Presentation is loading. Please wait.

Presentation is loading. Please wait.

NOTES to presenter  Slides 3-6 are very different than what you may have seen before. Review the animation and practice them – there are some speaker.

Published byHumberto Simms Modified over 9 years ago

Similar presentations

Presentation on theme: "NOTES to presenter  Slides 3-6 are very different than what you may have seen before. Review the animation and practice them – there are some speaker."— Presentation transcript:

1 NOTES to presenter  Slides 3-6 are very different than what you may have seen before. Review the animation and practice them – there are some speaker notes. The purpose is to set the stage for complete contextual awareness, leading to what we do and why it is different.  You can then refer back to the context datapoints throughout the entire deck. 1 | ©2014, Palo Alto Networks. Confidential and Proprietary.

2 Palo Alto Networks Technology Update

3 context | ˈ kän ˌ tekst| noun the circumstances that form the setting for an event, statement, or idea, and in terms of which it can be fully understood and assessed 3 | ©2014 Palo Alto Networks. Confidential and Proprietary.

4 context intelligence action 4 | ©2014 Palo Alto Networks. Confidential and Proprietary.

5 5 | ©2014, Palo Alto Networks. Confidential and Proprietary. 344 KB file-sharing URL category pdf file type roadmap.pdf file name bjacobs user prodmgmt group canada destination country 172.16.1.10 source IP 64.81.2.23 destination IP tcp/443 destination port SSL protocol HTTP protocol slideshare application slideshare-uploading application function

6 344 KB 6 | ©2014, Palo Alto Networks. Confidential and Proprietary. unknown URL category exe file type shipment.exe file name fthomas user finance group china destination country SSL protocol HTTP protocol web-browsing application 172.16.1.10 source IP 64.81.2.23 destination IP tcp/443 destination port

7 Secondary Payload Spread Laterally Custom C2 & Hacking Data Stolen Exploit Kit Contact New Domain ZeroAccess Delivered C2 Established Hides within SSL New domain, no reputation Payload evades AV C2 hides using non- standard ports No signature for custom malware Hides in plain sight Payload evades C2 signatures Exfiltration via RDP & FTP 7 | ©2014 Palo Alto Networks. Confidential and Proprietary.

8 Context: A Unique Approach to Protecting your Network  Scans ALL applications (including SSL traffic) to secure all avenues in/out of a network, reduce the attack surface area, and provide context for forensics  Prevents attacks across ALL attack vectors (exploit, malware, DNS, command & control, and URL) with content-based signatures  Detects zero day malware & exploits using public/private cloud and automatically creates signatures for global customer base 8 | ©2014 Palo Alto Networks. Confidential and Proprietary.

9 Traditional Bolt-on Approach App Control --------- Application Signatures --------- Port/Protocol --------- Networking, policy, management, reporting Firewall- Source/Dest, User --------- Port/Protocol --------- Networking, policy, management, reporting IPS --------- IPS Signatures, IPS Decoder --------- Port/Protocol --------- Networking, policy, management, reporting Antivirus/ --------- AV Signatures Decoder & Proxy --------- Port/Protocol --------- Networking, policy, management, reporting L2 L3 L4 L5 L6 L7 9 | ©2014 Palo Alto Networks. Confidential and Proprietary.

10 PA-7050 100 gbps network connection oracle datacenter app credit card data security zone finance group 10 | ©2014 Palo Alto Networks. Confidential and Proprietary.

11 Security Performance Drivers Increasing sophistication of application level attacks, insatiable appetite for more bandwidth drive the need for scalable high performance security Internet Gateway Secure all users on all devices Requires 10+ Gbps Data Center Secure all apps, control access for all users & devices Requires 20+ Gbps Network Segmentation Contain and protect internal resources Requires 20-40+ Gbps 11 | ©2014 Palo Alto Networks. Confidential and Proprietary.

12 PA-7050: The Fastest Next-generation Firewall  Safely enable all applications; full next-generation firewall capabilities  Ground-breaking application layer performance  Simple yet flexible chassis architecture 12 | ©2014 Palo Alto Networks. Confidential and Proprietary.

13 Our Unique Approach Applied Across the Network All Applications, All Attack Vectors, All Threats Segmentation Isolate critical data, business functions Enable applications based on users Block known/unknown threats Gateway Visibility into all traffic Enable apps to reduce exposure Block known/unknown threats Datacenter Validate business applications & users Find rogue/misconfigured apps High speed threat prevention 13 | ©2014 Palo Alto Networks. Confidential and Proprietary.

