Search
icon homePrisma SASE Home
Prisma Sase HomeCore Network SecuritySD-WANSecure BrowserData SecurityUser Experience

See why organizations are moving to SASE

Choose from the topics below to understand how each component contributes to a unified SASE architecture.

Prisma SASE OverviewCore Network SecuritySD-WANSecure BrowserData SecurityUser Experience
Data Center
Internet
Cloud
SaaS
AI Apps
Unified Management
and Operations
Strata Cloud Manager with Built-in AIOps and Copilot
Best-In-Class Security
and Exceptional User
Experience
Core Network SecurityData SecurityIoT/OT SecurityUser Experience
Prisma SASE
Components
prisma accessprisma sd-wanprisma access browser

Secure All Use Cases

Consistently enforce true Zero Trust security and reduce the risk of a breach with dynamic and adaptive access control

Ensure Operational Resilience and Exceptional User Experience

Deliver the best user experience and avoid business disruption with Cloud scale resilience for all traffic

Simplify Troubleshooting and Policy Management

Reduce operational overhead with AI-powered experience and policy management

Home
Office
Iot/OT
BYOD
Branch

Empower the future of work with comprehensive, consistent protection for all of your users, devices,
applications and data wherever they are.

malware icon

Sandbox/Malware Analysis

Attackers generate new, never-before-seen malware variants that cannot be detected by traditional sandboxing solutions.

web security icon

Web Security

Attackers create and launch unknown phishing pages at scale, rendering traditional web crawlers ineffective.

dns security icon

DNS Security

DNS is an essential internet protocol and carries a significant amount of bi-directional traffic, giving attackers opportunities to hide malicious activity.

intrusion prevention system ips icon

Intrusion Prevention System

Traditional IPS struggle to stop threats hidden within encrypted traffic, and their signature-based detection methods are inherently slow to adapt to rapidly evolving zero-day exploits.

saas security icon

SaaS Security

Legacy security approaches struggle to secure the widespread adoption of SaaS applications and data. They typically lack the comprehensive visibility, precise data classification, and integrated controls necessary for protecting distributed users and devices.

GenAI Apps Security icon

GenAI Apps Security

Securing the rapid growth of GenAI applications is challenging. Key hurdles include the absence of a clear AI inventory (Shadow AI), a lack of governance policies for AI-specific risks like prompt injection, and significant data exposure risks.

Data Loss Prevention icon

Data Loss Prevention

Dramatically reducing the risk of a data breach across all applications and data requires consolidated security capabilities including DLP.

IoT Security icon

IoT Security

A significant industry challenge is gaining complete visibility into IoT devices on the network and the ability to easily identify, quantify, or classify the devices and their associated risks.

How it works

Empower the future of work with comprehensive, consistent protection for all of your users, devices,
applications and data wherever they are.

GenAI
Public Cloud
Internet
SaaS
Data Center
STRATA
Cloud Manager
One Management
brain iconPrecision AI
ai as icondlp iconadv dns iconadv url iconadv wf iconsaas iconiot iconadv tp icon
app idApp ID
user idUser ID
app id mobileDevice ID
1
2
user icon
3

1: Continuous Trust Verification

Keep your environment secure by continuously validating user and device trust throughout the entire session. Stop compromised accounts, block risky behavior in real time, and protect sensitive data without disrupting user productivity.

2: Continuous Security Inspection

Detect and prevent any malicious activity with AI-powered security to analyze all user traffic inline as it enters the network. Ensure true Zero Trust security with fine-grained, least-privileged access, continuous trust verification and deep, ongoing security inspection to protect all users, devices, apps and data everywhere.

3: Secure All Use Cases

Automate continuous trust verification and security inspection for all traffic with comprehensive web security capabilities that coordinate intelligence across all attack vectors. Protect today’s browser-dependent workforce by isolating zero-day web attacks far away from local devices and browsers, delivering superior browser isolation without sacrificing web performance.

1 of 3
global protect iconglobal protect iconprisma access browser iconprisma access browser icon
Branch
BYOD
Home
Users
Office

Empower your branch with AI-driven Zero Trust, best-in-class connectivity, security, and an unparalleled
user experience for all applications.

detect and prevent icon

Application-Defined Fabric

Deliver direct-to-app access that ensures an exceptional user experience for all applications anywhere.

dns security icon

Zero Trust Branch

Safeguard users, IoT devices, and networks against emerging threats through context-aware policies and continuous threat inspection.

web security icon

AI-Powered Operations

Simplify network and security operations with built-in AI/ML-enabled tools to minimize disruptions and improve efficiency.

How it works

Empower your branch with AI-driven Zero Trust, best-in-class connectivity, security, and an unparalleled
user experience for all applications.

