I’ve worked in the cybersecurity field for over 15 years now and have had the opportunity to witness the security evolution of many companies and organizations over that tenure. One of the most challenging, but rewarding, journeys continues to be hardening Department of Defense (DoD) networks. The scale, reach and critical nature of the mission requires capabilities that push the limits every day.
The DoD faces an admittedly formidable and often uphill challenge – securing its vast network against evolving cyberthreats. Enter the Defense Information Systems Agency's (DISA) Thunderdome Production OTA, a groundbreaking initiative to modernize the DoD's cybersecurity posture with next-generation technologies. The program provides a better user experience and better security at a lower cost point while being fully cloud native. If it seems commercial-like, that’s because it is.
Thunderdome — Redefining Security & Performance
- Zero Trust Redefined: Gone are the days of perimeter defenses. Thunderdome embraces the principle of least privilege, granting access based on user identity, device and context, whether on-premises or remote. There is full Zero Trust conditional access capability at cloud speed.
- Application Security Stack — No Additional Hardware: This robust stack safeguards legacy and modern applications through segmentation and granular controls, which minimize potential attack surfaces. And best yet, there’s no additional hardware for the Security Service Edge (SSE) component. It’s all in the cloud.
- Visibility & Analytics: Seamless, continuous visibility across all Zero Trust network access (ZTNA) systems delivers a comprehensive picture of the security landscape.
- Open & Adaptable: Thunderdome fosters an open architecture, preventing vendor lock-in and leveraging existing investments. Policy Enforcement Points (PEPs) ensure rigorous user, device and system access validation, protecting critical data both on-premises and through remote ZTNA services, both CONUS and OCONUS.
There is no doubt about the national security importance of protecting the networks, applications and data within the DoD. Thunderdome is a huge step forward in ensuring the DoD is ready for any cyberthreat. We are thrilled to once again merge the extensive expertise of Palo Alto Networks and Booz Allen Hamilton[1] to deliver the next generation of Federal cybersecurity, and to use our Zero Trust Network Security Platform to secure any user, any application, any device, anywhere. It’s that easy and it’s secure.
Optimizing SASE with Prisma Access
In this modern era of mobile workforces, SASE holds the key to secure access and efficient network control. Prisma Access, the Palo Alto Networks industry-leading, single-vendor SASE solution, stands as a cornerstone of Thunderdome's SASE architecture:
- Zero Trust with Zero Exceptions – Prisma Access embodies the Zero Trust philosophy, granting access based on strict identity checks and context, and continuously verifying the trust.
- Secure Remote Access – DoD personnel rely on remote access. Prisma Access empowers them to connect securely from anywhere, enhancing operational flexibility.
- Security Delivered at Cloud Scale – Built for the cloud, Prisma Access seamlessly protects both on-premises and cloud-based applications, crucial for Thunderdome's cloud-focused network.
- Automated IT Operations – The industry's first AI Operations (AIOps) solution integrated into SASE automates complex IT tasks, freeing up resources for strategic initiatives. Thunderdome is also leveraging VM-Series and CN-Series, virtualized and containerized next-generation firewalls from Palo Alto Networks for security of deployed applications, as well as SOAR capabilities for automation SOC operations.
- Natively Integrated SD-WAN – Seamless integration with SD-WAN technology optimizes network performance and ensures reliable connectivity.
A Forward-Thinking Approach
Thunderdome represents a bold step toward securing the DoD's network infrastructure. Palo Alto Networks Prisma Access plays a vital role in this endeavor, providing a modern, cloud-delivered SASE platform that aligns perfectly with Thunderdome's goals of enhanced security, improved performance and simplified network architecture. As cyberthreats escalate, Thunderdome stands as a testament to the DoD's commitment to staying ahead of the curve and protecting its critical information in the digital age. Platformization is underway and it, along with the benefits of integration and consolidation, will change the way we do cybersecurity. We've built our Zero Trust platform through a consistent architecture across our appliance, software and SASE form factors. Customers can now consistently manage security policy across these form factors and then leverage a consistent set of security services to consolidate network security capabilities. Platformization programs will help to reduce customer friction, accelerate product deployment, help customers realize the value of our platforms, and consume new innovation sooner.
Leading the Zero Trust Charge with Palo Alto Networks
Regardless of the needs, Palo Alto Networks has over a decade of experience meeting government agencies from day one or one thousand in their journey toward achieving a Zero Trust architecture. There’s a reason our solutions have been recognized by Gartner, IDC and Forrester across 22 different security categories, time and time again. Prisma Access, Palo Alto Networks Zero Trust network access capability is available directly through the DISA Joint Enterprise license this spring. Talk to us about how the undisputed cybersecurity leader can help your organization or agency achieve Zero Trust, with zero exceptions.
Learn more about Palo Alto Networks work in the Public Sector, highlighted at the recent Public Sector Ignite conference.
- Booz Allen Hamilton is the awardee (prime participant) of Thunderdome’s Production OTA and Palo Alto Network is a sub-participant to Booz Allen Hamilton on this requirement. ↑