workloads. The organisation wants to consume network security in the same way it consumes easily deployed, fully managed cloud services. It also wants to centralise the administration of its essential network security tools. ON2IT wants to meet these objectives without compromising the quality of security, which is where Palo Alto Networks best-in-class security becomes a crucial component.
CHALLENGES
ON2IT is a Zero Trust innovator: a global pure-play cybersecurity service provider. Headquartered in the Netherlands with further offices in the US, the organisation offers worldwide managed cybersecurity services for clients with complex and dynamic IT infrastructures. ON2IT was founded in 2005 and has more than 300 clients worldwide.
Innovation is at the heart of ON2IT’s business growth. The organisation is continually looking to the future to ensure clients can be confident their data, people, and devices are safeguarded from vulnerabilities. This innovation extends to ON2IT’s Azure environment.
“As more clients move to the cloud for their digital transformation, they need to be certain their Azure environment is protected against threats and their applications are secure,” explains Rob Maas, Field CTO, ON2IT.
For its own environment, ON2IT had the option to choose Azure’s native firewall, or a firewall from a third party. According to Rob, that wasn’t a path the business wanted to take. “The native Azure firewall is click-and-play, but it has very limited features and no central management. A network virtual appliance from a third party provides a richer next-generation firewall feature set but can be very complex to implement and administer.”
With innovation in mind, ON2IT looked to an alternative solution – both for its own Azure environment and to provide managed security services to clients.
REQUIREMENTS
To streamline and modernise its Azure cloud security, ON2IT required a solution that would:
SOLUTION
ON2IT is a Palo Alto Networks “Diamond Innovator” and a previous “Global Managed Service Partner of the Year.” With this immense experience at hand, ON2IT was eager to implement Palo Alto Networks Cloud NextGeneration Firewalls (Cloud NGFWs) for Azure.
Live for six months, the Azure-native managed service uses the power of AI and ML to stop more zero-day exploits with Layer 7 applications-based Zero Trust policies. It also gives ON2IT the flexibility to easily extend security to Azure for both cloud-native and migrated applications. Enabling CDSS solutions such as WildFire will also give ON2IT protection against zero-day attacks.
“It’s a one-click solution,” says Rob. “It’s as simple as saying, ‘I want that firewall’ – and, at the backend, Palo Alto Networks makes it happen. The firewalls are deployed, the networks are created, and we can send traffic through. It removes a lot of complexity and it scales automatically.”
“In the past, for example, running a new service took time and complexity. You needed to deploy the IP addresses, perform the load balancing, make the configurations, and execute other tasks. That’s now all completed in two minutes and a few clicks versus what was previously three hours of work.”
The platform is also seamlessly connected with Panorama management for hybrid and multi-cloud security. “Panorama clients can use their existing Next-Generation Firewall workflows and integrations for their Azure deployments,” says Rob. “There’s no requirement for retraining.”
ON2IT uses an array of unified Cloud-Delivered Security Services (CDSS) to enhance the protection surrounding Palo Alto Networks Cloud NGFWs for Azure. This includes WildFire, DNS Security, Advanced Threat Prevention, Advanced URL Filtering, and Advanced Threat Protection. “With WildFire intelligence, for example, we are preventing unknown malware variants, protecting users before a threat can enter the network.” Advanced Threat Prevention raises the bar in protection against vulnerabilities being exploited and C2 communications from workloads that have been potentially compromised with tools like Cobalt Strike.
All of this is a revelation for an MSSP like ON2IT. Maurice Schiffer, Sales Manager at ON2IT explains, “You get all the features of a normal Palo Alto Networks ML-Powered Next-Generation Firewall deployment without any of the complexity. It’s all there in a box.”
BENEFITS
The benefits of this cloud workload security platform include:
Learn more about Palo Alto Networks on the website where you can also read many more customer stories.