Jump to Content
Security & Identity

Expanding our partnership with Palo Alto Networks to simplify cloud security and accelerate cloud adoption

December 10, 2018
Tariq Shaukat

President, Industry Products and Solutions, Google Cloud

Security remains a top concern and challenge for enterprises, and Google Cloud provides a strong and flexible toolkit to help make a smooth transition to the cloud. We partnered with Palo Alto Networks in 2017 because we both shared a belief that moving to the cloud can help enterprises simplify security, and that improved security will drive cloud adoption. Today we’re expanding that partnership to help more enterprises increase control of their own security in the cloud.

As part of our partnership, Palo Alto Networks will run its Application Framework on Google Cloud to take advantage of Google Cloud Platform’s secure, durable cloud storage and highly-scalable AI and analytics tools. Services such as BigQuery will help Application Framework customers accelerate time-to-insight as they work to detect and respond to security threats. Palo Alto Networks will also run their GlobalProtect cloud service on Google Cloud Platform. Google Cloud’s reliable, performant, and secure global-scale network and infrastructure offer many advantages for a service to help protect branch and mobile workforces.

“This partnership makes us a Google Cloud customer, allowing us to run important cloud-delivered security services at scale and with the benefits of Google’s AI and analytics expertise,” said Varun Badhwar, SVP Products & Engineering for Public Cloud Security at Palo Alto Networks. “We’ll also be working with Google Cloud to offer organizations moving to Google Cloud additional visibility, compliance and security capabilities they need to prevent cyberattacks.”

New solutions to help customers automate compliance audits and reporting

RedLock from Palo Alto Networks helps organizations manage security risks and achieve and maintain compliance. By monitoring the use of GCP APIs, RedLock delivers real-time visibility across GCP resources, including containerized workloads in Google Kubernetes Engine. This enables continuous compliance monitoring and auto-generated reports for common regulations and standards such as GDPR, HIPAA, PCI DSS, and NIST, eliminating the need for lengthy manual audits. A new integration with GCP’s Security Baseline API (Alpha) means that customers can combine a view of their own security and compliance posture with data from GCP’s infrastructure, a capability not available on any other public cloud.

Solutions that will help increase visibility and enhance security analytics

Deep integration of Palo Alto Networks products with Google’s Cloud Security Command Center helps centralize visibility into security and compliance risks on GCP. Palo Alto Networks integrations send alerts from the VM-Series next-generation firewalls, Traps endpoint protection, and RedLock to help provide centralized visibility into security and compliance risks in a Google Cloud environment.

Findings from Palo Alto Networks products in the Cloud Security Command Center Dashboard

This new functionality complements the already extensive set of joint capabilities that help Google Cloud customers define, enforce, monitor and maintain consistent security policies across on-premises, public cloud, and hybrid environments. For example:

  • The entire line of Palo Alto Networks next-generation firewalls, both physical and virtualized, support standards-based IPsec VPN connectivity to ensure a secure connection from on-premises to Google Cloud. In addition, GlobalProtect cloud service provides secure connectivity to GCP as a service, removing some of the operational burden associated with firewall deployments.
  • Palo Alto Networks VM-Series virtualized firewalls protect and segment cloud workloads in GCP to safeguard against internal and external threats and can be deployed directly from the GCP Marketplace.
  • Panorama network security management provides unified management of both physical and the VM-Series firewalls deployed on-premises and on GCP. Customers can create policies once and enforce them everywhere.
  • Traps helps secure the operating system and applications within workloads on GCP. A lightweight host agent deployed within the cloud instance detects any zero-day exploits and ensures the integrity of the operating system and applications. As attackers uncover vulnerabilities, the agent-based approach can provide protection until organizations are able to patch cloud workloads.
  • Through in-line protection provided by Palo Alto Networks firewall appliances or GlobalProtect cloud service, organizations can understand SaaS usage and build policies to help control risk exposure. They can complement the robust security capabilities in G Suite with the Aperture SaaS security service, which offers additional options for protection of data at rest as well as ongoing monitoring of user activity and administrative configurations.

Through our extended partnership, enterprises using Palo Alto Networks offerings on-premises will have an easier path to move to the cloud while leveraging their existing security investments. Organizations who run on Google Cloud will have easy access to security functionality from Palo Alto Networks with enhanced capabilities available only on Google Cloud.

“We are pleased to see Google Cloud and Palo Alto Networks strengthening their partnership. Security is a top priority for Broadcom, and we depend on both organizations to help protect our networks, infrastructure, data, and applications,” notes Andy Nallappan, Vice President and Chief Information Officer, Global Information Technology for Broadcom. “We look forward to increased collaboration that will provide us with new capabilities to enhance our security posture and further simplify deployment and operations across our data centers and the cloud.”

Start today for free

Organizations can take a free, 2-week VM-Series Test Drive and learn how the VM-Series can be deployed on GCP to prevent data loss and potential business disruption. Organizations can also sign up for a free, 2-week RedLock Trial to continuously monitor and secure their Google Cloud environment and identify vulnerable resources and potential points of exposure.

To learn more about our partnership with Palo Alto Networks please visit this site and read their respective announcement.

Posted in