Palo Alto Networks Product Overview

Slides:



Advertisements
Similar presentations
All rights reserved © 2000, Alcatel 1 CPE-based VPNs Hans De Neve Alcatel Network Strategy Group.
Advertisements

Application Usage and Risk Report 7 th Edition, May 2011.
Next Generation FWs Against Modern Malware and Threads Hakan Unsal – Technical Security Consultant Tunc Cokkeser – Regional Sales Manager.
RASPro is a secure high performance remote application delivery platform through a perfect combination of application hosting and application streaming.
Govern the Flow of Data: Moving from Chaos to Control
Dynamic Computing & Dynamic Threats Requires Dynamic Security.
Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.
Palo Alto Networks Jay Flanyak Channel Business Manager
Palo Alto Networks Overview
Enabling business beyond the corporate network.
2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
Breaking the Lifecycle of the Modern Threat Santiago Polo Sr. Systems Engineer Palo Alto Networks, Inc.
Stonesoft Roadmap WHAT FEATURES WILL COME IN
New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.
1 © 2005 Cisco Systems, Inc. All rights reserved. CONFIDENTIAL AND PROPRIETARY INFORMATION Cisco Wireless Strategy Extending and Securing the Network Bill.
Next Generation Network Security Carlos Heller System Engineering.
True Unified Threat Management
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
Palo Alto Networks Threat Prevention. Palo Alto Networks at a Glance Corporate Highlights Founded in 2005; First Customer Shipment in 2007 Safely Enabling.
11 Zero Trust Networking PALO ALTO NETWORKS Zero Trust Networking April 2015 | ©2014, Palo Alto Networks. Confidential and Proprietary.1 Greg Kreiling.
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.
© 2007 Palo Alto Networks. Proprietary and Confidential Page 1 | Next Generation Firewalls Nir Zuk Founder and CTO.
Palo Alto Networks Customer Presentation
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
MIGRATION FROM SCREENOS TO JUNOS based firewall
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
The World's Most Secured Browsing Solution COCKPIT4i is a radically new, powerful solution that protects against the security risks posed by exposure to.
What Are We Missing? Practical Use of the Next-Generation Firewall: Controlling Modern Malware and Threats Jason Wessel – Solutions Architect.
Barracuda Networks Steve Scheidegger Commercial Account Manager
Palo Alto Networks Product Overview Karsten Dindorp, Computerlinks.
Next-Generation Firewall Palo Alto Networks. Page 2 | Applications Have Changed, firewalls have not The gateway at the trust border is the right place.
© 2007 Palo Alto Networks. Proprietary and Confidential Page 1 | Palo Alto Networks – next page in firewalling It’s time to fix the firewall! Tiit Sokolov.
Net Optics Confidential and Proprietary Net Optics appTap Intelligent Access and Monitoring Architecture Solutions.
What Did You Do At School Today Junior?
Asif Jinnah Microsoft IT – United Kingdom. Security Challenges in an ever changing landscape Evolution of Security Controls: Microsoft’s Secure Anywhere.
NEXT GENERATION FIREWALLS Why NGFWs are Next-Generation FWs?
© 2014 VMware Inc. All rights reserved. Palo Alto Networks VM-Series for VMware vCloud ® Air TM Next-Generation Security for Hybrid Clouds Palo Alto Networks.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Chapter 5: Implementing Intrusion Prevention
CIO Perspectives on Security Fabrício Brasileiro Regional Sales Manager.
BEN ROBINSON, ACCOUNT EXECUTIVE, PALO ALTO NETWORKS SAFELY ENABLE YOUR SAAS APPLICATIONS.
About Palo Alto Networks
DenyAll Delivering Next-Generation Application Security to the Microsoft Azure Platform to Secure Cloud-Based and Hybrid Application Deployments MICROSOFT.
Infrastructure for the People-Ready Business. Presentation Outline POINT B: Pro-actively work with your Account manager to go thru the discovery process.
Introduction to Avaya’s SDN Architecture February 2015.
©2013 Check Point Software Technologies Ltd. Small Business. Big Security New SMB Appliances Clinton Cutajar Team Leader – Information Security Computime.
©2012 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties Check Point & Security Market June 2013.
Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models.
Securing Access to Data Using IPsec Josh Jones Cosc352.
NSA 240 Overview For End Users. 2 New Challenges To Solve  Threats Are Increasing  Web 2.0 & SaaS  Impacts to servers, users & networks  Threats go.
Palo Alto Networks - Next Generation Security Platform
Firewall requirements to secure IPv6 networks – finished playing! LANCom seminar, Maribor Ides Vanneuville, Palo Alto Networks – Next-Generation firewall.
Barracuda NG Firewall ™
Palo Alto Networks Certified Network Security Engineer
Barracuda Web Security Flex
PCNSE7 Palo Alto Networks Certified Network Security Engineer
Barracuda Firewall The Next-Generation Firewall for Everyone
Barracuda Web Filtering Service
HP ProCurve Alliance + Dr Carl Windsor CISSP Major Account Manager
Securing the Network Perimeter with ISA 2004
Basic Policy Overview Palo Alto.
Threat Management Gateway
Advanced Borderless Network Architecture Sales Exam practice-questions.html.
Prevent Costly Data Leaks from Microsoft Office 365
Firewalls at UNM 11/8/2018 Chad VanPelt Sean Taylor.
UNM Enterprise Firewall
Check Point Connectra NGX R60
4/9/ :42 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
AT&T Firewall Battlecard
Presentation transcript:

Palo Alto Networks Product Overview Data Connectors March 7, 2013

Safe Harbor This presentation contains “forward-looking” statements that are based on our management’s beliefs and assumptions and on information currently available to management. Forward-looking statements include information concerning our possible or assumed future results of operations, business strategies, financing plans, competitive position, industry environment, potential growth opportunities, potential market opportunities and the effects of competition. Forward-looking statements include all statements that are not historical facts and can be identified by terms such as “anticipates,” “believes,” “could,” “seeks,” “estimates,” “intends,” “may,” “plans,” “potential,” “predicts,” “projects,” “should,” “will,” “would” or similar expressions and the negatives of those terms. Forward-looking statements involve known and unknown risks, uncertainties and other factors that may cause our actual results, performance or achievements to be materially different from any future results, performance or achievements expressed or implied by the forward-looking statements. Forward-looking statements represent our management’s beliefs and assumptions only as of the date of the prospectus. You should read the prospectus, including the Risk Factors set forth therein and the documents that we have filed as exhibits to the registration statement, of which the prospectus is a part, completely and with the understanding that our actual future results may be materially different from what we expect. Except as required by law we assume no obligation to update these forward-looking statements publicly, or to update the reasons why actual results could differ materially from those anticipated in the forward-looking statements, even if new information becomes available in the future.

Palo Alto Networks at a Glance Corporate highlights Founded in 2005; first customer shipment in 2007 Safely enabling applications Able to address all network security needs Exceptional ability to support global customers Experienced technology and management team 850+ employees globally Revenue $MM FYE July Enterprise customers Jul-10 Jul-11 Disruptive Network Security Platform: We have been described by Gartner as a disruptive security platform because in 2007 we brought to market the first next generation firewall to classify traffic based on application, regardless of the port, protocol, encryption or other evasive tactic.   Safely Enabling Applications: this means more than allowing or blocking – it means using business-relevant elements such as the application identity, who is using the application, and the type of content or threat as a more meaningful way to control network access and grow your business. This means you can build firewall policies to allow the application but apply function control, or bandwidth shaping, or threat prevention to the application. Able to Address All Network Security Needs: Platform and rich firewall feature-set that can protect the perimeter, datacenter, distributed enterprise – secure enablement policies based on application, user and content. Exceptional Growth and Global Presence: Refer to the charts on the right for growth, and we have a direct presence in more than 80 countries and support centers, hardware depots distributed worldwide. Experienced Technology and Management Team: The technology team drives our innovation and our continued efforts at disrupting the network security market – they are our most valued team members. The management team brings a rich history of steering a rapidly growing dynamic company like ours. Nov-12

