Mobile Security

Problem

The explosive growth of mobile devices in the workplace creates new opportunities for business innovation, while at the same time introduces new vectors for risk. Security should provide the means to mitigate risk, but to date, common approaches for mobile security are limited in scope. These approaches include:

  • Blocking mobile devices - Some organizations try to use blocking technologies in an attempt to insulate themselves from the risks that come with mobile computing. However, employees want to use their mobile devices at work, and will find ways to use them without the company’s knowledge or support.
  • Hoping existing security products will protect mobile devices – Some organizations hope that their existing security measures will protect mobile devices. This will not provide satisfactory results, because traditional network and endpoint security measures are not optimized for mobile use cases and may not provide adequate protection against mobile threats.
  • Applying basic security measures – Not all mobile security measures are the same, and the limitations are not always apparent at first. Mobile security measures for basic use cases (such as ActiveSync for email), do not necessarily provide the necessary protection for other applications and data. As organizations adopt more sophisticated mobile use cases, the security requirements will change as well.

A new approach for mobile security is necessary in order to fully realize all of the benefits that it can provide to the organization. It requires a shift in the expectations for what mobile security must deliver in the first place.

Solution

GlobalProtect from Palo Alto Networks provides a comprehensive, integrated solution to safely enable mobile devices.  It is designed to help customers embrace their mobile initiatives for smartphones and tablets by providing the necessary security to make them safe platforms for business applications and data

GlobalProtect has three primary components:

  • GlobalProtect Gateway: Delivers mobile threat prevention and policy enforcement based on apps, users, content, device and device state. Integrates with WildFire for malware prevention.
  • GlobalProtect App: Enables device management, provides device state information, and establishes secure connectivity with GlobalProtect Gateway to protect traffic and enforce policy.
  • GlobalProtect Mobile Security Manager: Provides device management to configure the device, detect malware, and share device state information with GlobalProtect Gateway.

The GlobalProtect components work together to address mobile security requirements in the following manner:

manage the device

GlobalProtect Mobile Security Manager manages mobile device configurations and oversees device usage throughout the organization. As new devices are brought into the business environment, whether they are corporate or end-user (BYOD) owned, the first step is to ensure that the device has been configured appropriately for business use. GlobalProtect Mobile Security Manager works together with GlobalProtect App to manage the device, check the device state and identify devices with malware infections.

Protect the Device

GlobalProtect App establishes an IPsec/SSL VPN tunnel to GlobalProtect Gateway. The tunnel terminates at GlobalProtect Gateway running on the Palo Alto Networks next-generation security platform for consistent enforcement of network security policies.

Mobile threat prevention technologies protect the device from the latest exploits and malware, powered by global intelligence provided by WildFire.

Control the data

GlobalProtect Gateway provides security teams with granular control over who can access sensitive applications and data. Users with unmanaged or non-compliant devices can be blocked from accessing specific applications based on policy.

In addition, GlobalProtect Gateway provides file and data filtering to control data movement. These features allow administrators to implement policies that reduce the risks associated with the transfer of unauthorized files and data.

Learn more about GlobalProtect and find out how it can address your mobility security requirements.

Resources

Mobility Security Solution Brief
Read about how to safely enable mobile devices with Palo Alto Networks.

GlobalProtect
Learn about the next-generation firewall features for securing mobile devices.

Mobile Security
Learn how a next-generation firewall extends comprehensive application visibility and control and vulnerability protection to mobile devices.

Networking & VPN
Learn about the next-generation firewall features for VPN.