Announcing GlobalProtect Cloud Service: Consistent Protection Delivered to Remote Networks and Mobile Users

Matt Keil


Category: Announcement

Today at Ignite 2017 in Vancouver, we announced GlobalProtect cloud service, a new cloud-based security infrastructure managed by Palo Alto Networks that allows you to deploy consistent next-generation security to your remote networks and mobile users using Panorama management.

The old ways of thinking about perimeter security are just that: old. Organizations often have many remote locations, users are way more mobile, and commonly used applications – formerly located behind the safety of the corporate firewall – have migrated to the cloud as SaaS applications or to such infrastructure as Amazon Web Services and Microsoft Azure. GlobalProtect cloud service addresses all of these fundamental trends.

Typical approaches to securing remote networks and mobile users, such as backhauling traffic to the corporate network or using multiple point products, are difficult to manage, costly and inconsistent when it comes to security policy and protection. Years ago, we began to solve these challenges with GlobalProtect network security for endpoints, which extends the protection of next-generation security to your remote locations and mobile users. Now, GlobalProtect cloud service operationalizes the deployment of consistent security to remote locations and mobile users.

Based on the entire suite of our Next-Generation Security Platform features, GlobalProtect cloud service is managed by Panorama, allowing you to create and deploy consistent security policies across your entire organization. To consume GlobalProtect cloud service, you will use Panorama to onboard remote networks and mobile users, and then create and deploy security policies as needed.

Remote networks will connect to GlobalProtect cloud service via an on-premise IPsec VPN-capable device, or through one of our technology integration partners that support SD-WAN or IPsec VPN connectivity options. Remote networks will have protected access to corporate resources, SaaS applications and other web applications. Mobile users will utilize the GlobalProtect app on their device to connect via an IPsec or SSL VPN connection and be granted similar protected access.

GlobalProtect cloud service uses a shared ownership model in which Palo Alto Networks manages the security infrastructure, and you manage security for your remote networks and mobile users. With GlobalProtect cloud service, you can reduce the operational burden associated with deploying security to remote locations and mobile users, and move your security expenditures to a more efficient and predictable operational expense (Opex) based model – right-fit for the era of cloud.

To learn more:

cyrus-infographic-r8d1

 

4 Reader Comments

  1. Hi,

    I would like to get a better understanding how GlobalProtect Cloud Service can be implemented in existing remote infrastructures with the assumption that we already have a Panorama in our organisation. Lets say that I have a remote location that has already a firewall protecting the site. Can the GlobalProtect Cloud Service replace that firewall? If yes, how?

  2. Matt Keil

    Victor,

    Remote location connections to GlobalProtect cloud service require an IPsec capable device. Panorama – existing or new – is used to onboard the locations (or mobile users) and deploy security policies to provide secure connectivity to corporate and, if so defined, the web. GlobalProtect cloud service also supports SD-WAN connectivity. More here: https://www.paloaltonetworks.com/products/globalprotect/cloudservice

  3. Hi,

    Would be very interested to have the locations across the globe where this service will become available and will policy automatically sync across all these locations from panorama and will roaming be available for people travelling across regions.

    Thank you

    PierrickL

  4. Matt Keil

    Pierrick,

    GlobalProtect cloud service will be available globally. You will be able to select the regions globally where it is deployed from within the Panorama using the Plugin. Policy is created as a device group in Panorama and pushed to all regions. Yes, roaming users will have same levels of security as the travel the world. They are connecting to the closest gateway.

Got something to say?

Get updates: Unit 42

Sign up to receive the latest news, cyber threat intelligence and research from Unit42


SUBSCRIBE TO RSS