Archive for March, 2019

Wi-Fi 6 (802.11ax) Fundamentals: What is MU-MIMO?

Wednesday, March 20th, 2019

The Institute of Electrical and Electronics Engineers (IEEE) has ratified five major iterations of the 802.11 Wi-Fi protocol, culminating with Wi-Fi 5 (802.11ac) in 2013. However, despite a significant increase in speed, many organizations still find themselves limited by the Wi-Fi 5 standard, particularly in high-density venues such as stadiums, convention centers, transportation hubs and auditoriums. To meet the challenges of high-density deployments, the IEEE recently introduced the Wi-Fi 6 (802.11ax) standard – which is the first to bridge the performance gap towards 10 gigabit speeds. With an expected four-fold capacity increase over its Wi-Fi 5 (802.11ac) predecessor, Wi-Fi 6 is successfully transitioning Wi-Fi from a best-effort endeavor to a deterministic wireless technology that is fast becoming the de-facto medium for internet connectivity.

Indeed, Wi-Fi 6 (802.11ax) deployed in dense device environments supports higher service-level agreements (SLAs) with more concurrently connected users and devices and more diverse usage profiles. This is made possible by a range of technologies that optimize spectral efficiency, increase throughput and reduce power consumption. These include Multi-User Multiple Input Multiple Output (MU-MIMO), Target Wake Time (TWT), Orthogonal Frequency-Division Multiple Access (OFDMA), BSS Coloring and 1024-QAM. In this article, we’ll be taking a closer look at how the Wi-Fi 6 (802.11ax) MU-MIMO mechanism addresses the challenges of dense device environments by adding uplink support for simultaneous (upstream and downstream) client data transmissions.

MU-MIMO describes a set of multiple-input and multiple-output (MIMO) technologies for wireless communication. MU-MIMO was first introduced to the wireless world in 2015 as part of the Wi-Fi 5 (802.11ac) standard, with the Wi-Fi 6 (802.11ax) protocol adding MU-MIMO support for uplink. MU-MIMO can be used in networks where a single access point (AP) must communicate with multiple clients simultaneously to improve overall efficiency.

MU-MIMO (Wi-Fi 5/802.11ac)

MU-MIMO allows an access point to communicate with multiple devices simultaneously. It is part of the Wi-Fi 5 (802.11ac) Wave 2 standard. With MU-MIMO, an access point or a wireless router can communicate with multiple network clients at the same time – thus increasing the speed of the data transfer without congestion. A significant advantage of MU-MIMO is its support for transmitting data from an AP to devices in a downlink connection. In addition, MU-MIMO reduces the delay for each end-device receiving the data and enhances the device connectivity between multiple end users.

However, MU-MIMO also has certain limitations. Its functionality works only within the 5GHz band, as Wi-Fi 5 (802.11ac) is defined only in this band. In addition, MU-MIMO works only when transmitting data from an AP to a client in downlink transmissions – and does not operate in reverse. Moreover, MU-MIMO supports only a limited number of simultaneous data streams.

MU-MIMO (Wi-Fi 6 / 802.11ax)

Wi-Fi 6 (802.11ax) leverages the multi-user version of OFDMA and MU-MIMO for better efficiency of uplink and downlink transmissions. OFDMA allows the transmission of big chunks of data over a single noisy channel. This technique works by splitting a single signal into multiple smaller signals that are transmitted. The combination of OFDMA and MU-MIMO allows Wi-Fi 6 (802.11ax) to achieve increased capacity, improved coverage and performance in ultra-high-density environments.

UL MU-MIMO is a new key feature introduced with Wi-Fi 6 (802.11ax). By leveraging UL MU-MIMO, multiple clients connected to the access point will be able to send acknowledgement responses (ack) simultaneously, thus saving airtime. This ultimately improves network throughput and efficiency.

