We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byMaya Leap
Modified about 1 year ago
New Solutions to New Threats
The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential
Security Technology Hasn’t Kept Up The gateway on the trust border is the right place to exert control - All traffic goes through - Defines trust boundary Strategy is sound… BUT… - Can only see ports, protocol, and IP address - Blind to applications, users, and content - Blind to dynamic, multipronged threats Execution is flawed Collaboration / Media SaaS Personal Page 3 | © 2008 Palo Alto Networks. Proprietary and Confidential
Threat Prevention Must Get Smarter Stop threats - Block bad applications - Block a widening array of threats (exploits, viruses, spyware downloads and phone home) Enable business - Safely enable applications - Don’t slow down business traffic – i.e., manage risk at speed of business One policy = no gaps Page 4 | © 2008 Palo Alto Networks. Proprietary and Confidential
About Palo Alto Networks Founded in 2005 by Nir Zuk, inventor of stateful inspection technology World class team with strong security and networking experience Builds next generation firewalls with innovative identification technologies that manage applications, users, and content Named Gartner Cool Vendor in 2008; 2008 Best of Interop Grand Prize Page 5 | © 2008 Palo Alto Networks. Proprietary and Confidential
Our Identification Technologies Change the Game App-ID Identify the application User-ID Identify the user Content-ID Scan the content Page 6 | © 2008 Palo Alto Networks. Proprietary and Confidential
Traditional Multi-Pass Architectures Port/Protocol-based ID L2/L3 Networking, HA, Config Management, Reporting Port/Protocol-based ID HTTP Decoder L2/L3 Networking, HA, Config Management, Reporting URL Filtering Policy Port/Protocol-based ID IPS Signatures L2/L3 Networking, HA, Config Management, Reporting IPS Policy Port/Protocol-based ID AV Signatures L2/L3 Networking, HA, Config Management, Reporting AV Policy Firewall Policy IPS Decoder AV Decoder & Proxy Page 7 | © 2008 Palo Alto Networks. Proprietary and Confidential
PAN-OS Architecture L2/L3 Networking, HA, Config Management, Reporting APP-ID CONTENT-ID Policy Engine Application Protocol Detection and Decryption Application Protocol Decoding Heuristics Application Signatures URL Filtering Real-Time Threat Prevention Data Filtering Page 8 | © 2008 Palo Alto Networks. Proprietary and Confidential
Real-Time Content Scanning With Content-ID Stream-based, not file-based, for real-time performance - Dynamic reassembly Uniform signature engine scans for broad range of threats in single pass Threat detection covers vulnerability exploits (IPS), virus, and spyware (both downloads and phone-home ) Time File-based ScanningStream-based Scanning ID Content Buffer File Time Scan File Deliver Content ID Content Scan Content Deliver Content Page 9 | © 2008 Palo Alto Networks. Proprietary and Confidential
Purpose-Built Hardware: PA-4000 Series Flash Matching HW Engine Palo Alto Networks’ uniform signatures Multiple memory banks – memory bandwidth scales performance Multi-Core Security Processor High density processing for flexible security functionality Hardware-acceleration for standardized complex functions (SSL, IPSec, decompression) Dedicated Control Plane Highly available mgmt High speed logging and route updates 10Gbps 10 Gig Network Processor Front-end network processing offloads security processors Hardware accelerated QoS, route lookup, MAC lookup and NAT. 10Gbps Control Plane Data Plane Page 10 | © 2008 Palo Alto Networks. Proprietary and Confidential
Adds Up to Superior Performance Performance Remote Office/ Medium Enterprise Large Enterprise PA-2000 Series 1Gbps; 500Mbps threat prevention PA-4000 Series 500Mbps; 200Mbps threat prevention 2Gbps; 2Gbps threat prevention 10Gbps; 5Gbps threat prevention 10Gbps; 5Gbps threat prevention (XFP interfaces) Page 11 | © 2008 Palo Alto Networks. Proprietary and Confidential
Flexible Deployment Options Application Visibility Transparent In-Line Firewall Replacement Connect to span port Enables threat and application visibility without inline deployment Connect to span port Enables threat and application visibility without inline deployment Deploy transparently behind existing firewall Enables application control and threat prevention without networking changes Deploy transparently behind existing firewall Enables application control and threat prevention without networking changes Replace existing firewall Enables threat prevention, application and network visibility and control, consolidated policy, high performance Replace existing firewall Enables threat prevention, application and network visibility and control, consolidated policy, high performance Page 12 | © 2008 Palo Alto Networks. Proprietary and Confidential
App-ID enables visibility and control over applications - Safe usage Traditional perimeter security technology hasn’t kept up with change in threats SPA Next Gen Firewall delivers - Performance - Single policy - TCO Summary Page 13 | © 2008 Palo Alto Networks. Proprietary and Confidential
Palo Alto Networks Product Overview Karsten Dindorp, Computerlinks.
