NOTES to presenter  Slides 3-6 are very different than what you may have seen before. Review the animation and practice them – there are some speaker.

Slides:



Advertisements
Similar presentations
RASPro is a secure high performance remote application delivery platform through a perfect combination of application hosting and application streaming.
Advertisements

Palo Alto Networks Jay Flanyak Channel Business Manager
2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
Stonesoft Roadmap WHAT FEATURES WILL COME IN
New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.
Cyber Threats: Industry Trends and Actionable Advice Presented by: Elton Fontaine.
Citrix NetScaler as part of a TMG replacement
Palo Alto Networks Threat Prevention. Palo Alto Networks at a Glance Corporate Highlights Founded in 2005; First Customer Shipment in 2007 Safely Enabling.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.
Unified Logs and Reporting for Hybrid Centralized Management
Citrix Partner Update The Citrix Delivery Centre.
SECURE CLOUD-READY DATA CENTERS AppSecure development IDC IT Security conference – 2011 Budapest.
MIGRATION FROM SCREENOS TO JUNOS based firewall
Barracuda Networks Steve Scheidegger Commercial Account Manager
Palo Alto Networks Product Overview Karsten Dindorp, Computerlinks.
Norman SecureSurf Protect your users when surfing the Internet.
Course 201 – Administration, Content Inspection and SSL VPN
How to protect your Virtual Datacenter Michiel van den Bos.
Data Center Network Redesign using SDN
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
PURE SECURITY Check Point UTM-1 Luděk Hrdina Marketing Manager, Eastern Europe Check Point Software Technologies Kongres bezpečnosti sítí 11. dubna 2007,
Barracuda Load Balancer Server Availability and Scalability.
Palo Alto Networks Modern Malware Cory Grant Regional Sales Manager Palo Alto Networks.
The Citrix Delivery Center. 2 © 2008 Citrix Systems, Inc. — All rights reserved Every Day, IT Gets More Complex EMPLOYEES PARTNERS CUSTOMERS.
© 2014 VMware Inc. All rights reserved. Palo Alto Networks VM-Series for VMware vCloud ® Air TM Next-Generation Security for Hybrid Clouds Palo Alto Networks.
Deploying XenApp and XenDesktop with BIG-IP Brent Imhoff – Field Systems Engineer Gary Zaleski – Solutions Architect Michael Koyfman – Solutions Architect.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Q XenDesktop & Windows Server 2012 Value Add – RDS & VDI.
CIO Perspectives on Security Fabrício Brasileiro Regional Sales Manager.
Network security Product Group 2 McAfee Network Security Platform.
BEN ROBINSON, ACCOUNT EXECUTIVE, PALO ALTO NETWORKS SAFELY ENABLE YOUR SAAS APPLICATIONS.
Micro segmentation with Next Generation Firewall and Vmware NSX
Microsoft ISA Server 2000 Presented by Ricardo Diaz Ryan Fansa.
Security fundamentals Topic 10 Securing the network perimeter.
Sky Advanced Threat Prevention
Connected Security Your best defense against advanced threats Anne Aarness – Intel Security.
IS3220 Information Technology Infrastructure Security
©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Endpoint Security VPN R75 (SecureClient Next Generation)
V2 January © 2015 Citrix | Confidential – Content in this presentation is under NDA. NetScaler Pitch Deck One solution for all apps.
Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
NSA 240 Overview For End Users. 2 New Challenges To Solve  Threats Are Increasing  Web 2.0 & SaaS  Impacts to servers, users & networks  Threats go.
Palo Alto Networks - Next Generation Security Platform
Architecting Enterprise Workloads on AWS Mike Pfeiffer.
Barracuda NG Firewall ™
Accelerating Your Journey to a Safe Cloud
Barracuda SSL VPN Remote, Authenticated Access to Applications and Data.
Barracuda SSL VPN Remote, Authenticated Access to Applications and Data Version 2.6 | July 2014.
Barracuda SSL VPN Remote, Authenticated Access to Applications and Data.
Advanced Endpoint Security Data Connectors-Charlotte January 2016
BUILD SECURE PRODUCTS AND SERVICES
Grow Your Business with the Security Leader
Barracuda Firewall The Next-Generation Firewall for Everyone
Boost VM Density with AV Designed for VDI
Web Content Security Unlock the Power of the Web
Barracuda Web Security Flex
Barracuda SSL VPN Remote, Authenticated Access to Applications and Data.
Grow Your Business with the Security Leader
Barracuda Web Filtering Service
Threat Management Gateway
New Features for Virtualized Environments
Virtualization & Security real solutions
Prevent Costly Data Leaks from Microsoft Office 365
Firewalls at UNM 11/8/2018 Chad VanPelt Sean Taylor.
11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
The Next Generation Cyber Security in the 4th Industrial Revolution
Defending high value targets in the cloud using IP Reputation
F5 Networks Solutions Silverline Silverline
Designing IIS Security (IIS – Internet Information Service)
Presentation transcript:

NOTES to presenter  Slides 3-6 are very different than what you may have seen before. Review the animation and practice them – there are some speaker notes. The purpose is to set the stage for complete contextual awareness, leading to what we do and why it is different.  You can then refer back to the context datapoints throughout the entire deck. 1 | ©2014, Palo Alto Networks. Confidential and Proprietary.

Palo Alto Networks Technology Update

context | ˈ kän ˌ tekst| noun the circumstances that form the setting for an event, statement, or idea, and in terms of which it can be fully understood and assessed 3 | ©2014 Palo Alto Networks. Confidential and Proprietary.

context intelligence action 4 | ©2014 Palo Alto Networks. Confidential and Proprietary.

5 | ©2014, Palo Alto Networks. Confidential and Proprietary. 344 KB file-sharing URL category pdf file type roadmap.pdf file name bjacobs user prodmgmt group canada destination country source IP destination IP tcp/443 destination port SSL protocol HTTP protocol slideshare application slideshare-uploading application function

344 KB 6 | ©2014, Palo Alto Networks. Confidential and Proprietary. unknown URL category exe file type shipment.exe file name fthomas user finance group china destination country SSL protocol HTTP protocol web-browsing application source IP destination IP tcp/443 destination port

Secondary Payload Spread Laterally Custom C2 & Hacking Data Stolen Exploit Kit Contact New Domain ZeroAccess Delivered C2 Established Hides within SSL New domain, no reputation Payload evades AV C2 hides using non- standard ports No signature for custom malware Hides in plain sight Payload evades C2 signatures Exfiltration via RDP & FTP 7 | ©2014 Palo Alto Networks. Confidential and Proprietary.

Context: A Unique Approach to Protecting your Network  Scans ALL applications (including SSL traffic) to secure all avenues in/out of a network, reduce the attack surface area, and provide context for forensics  Prevents attacks across ALL attack vectors (exploit, malware, DNS, command & control, and URL) with content-based signatures  Detects zero day malware & exploits using public/private cloud and automatically creates signatures for global customer base 8 | ©2014 Palo Alto Networks. Confidential and Proprietary.

Traditional Bolt-on Approach App Control Application Signatures Port/Protocol Networking, policy, management, reporting Firewall- Source/Dest, User Port/Protocol Networking, policy, management, reporting IPS IPS Signatures, IPS Decoder Port/Protocol Networking, policy, management, reporting Antivirus/ AV Signatures Decoder & Proxy Port/Protocol Networking, policy, management, reporting L2 L3 L4 L5 L6 L7 9 | ©2014 Palo Alto Networks. Confidential and Proprietary.

PA gbps network connection oracle datacenter app credit card data security zone finance group 10 | ©2014 Palo Alto Networks. Confidential and Proprietary.

Security Performance Drivers Increasing sophistication of application level attacks, insatiable appetite for more bandwidth drive the need for scalable high performance security Internet Gateway Secure all users on all devices Requires 10+ Gbps Data Center Secure all apps, control access for all users & devices Requires 20+ Gbps Network Segmentation Contain and protect internal resources Requires Gbps 11 | ©2014 Palo Alto Networks. Confidential and Proprietary.