Another important Wi-Fi 6 (802.11ax) feature is its support for 20MHz-only clients. This is particularly beneficial for low-cost IoT devices that require low power and pack very small batteries. In contrast, Wi-Fi 5 (802.11ac) mandates 80MHz clients. The Wi-Fi 6 (802.11ax) protocol enables simultaneous upstream and downstream MU-MIMO data transmissions on the same frequency. This results in higher Wi-Fi performance, especially in higher-density environments such as stadiums, convention centers, transportation hubs and auditoriums.

It should be noted that MU-MIMO and OFDMA provide complementary techniques to concurrently serve multiple users. More specifically, MU-MIMO is most effective at close to mid-range, whereas OFDMA is effective at all ranges, close, medium and far. Moreover, MU-MIMO best serves multiple user with full buffer traffic, while OFDMA is utilized when multiple connections transmit relatively limited amounts of data.


Christian Kim, Senior Analyst IoT, Connectivity and Telecom Electronics at IHS Markit, estimates that total Wi-Fi 6 (802.11ax) device shipments will increase to 58 million units in 2021. Meanwhile, IDC sees Wi-Fi 6 (802.11ax) deployments ramping significantly in 2019 and becoming the dominant enterprise Wi-Fi standard by 2021. This is because the new Wi-Fi 6 (802.11ax) standard offers up to a four-fold capacity increase over its Wi-Fi 5 (802.11ac) Wave 2 predecessor.

With Wi-Fi 6 (802.11ax), multiple APs deployed in dense device environments can collectively deliver required quality-of-service (QoS) to more clients with more diverse usage profiles. This is made possible by a range of technologies, such as the Wi-Fi 6 (802.11ax) iteration of MU-MIMO, which enables simultaneous MU-MIMO data transmissions on the same frequency. From our perspective, Wi-Fi 6 (802.11ax) is playing a critical role in helping Wi-Fi evolve in to a collision-free, deterministic wireless technology that dramatically increases aggregate network throughput to address high-density venues and beyond. Last, but certainly not least, Wi-Fi 6 (802.11ax) access points are also expected to enhance the overall Wi-Fi experience by providing tangible performance benefits for legacy wireless devices.

View the original press release at The Ruckus Room.

The top 3 drivers of wireless convergence in the enterprise

Wednesday, March 20th, 2019

According to IDC, worldwide IoT market spend will increase to $1.1 trillion in 2021, while the installed base of IoT endpoints is expected to reach over 36 billion units by the end of the same year. However, the heterogeneous nature of the IoT has created multiple complexities for deployments in the enterprise. While the price of sensors has trended downward over the years, there is now a significant cost associated with building out multiple networks to support endpoint communication. Moreover, enterprises are contending with the steep, long-term cost of managing, securing and maintaining separate networks for disparate wireless protocols. Although ultimately unsustainable, the above-mentioned paradigm is serving as an unintended catalyst for the trend of wireless convergence in the enterprise. Let’s explore this concept in detail below.

1) Multiple Wireless Radio Technologies

Wi-Fi isn’t always the default choice for companies marketing IoT devices such as smart door locks or wearable staff alert buttons. This can be attributed to a range of factors such as power constraints, the demand for more compact form factors and relatively limited data transfers (no need for a big data pipe). Consequently, there are a diverse number of radio types that are being deployed in the enterprise IoT space. In addition to Wi-Fi, these include BLE, Zigbee, and LoRa. These deployments often result in the creation of separate wireless networks, driving up TCO due to redundant wiring, power, and management tools.

2) The Demand for Unified Management

The unified management of wired (LAN) and wireless (WLAN) networks has become an important selling point over the past decade. This is because administrators are notoriously unforgiving to vendors that force them to work with a separate management system for each network element. It simply isn’t cost effective to have one management system for switches, another for access points and yet more for additional wireless IoT endpoints. The lack of appetite for disparate management systems – whether for switches, APs or security – has long been a catalyst for network vendor consolidation. Put simply, IT departments are no longer willing to work with multiple management systems and strongly prefer vendors that provide a unified pane of glass for network management.