14 Scalable, Purpose-built Architecture 14 | ©2014 Palo Alto Networks. Confidential and Proprietary.

15 PA-7050: Performance and Capacities Summary PA-7050 SystemPA-7000 NPC Firewall Gbps (App-ID)12020 Threat Gbps (DSRI)10016+ Threat Gbps (Full)6010 Firewall PPS (Millions)7212 IPSec VPN Gbps24 4 New sessions per second720,000 120,000 Max sessions (Millions)24 4 Virtual systems (base/max 2 )25/225 -- 15 | ©2013, Palo Alto Networks. Confidential and Proprietary. PA-7050 requires PAN-OS 6.0 All PAN-OS features are supported except Netflow DSRI and full threat metrics will be published

16 NGFW Throughput vs. Advertised Max 16 | ©2014 Palo Alto Networks. Confidential and Proprietary. Source: Performance metrics are from public facing datasheets for fully loaded Palo Alto Networks PA-7050, Check Point 61000, Juniper SRX 5800 and Fortinet 5140B

17 NGFW Security Performance Relative to Max 17 | ©2013, Palo Alto Networks. Confidential and Proprietary. Source: Performance metrics are from public facing datasheets for fully loaded Palo Alto Networks PA-7050, Check Point 61000, Juniper SRX 5800 and Fortinet 5140B

18 Scalable Linear performance and interface density with each added card High speed backplane supports future network processing cards Scalable Linear performance and interface density with each added card High speed backplane supports future network processing cards Simple & Flexible Chassis Architecture Flexible Flexible and dynamic load distribution across multiple network processing modules allows seamless scalability Flexible Flexible and dynamic load distribution across multiple network processing modules allows seamless scalability Simple Single system view for administration – all PAN-OS features supported System-wide subscriptions and support provide predictable cost model Simple Single system view for administration – all PAN-OS features supported System-wide subscriptions and support provide predictable cost model 18 | ©2014 Palo Alto Networks. Confidential and Proprietary.

19 Virtualization windows operating system sharepoint container UUID VM instance production data center 19 | ©2014 Palo Alto Networks. Confidential and Proprietary.

20 Transforming network security for the data center ChallengesSolution FW doesn’t see the trafficAutomated, transparent services insertion at workload Incomplete security capabilitiesVirtualized next-generation security supporting PAN-OS TM Static policiesDynamic security policies with VM context

21 VM-Series and VMware NSX Integration 21 | ©2014 Palo Alto Networks. Confidential and Proprietary.

22 VMware vCenter or ESXi Dynamic address groups and VM monitoring NameIPGuest OSContainer web-sjc-0110.1.1.2Ubuntu 12.04Web sp-sjc-0410.1.5.4Win 2008 R2SharePoint web-sjc-0210.1.1.3Ubuntu 12.04Web exch-mia-0310.4.2.2Win 2008 R2Exchange exch-dfw-0310.4.2.3Win 2008 R2Exchange sp-mia-0710.1.5.8Win 2008 R2SharePoint db-mia-0110.5.1.5Ubuntu 12.04MySQL db-dfw-0210.5.1.2Ubuntu 12.04MySQL PAN-OS Security Policy SourceDestinationAction PAN-OS Dynamic Address Groups NameTagsAddresses SharePoint Servers MySQL Servers Miami DC San Jose Linux Web Servers NameTagsAddresses SharePoint Servers SharePoint Win 2008 R2 “sp” MySQL Servers MySQL Ubuntu 12.04 “db” Miami DC“mia” San Jose Linux Web Servers “sjc” “web” Ubuntu 12.04 NameTagsAddresses SharePoint Servers SharePoint Win 2008 R2 “sp” 10.1.5.4 10.1.5.8 MySQL Servers MySQL Ubuntu 12.04 “db” 10.5.1.5 10.5.1.2 Miami DC“mia” 10.4.2.2 10.1.5.8 10.5.1.5 San Jose Linux Web Servers “sjc” “web” Ubuntu 12.04 10.1.1.2 10.1.1.3 IP 10.1.1.2 10.1.5.4 10.1.1.3 10.4.2.2 10.4.2.3 10.1.5.8 10.5.1.5 10.5.1.2 Name SharePoint Servers MySQL Servers Miami DC San Jose Linux Web Servers SourceDestinationAction San Jose Linux Web Servers SharePoint Servers ✔ MySQL Servers Miami DC  db-mia-0510.5.1.9Ubuntu 12.04MySQL 10.5.1.9 22 | ©2014, Palo Alto Networks. Confidential and Proprietary.

