Your business changes, your applications change, and
your network evolves. Log traffic, monitor the environment, and
maintain the Zero Trust deployment.
Security is an iterative process because
logging and monitoring reveal improvements to make and because your
business and network change over time. Follow the standards and designs you developed
to maintain and continually update prevention controls.
Decrypt, inspect, and log all traffic (internal
and external) through Layer 7.
Forward logs to the Cortex Data Lake (CDL) from
managed firewalls using Panorama to push log forwarding
settings to firewall groups, from individual firewalls (firewalls
not managed by Panorama), from Prisma Access, and from Cortex XDR to centralize
and aggregate your on-premise and virtual (private and public cloud) log
storage. This provides visibility into your traffic and attack surfaces.
Send CDL as much telemetry data as possible about your environment
(endpoints, network, and cloud) so that you receive the most complete
and actionable insights into how to improve your Zero Trust network
over time.
Update policy based on intelligence from Cortex XDR, which uses
Cortex Data Lake data and machine learning to automate analyzing
your network based on your network’s normal behavior and identifying
anomalous behavior that may indicate an intrusion or other threat.
Threat activity that targets assets which aren’t protected highlights
resources that were missed during the initial asset discovery
and prioritization.
Use Cortex XDR to gain visibility into your network traffic,
simplify threat investigation by correlating logs, and enable you
to identify the root cause of alerts and respond immediately.
Use Cortext XDR APIs to integrate with Cortex XSOAR and
automate responses using response playbooks that are tailored to
your business workflows, which can reduce response time from days
to minutes.
Use Prisma Cloud to aggregate
and provide visibility into configuration data, user activity information,
and network traffic information. Prisma Cloud analyzes data and
delivers concise and actionable insights.
Keep the cross-functional team together to help maintain
your Zero Trust deployment as the network and the business evolve,
and create education and training to ensure that new members of
the team understand the strategy and the implementation.
Continue to automate actions and responses as automation
capabilities advance.