3) Deployment Issues: Lack of Physical Space

With a separate network for each wireless IoT protocol, enterprises are rapidly running out of physical real-estate to house additional network components. This is because each disparate network requires space to house an IoT gateway, a separate firewall, as well as switches, powering and cable infrastructure. A lack of physical space poses a significant barrier to adoption – except for those with the most to gain or the most to lose.

The Solution: The Converged Access Point

Unifying multiple wireless protocols – such as BLE, Zigbee and LoRa – within a single AP enables IT administrators to save physical space and streamline secure device onboarding. Moreover, a converged AP allows administrators to more easily view, manage and secure their entire wireless infrastructure with a single pane of glass. This facilitates network automation, the generation of actionable analytics and the creation of custom dashboards with open APIs.

From our perspective, the converged access point is the antithesis of the trend towards ‘commoditized’ APs, allowing support for new services and potentially lucrative revenue streams. The once humble access point is becoming a hotbed of new and exciting innovation, with more and more technologies being built directly into the AP. For example, the R730 packs embedded Bluetooth Low Energy (BLE) and Zigbee radios, along with support for IoT modules that can accommodate additional physical layer protocols such as LoRa.


Disparate wireless IoT networks such as BLE, Zigbee and LoRa are expensive to deploy, operate, secure and manage. Unifying multiple wireless protocols within a single AP allows IT administrators to save physical space and streamline secure device onboarding. In addition, a converged AP allows administrators to more easily view, manage and secure their entire wireless infrastructure with a single management console. However, it is important to emphasize that incorporating non-Wi-Fi standards into a conventional ‘Wi-Fi only’ AP creates a slew of technological challenges that range from coexistence interference to traffic coordination. This is a topic we’ll explore in-depth in a future blog post.

View the original post at The Ruckus Room.

Connect customers to your brand with personalized guest Wi-Fi

Tuesday, March 19th, 2019

Small businesses are constantly striving to delight their customers. Providing customers with good Wi-Fi connectivity goes a long way—be it in a restaurant, retail store or a hotel. Guest Wi-Fi features play a huge role in providing seamless Wi-Fi access to customers.

Not all Wi-Fi vendors offer guest Wi-Fi features. Of the ones that offer them, not all are the same. Ruckus is excited to announce that with the latest software update, a gamut of customization options boosts an already strong set of Ruckus Unleashed guest Wi-Fi features.

Guest Wi-Fi features

Guest Wi-Fi features enable small businesses to create guest-specific Wi-Fi networks and provide guests easy and secure ways to access Wi-Fi in a personalized manner. Let us walk through some guest Wi-Fi features that Ruckus Unleashed offers:

  • Create special Wi-Fi network(s) dedicated for guests.
  • Provide access to the special guest Wi-Fi network(s) through the guest’s Facebook, Google, LinkedIn, Microsoft or WeChat credentials.
  • Provide access to the special guest Wi-Fi network(s) with email- or a text message-based guest pass.
  • Onboard guest devices with zero-IT device registration.
  • Secure guest data with encryption.
  • Personalize the guest login to the Wi-Fi network through a captive portal.

With the latest launch, you can modify a range of fields on the captive portal to provide customers an easy and personalized experience. The following pictures show all the changes one can make on the captive portal.

Here is a sample of a customized captive portal for a coffee shop.

Even with all these features, we strive to make it easy to manage Ruckus Unleashed networks. It is very easy to set up the personalized guest Wi-Fi. Anyone can instantly create personalized guest networks just with few taps on their phone through the Ruckus Unleashed mobile app.

Ruckus Unleashed™ delivers affordable Wi-Fi using the same APs we deploy for our largest customers that support enterprise-class features such as BeamFlex+™ and SmartMesh to deliver higher speeds and reliable coverage.