AI Apps
SaaS
Internet
ion sdwan iconION
SD-WANPublic Cloud
ion sdwan iconION
SD-WANData Center
STRATA
Cloud Manager
One Management
elastic networks iconElastic Networks:Ensures 100% WAN capacity
with centralized control, even
during failures.
prisma logo
Prisma Access
prisma logo
Prisma Access
FEC iconFEC
Pkt Dup iconPkt Dup
FEC iconFEC
Pkt Dup iconPkt Dup
1
2
3

1: App-aware Path Selection

Automatically steer SaaS application traffic over the best-performing direct internet path using intelligent, application-defined policies to guarantee optimal performance.

2: Best-in-class Application Performance

Deliver best-in-class performance for your entire portfolio of private and SaaS applications by applying granular, policy-based automation to dynamically select the optimal network path and prioritize traffic.

3: Zero Trust Security

Protect your branch users, IoT devices and networks from evolving threats with adaptive context-aware policies, and advanced security services, including DNS, URL and threat prevention.

1 of 3
ion sdwan iconION
SD-WANBranchadem icon
ion sdwan iconION
SD-WANBranchadem icon
ion sdwan iconION
SD-WANBranchadem icon
FEC iconFEC
FEC iconFEC
Pkt Dup iconPkt Dup
Pkt Dup iconPkt Dup

Meet the only secure browser natively integrated with SASE.Extends SASE protection seamlessly to every device, bringing
unmatched agility, security, and control to your business.

Independent Workers icon

Independent Workers

Enable secure remote access while applying Zero Trust access policies and granular data controls.

Revolutionize Data Protection icon

Revolutionize Data Protection

Protect sensitive data in applications and secure traffic that might be hard to decrypt.

BYOD security icon

BYOD

Zero Trust access policies are enforced based on user identity, device posture, and session context.

Safety Enable GenAI icon

Safety Enable GenAI

Safeguard enterprise data within GenAI tools and stop the use of unapproved Shadow AI.

VDI Reduction icon

VDI Reduction

Reduce the cost and complexity of VDI with a solution that takes minutes to onboard and offboard.

How it works

Work in the browser is exposing
organizations to threats and data
loss on both managed and
unmanaged devices.

AI Apps
SaaS
Internet
Private Apps in
Cloud
Private Apps in
Data Center

Secure all work in the browser on
any device - managed and
unmanaged.

STRATA
Cloud Manager
One Management
Install Prisma Access Browser with best-in-class security in minutes
User
Authentication
Device Posture
2
Securely Access
SaaS Apps & Internet
3
CDSS Services
will be Installed
localy

Step 1: Install & Authenticate

Quickly onboard employees with Prisma Access Browser. They'll download and install it in minutes on any device, gaining instant access to corporate web and SaaS apps via a familiar Chromium interface. Administrators manage all conditional access policies and device security posture from a single console.

Step 2: Securely Access SaaS Apps & Internet

Once users and devices comply with the access policies, users can confidently start working in the browser. The browser enforces security at the endpoint, creating a secure and isolated environment for accessing corporate SaaS, web, and GenAI applications. Prisma Access Browser provides full visibility and last mile data protection for any.

Step 3: CDSS is Installed locally

Users also gain secure access to private applications. Prisma Access Browser is natively integrated with Prisma Access and Palo Alto Networks advanced threat protection to enable secure access to private applications.

1 of 3
1
Install Prisma Access
Browser with best-in-class
security in minutes
mobile phone with apple and android logos
laptop icon
tablet icon
Managed Devices
mobile phone with apple and android logos
laptop icon
tablet icon
Unmanaged Devices
one management icon
One Management
Interface

Data Security

icon data security

SaaS Security

Secure your SaaS apps and data with ONE integrated solution. See and secure all your SaaS apps - including GenAI and modern collaboration apps - prevent sensitive data loss and protect your users everywhere.

icon access security

AI Access Security

Organizations can monitor and secure access to AI applications, preventing data leakage and unauthorized use. This solution empowers companies to safely enable generative AI adoption and use, while providing continuous risk monitoring.

SaaS SecurityPrecision AI Challenges

Prevent data breaches everywhere icon

Prevent data breaches
everywhere

Data breaches can occur anywhere, and it's challenging for users to ensure the security of their data. With the increasing use of SaaS applications, the risk of data breaches has become more significant. Users face the problem of protecting their sensitive data from unauthorized access, which can lead to financial losses, reputational damage, and legal consequences.

Minimize inadvertent data exposure icon

Minimize inadvertent
data exposure

Inadvertent data exposure is a significant concern for users, as it can occur through various means such as misconfigured SaaS applications, weak access controls, or inadequate encryption. This can lead to sensitive data being exposed to unauthorized parties, causing harm to individuals and organizations.

