Palo Alto extends SASE security, performance features | Network World

Palo Alto Networks has extended its Prisma SASE (secure access service edge) package to better secure managed and unmanaged devices and bolster the speed and protection of distributed enterprise applications.

The latest version of Prisma SASE, version 3.0, includes a number of core upgrades, including the ability to secure unmanaged devices through a new, integrated Prisma Access Browser that features least privilege access, constant security inspection, and other zero-trust capabilities.

The Prisma SASE offering combines Palo Alto’s SD-WAN technology with its cloud-based security products, which include advanced threat protection, user-behavior monitoring, secure web gateway, cloud-access security broker (CASB), firewall-as-a-service (FWaaS), data loss prevention (DLP) monitoring and management, and zero-trust network access (ZTNA) support. It also features AI capabilities as part of the vendor’s autonomous digital experience management (ADEM) system, which provides visibility into endpoints, WAN links, cloud resources, applications, and traffic levels to help troubleshoot performance issues.

“The shift to the cloud has solidified the browser as the primary workspace,” wrote Anand Oswal, senior vice president and general manager at Palo Alto Networks, in a blog about Prisma SASE 3.0 features. “This, coupled with the rise of working from anywhere, has led to the browser becoming a significant attack vector. Most work today gets done in the web browser, which is used to access corporate data and applications (like email, HR and finance). But, it is inherently insecure.”

Some 95% of organizations have experienced a security incident originating from the browser across all devices, according to a Palo Alto survey. This is why Gartner predicts that by 2030, enterprise browsers will be the core platform for delivering secure, digital workforce experiences on managed and unmanaged devices.

By 2025, enterprise browsers or extensions will be featured in 25% of web security competitive situations, up from less than 10% today, Oswal stated.

With Prisma SASE 3.0 and the integrated browser, IT professionals will be able to monitor and mitigate threats in real time, and the workforce will be able to safely use any device to access any application, Oswal stated. Another benefit is the ability to quickly and securely onboard contractors and third parties, improving efficiency and lowering costs, Oswal stated.

In addition to the integrated browser, Prisma SASE 3.0 includes a new App Acceleration feature that can boost connection performance and improve the security and speed of connectivity with cloud-based applications up to 5 times faster than direct-to-Internet, Oswal stated. Palo Alto is working with an ecosystem of partners as part of the app acceleration capabilities.

“We are working with leading cloud service providers and enterprise applications, including Amazon Web Services (AWS), Slack, ServiceNow, Google, Zoom and SAP, to empower our customers to leverage the performance-enhancing capabilities of App Acceleration while maintaining robust security,” Oswal stated.

As for AI enhancements, SASE 3.0 makes use of what Palo Alto says is a large language model-powered document classification system that employs context-aware machine learning models melded with natural language capabilities. The idea is to increase the accuracy of ML behavioral analytics to monitor and protect where sensitive data resides and travels, Oswal stated.

“This technology complements our existing out-of-the-box data profiles, which leverage a wide range of classification techniques for regulatory and compliance needs. This enhanced classification capability further enhances our DLP solution to help keep customer data secure,” Oswal stated.

Michael Cooney is a Senior Editor with Network World who has written about the IT world for more than 25 years. He can be reached at