Applications Have Changed, Firewalls Haven’t This slide establishes the problem. It is very similar to the original broken FW slide, but now the apps are in logical positions (perimeter or datacenter), allowing you to talk to either opportunity Use interesting examples that are not Facebook and Twitter to show that applications have changes firewalls have not. Use examples of applications that may use evasive techniques to simplify use and in so doing, avoid detection. Use applications that change state as added functions are used – they are hard for UTMS to identify, control and enable. Examples: AV vendors in the late 90s started using port 80 (it is a C/S app), AIM prompted you to find an open port, BitTorrent and Skype hop ports, use encryption, MS Lync uses 443, 3489 and a host of ports above 50,000, SharePoint and function control use a range of web ports, but it is not a web app (it uses Office! SAP, Oracle, DropBox, Box.net (Image 1) The ramifications of these changes result in an increase in business and security risks - applications act as (1) a threat vector (Email delivering a video URL but is really malware) and (2) they are threat targets (SQL injection attacks), and (3) they act as the command and control/exfiltration avenue. Network security policy is enforced at the firewall Sees all traffic Defines boundary Enables access Traditional firewalls don’t work any more

Applications: Threat Vector and a Target OPTIONAL slide Threat ramifications: Applications are a threat vector (malware) and a target (exploits) Threats target applications Used as a delivery mechanism Application specific exploits

Applications: Payload Delivery/Command & Control OPTIONAL slide exfiltration Exfiltration ramifications: Today’s threats are applications – their command/control/exfiltration requires network communications. Apps can act as the conduit for data theft. Applications provide exfiltration Confidential data Threat communication

Encrypted Applications: Unseen by Firewalls OPTIONAL slide SSL and SSH: more and more applications use encryption, rendering existing FWs useless. What happens traffic is encrypted? SSL Proprietary encryption

Technology Sprawl and Creep Aren’t the Answer “More stuff” doesn’t solve the problem Firewall “helpers” have limited view of traffic Complex and costly to buy and maintain Doesn’t address applications UTM Internet IM DLP IPS Proxy URL AV Explain why customers have deployed all of these devices – the control that once existed in the firewall has eroded over time. UTMs exist for the sole purpose of consolidating devices to save money UTMs suffer from performance issues, multiple policies, silo-based scanning, multiple databases, logs, etc UTMs are all stateful inspection based – the all make their first decision on port. This is not our value-add Enterprise Network

The Answer? Make the Firewall Do Its Job 1. Identify applications regardless of port, protocol, evasive tactic or SSL 2. Identify and control users regardless of IP address, location, or device 3. Protect against known and unknown application-borne threats 4. Fine-grained visibility and policy control over application access / functionality 5. Multi-gigabit, low latency, in-line deployment From day 1, Firewalls have always been designed to be the traffic cop on the network. Over time, they did not keep pace with the changes in L7 traffic – both applications and threats. Need to re-store the firewall to what it was originally designed to do – be a traffic cop that controls all apps, both known and unknown, not ports. On all ports, all the time Any user, any platform, any location Content scanning and threat prevention (known and unknown) 9 9 9

Why Visibility & Control Must Be In The Firewall IPS App Ctrl Policy Decision Scan Application for Threats Applications Application Traffic NGFW Application Control Application control is in the firewall = single policy Visibility across all ports, for all traffic, all the time Implications Network access decision is made based on application identity Safely enable application usage Application Control as an Add-on Port-based FW + App Ctrl (IPS) = two policies Applications are threats; only block what you expressly look for Implications Network access decision is made with no information Cannot safely enable applications Firewall IPS Applications Traffic Port Port Policy Decision App Ctrl Policy Decision Optional slide…..