To learn more about Ruckus Unleashed please contact our sales team by web, email or call us 01473 281 211.

View the original post at The Ruckus Room.

The Evolution of Wi-Fi 6: Part 6

Tuesday, March 12th, 2019

In part five of this series, we discussed the benefits of Wi-Fi 6 (802.11ax) for new and legacy devices, as well as the expected Wi-Fi feature, set arriving in Wave 1 and Wave 2. In this blog post, we’ll take a closer look at Wi-Fi Alliance certification and how Wi-Fi 6 (802.11ax) will benefit high-density wireless deployments in locations such as stadiums, convention centers, MDUs and student dormitories.

Wi-Fi Alliance Certification

Wi-Fi Alliance certification of Wi-Fi 6 (802.11ax) is expected in mid to late 2019, with the standard due to be publicly ratified and released sometime in late 2019 or early 2020. It should be noted that Wi-Fi 6 devices presented at CES 2018 clocked in at a top speed of 11 gigabits per second. Commercial activity around Wi-Fi 6 has already started, with Ruckus and other companies announcing Wi-Fi 6 APs. As we’ve reiterated throughout this series, Wi-Fi 6 will bring about a profound change in the Wi-Fi industry with faster speeds, increased range and improved performance.

Wi-Fi 6 Device Rollouts

While there aren’t any certifiable Wi-Fi 6 (802.11ax) clients on the market today, Wi-Fi 6 (802.11ax) AP residential router and carrier gateway announcements have already kicked off, with various companies announcing Wi-Fi 6 products throughout late 2017 and 2018. Moreover, several companies have begun shipping Wi-Fi 6 APs, including Ruckus, which was the first to market with the industry’s first 8×8 5g+ 4 x 4 2.4 G Wi-Fi 6 (802.11ax) access point.

Wi-Fi 6 Use Cases: Stadiums and Convention Centers

As we noted earlier, Wi-Fi 6 (802.11ax) technology will benefit a wide range of wireless deployments. However, the new standard is particularly useful for high-density environments in which many users and devices are competing for limited spectrum. Examples include large public venues such as stadiums and convention centers. Indeed, stadiums are increasingly offering fast and ubiquitous Wi-Fi to improve fan or attendee experiences, bolster customer interaction and create value-added services (VAS) such as streaming instant replays on fan devices and allowing attendees to order food from their seats.

It should be noted that stadiums and convention centers typically host tens of thousands of users, many of who attempt to connect to Wi-Fi simultaneously. This scenario poses unique scale and density challenges for access points. Fortunately, Wi-Fi 6 (802.11ax) advancements around OFDMA, 1024-QAM, BSS Coloring and the faster PHY rates will make it easier for large public venue owners to create new business opportunities by offering enhanced services to guests.

Wi-Fi 6 Use Cases: Transportation Hubs and Stations

Similarly, transportation hubs and stations offer public Wi-Fi to passengers and shoppers. Like stadiums, transportation hubs can host tens of thousands of users and devices that attempt to connect to the network simultaneously. However, transportation hubs face additional unique challenges posed by transient devices. These devices aren’t necessarily connecting to the Wi-Fi network, although they still send management traffic and contribute to spectrum congestion. Wi-Fi 6 (802.11ax) advancements such as OFDMA and BSS Coloring provide tools to manage the above-mentioned challenge.

Wi-Fi 6 Use Cases: MDUs, Dormitories & Classrooms

Multiple Dwelling Units (MDUs) and university dormitories are often challenged by hundreds of users competing for limited wireless spectrum to stream 4K video or play eSports. This is also the case for libraries, auditoriums, lecture halls and student union buildings. In addition, primary K-12 education trends such as video-based learning, one-to-one computing, connected classrooms and a mass deployment of IoT devices have created an airtime capacity crisis that stresses network reliability.