Reduce malicious insider risk icon

Reduce malicious
insider risk

Malicious insiders can pose a significant threat to an organization's security. Users face the challenge of identifying and mitigating the risk of malicious insiders, who can intentionally or unintentionally compromise sensitive data. This can be due to various factors such as lack of training, inadequate access controls, or insufficient monitoring.

Shadow SaaS and Govern Access icon

Discover shadow SaaS and
Govern Access

Users must ensure that their SaaS applications comply with relevant regulations and standards, such as GDPR, CCPA, and HIPAA. This can be a challenging task, as it requires ensuring that data is handled, stored, and transmitted in accordance with these regulations. Failure to comply can result in significant fines, reputational damage, and legal consequences.

Support privacy compliance icon

Support privacy
& compliance

Shadow SaaS refers to the use of unauthorized SaaS applications within an organization. Users face the problem of discovering and governing access to these applications, which can pose a significant risk to data security. Without proper visibility and control, users may inadvertently expose sensitive data to unauthorized parties.

How it works
SaaS SecurityPrecision AI Challenges
AI Apps
Internet
SaaS
Cloud
Data Center
STRATA
Cloud Manager
One Management
prisma logochrome logo
data motionData in motion
data restData at rest
security iconSaaS Security
circle x icondlp iconcircle plus iconadvwf iconcircle check icon
UnsanctionedToleratedSanctioned
prisma accessprisma sd-wanprisma access browser
officer iconofficer icon
1
2
3

Step 1: Discover

The first step in securing SaaS applications is to discover all SaaS applications being used within an organization. This includes both sanctioned and unsanctioned applications. Palo Alto Networks' SaaS Security solution uses cloud-based machine learning to discover SaaS applications and provide visibility into SaaS application usage.

Step 2: Classify

Once SaaS applications are discovered, the next step is to classify them based on their risk profile. This involves assessing the security risks associated with each application, such as data breaches, unauthorized access, and malware. Palo Alto Networks' SaaS Security solution uses a database of over 15,000 SaaS applications to classify applications and provide risk scores.

Step 3: Protect

The final step is to protect SaaS applications from security risks. This involves implementing security controls such as access controls, data encryption, and threat protection. Palo Alto Networks' SaaS Security solution provides advanced analytics and reporting to help organizations understand the data security risks of SaaS application use and create policies to control access to SaaS applications.

1 of 3
Branch
BYOD
Home
Users
Office

AI Access SecurityPrecision AI Challenges

malware icon

Real-time visibility
of AI usage

To gain real-time visibility into which GenAI apps are being used and by whom.

web security icon

Access
control

Systematically codifying GenAI strategies and enforcing granular access policies is required to reduce operational burden and manage risk effectively.

dns security icon

Comprehensive data
protection

Preventing sensitive data loss and defending against malicious responses is necessary for safe AI adoption.

intrusion prevention system ips icon

Visibility into AI apps that
train on data

The proliferation and complexity of GenAI apps make it challenging to identify, categorize, and monitor usage effectively, impacting overall security posture.

saas security icon

Data risks from the rise of
GenAI Apps

GenAI apps are an emerging source of risk that can inadvertently expose sensitive company data, leading to significant business and compliance risks.

GenAI Apps Security icon

Enable Secure GenAI
App usage

The absence of clear GenAI usage policies and technical enablement creates employee risks, potential dissatisfaction, and potential circumvention of restrictions.

How it works
AI Access SecurityPrecision AI Challenges
Internet
SaaS
GenAI App
Public Cloud
Data Center
STRATA
Cloud Manager
One Management
brain icon
circle x icondlp iconcircle plus iconadvwf iconcircle check icon
UnsanctionedToleratedSanctioned
1
2
3

1: Discover AI apps in use

Access the most up-to-date GenAI app dictionary to accurately discover and categorize GenAI applications, agents and marketplace plugins. Gain real-time visibility into which apps are being used and by whom.

2: Govern access to AI, protect sensitive data

Classify apps as sanctioned, tolerated or unsanctioned, and implement robust access controls. Administrators can revoke access based on the scope of privileges and risk factors, as well as apply fine-grained control over actions such as upload and download.

3: Real-time user coaching

Proactively reduce employee risk with notifications and user coaching directly from AI Access Security. Employees can understand and correct risky behavior when attempting to access unsanctioned GenAI apps or are about to violate AI usage policies.

