Skip to main content

Integrating with
Palo Alto firewalls

Whether integrating with a Palo Alto next-generation firewall or another provider, this architecture example shows how AuthControl Sentry® can integrate seamlessly and offer a range of factors to authenticate users.

Integrating with Palo Alto next
generation of firewalls

Introduction

Palo Alto next-generation firewalls with their prevention-focused architecture integrate seamlessly with AuthControl Sentry®. This page describes how exploiting the authentication capabilities of AuthControl Sentry®, such as the wide range of authentication factors and the risk-based authentication functionality, can provide the flexibility and security your organisation needs to achieve maximum adoption throughout.

Risk-based authentication (RBA)

Risk-based authentication (RBA) is a dynamic feature of AuthControl Sentry®, designed to automatically request the appropriate level of authentication to access applications. Based on parameters set in the policy engine, RBA will request the appropriate level of authentication to access applications based on the user, their device and the application.

RBA enables you to set the appropriate risk required for an individual or group to access particular applications. Using a predefined set of parameters, it works for you and decides what level of authentication is required.
Parameters include:
– Group membership
– Application being accessed
– IP address
– Last authentication
– X509 Cert
– Device
– Physical location (GeoIP)
– Time / date / day

Patented PINsafe® technology

PINsafe® is a patented technology unique to AuthControl Sentry®. PINsafe® combines the use of registered PINs with random 10-digit security strings that are delivered through a range of authentication factors including the mobile app and the TURing image authenticator.

Maximum adoption

Swivel Secure understands the challenges administrators face in deploying multi-factor authentication within a large organisation. With a comprehensive range of authentication factors, AuthControl Sentry® can help deliver maximum adoption throughout the organisation. Authentication factors include:

– Image authentication: TURing, PINpad®, and PICpad
– Fingerprint
– Mobile app: OTC, PUSH, and OATH
– Voice
– Hardware token

Palo Alto with AuthControl Sentry® provides maximum security without compromising user efficiency.

Palo Alto Networks and Swivel Secure use recognised industry-standard protocols to provide tight integration to allow users to log in using either two-factor authentication (2FA) or multi-factor authentication (MFA).  AuthControl Sentry® offers robust, high availability to ensure the authentication servers and a range of delivery methods provide instant provisioning and de-provisioning.

With various authentication mechanisms, the Palo Alto Networks with the AuthControl Sentry® is suitable for a wide range of deployments.

 

 

 

Example of integration with AuthControl Sentry® multi-factor authentication.

This diagram on this page illustrates how AuthControl Sentry® (with a range of factors) can integrate with the Palo Alto firewall to authenticate users with Active Directory through a single or dual channel.

View Diagram

Or download the datasheet here

Ensure your Palo Alto firewall is flexible and secure

  • This field is for validation purposes and should be left unchanged.