Introducing the Palo Alto Networks Panorama Advanced AlienApp

October 6, 2021 | Ziv Hagbi

Here at AT&T Cybersecurity, we believe cyber protection should include multiple layers and cover as much ground as possible. Having full visibility into threats on the network and being able to automate actions against them not only reduces an organization’s risk but also frees up time for security teams to focus on other high-value security tasks.

We are pleased to announce that we can now offer our customers yet another layer of network protection with our new Advanced AlienApp for Palo Alto Networks Panorama. This integration expands on the strong partnership between AT&T Cybersecurity and Palo Alto Networks to meet the growing needs of our customers.

Building on the USM Anywhere and Advanced AlienApp for Palo Alto Networks PAN-OS integration, the new Advanced AlienApp for Palo Alto Networks Panorama gives SOC teams the ability to control multiple firewalls using the Palo Alto Networks management API. With just one click in the USM Anywhere platform, they can take swift action across the board.

Palo Alto logo

Palo Alto AlienApps

The user-friendly interface of the Advanced AlienApp for Palo Alto Networks Panorama makes it simple to integrate multiple firewalls. Additionally, USM Anywhere now supports multiple firewalls with a single sensor, which makes things much easier from a management perspective.

A SOC needs centralized visibility into and control over its organization’s assets. Among other things, easy integrations allow for the seamless connection of an infinite number of tools and third-party solutions under a SOC team’s responsibility. With USM Anywhere, countless integrations converge in a single pane of glass.

Palo Alto in USM Anywhere

For example, with Palo Alto Networks Panorama, data can be collected either directly from Panorama syslog or streamed through the firewalls to the Cortex Data Lake. USM Anywhere can support both modes through the Advanced AlienApp for Palo Alto Networks Panorama.

Palo Alto events

In addition to providing enhanced visibility into threats, the Advanced AlienApp for Palo Alto Networks Panorama provides a variety of orchestration and response actions to help streamline threat detection and response.

Users can invoke actions directly from USM Anywhere either manually or automatically based on their needs, for example:

  • Add/Remove address to/from Address Group
  • Address from Address Group
    • Create new tags
  • Add address to URL Category
    • Add address to existing URL category
    • Create new Category
  • External Block List: Full Control over the dynamic list.
    • Add, remove IP/URLs
    • Export/Import across sensors
    • Purge list

Palo Alto actions

The Advanced AlienApp for Palo Alto Networks Panorama supports use of an External Block List that is hosted on USM Anywhere and feeds into the Panorama CMS. Customers have full control over the list and can populate it through automation rules in USM Anywhere.

Pantorama

AT&T Offerings with Palo Alto Networks

The Advanced AlienApp for Palo Alto Networks Panorama allows customers to integrate USM Anywhere with other AT&T remote workforce solutions including AT&T SASE, AT&T Secure Remote Access, and AT&T Secure Web Gateway.

Voice of the vendor

The Advanced AlienApp for Palo Alto Networks Panorama enables you to automate intrusion detection and response activities between USM Anywhere and Palo Alto Networks Panorama. It enhances the threat detection capabilities of USM Anywhere by providing orchestration actions to streamline incident response activities based on risks identified through the platform.

AT&T is laser-focused on threat detection through our Open Threat Exchange integration. In fact, one of the behind-the-scenes features of the Advanced AlienApp for Palo Alto Networks Panorama was put in place before it was even developed. 

The AT&T Alien Labs research team analyzed data coming from different firewalls to build deep and complex correlation rules to best detect anomalies and potential malicious behavior. This allows us to alert when there is a high probability of a threat avoid false-positive scenarios.

AT&T & Palo Alto Networks are excited and proud to introduce the new Advanced AlienApp for Palo Alto Networks Panorama, which showcases what can be achieved through determination, collaboration, and mutually beneficial partnership.

Ziv Hagbi

About the Author: Ziv Hagbi

Ziv Hagbi is a lead product manager, responsible for USM Anywhere integration portfolio in AT&T Cybersecurity. Previously, Ziv played several roles within AT&T, including Software Automation, Architecture and Product Management. And was also a pre-sale engineer at Starhome-Mach. He holds a BA degree in Management and Law from the Open University of Israel.

Read more posts from Ziv Hagbi ›

TAGS: alienapps

‹ BACK TO ALL BLOGS

Get price Free trial