1 of 3
prisma access browser iconprisma access browser icon
Branch
BYOD
Home
Users
Office

User Experience

icon data security

ADEM

Gain instant visibility into the health and performance of users, branch sites, applications and IT infrastructure to proactively find and remediate performance issues from a single unified dashboard.

icon access security

App Acceleration

Prisma SASE App Acceleration is a cutting-edge solution designed to speed up the user experience in mission-critical applications. For the first time, customers can achieve highly performant user experiences up to five times faster than direct internet access without any code, application, or infrastructure changes.

The growing complexity of networks, accelerated cloud adoption, and a distributed workforce, contributes to
operational challenges, leading to degraded user experiences and over burdened IT teams.

Poor User Experience icon

Poor User Experience

Slow applications, high latency, and inconsistent performance.

Blind Spots icon

Blind Spots

No visibility into SaaS, cloud, and network issues.

Troubleshooting Delays icon

Troubleshooting Delays

Hard to pinpoint root causes, long resolution times.

Monitoring icon

Monitoring

Issues detected after users complain.

How it works

Accelerate application performance for every user while proactively preventing performance issues with real-time
visibility into your user’s journey for every web application.

See and Remediate User
Connectivity Issues
Prisma AccessInstall The ADEM Agent with GPSynthetic Monitoring
GenAI Apps
Internet
SaaS
Cloud
Data Center
Monitor User’s Digital
Experiences
STRATA
Cloud Manager
One Management
Prisma Accessadem logo
Synthetic Monitoring
lock iconserver rack icon
dashboard indicator icon
dashboard indicator icon
network capability iconnetwork capability iconnetwork capability iconnetwork capability icon
Endpoint Monitoringping iconcpu iconmonitoring icon
ping iconcpu iconmonitoring iconEndpoint Monitoring
1
Prisma Access
2
Install The ADEM
Agent with GP
3
Synthetic
Monitoring

1: Enhance User Experience

Provide up to a 5x boost in an application’s performance with App Acceleration.

2: Install The ADEM Agent with Global Protect

Dramatically improve your user’s app experiences with a solution that uses predictive modeling to anticipate user behavior and pre-fetch the most relevant dynamic content.

3: Synthetic Monitoring

Stay ahead of user performance challenges with end-to-end visibility and real-time insights across your network with Autonomous Digital Experience Management.

1 of 3
Branch
Secure User
BYOD
Users
adem icon
Browser-Based Real
User Monitoring (RUM)
adem icon

Accelerate application performance for every user while proactively preventing performance issues with real-time
visibility into your user’s journey for every web application.

Mission-critical apps icon

Slow user experience in
mission-critical apps

Users experience slow performance when accessing mission-critical applications, resulting in lost productivity and efficiency.

No visibility into network activity icon

Admins have no visibility
into network activity

Administrators lack visibility into network activity, making it difficult to monitor and manage network traffic, security, and performance.

Consumer-grade connectivity icon

Consumer-grade connectivity
with no enterprise SLA

Users rely on consumer-grade connectivity that lacks enterprise-level Service Level Agreements (SLAs), resulting in unreliable and unsecured connections.

Poor internet access icon

Users often reduce
security to gain speed

Users, frustrated with a slow application experience, will remove security controls in hopes of speeding up the app to allow them to complete their work.

How it works

Accelerate application performance for every user while proactively preventing performance issues with real-time
visibility into your user’s journey for every web application.

ServiceNow
Zoom
Internet
SaaS
Data Center
Google Drive
SAP
STRATA
Cloud Manager
One Management
1
3 icons
Dynamic
ContentApp
Contextspeed dahsboard icon
Dynamic
ContentApp
Contextspeed dahsboard icon
network capability iconNetwork Capability
network capability iconNetwork Capability
adem logoadem logo
Prisma Accessadem logo
prisma accessprisma sd-wanprisma access browser
Device Capability
Device Capability
2
App Performance: Boosts speed of SaaS and private applications by up to 5x faster than direct internet access.
3

1: Dynamic performance optimization: per-user visibility

Gain real-time insights into each user's network, device, and application characteristics. This allows you to understand their unique needs and tailor performance for an enhanced experience.

2: Optimize Each User Experience in Real-time

App Acceleration create a custom flow profile for each user to maximize their throughput and seamlessly compensate for network disturbances. This ensures the best possible performance for every individual.

3: Enhanced SaaS experience and content delivery

We accelerate dynamic content in mission-critical SaaS apps, delivering it faster for a better user experience. This is achieved by proactively computing content, enabling instant delivery upon user request.

1 of 3
Branch
Secure User
BYOD
Users
adem iconadem iconadem icon

Speak with a SASE Expert

Ready to empower your hybrid workforce with a single, cloud-delivered solution? Fill out the form below to connect with a Prisma SASE expert and learn how you can simplify operations, enhance security, and deliver an exceptional user experience.

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.