Subscribe to the Blog

Get articles sent directly to your inbox.

Palo Alto Networks recently introduced AIOps for NGFW, the domain-centric AIOps solution. AIOps redefines the firewall operational experience by interpreting, predicting and resolving problems before they become business impacting. According to Palo Alto Networks, organizations are unable to get the most out of their existing security investments. Network security operations are largely manual and reactive in nature. Many of them are unaware of their network security posture and have limited insight into misconfigurations leading to gaps in their security infrastructure. These problems are further compounded by skill shortages.

Here at Indeni, we recognized these challenges many years ago. We have been working with many organizations to tackle these problems. We’ve automated the world’s best practices to deliver predictive, prioritized and actionable insights that help customers prevent costly disruptions. Our automation elements are curated from vetted, community-sourced experience. In fact, our unique approach to avoid network downtime with automation was recognized by Gartner. Indeni was named a “cool vendor” in Gartner’s Cool Vendors in Performance Analysis, 2017

With Palo Alto Networks AIOps announcement, it is great to see a firewall vendor acknowledging these same customer challenges. We are excited to see them jumping on the bandwagon, helping to deal with these issues head-on. Working together, we can help many more customers.

Comparing Indeni and Palo Alto Networks AIOps 

With a shared vision to prevent outages and a common goal to help customers maximize their firewalls investment, you should expect to see a lot of similarities between the two solutions. Both solutions ensure best practices to configure various features are set up properly and securely. This is a great way to avoid problems. Both solutions look for lurking misconfigurations that can cause outages. 

Related Article  Grafana Dashboards for Check Point & Palo Alto Networks Firewalls with Indeni 7.10

Below are the top differences between Palo Alto Networks AIOps and Indeni security infrastructure automation.

Palo Alto Networks AIOpsIndeni 
Supported devicesSupports Palo Alto Networks NGFW only.Vendor agnostic. Supports multiple vendor firewalls and other security devices.
RemediationStep-by-step recommendations and CLI commands to resolve alerts.In addition to step-by-step recommended remediation, Indeni performs automated troubleshooting for root cause analysis.
Alert CategoryHardware – Problems with the physical machinery, such as fan or power supply issues.Health checks – Hardware issues such as fan, power supply issues, etc.
Resource limits – System resources such as CPU, memory and session information storage, are reaching their limit.Health checks – System resources, connection counts, VPN tunnels, ARP entries, MAC entries, SSL decryption memory usage, etc.
Dynamic content – Security intelligence, such as WildFire signature packages, applications and threat content updates and Anti-Virus signatures, are out of date. Health checks – Similar to AIOPs coverage, but also checking connections to WildFire, EDL, URL filtering, etc.  as well as services required for a firewall to function properly such as LDAP, NTP, DNS, RADIUS, Panorama, etc. 
PAN-OS & Subscriptions – The device has an OS or subscription issues such as approaching license expiration, OS end of life, or a known vulnerability.Ongoing maintenance – Checks for license expiration, SSL certificate expiration, OS end of life, etc. 
Security risks – Check for known vulnerability. 
Config limits – Configuration objects, such as security rules, profiles, and address groups, are reaching their limit and may prevent a commit on the device.Organization Standards – Ensure configuration adheres to organization standards, e.g. the right RADIUS server is configured.
High Availability – Ensure configurations are synchronized among cluster members, cluster is active, etc. 
Center for Internet Security Benchmark compliance 
ImplementationSaaS solution On-Premise or hosted in public cloud
IntegrationAlerts via integration with ServiceNow.
Support ticket creation. 
Integration with 
– SIEM tools such as Splunk, IBM Qradar
– Microsoft Active Directory
– ServiceNow
– Monitoring solutions such as Solarwinds Network Performance Monitor, Bigpanda
– Security solutions such as Cyberark
– Visualization tools such as Grafana, Tableau

Summary

Both Palo Alto Networks AIOps and Indeni revolutionize firewall operations. You can proactively address the top operational challenges such as misconfigurations, human errors, compliance with best practices, hardware and software issues. It is time to rethink if your existing reactive solution is good enough. A proactive automation solution identifies potential issues within your security infrastructure to avoid the issue from becoming user noticeable and business impacting. 

Related Article  Top 5 Automation for FortiGate Firewalls

If you’ve multiple vendors in your environment and are looking to redefine your firewall operations, take us for a spin. See what Indeni can find lurking in your environment.