News
Vendors

Palo Alto ups ante with new OT security innovations, debuts PA-450R NGFW for industrial environments

November 30, 2023

Palo Alto Networks announced Wednesday several new capabilities that take security for operational technology (OT) environments to the next level. The company introduced PA-450R NGFW, a ruggedized firewall designed for harsh industrial environments, as well as a 5G security solution designed to safeguard industrial operations with enterprise-grade security.

Earlier this year, Palo Alto Networks launched Zero Trust OT Security, a solution to help industrial asset owners and operators keep their OT environments secure. Zero Trust OT Security is built to provide visibility and security for OT assets and networks, 5G-connected assets, and remote operations.

To continue rising to the challenge of ever-evolving cybersecurity threats and customer needs, we are excited to announce several new capabilities that take security for OT environments to the next level, Qiang Huang wrote in a company blog post. This includes the introduction of a new ruggedized firewall designed for harsh environments, as well as an industry-leading 5G security solution designed to safeguard industrial operations with enterprise-grade security. Zero Trust OT Security offers a unique combination of hardware and software working together to provide a comprehensive OT security solution. 

As a key component of the Zero Trust OT Security solution, Industrial OT Security is an initial ML-powered OT visibility engine that combines machine learning (ML) with crowdsourced telemetry to recognize over 500 unique asset profiles, more than 600 OT-specific threat signatures, and over 1,100 OT applications.

The new ruggedized PA-450R NGFW extends the company’s security to organizations’ harshest operational environments. Designed for OT environments, like power substations, the PA-450R delivers up to three times the performance of the previous generation of ruggedized firewalls and is the fastest-in-class ruggedized firewall available today. It also has fail-to-wire capabilities that support seamless data pass-through during power failures to the NGFW, enabling continuous operations.

The PA-450R natively integrates with Industrial OT Security, bringing visibility, security, continuous trust verification, and ongoing threat prevention together in one platform. With the PA-450R and Industrial OT Security, OT network safety and integrity are supported by a single, robust system that can withstand the harshest conditions to secure industrial environments.

5G connectivity within OT environments holds immense potential for operational efficiencies but often lacks adequate security controls to mitigate cybersecurity risks. Palo Alto delivers a 5G security solution designed to comprehensively safeguard industrial operations with enterprise-grade security. Augmenting the company’s 5G-native security capabilities with Industrial OT Security, this solution delivers extensive visibility and protection for every cellular-connected device, regardless of its network connection. It also supports other mobile-connected devices, including 4G/LTE and 3G.

Working seamlessly within the Palo Alto Networks NGFW, the solution offers customers the ability to correlate mobile-specific contexts, including IMEI and IMSI, with high-fidelity device identification, such as device type, vendor make, model, operating system, and risk and behavior analytics. We’ve also enhanced the Industrial OT Security’s device database by incorporating an additional 220,000 device types, sourced from the GSMA database.

This unparalleled level of visibility empowers customers to enhance their operational technology asset management, assess risks, detect anomalies, and swiftly respond to threats. For instance, should a mobile device unexpectedly establish communication with an application (such as a file transfer) that typically isn’t linked to its device category, the NGFW can promptly generate an alert. It will then recommend security policy adjustments to enforce, which leverage the capabilities of machine learning to proactively thwart real-time threats. This seamless integration offers a holistic security solution tailored for 5G and mobile-connected devices in OT environments.

OT environments are often mission-critical with high uptime requirements, significantly influencing which vulnerabilities to patch and when to patch them to avoid operational disruption, loss of revenue, or unnecessary safety risks.

To help security teams reduce business risk by focusing on what matters the most, we are pleased to introduce a risk-priority classification feature within Industrial OT Security, based on a multifactor risk assessment. To identify vulnerabilities that pose the greatest risk, Industrial OT Security looks beyond CVSS, evaluating threat likelihood indicators and the impact on a customer’s organization should their assets be compromised.

With virtual patching capabilities, Industrial OT Security offers a critical advantage for enhanced threat protection in OT environments. It prevents cyberattacks from exploiting known vulnerabilities while awaiting a maintenance window for potential patching. This capability empowers security teams in OT environments to maintain the stability and reliability of OT systems while bolstering cybersecurity defenses.

Digital transformation is driving geographically dispersed OT assets, like power grids and oil fields, to establish stronger connections for centralized control. Organizations must meet stringent reliability and performance requirements, ensuring uninterrupted operations even in the event of internet outages. Software-defined wide area networking (SD-WAN) provides simplified, secure networking that surpasses traditional site-to-site VPNs. Businesses want the benefits of adopting SD-WAN in OT environments but also want to avoid introducing the additional risks of a direct connection to the internet.

Now the Prisma SD-WAN on-premise controller (OPC) brings next-generation secure, industrial SD-WAN management on-premises, so OT asset owners and operators can modernize their networks securely and confidently. With the SD-WAN OPC, end-to-end SD-WAN capabilities are offered on-premises, delivering simplicity and security benefits while providing the reliable connectivity that OT environments require.

IT-OT convergence has accelerated the need to support more secure remote access and site-to-site connectivity for OT environments. As customers look at SASE-based approaches to secure remote operations, they want solutions that can achieve several key objectives. These include implementing Zero Trust security consistently across wired and wireless OT site-level networks. Additionally, customers want solutions that offer consolidated insights and can be managed in a unified, operationally efficient manner.

Industrial Cyber News Desk
Industrial Cyber News Desk

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
MITRE's CREF Navigator aligns with DoD's CMMC to boost cyber resilience in defense industrial base
MITRE’s CREF Navigator aligns with DoD’s CMMC to boost cyber resilience in defense industrial base
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
ASIS Foundation reports on impact of autonomous vehicles on security and technology
ASIS Foundation reports on impact of autonomous vehicles on security and technology
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
RMC
Risk Mitigation Consulting acquires Securicon, boosting cybersecurity and mission assurance offerings
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation