SASE Options for Hybrid Work

Most of us are absolutely conscious the hybrid workforce considerably will increase the assault floor for all enterprises. Cloud providers and apps, private units, and distant entry instruments basically render a corporation’s safety perimeters out of date, leading to extra cyberattacks. IT managers typically need to compromise between safety and consumer expertise as they grapple with these new methods of working and their applied sciences. Due to this fact, it’s no shock Forrester claims that 80% of safety and enterprise leaders say their organizations are extra uncovered to threat because of distant work.

As such, we’ve wanted extra deal with the “Safe” a part of SASE the place these options’ safety efficacy is paramount. Nevertheless, there have been no in-depth check outcomes out there, as nobody within the cybersecurity trade had carried out an evaluation of the frequent safety providers deployed by prospects.

Testing the Trade’s High SASE Safety Options

Right here at Palo Alto Networks we recognized this lacking, but crucial, hyperlink and mentioned it with a number one testing firm concerned in unbiased testing, AV-Comparatives Gmbh. The target was to return out with the trade’s first and most in-depth check targeted on the safety efficacy of SASE options. We wished to transcend simply conventional testing of exploits and evasions that by themselves don’t symbolize the safety efficacy {that a} buyer will expertise. The check situations targeted on a variety of safety providers, like URL filtering, DNS safety, Malware safety, and extra, and had been designed to be extra sensible, specializing in real-world points that prospects typically face.

AV-Comparatives SASE Report

The AV-Comparatives SASE report got down to decide which SASE safety resolution was the best in actual world situations. The general check process included 8 totally different sub-tests, every masking a significant side of the respective product’s capabilities in a particular real-world situation. The Internet URL Filtering Safety, DNS Safety, and Malware Safety sub-tests had been damaged down into additional particular person classes, as proven beneath:

1. Internet URL Filtering Safety (CnC Block Charge, Malware Block Charge, Phishing Block Charge, Common Benign URL Categorization)
2. DNS Safety (DNS Tunnelling Prevention, DGA Safety Charge)
3. Malware Safety (Sandbox Evaluation Time, Safety In opposition to Modified Malware, Malware Safety through E mail Protocol, Artifact Extraction, File Switch)
4. Public SaaS Utility Safety
5. Non-public SaaS Utility Safety
6. Vulnerability Safety
7. Evasion Safety
8. Credential-Theft Prevention

The check in contrast Prisma Access with two different options. Whereas Palo Alto Networks sponsored this check, we knew credibility was crucial for it to matter. Testing was carried out by AV-Comparatives independently and no samples had been shared with Palo Alto Networks beforehand. The check consequence reveals dramatic variations in safety efficacy between Prisma Entry and the competing merchandise.

Elevating Expectations for SASE Safety

A SASE resolution ought to have the ability to implement uniform and ubiquitous safety for a consumer from any location to any utility, no matter port/protocol getting used, detecting and stopping malicious exercise bidirectionally given insider threats and/or customers inadvertently connecting from a beforehand contaminated host. Therefore, the general menace safety capabilities, and the completeness of assault floor safety for each distant and department user-based situations are crucial.

For an in depth view of the check outcomes and methodology, learn the AV-Comparatives SASE Comparative Report here.

Jason Georgi serves as Palo Alto Networks’ international Discipline CTO for Prisma Entry and Prisma SASE. He focuses on constructing C-level relationships and advising shopper executives on the strategic alignment of cloud-delivered safety options as enablers of consumers’ cloud transformation journey.