The United States trends in policing are driving new technology initiatives. Demands for transparency and accountability are becoming more important to citizens which means more open data and more body-worn cameras/video storage. Budget constraints and new forms of crime are also calling for new technology solutions. Cost reduction strategies such as IT and network consolidation have become essential, and collaboration across agency and jurisdictional boundaries means more sensitive data is shared and data interoperability becomes more prevalent.
The First Responder Network Authority (FirstNet) of the United States was created under the Middle Class Tax Relief and Job Creation Act of 2012 (MCTRJCA) as an independent authority within the National Telecommunications and Information Administration (NTIA).The purpose of FirstNet is to establish, operate, and maintain an interoperable public safety broadband network. Currently, there are around 10,000 different and incompatible “land mobile radio networks" that first responders in the U.S. use in their jobs. This patchwork of different systems can get in the way of first responders' being able to effectively communicate with each other during emergencies.
Why do you need to find a new security solution?
Single-function security products increase complexity, cost, and errors.
As new threats surface, such as brand-new ransom-ware, fileless attacks, or multimethod attacks, new security point products emerge, potentially increasing capital costs and management overhead. National funding programs tied to particular technologies, projects, or outcomes can also increase point product proliferation.
Backhauling distributed networks impacts performance.
With very distributed “branch” and regional offices throughout their jurisdiction, law enforcement agencies have traditionally backhauled traffic to their data centers. However, this approach cre-ates performance issues as more traffic is inspected. Such issues are particularly acute for patrolling officers and dispatchers, who increasingly use web searches and web-based applications in their daily work.
The cloud introduces complexity and new threat vectors.
As agencies move to software-, infrastructure-, and platform-as-a-service (SaaS, IaaS, and PaaS) environments, harmonizing security protections across these environments becomes problem-atic. Many technology vendors now rely exclusively on the cloud, forcing police services IT to implement and manage cloud security regardless of their current business models.
Flat data center architectures increase risk.
With traditionally flat security architecture in the data center, once a user—even a valid one—has penetrated the data center, that user can gain access to applications and data even when such access is neither required nor desired. The increasing volume of sensitive data and reports of insiders misusing credentials make this approach unsustainable.
What Can You Do?
We (and Palo Alto) can work with you to secure each segment of your network, from network to endpoint to cloud, everywhere you need to be in order to stop today’s advanced attacks.
And remember, when you don’t turn on WildFire, your security insights can quickly get outdated.
In each of these environments, we interoperate with a host of other vendors within an ecosystem of trust – Proofpoint, Tanium, Splunk, VMWare, Aruba, AirWatch, and many others.
Customer Situation/ The Solution - Highway Patrol
This is a distributed network with many branch offices throughout the state. Originally, the customer had several security products in-line in their offices – some ASA firewalls, Websense content filtering, Sourcefire IPS. These were increasingly difficult to manage and get a comprehensive view of network activity and threats, particularly with the geographically distributed offices.
What they deployed:
PA-800 series in branch offices; PA-3000 and 5000 series in HA config in HQ offices. All have TP and WF; URL Filtering in HQ offices. Branch offices are highly secure environments; every branch office does computer-aided dispatch and the firewalls protect that infrastructure. There are not a lot of firewall rules; mostly inspection. They do use User-ID (AD integration) and have done specific things such as changing URL filtering rules for investigations - and it works well.
They have purchased Aperture but have not yet deployed. They all use O365 as well as Box.
They are happy with the efficiency they have gained with the platform. Centralized management of both devices and firewalls are a great deal more convenient and provide greater visibility than the mish-mash of products they had before. Aperture will address visibility, as well as reduce risk of data leaks through SaaS applications. Palo Alto Networks has replaced 95% of other firewalls – they found it almost impossible to pull out O365 traffic – you either shunt it to proxy or it becomes a very problematic, day-to-day management activity.
In the future, departments can use a CSP to manage and deploy the traffic from their body cameras – they will be able to use their Palo Alto Networks firewalls and layer 7 app policies to segment out that traffic and provide role-based access to the segment.
For more information on how Palo Alto Networks can better fit your needs, reach out to us at [email protected].