© 2007 Palo Alto Networks. Proprietary and Confidential Page 1 | Palo Alto Networks – next page in firewalling It’s time to fix the firewall! Tiit Sokolov.
© 2007 Palo Alto Networks. Proprietary and Confidential Page 1 | Next Generation Firewalls Nir Zuk Founder and CTO.
Palo Alto Networks Markus Laaksonen
Next-Generation Firewall Palo Alto Networks. Page 2 | Applications Have Changed, firewalls have not The gateway at the trust border is the right place.
Palo Alto Networks Customer Presentation November 2009 Ozan Ozkara.
Next Generation FWs Against Modern Malware and Threads Hakan Unsal – Technical Security Consultant Tunc Cokkeser – Regional Sales Manager.
Next Generation Network Security Carlos Heller System Engineering.
Palo Alto Networks Solution Overview May 2010 Denis Pechnov Sales, EMEA.
Juniper Networks CONFIDENTIAL 1 MIGRATION FROM SCREENOS TO JUNOS BASED FIREWALL PRESENTER NAME JULY 2014.
Palo Alto Networks Jay Flanyak Channel Business Manager
What Did You Do At School Today Junior? Ethan West – Palo Alto Networks Systems Engineer.
© 2014 VMware Inc. All rights reserved. Palo Alto Networks VM-Series for VMware vCloud ® Air TM Next-Generation Security for Hybrid Clouds Palo Alto Networks.
Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.
Palo Alto Networks SLO WUG NG Silvester Drobnič, CHS d.o.o.
Palo Alto Networks security solution - protection against new cyber-criminal threats focused on client-side vulnerabilities Mariusz Stawowski, Ph.D., CISSP.
Palo Alto Networks Threat Prevention. Palo Alto Networks at a Glance Corporate Highlights Founded in 2005; First Customer Shipment in 2007 Safely Enabling.
NEXT GENERATION FIREWALLS Why NGFWs are Next-Generation FWs?
Business Solutions Network Security Solutions Gateway Security Endpoint Security ZoneDefence Joint Security Network Access Protection End-to-End Security.
NSA 240 Overview For End Users. 2 New Challenges To Solve Threats Are Increasing Web 2.0 & SaaS Impacts to servers, users & networks Threats go.
CIO Perspectives on Security Fabrício Brasileiro Regional Sales Manager.
Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models.
Visibility. Then Control. Keep good employees from doing bad things on the Internet.
Moving from Reactive to Proactive – DeepNines and ESU 3 Nate Jackson, Territory Manager Greg Jackson, Vice President of Technical Services Martin Rosas,
What Are We Missing? Practical Use of the Next-Generation Firewall: Controlling Modern Malware and Threats Jason Wessel – Solutions Architect.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
CCNA Security v2.0 Chapter 5: Implementing Intrusion Prevention.
Palo Alto Networks Overview March 2012 Data Connectors Micah Richardson, Account Manager.
Barracuda Networks Steve Scheidegger Commercial Account Manager
1 | © 2016, Palo Alto Networks. Confidential and Proprietary. P ALO A LTO N ETWORKS - N EXT G ENERATION S ECURITY P LATFORM Mikko Kuljukka Janne Volotinen.
25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.
APPLICATION PERFORMANCE MANAGEMENT The Next Generation.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security Network Perimeter Security Intrusion Detection and Prevention.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security Network Perimeter Security Intrusion Detection and Prevention.
Microsoft ISA Server 2000 Presented by Ricardo Diaz Ryan Fansa.
Breaking the Lifecycle of the Modern Threat Santiago Polo Sr. Systems Engineer Palo Alto Networks, Inc.
True Unified Threat Management Fortigate Technology Positioning.
SECURE CLOUD-READY DATA CENTERS AppSecure development IDC IT Security conference – 2011 Budapest.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.
Secure the Web with Blue Coat Stop the Bad. Allow the Good.
Firewalls Nathan Long Computer Science 481. What is a firewall? A firewall is a system or group of systems that enforces an access control policy between.
High Performance Web Accelerator WEB INSIGHT AG Product Introduction March – 2007 MONITORAPP Co.,Ltd.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
Palo Alto Networks Product Overview Data Connectors March 7, 2013.
Barracuda Web Filter Overview March 26, 2008 Alan Pearson, Monroe County School District Marcus Burge, Network Engineer.
PURE SECURITY Check Point UTM-1 Luděk Hrdina Marketing Manager, Eastern Europe Check Point Software Technologies Kongres bezpečnosti sítí 11. dubna 2007,
Security fundamentals Topic 10 Securing the network perimeter.
LittleOrange Internet Security an Endpoint Security Appliance.
Overview of Microsoft ISA Server. Introducing ISA Server New Product—Proxy Server In 1996, Netscape had begun to sell a web proxy product, which optimized.
© 2017 SlidePlayer.com Inc. All rights reserved.