Enable Consistent Security Across Wi-Fi, Ethernet, Private 5G, and Other Access Technologies
Benefits of the Integration
- Together, Palo Alto Networks XSOAR and Next-Generation Firewall (NGFW) with Ataya’s Harmony platform can:
- Provide a single network fabric across different access technologies to enable a single unified security policy solution.
- Extend existing Palo Alto Networks security solutions for Wi-Fi and Ethernet over new deployments of Private 5G.
- Enhance 5G security performance with additional device metadata.
- Manage and correlate security risks for common users leveraging devices capable of multiple access technologies.
- Quickly identify and apply security to new devices and network elements without touching the underlying network infrastructure.
Customer Challenge
Industrial OT, enterprise IT, and security teams face con- siderable challenges to securely maintain complex net- work environments while meeting ever-changing business demands. Not only are new devices and applications being added on a regular basis, but networks are evolving to include different access technologies like Private 5G. Oftentimes, these newer networks are deployed as parallel networks, separate from preexisting networks. This multi- plies management complexity and potential attack surfaces as each disparate network has separate management and security solutions with no common access policies. Network and security teams must manually correlate issues between these networks or build complex integrations to aid this effort, while further increasing management overhead. In the end, the overall security still has unknown cracks, as a proper Zero Trust model only exists when all access to networks (regardless of access type, device, or individual) is governed by the same security system.
Solution
By leveraging a Universal Connectivity platform, network teams can create a single network fabric across different ac- cess technologies (like Wi-Fi, Ethernet, Private 5G, etc.). This enables the security team to extend a single security solution across the entire mixed access technology network to deliver true Zero Trust security. Furthermore, a Universal Connec- tivity platform has access to rich device metadata, which it can share with security systems to increase their intelligence for fine-grained policy and threat detection.
Ataya Harmony
Deployable in less than 15 minutes without reconfiguring existing networks, OT/IT teams get a unified dashboard with rich insights for all mixed access devices with Ata- ya Harmony. Security teams can define fine-tuned policy from the dashboard to manage all network traffic including between mixed access devices and to applications. Network teams can also seamlessly extend the existing network through Universal Connectivity to include Private 5G with a complete 5G core along with RAN planning and optimization tools. And, OT/IT teams can achieve low latency with a single network edge to streamline application integration across all access technologies.
Palo Alto Networks Cortex XSOAR
Cortex XSOAR optimizes SOC efficiency with the world’s most comprehensive SOAR platform for enterprise security, unifying workflow automation, case management, real-time team collaboration, and threat intel management so security analysts have a single location to manage incidents across their organization. XSOAR helps security teams orchestrate and standardize processes with playbooks, take action on threat intel, and automate response for any security use case—resulting in 90% faster response times and a 95% reduction in alerts requiring human intervention.
Palo Alto Networks and Ataya
To increase security intelligence across your network with- out changing a single element of your underlying Ethernet, Wi-Fi, and IoT networks, you can deploy Ataya Harmony seamlessly to establish a single network fabric for visibility of all connected devices and application of security policy. This enables you to extend the security coverage of Palo Alto Networks solutions, such as Cortex XSOAR, over elements of your network that were previously run separately. Next, you can establish a Private 5G network with Harmony’s 5G core, which will be an extension of the same single network fabric. Now, you can leverage Palo Alto Networks Cortex XSOAR in conjunction with other security solutions like the Strata Next-Generation Firewall across the entire network, includ- ing both Wi-Fi and Private 5G for true Zero Trust security. To further enhance security effectiveness, Harmony can pass contextual device metadata to XSOAR for increased intelli- gence and granularity of security policies.
Use Cases
Use Case 1: Enable Identity-Aware Security Across Multiaccess Networks
Challenge
Security products are typically unaware of client identity like IMSI and IMEI for 5G or username/MAC for Wi-Fi clients. They are also unaware of client context like location and presence. Firewalls are usually placed deep in the enterprise network and are only aware of the client’s IP address. Mapping IP addresses to client identity is a big challenge, resulting in mostly IP address-based security policies, even though a fine-grained policy based on client identity and context is strongly preferred.
Solution
The Ataya Harmony Universal Connectivity platform has access to extensive client information for Wi-Fi, 5G, and other Layer 2 clients. Through event-based and streaming methods, Harmony provides this device metadata to Cortex XSOAR. This data includes 5G client identifiers like IMSI, IMEI, and contextual information like slice-id, DNN, gNBid, Tracking Area Code (TAC), etc. Using this information, XSOAR enables other security products like the NGFW to apply more fine-grained identity and contextual policy.
Use Case 2: Correlate Users Across Multiaccess Networks
Challenge
As IT and OT networks continue to expand with multiple Layer 2 access technologies and multimodal devices, it becomes increasingly complex to maintain identity-based security for Zero Trust. When a user is blocked from leveraging the network over Wi-Fi due to malicious activity, there is no central intelligence that ensures the user can’t gain access over 5G. There needs to be identity correlation across different connectivity technologies to ensure these threats are mitigated.
Solution
By implementing Ataya Harmony Universal Connectivity platform with Palo Alto Networks Cortex XSOAR, you can protect your network from threats across different Layer 2 access. Through event-based and streaming methods, Harmony provides unique device metadata to XSOAR, enabling it to correlate different identities into groups so that common policies can be applied for multiple devices from a single user across different Layer 2 access.
