Jeff Starling – [Senior Networking Consultant]
The use of SaaS (Software as a Service) applications continue to gain popularity as a cost-effective way to provide office automation and data-sharing in today’s business environment. SaaS services are often described to fall into 2 categories:
- Sanctioned (allowed and supported by the company),
- Unsanctioned (utilized by the end user with no control by the IT department).
Palo Alto Networks firewalls can control the access of most unsanctioned SaaS applications through the use of the built-in App-ID function. But SaaS applications use infrastructure and networks that are not owned by the company. So how does a security-conscious IT department protect their sanctioned SaaS applications from malware and data loss?
They use the Aperture service by Palo Alto Networks.
Aperture is a cloud-based security solution from Palo Alto Networks designed to protect SaaS applications. It provides full reporting of daily activities of users and data, and supports a granular access control mechanism to eliminate data exposure and risks. This service integrates with Palo Alto Network’s WildFire Threat Intelligence database to block known malware, as well as, to identify and block unknown malware. This level of protection can be accomplished with no change to the local user. There is no agent to install, and since it is a cloud-based solution, there is nothing to install on the network.
Aperture currently supports the following SaaS applications:
- Office 365-One Drive/SharePoint
- Sales Force
- Google Drive
Contact your Keller Schroeder Account Manager for more information on Aperture and other Palo Alto Networks products.