2. CASB Definition - Gartner
• “Cloud access security brokers (CASBs) are on-premises, or cloud-
based security policy enforcement points, placed between cloud service
consumers and cloud service providers to combine and interject enterprise
security policies as the cloud-based resources are accessed. CASBs
consolidate multiple types of security policy enforcement. Example security
policies include authentication, single sign-on, authorization, credential
mapping, device profiling, encryption, tokenization, logging, alerting, malware
detection/prevention and so on.”
3. Do Palo Alto Networks provide CASB solution ?
• YES !
• Palo Alto Networks Security Operating Platform provides CASB solution by
natively integrates Aperture, SAML Proxy, Palo Alto Networks NGFW and
Globalprotect
5. How about Aperture API ?
• Aperture API is only a part of Palo Alto Networks CASB offering
• Sits on the side and connect directly to SaaS applications to provide data
classification, data leakage prevention and threat detection – so you can
secure your sanctioned applications.
6. Managed users On Network
Remote Users
Always on VPN
Managed
Devices
SaaS application
visibility and granular
enforcement
delivered inline
NGFW
Internal Gateway
Internal Network
7. Controlling access to enterprise sanctioned apps from un-managed devices
Unmanaged
Devices
Identity
Provider
1
2https://myApp Redirect to
IDP for Auth
SAML
Assertion
3
5
SAML Proxy
AuthN
Request
4
HTTP redirect to
proxy URL (NGFW)
Aperture
NGFW
https://firewall-ip
6
https://myApp
tenant.samlproxy.com
8. OUR APPROACH TO SAAS SECURITY
Remote Users
Branch
Headquarters
Unmanaged
Devices
Managed
Devices
GlobalProtect
Cloud Service
NGFW
Aperture
API
Sanctioned
Tolerated
Unsanctioned
SaaS application
visibility and granular
enforcement
delivered inline
Monitor in-cloud
activity and protect
data with Aperture