Making the Firewall a Business Enablement Tool Applications: Enablement begins with application classification by App-ID. Users: Tying users and devices, regardless of location, to applications with User-ID and GlobalProtect. Content: Scanning content and protecting against all threats, both known and unknown, with Content-ID and WildFire. Classifying all applications, across all ports, all the time with App-ID. Palo Alto Networks next-generation firewalls are built upon App-ID, a traffic classification technology that identifies the applications traversing the network, regardless of port, encryption (SSL or SSH) or evasive technique employed. The knowledge of exactly which applications are traversing the network, not just the port and protocol, then becomes the basis for all security policy decisions. Unidentified applications, typically a small percentage of traffic yet high in potential risk, are automatically categorized for systematic management, which can include policy control and inspection, threat forensics, creation of a custom App-ID, or submission of a packet capture App-ID for development. Tying users and devices, not just IP addresses to applications with User-ID and GlobalProtect. The application identity is tied to the user through User-ID, allowing organizations to deploy enablement policies that are not based solely on the IP address. These policies can then be extended to any device at any location with GlobalProtect. User-ID integrates with a wide range of enterprise user repositories to provide the identity of the Microsoft Windows, Mac OS X, Linux or Android, iOS users accessing the application. GlobalProtect ensures that the remote user is protected consistently, in the same manner as they would be if they were operating on the local network. The combined visibility and control over a users' application activity means organizations can safely enable the use of Oracle, BitTorrent, or Gmail, or any other application traversing the network, no matter where or how the user is accessing the network. Protecting against all threats, both known and unknown, with Content-ID and WildFire. To protect against a blend of known exploits, malware and spyware as well as completely unknown and targeted threats, organizations can first reduce the threat footprint through an explicit deny policy for unwanted applications. Content-ID can then be used to protect the applications and associated features by blocking known vulnerability exploits, viruses, and spyware in the allowed traffic. Content-ID addresses common threat evasion tactics by executing the prevention policy using the application and protocol context generated by the decoders in App-ID. Custom or unknown malware that is not controlled through traditional signatures is addressed through WildFire, which executes unknown files and monitors for more than 100 malicious behaviors in a virtualized sandbox environment. If malware is found, a signature is automatically developed and delivered to the user community.

WildFire Architecture Running in the cloud lets the malware do things that you wouldn’t allow in your network. Updates to sandbox logic without impacting the customer 10 Gbps Threat Prevention and file scanning All traffic, all ports Web, email, FTP and SMB Stream-based malware engine to perform true inline enforcement

Single Pass Platform Architecture Use the same language from the original SP3 slide, Purpose built – use a racing vehicle analogy – any racing vehicle; a car, a motorcycle, what ever. They go fast because of the sum or their parts = engine, suspension, tires, body, driver. We did the same thing – built SW that was as efficient as possible, using a single pass to perform the heavy lifting (L7 classification and inspection) Operations once per packet - Traffic classification (app identification), Content scanning – threats, URLs, confidential data = One policy. – then we married it to a HW platform that scales upwards and downwards using dedicated processors for NW, Security (cavium multi-core), threat and management. Separate data/control planes for built-in resiliency.