Wi-Fi 6 Use Cases: IoT and Smart City Deployments

Like stadiums and transportation hubs, IoT and smart city deployments face a wide variety of connectivity challenges. For example, there may be a high volume of devices (sensors) at a manufacturing site that attempt to communicate simultaneously with a limited number of access points. Or, a small number of devices may be idle and programmed to ‘phone home’ once a day. This is precisely why the Wi-Fi 6 (802.11x) standard features a power saving feature known as target wake time (TWT), which enables devices to go into deep sleep mode and turn on their transmitter at predefined intervals to prolong field time without maintenance.


In conclusion, Wi-Fi 6 (802.11ax) is designed for high-density connectivity and offers up to a fourfold capacity increase over its Wi-Fi 5 (802.11ac) predecessor. With Wi-Fi 6, multiple APs deployed in dense device environments can collectively deliver required quality of service to more clients with more diverse usage profiles. This is made possible by a range of technologies such as OFDMA, MU-MIMO with eight uplinks and eight down links, target wake time (TWT), 1024-QAM, Long OFDM Signal and BSS Coloring. As we discussed in this series, these technologies are all playing a critical role in helping Wi-Fi evolve into a collision free deterministic wireless technology. Moreover, the IEE is looking to integrate future iterations of the above-mentioned mechanisms into additional wireless standards to support the future of Wi-Fi and beyond.

To view the original post at The Ruckus Room.

The Evolution of Wi-Fi 6: Part 5

Friday, March 8th, 2019

In part four of this series, we explored a range of Wi-Fi 6 (802.11ax) features, including target wake time (TWT), 1024-QAM and Long OFDM Signal. In this blog post, we’ll take a closer look at the benefits of Wi-Fi 6 (802.11ax) for new and legacy devices, as well as the expected feature set arriving in Wi-Fi 6 (802.11ax) Wave 1 and Wave 2.

Wi-Fi 6: Current and legacy devices

Although there are relatively few Wi-Fi 6 devices (802.11ax) on the market today (90% of the devices of are still Wi-Fi 5), it is important to note that the industry faced a similar situation when Wi-Fi 5 (802.11ac) was first introduced. From our perspective, there are several reasons to begin moving to Wi-Fi 6 (802.11ax) as soon as possible.

Firstly, a Wi-Fi 6 access point (AP) can serve new Wi-Fi 6 (802.11ax) devices, along with legacy Wi-Fi 5 (802.11ac) and Wi-Fi 4 (802.11n) devices. Secondly, a number of manufacturers are already selling Wi-Fi 6 (802.11ax) clients. Thirdly, Wi-Fi 6 (802.11ac) and legacy clients can co-exist just like Wi-Fi 5 (802.11ac) and Wi-Fi 4 (802.11n). Last, but certainly not least, both Wi-Fi 6 (802.11ax) and non-Wi-Fi 6 clients benefit from Wi-Fi 6 technologies.

For example, Wi-Fi 6 clients are more efficient, thereby freeing up more spectrum for Wi-Fi 5 (802.11ac) devices. This is perhaps analogous to a carpool lane, in which the first two lanes are for Wi-Fi 6 (802.11ax) devices. More specifically, let’s say 50% of the devices are Wi-Fi 5 (802.11ac) and 50% are Wi-Fi 6 (802.11ax). We put all the Wi-Fi 6 (802.11ax) devices in the carpool lane, allowing them to operate more efficiently. Concurrently, the remaining Wi-Fi 5 (802.11ac) clients benefit because we took half the cars from all the lanes – which frees up contention for the Wi-Fi 5 (802.11ac) devices.

This provides higher throughput and performance for networks, with beacon intervals occurring every 100 milliseconds. So, how does this work? Well, the AP ‘says’ that it will use its first 40 milliseconds of the beacon interval for Wi-Fi 6 (802.11ax) devices – while deterministically ‘telling’ all legacy devices to remain silent for the first 40 milliseconds (these are the two carpool lanes). The AP subsequently implements scheduled access for Wi-Fi 5 (802.11ac) devices, which get served, go to sleep and vacate the medium, all without ‘speaking’ for the remaining 60% of the time. Put simply, wireless access is improved for all types of devices, with Wi-Fi 6 clients using the fast lanes, while Wi-Fi 5 (802.11ac) devices have less clients to contend with. Put succinctly, more efficiency equals more airtime.

