The Boy Who Cried Wolf is a story we’ve all heard many times in our lives. It’s a story that originated in ancient Greece, an original fable of Aesop. It’s been told many millions of times, in countless languages and undoubtedly with endless cultural variations. Yet the core message of the fable remains: repeating false or hyperbolic threat information repeatedly serves to diminish significantly the response to the threat with each retelling; eventually and predictably, responses simply cease – creating a situation of great peril when actual danger appears. The fable is thousands of years old, but its message is startlingly applicable for today’s enterprise IT and security teams.
In the modern enterprise, teams are presented with an exaggerated array of hysterical alarms and alerts on which they are expected to act – yet few have the time and resources to actually do so effectively. And with the high probability of false alarms coming from multiple applications at a rapid pace, it is increasingly difficult to effectively identify and prioritize those that need immediate response. Even more concerning, staff resources are overwhelmed with addressing and assessing these alerts, reducing their ability to respond with urgency to every real threat. The alerts can become noise, and the entire enterprise is put at great risk.
Couple this fact with the explosion in quantity and heterogeneity of network-connected devices – the Hyper-Connected Enterprise– and it’s clear that we’re at an important tipping point in enterprise network security. Traditional agent-based and human-generated security models simply cannot scale. And the answer, despite what every new threat detection vendor tells you, is not in deploying more systems that create more alerts and further tax your already depleted resources.
The answer is, however, quite simple: take control of the intelligent security infrastructure you already have, and utilize it to regulate and protect your network on your terms.
We’re proud to introduce the Ordr Systems Control Engine (SCE) app now available on Cortex by Palo Alto Networks. In just a few minutes of configuration, Palo Alto Networks customers can begin to implement comprehensive, agentless security policies that utilize their best-in-class Palo Alto Networks Next-Generation Firewall infrastructure to regulate and protect every device connected to their enterprise network. These policies can improve the perimeter protection of the enterprise by utilizing Palo Alto Networks next-generation firewalls at the network edge, and can significantly increase the security of the entire network – and prevent any East/West propagation of nefarious activity – by utilizing additional Palo Alto Networks next-generation firewalls inside the network protecting critical assets. This AI-based policy automation and implementation can also segment and protect systems and processes by function, keeping facilities and physical security devices separate from the business-critical data infrastructure, for example.
The cloud-based Ordr SCE app seamlessly and immediately – without the need for any additional hardware such as sensors or analyzers – taps into the massive Cortex Data Lake to automatically identify and classify every device connected to your infrastructure. Every device, such as IP cameras, HVAC control systems, access badge scanners, self-service kiosks, digital signage, infusion pumps, CT scanners, manufacturing control systems, barcode scanners…EVERY device. Even the devices that find their way into your environment without your knowledge, like popular employee-owned devices such as Amazon Echo and Apple iPad. The quantity and variety of these devices is almost unimaginable in the enterprise today…and it’s going to grow by orders of magnitude into the future.
The Ordr SCE not only identifies every device, it provides incredible granularity on exactly what every device is and precisely what each is doing. We call this mapping the Device Flow Genome, a collection of incredibly valuable data that gives you the power to intelligently design and implement policies that are essential to the security of your organization.
Once you have this level of detail on what’s connected to your network, and what each is doing – and should be doing – the Ordr SCE gives you the power to take control of this vast array of devices to ensure effective protection today and into the future. The Ordr SCE gives you powerful policy automation to regulate the behavior of every class of device so none are able to communicate in such manner – either inside or outside of your network – that exposes them to risk and vulnerability. And the Ordr SCE gives you the power to fully secure each class of device by implementing micro-segmentation and threat remediation policies with sophisticated and actionable artificial intelligence.
All without any software on or need to physically touch the connected devices. All utilizing the best-of-breed Palo Alto Networks next-generation firewall infrastructure you already have. All with the power of Cortex, the industry’s only open and integrated AI-based continuous security platform.