Palo Alto Networks' Next-Generation Firewalls
Palo Alto Networks' next-generation firewalls and McEvoy Thomas provide network security by enabling enterprises to see and control applications, users, and content ' not just ports, IP addresses, and packets ' using three unique identification technologies: App-ID, User-ID, and Content-ID.
These identification technologies, found in Palo Alto Networks' enterprise firewalls, enable enterprises to create business-relevant security policies ' safely enabling organisations to adopt new applications, instead of the traditional 'all-or-nothing' approach offered by traditional port-blocking firewalls used in many security infrastructures.
App ID - a traffic classification technology that accurately identifies the applications, irrespective of port, protocol, SSL, or evasive tactic. It enables administrators to determine exactly which applications are running on their network.
User-ID - addresses the lack of visibility into user activity by seamlessly integrating with enterprise directory services (Active Directory, LDAP, eDirectory) to dynamically link an IP address to user and group information. In Citrix and terminal services environments, User-ID associates the individual user with their network activity, enabling IT to deploy granular security policies. Integration with other 3rd party repositories is enabled by an XML API.
Content-ID - melds a uniform threat signature format, stream-based scanning and a comprehensive URL database with elements of application visibility to detect and block a wide range of threats, control non-work related web surfing, and limit unauthorised file and data transfers. It includes vulnerability prevention (IPS), stream based virus scanning, URL filtering and data leak prevention.
New Virtualised Platforms. New Hardware Platforms. More than 60 New Features.
Palo Alto Networks continues to bring new and innovative platforms and capabilities to the network security market with the largest release in the company’s history. The VM-Series virtual firewall, the PA-3000 Series and the M-100 represent new firewall and management platforms – all of which are supported by the 60+ new features delivered in PAN-OS and Panorama 5.0.
VM Series Virtual Firewall: Safe application enablement for virtualised environments.
The VM-Series extends safe application enablement into virtualised datacenter environments while addressing key virtualisation security challenges such as tracking security policies to virtual machine movement with dynamic address objects and integration with orchestration systems using an XML API.
Dynamic Objects: Automating firewall object creation.
Supported across both virtualised and hardware platforms, dynamic objects is a true firewall innovation that automates the creation of firewall objects whose IP address is constantly changing.
PA-3000 Series: Improved mid-range price-performance.
Extends the midrange plaform family with throughput performance up to 4Gbps and high density interface options – both the PA-3050 and PA-3020 support 8 Gigabit SFP and 12 copper gigabit interfaces.
WildFire subscription service: Shortened signature delivery time, integrated logging, file upload API.
An optional subscription service over and above existing, standard WildFire features delivers protection for malware discovered anywhere in the world by WildFire to all subscribers within an hour. In addition, subscribers gain access to integrated, on-box WildFire logging and reporting and an API for malware sample submission.
M-100 Management Appliance: Expands management deployment options.
A dedicated high performance management platform that simplifies Panorama deployments and can also be deployed as a distributed log collecter for large scale implementations.
Large Scale VPN: Automates site-to-site VPN tunnel creation.
Leverages proven VPN functionality in GlobalProtect to dynamically establish site-to-site IPSec VPN tunnels – upon connection to the central location, satellite devices are automatically authenticated.
PAN-DB URL Filtering: Performance, accuracy and threat prevention integration.
Optimised for performance and accuracy using device cache to store most frequently used URLs and cloud lookups to the master database to ensure the DB is always up-to-date. Seamless integration with the threat prevention engine improves malware protection.
Let Palo Alto and McEvoy Thomas keep you on track. Contact us today.
|