Wi-Fi 6: Wave 1 and Wave 2

As we discussed earlier in this series, Wi-Fi 6 (802.11ax) features a range of new technologies to optimize spectrum efficiency including OFDMA, MU-MIMO, Long OFDM signal, 1024-QAM, BSS Coloring and Target Wake Time (TWT). Like its Wi-Fi 5 predecessor, Wi-Fi 6 will be rolled out in two ‘waves,’ although the exact feature split isn’t yet finalized. Nevertheless, Wave 1 is expected to feature DL and UL OFDMA, DL MU-MIMO and Target Wake Time (TWT). Meanwhile, Wave 2 is likely to feature UL MU-MIMO, spatial reuse using BSS Coloring, along with support for 160 Mhz and 6 GHz. Moreover, the FCC is still working on finalizing the release of the 6 GHz unlicensed spectrum, which will open 1.2 GHz of unlicensed space.

View the original post at The Ruckus Room.

New e-book links poor network access security to data breach risk

Friday, March 8th, 2019

Ruckus has just published a new e-book titled “Seven Network Access Security Risks—and How They Can Lead to a Data Breach.” It focuses on faulty network access security as a risk area that can lead to data compromise. As the title implies, this e-book outlines seven distinct risk areas that IT organizations should be aware of, especially when it comes to providing connectivity for BYOD and guest users.

As detailed in a previous Ruckus blog, “What’s wrong with PSKs and MAC authentication for BYOD?”, default methods of network onboarding and authentication have serious security flaws that can leave you open to data compromise. These security holes get less attention that more high-profile threats like ransomware, but the dangers are still very real. Sometimes it’s the attack surface that you aren’t thinking about that attackers seek to exploit.

Linking IT security risk areas to the potential for a data breach

Sometimes the link between a threat vector and the risk of data compromise is obvious. Keylogging malware tracks a user’s every keystroke, including when they type in their username and password for cloud-based business applications. Email phishing attacks compromise credit card numbers or other sensitive data by tricking users into entering them into a website that spoofs a legitimate site. Misconfigured cloud storage can leave sensitive data just hanging out there on the web for attackers to steal. All of those are obvious ways that attackers can get at your data.

Network access security is a category where the linkages may be less obvious. The point of the new e-book is to help clarify the connection between this risk area and a potential breach. It’s a highly accessible way to increase your knowledge of this often-overlooked area of the IT security domain—a five-minute read covering an underestimated attack surface in modern IT environments. This document can help you keep other stakeholders in your organization informed about the risks as well, so feel free to pass it along. We should emphasize that no registration is required to access the e-book—just read and enjoy.

Here’s just a taste of one of the seven ways that poor network access security maps to data compromise. Risk area number four in the e-book is that without proper controls in place, users can get broader access to network resources than is appropriate. Proper data governance requires access to resources on a need-to-know basis. You might be wondering what would constitute proper controls in this context—you’ll find the answer to that in the e-book. Another recent Ruckus blog, titled “Eastern Europe bank hack highlights the need for network access security,” also provides useful background on this aspect of secure access.

More thoughts on data compromise

We blogged last year about the definition of a data breach. Ten or fifteen years ago data breach events were much less common than they are today. These days, it seems as if major breaches occur all the time. Krebs on Security and CyberScoop are two great websites to follow if you are interested in this topic.

Not every malicious attack represents an attempt to steal sensitive data—for example, crypto-mining malware seeks to steal computing resources for monetary gain. A denial of service attack tries to bring down a system, website or network. Likewise, not every data breach is caused by malicious activity. Sometimes data compromise happens due to human error. But preventing data breaches caused by malicious attackers is the primary driver of a large portion of the IT security industry.