PAN-OS Core Firewall Features Visibility and control of applications, users and content complement core firewall features Strong networking foundation Dynamic routing (BGP, OSPF, RIPv2) Tap mode – connect to SPAN port Virtual wire (“Layer 1”) for true transparent in-line deployment L2/L3 switching foundation Policy-based forwarding VPN Site-to-site IPSec VPN Remote Access (SSL) VPN QoS traffic shaping Max/guaranteed and priority By user, app, interface, zone, & more Real-time bandwidth monitor Zone-based architecture All interfaces assigned to security zones for policy enforcement High Availability Active/active, active/passive Configuration and session synchronization Path, link, and HA monitoring Virtual Systems Establish multiple virtual firewalls in a single device (PA-5000, PA-4000, PA-3000, and PA-2000 Series) Simple, flexible management CLI, Web, Panorama, SNMP, Syslog Wide range of platforms, all support core features needed for nw deployment. Possible examples of talk track…. Take this slide as an opportunity to talk about VSYS and how we don’t have any feature loss when enabling it as well as don’t need additional products/OS to deploy it. Discuss how reporting is built in to the FW and the same when using Panorama which is mainly used to manage many firewalls Example: discuss QoS and how we can shape traffic during widely viewed events such as March Madness, etc and tie this into our App-ID story 14 14

Next-Generation Firewall Virtualized Platforms Performance Cores Allocated Firewall (App-ID) Threat Prevention VPN Sessions per Second 2 Core 500 Mbps 200 Mbps 100 Mbps 8,000 4 Core 1 Gbps 600 Mbps 250 Mbps 8 Core 400 Mbps Specifications Model Sessions Rules Security Zones Address Objects IPSec VPN Tunnels SSL VPN Tunnels VM-100 50,000 250 10 2,500 25 VM-200 100,000 2,000 20 4,000 500 200 VM-300 250,000 5,000 40 10,000 Supported on VMware ESX/ESXi 4.0 or later Minimum of 2 CPU cores, 4GB RAM, 40GB HD, 2 interfaces Supports active/passive HA without state synchronization. Does not support 802.3ad, virtual systems, jumbo frames Exact same feature set available in HW FW is now available in virtualized form factor Licensed by capacities – not CPU or other money sucking scheme.

Enterprise-wide Next-Generation Firewall Security Perimeter App visibility and control in the firewall All apps, all ports, all the time Prevent threats Known threats Unknown/targeted malware Simplify security infrastructure Data Center Network segmentation Based on application and user, not port/IP Simple, flexible network security Integration into all DC designs Highly available, high performance Distributed Enterprise Consistent network security everywhere HQ/branch offices/remote and mobile users Logical perimeter Policy follows applications and users, not physical location Centrally managed

Addresses Three Key Business Problems Safely Enable Applications Identify more than 1,500 applications, regardless of port, protocol, encryption, or evasive tactic Fine-grained control over applications/application functions (allow, deny, limit, scan, shape) Addresses the key deficiencies of legacy firewall infrastructure Systematic management of unknown applications Prevent Threats Stop a variety of known threats – exploits (by vulnerability), viruses, spyware Detect and stop unknown threats with WildFire Stop leaks of confidential data (e.g., credit card #, social security #, file/type) Enforce acceptable use policies on users for general web site browsing Simplify Security Infrastructure Put the firewall at the center of the network security infrastructure Reduce complexity in architecture and operations

Many Third Parties Reach Same Conclusion Gartner Enterprise Network Firewall Magic Quadrant Palo Alto Networks leading the market Forrester IPS Market Overview Strong IPS solution; demonstrates effective consolidation NetworkWorld Test Most stringent NGFW test to date; validated sustained performance NSS Tests IPS: Palo Alto Networks NGFW tested against competitors’ standalone IPS devices; NSS Recommended Firewall: Traditional port-based firewall test; Palo Alto Networks most efficient by a wide margin; NSS Recommended NGFW: Palo Alto Networks provides the best combination of protection, performance, and value; NSS Recommended (1 of only 3 NGFW recommended)

2013 Gartner Magic Quadrant for Enterprise Network Firewalls “Palo Alto Networks continues to both drive competitors to react in the firewall market and to move the overall firewall market forward. It is assessed as a Leader, mostly because of its NGFW design, direction of the market along the NGFW path, consistent displacement of competitors, rapidly increasing revenue and market share, and market disruption that forces competitors in all quadrants to react.” Gartner, February 2013

Thank You © 2010 Palo Alto Networks. Proprietary and Confidential.