Presentation is loading. Please wait.

Presentation is loading. Please wait.

Palo Alto Networks Product Overview Data Connectors March 7, 2013.

Similar presentations


Presentation on theme: "Palo Alto Networks Product Overview Data Connectors March 7, 2013."— Presentation transcript:

1 Palo Alto Networks Product Overview Data Connectors March 7, 2013

2 Safe Harbor 2 | ©2012, Palo Alto Networks. Confidential and Proprietary. This presentation contains “forward-looking” statements that are based on our management’s beliefs and assumptions and on information currently available to management. Forward-looking statements include information concerning our possible or assumed future results of operations, business strategies, financing plans, competitive position, industry environment, potential growth opportunities, potential market opportunities and the effects of competition. Forward-looking statements include all statements that are not historical facts and can be identified by terms such as “anticipates,” “believes,” “could,” “seeks,” “estimates,” “intends,” “may,” “plans,” “potential,” “predicts,” “projects,” “should,” “will,” “would” or similar expressions and the negatives of those terms. Forward-looking statements involve known and unknown risks, uncertainties and other factors that may cause our actual results, performance or achievements to be materially different from any future results, performance or achievements expressed or implied by the forward-looking statements. Forward-looking statements represent our management’s beliefs and assumptions only as of the date of the prospectus. You should read the prospectus, including the Risk Factors set forth therein and the documents that we have filed as exhibits to the registration statement, of which the prospectus is a part, completely and with the understanding that our actual future results may be materially different from what we expect. Except as required by law we assume no obligation to update these forward-looking statements publicly, or to update the reasons why actual results could differ materially from those anticipated in the forward-looking statements, even if new information becomes available in the future.

3 Palo Alto Networks at a Glance Corporate highlights Founded in 2005; first customer shipment in 2007 Safely enabling applications Able to address all network security needs Exceptional ability to support global customers Experienced technology and management team 850+ employees globally Jul-10Jul-11 Revenue Enterprise customers $MM FYE July Nov-12 3 | ©2012, Palo Alto Networks. Confidential and Proprietary.

4 Applications Have Changed, Firewalls Haven’t 4 | ©2012, Palo Alto Networks. Confidential and Proprietary. Network security policy is enforced at the firewall Sees all traffic Defines boundary Enables access Traditional firewalls don’t work any more

5 Applications: Threat Vector and a Target 5 | ©2012, Palo Alto Networks. Confidential and Proprietary. Threats target applications Used as a delivery mechanism Application specific exploits

6 Applications: Payload Delivery/Command & Control Applications provide exfiltration Confidential data Threat communication 6 | ©2012, Palo Alto Networks. Confidential and Proprietary.

7 Encrypted Applications: Unseen by Firewalls What happens traffic is encrypted? SSL Proprietary encryption 7 | ©2012, Palo Alto Networks. Confidential and Proprietary.

8 Technology Sprawl and Creep Aren’t the Answer Enterprise Network “More stuff” doesn’t solve the problem Firewall “helpers” have limited view of traffic Complex and costly to buy and maintain Doesn’t address applications 8 | ©2012, Palo Alto Networks. Confidential and Proprietary. IM DLP IPS Proxy URL AV UTM Internet

9 The Answer? Make the Firewall Do Its Job 1. Identify applications regardless of port, protocol, evasive tactic or SSL 2. Identify and control users regardless of IP address, location, or device 3. Protect against known and unknown application-borne threats 4. Fine-grained visibility and policy control over application access / functionality 5. Multi-gigabit, low latency, in-line deployment 9 | ©2012, Palo Alto Networks. Confidential and Proprietary.

10 Why Visibility & Control Must Be In The Firewall Port Policy Decision App Ctrl Policy Decision Application Control as an Add-on Port-based FW + App Ctrl (IPS) = two policies Applications are threats; only block what you expressly look for Implications Network access decision is made with no information Cannot safely enable applications IPS Applications Firewall PortTraffic Firewall IPS App Ctrl Policy Decision Scan Application for Threats Applications ApplicationTraffic NGFW Application Control Application control is in the firewall = single policy Visibility across all ports, for all traffic, all the time Implications Network access decision is made based on application identity Safely enable application usage 10 | ©2012, Palo Alto Networks. Confidential and Proprietary.

11 Making the Firewall a Business Enablement Tool  Applications: Enablement begins with application classification by App-ID.  Users: Tying users and devices, regardless of location, to applications with User-ID and GlobalProtect.  Content: Scanning content and protecting against all threats, both known and unknown, with Content-ID and WildFire. 11 | ©2012, Palo Alto Networks. Confidential and Proprietary.

12 WildFire Architecture 10 Gbps Threat Prevention and file scanning All traffic, all ports Web, , FTP and SMB Running in the cloud lets the malware do things that you wouldn’t allow in your network. Updates to sandbox logic without impacting the customer Stream-based malware engine to perform true inline enforcement 12 | ©2012, Palo Alto Networks. Confidential and Proprietary.

