Palo Alto Next Gen Sales Play SID

The MFA with Palo Alto Next-Generation Firewall Sales Play allows you to discover expansion opportunities for customers that say they cannot enable MFA on their legacy applications. This play is about how RSA SecurID Access integrates with Palo Alto Networks Firewall. The sales play is targeted toward security sensitive RSA SecurID Access customers that have legacy applications that you not natively support SAML or Radius protocols. Many legacy applications that are not MFA-enabled are vulnerable to breach as they are generally reliant on basic username password. Putting MFA at the network layer allows organizations to gain more control or the access without the added cost to develop an integration into each of the legacy applications as well as to help protect against unauthorized users moving laterally within their networks. Palo Alto Networks has been named the firewall market leader by Gartner for six years running. With the integration of RSA SecurID Access, Palo Alto Networks customers can now take advantage of the broadest range of MFA methods including mobile push and biometrics, S.M.S., voice, hardware and software tokens as well as machine learning user behavior analytics to benchmark normal user access behavior and eliminate end-user friction. RSA SecurID Access provide centralized policy management and a high level of identity assurance that RSA’s rich policy engine. RSA and Palo Alto Networks have teamed up to enforce network level MFA before granting access to applications including custom or legacy applications that do not support standard authentication protocols such as SAML or Radius. Without this joint offering, many organizations might only deploy MFA to a limited number of resources and applications. To avoid this time consuming and costly development work associated with updating countless applications for MFA. This approach leaves organization’s sensitive systems and data exposed and vulnerable to credential based attacks. Palo Alto Networks Next-Generation Firewall integrates with RSA SecurID Access to enforce multi-factor authentication before granting access to applications and systems. By doing this, the combined solution serves as an authentication gateway for web or thick line applications while centrally controlling access to these applications. Any request that passes through the firewall can be redirected to RSA SecurID Access to ensure that users are who they claim to be. With these organizations can enforce MFA at the network layer and deploy it across your entire network. This includes applications that you not natively support authentication protocols, SAML and Radius. Organizations can quickly provision MFA and avoid the need to mainly update applications and infrastructure. This is SAML, Radius and A.P.I. based RSA-ready integration. RSA SecurID Access license to support the sales play should be sold as an enterprise or premium license. Three key discovery areas to pursue with customers are: One, determine what legacy applications customers have where they are not using RSA SecurID today and discover why. Do those applications support SAML or Radius protocols? And, how do they secure them today? Just username password? How critical are these applications to the business? What is the user profile of these applications? Two, uncover the customers’ threshold for risk for the legacy application and find out if they are motivated to increase the security on these applications to biometrics, mobile push, etc. Three, find out if they're using Palo Alto Networks or other Next-Generation Firewalls. Thank you and happy selling.