23 Introducing VM-Series on Citrix NetScaler SDX VM-Series (running PAN-OS TM ) now supported on SDX 11500 and 17550 Series: Safely enable applications by apps, users, content Protect against known and unknown threats Address risk and compliance mandates Key use cases (details on next 2 slides): Integrated solution for XA/XD deployments Multi-tenant (business units, application owners, service provider) cloud deployments 23 | ©2013, Palo Alto Networks. Confidential and Proprietary. Citrix NetScaler SDX

24 Consolidated Security and Availability for XenApp/XenDesktop 24 | ©2013, Palo Alto Networks. Confidential and Proprietary. Validated, consolidated security and ADC for XenApp/XenDesktop Secure remote access and high availability Safe application enablement for XenApp/XenDesktop users Unique User-ID & Terminal-Services agent integration Segmentation of XenApp/XenDesktop infrastructure Any User Any Device Anywhere Internet applications Citrix NetScaler SDX with VM-Series On-premise applications Citrix Receiver XenApp/XenDesktop (VDI Environment)

25 Multi-tenant Security and ADC Services 25 | ©2013, Palo Alto Networks. Confidential and Proprietary. Multi-tenant security and availability for enterprises and cloud data centers Dedicated instances of network services for different tenants Addresses independent security and load balancing needs Per application load balancing with dedicated firewalling Firewall ADC Tenant 1 Tenant 2 Tenant 3 Citrix NetScaler with VM-Series

26 WildFire registry changes DNS lookups visited URLs C2 traffic system file tampering RAT download global input 26 | ©2014 Palo Alto Networks. Confidential and Proprietary.

27 Basic WildFireWildFire Subscription WF-500 PAN-OS 5.0PAN-OS 6.0PAN-OS 5.0PAN-OS 6.0 30 minute signatures ✓✓ Public Cloud Integrated logging ✓✓✓✓ WF-500 support ✓✓ N/A API access ✓✓ Public Cloud Windows PE (DLL & EXE) ✓✓✓✓✓ PDF ✓✓ Office Documents ✓✓ Java ✓✓ Windows XP ✓✓✓✓✓ Windows 7 ✓✓✓✓✓ Android APK ✓ 27 | ©2014 Palo Alto Networks. Confidential and Proprietary.

28 GlobalProtect patched encrypted storage corporate device OS version jailbroken passcode malware installed 28 | ©2014 Palo Alto Networks. Confidential and Proprietary.

29 HeadquartersBranch Office Home Office Hotel Airport Enterprise-secured with full protection Exposed to threats, risky apps, and data leakage 29 | ©2014 Palo Alto Networks. Confidential and Proprietary.

30 GlobalProtect Mobile Security Solution

31 Summary  New, high performance hardware platforms  Continued innovation in the battle against advanced cyber threats  More security automation in virtualized environments  Expanding further into mobile security 31 | ©2014, Palo Alto Networks. Confidential and Proprietary.

32 Q&A

33

Download ppt "NOTES to presenter  Slides 3-6 are very different than what you may have seen before. Review the animation and practice them – there are some speaker."

Similar presentations

RASPro is a secure high performance remote application delivery platform through a perfect combination of application hosting and application streaming.

RASPro is a secure high performance remote application delivery platform through a perfect combination of application hosting and application streaming.
Palo Alto Networks Jay Flanyak Channel Business Manager

Palo Alto Networks Jay Flanyak Channel Business Manager
2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
Stonesoft Roadmap WHAT FEATURES WILL COME IN 2013-2014.

Stonesoft Roadmap WHAT FEATURES WILL COME IN
New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.

New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.
Cyber Threats: Industry Trends and Actionable Advice Presented by: Elton Fontaine.

Cyber Threats: Industry Trends and Actionable Advice Presented by: Elton Fontaine.
Citrix NetScaler as part of a TMG replacement

Citrix NetScaler as part of a TMG replacement
Palo Alto Networks Threat Prevention. Palo Alto Networks at a Glance Corporate Highlights Founded in 2005; First Customer Shipment in 2007 Safely Enabling.

Palo Alto Networks Threat Prevention. Palo Alto Networks at a Glance Corporate Highlights Founded in 2005; First Customer Shipment in 2007 Safely Enabling.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.

Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
Citrix Partner Update The Citrix Delivery Centre.

Citrix Partner Update The Citrix Delivery Centre.
SECURE CLOUD-READY DATA CENTERS AppSecure development IDC IT Security conference – 2011 Budapest.

SECURE CLOUD-READY DATA CENTERS AppSecure development IDC IT Security conference – 2011 Budapest.
MIGRATION FROM SCREENOS TO JUNOS based firewall

MIGRATION FROM SCREENOS TO JUNOS based firewall
Barracuda Networks Steve Scheidegger Commercial Account Manager 734-887-2422

Barracuda Networks Steve Scheidegger Commercial Account Manager
Palo Alto Networks Product Overview Karsten Dindorp, Computerlinks.

Palo Alto Networks Product Overview Karsten Dindorp, Computerlinks.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
Course 201 – Administration, Content Inspection and SSL VPN

Course 201 – Administration, Content Inspection and SSL VPN
How to protect your Virtual Datacenter Michiel van den Bos.

How to protect your Virtual Datacenter Michiel van den Bos.
Data Center Network Redesign using SDN

Data Center Network Redesign using SDN

Similar presentations

Ads by Google