Next week, we will participate as a sponsor of the Microsoft Ignite annual user conference in Atlanta, Georgia. If you’re planning to be there, come by our booth (#2023) where we will have experts available to show you how our Next-Generation Security Platform is ideally suited to protect your Microsoft infrastructure from the network, to the cloud, to the endpoint.
In many ways, the success of your business probably relies on your productive use of Microsoft infrastructure. SharePoint, Skype for Business (formerly Lync), or Active Directory deployed on the network, in Azure, or as part of your Office 365 subscription, keep your business running, but the distributed nature of your deployment also increases your security exposure. Attackers can and will take full advantage of your highly distributed Microsoft infrastructure to execute their attacks and gain access to your network.
Application-Centric Prevention for Microsoft Environments
Palo Alto Networks Next-Generation Security Platform begins preventing attacks in Microsoft environments with visibility into the applications in use on your network, in the cloud and SaaS environments, and on your endpoints. The knowledge of which applications are in use, and by whom, provides you with the power to make better-informed security decisions and, more importantly, begin to reduce your attack surface area by enabling business applications, like SharePoint, Skype for Business, and Office 365, based on user identity stored in Active Directory.
Threat prevention policies can then be applied, enabling applications to block known attacks (e.g., vulnerability exploits, command and control, viruses, malware), while simultaneously making unknown attacks known, and then dynamically creating and delivering new protection mechanisms to all users globally. The three pillars that make up our Next-Generation Security Platform are:
- Next-Generation Firewall: Delivered as either a hardware appliance or a virtualized instance for Hyper-V or Azure, the next-generation firewall natively inspects all traffic, inclusive of applications, threats and content, and then ties that traffic to the user, regardless of location or device type. This means you can build policies that specifically enable and protect nearly 50 different Microsoft applications and functions.
- Threat Intelligence Cloud: This provides centralized intelligence capabilities and automated delivery of cyberattack preventive measures that can, in as little as 300 seconds, eliminate new and previously unknown threats that may target your Microsoft applications and the data they use. The threat intelligence cloud also extends to securely enable Office 365 (SharePoint, OneDrive, Yammer) with policies that control access, and prevent threats and data loss.
- Advanced Endpoint Protection: This replaces traditional antivirus on Windows servers and endpoints with true prevention by preemptively blocking malware and exploits, including zero-days, before they compromise endpoints.
From a platform perspective, native integration is key to delivering consistent security capabilities and applying them to all users, applications and locations – from the network to the cloud to the endpoint.. Native integration means that each of our platform components shares contextual information on the attack, the application it used, and the victim. Behavioral information learned about the attack by the platform is used to continually improve each of the prevention elements (WildFire, URL filtering, IPS, anti-malware, DNS protections, Traps, etc.) in a dynamic and automated manner, making it increasingly difficult for cyber criminals to execute a successful attack.
To learn more about how our Next-Generation Security Platform can protect Microsoft environments, visit us at booth #2023 at Microsoft Ignite from September 26 – 30. Also be sure to check out our latest white paper on protecting Microsoft environments, from the network to the cloud to the endpoint.