Dark Reading reported recently on a security breach study from Risk Based Security that found 2018 was the second most active year on record in terms of the number of data breach events. They counted over 6,500 breaches in 2018, the large majority categorized as “hacking.” Several of the network access security risks outlined in the new Ruckus e-book would seem to fall into this category—although a lot of other attack scenarios would also fit that description.


If you would like to dive deeper into risk areas related to network access security, you can have a look at the recent ESG white paper “Does Your Method for BYOD Onboarding Compromise Network Security?” You can access this in the form of a dynamic website or go straight to the PDF version. When you are ready to address some of the security issues described in the e-book and the white paper, Ruckus Cloudpath Enrollment System is definitely worth a look. It’s our SaaS/software for secure network onboarding, and it’s a great way to shore up your defenses with strong network access security.

View the original post at The Ruckus Room.

Palo Alto Networks Introduces Cortex, the Industry’s Only Open and Integrated, AI-Based Continuous Security Platform

Friday, March 8th, 2019

Palo Alto Networks (NYSE: PANW), the global cybersecurity leader, today introduced three significant advancements aimed at harnessing the power of advanced AI and machine learning to transform how security will be managed in the future.

Introducing Cortex™
Cortex is the industry’s only open and integrated, AI-based continuous security platform. Cortex is a significant evolution of the Application Framework designed to simplify security operations and considerably improve outcomes. Deployed on a global, scalable public cloud platform, Cortex allows security operations teams to speed the analysis of massive data sets. Cortex is enabled by the Cortex Data Lake, where customers can securely and privately store and analyze large amounts of data that is normalized for advanced AI and machine learning to find threats and orchestrate responses quickly.

Cortex XDR™ – Breaking Data Silos
Cortex XDR is the first-of-its-kind detection, investigation and response product that natively integrates network, endpoint and cloud data. Cortex XDR uncovers threats using behavioral analytics, accelerates investigations with automation, and stops attacks before damage is done through tight integration with existing enforcement points.

Traps™ 6.0 – Great Prevention Gets Even Better
Traps endpoint protection and response now includes a Behavioral Threat Protection engine that stops advanced threats in real time by stitching together a chain of events to identify malicious activity. Traps 6.0 acts as the ultimate data collection sensor for Cortex Data Lake, gathering the most comprehensive endpoint security data in the industry. In conjunction with Cortex XDR, customers can use Traps to extend their prevention capabilities to include detection and response across their entire digital infrastructure with a single agent.


“While detection and response are integral components of cybersecurity defense, the current model of disjointed standalone products leaves organizations with blind spots and conflicting data,” said Lee Klarich, chief product officer at Palo Alto Networks. “We believe the only way to solve this is with best-in-class prevention, combined with the ability to normalize and analyze data at scale from as many sources as possible, applying AI and machine learning to automatically detect and quickly respond to threats.”

“While endpoint and detection response tools are valuable, they give a limited view of what an attack may look like,” said Fernando Montenegro, senior analyst at 451 Research. “Security teams need more sources of data so that they can find and block threats faster across what are increasingly complex enterprise environments. We believe integrating data across endpoint, network and cloud is a positive step toward better addressing these security needs.”

New Partnerships Behind Cortex
To support the rollout of Cortex XDR, five managed security service partners will launch offerings that deliver round-the-clock threat monitoring, detection and response services to Palo Alto Networks customers. The partnerships in place are with PwC, Critical Start, ON2IT, BDO and Trustwave.

Pricing and Availability
Cortex Data Lake and Traps 6.0 will be available immediately to customers worldwide. Cortex XDR will be available to customers on March 4, 2019.

Learn More
Cortex XDR
Cortex Data Lake
Traps endpoint protection and response

View the original post by Palo Alto Networks.