13 Single Pass Platform Architecture 13 | ©2012, Palo Alto Networks. Confidential and Proprietary.

14 PAN-OS Core Firewall Features  Strong networking foundation  Dynamic routing (BGP, OSPF, RIPv2)  Tap mode – connect to SPAN port  Virtual wire (“Layer 1”) for true transparent in-line deployment  L2/L3 switching foundation  Policy-based forwarding  VPN  Site-to-site IPSec VPN  Remote Access (SSL) VPN  QoS traffic shaping  Max/guaranteed and priority  By user, app, interface, zone, & more  Real-time bandwidth monitor  Zone-based architecture  All interfaces assigned to security zones for policy enforcement  High Availability  Active/active, active/passive  Configuration and session synchronization  Path, link, and HA monitoring  Virtual Systems  Establish multiple virtual firewalls in a single device (PA-5000, PA-4000, PA- 3000, and PA-2000 Series)  Simple, flexible management  CLI, Web, Panorama, SNMP, Syslog 14 | ©2012, Palo Alto Networks. Confidential and Proprietary. Visibility and control of applications, users and content complement core firewall features

15 Next-Generation Firewall Virtualized Platforms 15 | ©2012, Palo Alto Networks. Confidential and Proprietary. Specifications ModelSessionsRulesSecurity ZonesAddress Objects IPSec VPN Tunnels SSL VPN Tunnels VM-10050, ,50025 VM ,0002,000204, VM ,0005, ,0002, Supported on VMware ESX/ESXi 4.0 or later Minimum of 2 CPU cores, 4GB RAM, 40GB HD, 2 interfaces Supports active/passive HA without state synchronization. Does not support 802.3ad, virtual systems, jumbo frames Performance Cores AllocatedFirewall (App-ID)Threat PreventionVPNSessions per Second 2 Core500 Mbps200 Mbps100 Mbps8,000 4 Core1 Gbps600 Mbps250 Mbps8,000 8 Core1 Gbps 400 Mbps8,000

16 Enterprise-wide Next-Generation Firewall Security Perimeter App visibility and control in the firewall All apps, all ports, all the time Prevent threats Known threats Unknown/targeted malware Simplify security infrastructure Data Center Network segmentation Based on application and user, not port/IP Simple, flexible network security Integration into all DC designs Highly available, high performance Prevent threats Distributed Enterprise Consistent network security everywhere HQ/branch offices/remote and mobile users Logical perimeter Policy follows applications and users, not physical location Centrally managed 16 | ©2012, Palo Alto Networks. Confidential and Proprietary.

17 Addresses Three Key Business Problems  Safely Enable Applications  Identify more than 1,500 applications, regardless of port, protocol, encryption, or evasive tactic  Fine-grained control over applications/application functions (allow, deny, limit, scan, shape)  Addresses the key deficiencies of legacy firewall infrastructure  Systematic management of unknown applications  Prevent Threats  Stop a variety of known threats – exploits (by vulnerability), viruses, spyware  Detect and stop unknown threats with WildFire  Stop leaks of confidential data (e.g., credit card #, social security #, file/type)  Enforce acceptable use policies on users for general web site browsing  Simplify Security Infrastructure  Put the firewall at the center of the network security infrastructure  Reduce complexity in architecture and operations 17 | ©2012, Palo Alto Networks. Confidential and Proprietary.

18 Many Third Parties Reach Same Conclusion  Gartner Enterprise Network Firewall Magic Quadrant  Palo Alto Networks leading the market  Forrester IPS Market Overview  Strong IPS solution; demonstrates effective consolidation  NetworkWorld Test  Most stringent NGFW test to date; validated sustained performance  NSS Tests  IPS: Palo Alto Networks NGFW tested against competitors’ standalone IPS devices; NSS Recommended  Firewall: Traditional port-based firewall test; Palo Alto Networks most efficient by a wide margin; NSS Recommended  NGFW: Palo Alto Networks provides the best combination of protection, performance, and value; NSS Recommended (1 of only 3 NGFW recommended) 18 | ©2012, Palo Alto Networks. Confidential and Proprietary.

19 2013 Gartner Magic Quadrant for Enterprise Network Firewalls 19 | ©2013, Palo Alto Networks. Confidential and Proprietary. “Palo Alto Networks continues to both drive competitors to react in the firewall market and to move the overall firewall market forward. It is assessed as a Leader, mostly because of its NGFW design, direction of the market along the NGFW path, consistent displacement of competitors, rapidly increasing revenue and market share, and market disruption that forces competitors in all quadrants to react.” Gartner, February 2013

20 Thank You Page 20 | © 2010 Palo Alto Networks. Proprietary and Confidential.


Download ppt "Palo Alto Networks Product Overview Data Connectors March 7, 2013."

Similar presentations


Ads by Google