You Cannot Protect What You Cannot See
Iqbal and his team began an extensive proof of concept, following the mantra, “you cannot protect what you cannot see.” Having granular control and complete visibility were top priorities, and the Palo Alto Networks platform proved it could deliver. Within a year, SEGA Europe had deployed Palo Alto Networks next-generation firewalls in its headquarters and at every studio, each configured with Threat Prevention, URL Filtering, and WildFire services.
“We got to work setting up policies that would give us visibility,” notes Iqbal. “We started sanctioning apps and adopted a philosophy of least privilege access using micro-segmentation and applying very granular policies with Threat Prevention to gain more control and to counter potential attacks. Where traffic breaks out to the internet, we have URL Filtering, which is really helpful. For example, there were some incidents where a user fell for a phishing campaign and thought the link didn’t work. That’s because it was picked up by Palo Alto Networks and blocked. The capabilities in the Palo Alto Networks platform played a very important role in helping us enhance our security processes. Instead of remediating, we now prevent malware or phishing attacks from causing disruption in the first place.”
To create efficient, effective policies, Iqbal and his team take advantage of App-ID™ technology to eliminate tedious port configurations and complex coding. Instead, they create plain language rules and specify the applications to which those rules apply. Iqbal remarks, “Moving to application-based policies was a big step for us. Instead of opening fifteen ports, we just enable a specific application, so we no longer need lines and lines of code, just a simple rule.”
Another big win for the security team is WildFire. Iqbal tells of their vision for a “magic box” that could automatically find new threats and stop them using real-time threat intelligence. “WildFire was exactly what we envisioned! We’ve seen it find zero-day attacks for us. Say a user tries to download a file with malware that has never been seen before. WildFire detects that this is a threat, and reprograms the network with protections. We were very impressed that WildFire could pick that up. And we’ve found if WildFire tells you something is malicious, it probably is. In the last four years there have been only a couple false positives, and those were on our own files.”