PA-7050: The Fastest Next-generation Firewall  Safely enable all applications; full next-generation firewall capabilities  Ground-breaking application layer performance  Simple yet flexible chassis architecture 12 | ©2014 Palo Alto Networks. Confidential and Proprietary.

Our Unique Approach Applied Across the Network All Applications, All Attack Vectors, All Threats Segmentation Isolate critical data, business functions Enable applications based on users Block known/unknown threats Gateway Visibility into all traffic Enable apps to reduce exposure Block known/unknown threats Datacenter Validate business applications & users Find rogue/misconfigured apps High speed threat prevention 13 | ©2014 Palo Alto Networks. Confidential and Proprietary.

Scalable, Purpose-built Architecture 14 | ©2014 Palo Alto Networks. Confidential and Proprietary.

PA-7050: Performance and Capacities Summary PA-7050 SystemPA-7000 NPC Firewall Gbps (App-ID)12020 Threat Gbps (DSRI) Threat Gbps (Full)6010 Firewall PPS (Millions)7212 IPSec VPN Gbps24 4 New sessions per second720, ,000 Max sessions (Millions)24 4 Virtual systems (base/max 2 )25/ | ©2013, Palo Alto Networks. Confidential and Proprietary. PA-7050 requires PAN-OS 6.0 All PAN-OS features are supported except Netflow DSRI and full threat metrics will be published

NGFW Throughput vs. Advertised Max 16 | ©2014 Palo Alto Networks. Confidential and Proprietary. Source: Performance metrics are from public facing datasheets for fully loaded Palo Alto Networks PA-7050, Check Point 61000, Juniper SRX 5800 and Fortinet 5140B

NGFW Security Performance Relative to Max 17 | ©2013, Palo Alto Networks. Confidential and Proprietary. Source: Performance metrics are from public facing datasheets for fully loaded Palo Alto Networks PA-7050, Check Point 61000, Juniper SRX 5800 and Fortinet 5140B

Scalable Linear performance and interface density with each added card High speed backplane supports future network processing cards Scalable Linear performance and interface density with each added card High speed backplane supports future network processing cards Simple & Flexible Chassis Architecture Flexible Flexible and dynamic load distribution across multiple network processing modules allows seamless scalability Flexible Flexible and dynamic load distribution across multiple network processing modules allows seamless scalability Simple Single system view for administration – all PAN-OS features supported System-wide subscriptions and support provide predictable cost model Simple Single system view for administration – all PAN-OS features supported System-wide subscriptions and support provide predictable cost model 18 | ©2014 Palo Alto Networks. Confidential and Proprietary.

Virtualization windows operating system sharepoint container UUID VM instance production data center 19 | ©2014 Palo Alto Networks. Confidential and Proprietary.

Transforming network security for the data center ChallengesSolution FW doesn’t see the trafficAutomated, transparent services insertion at workload Incomplete security capabilitiesVirtualized next-generation security supporting PAN-OS TM Static policiesDynamic security policies with VM context

VM-Series and VMware NSX Integration 21 | ©2014 Palo Alto Networks. Confidential and Proprietary.

VMware vCenter or ESXi Dynamic address groups and VM monitoring NameIPGuest OSContainer web-sjc Ubuntu 12.04Web sp-sjc Win 2008 R2SharePoint web-sjc Ubuntu 12.04Web exch-mia Win 2008 R2Exchange exch-dfw Win 2008 R2Exchange sp-mia Win 2008 R2SharePoint db-mia Ubuntu 12.04MySQL db-dfw Ubuntu 12.04MySQL PAN-OS Security Policy SourceDestinationAction PAN-OS Dynamic Address Groups NameTagsAddresses SharePoint Servers MySQL Servers Miami DC San Jose Linux Web Servers NameTagsAddresses SharePoint Servers SharePoint Win 2008 R2 “sp” MySQL Servers MySQL Ubuntu “db” Miami DC“mia” San Jose Linux Web Servers “sjc” “web” Ubuntu NameTagsAddresses SharePoint Servers SharePoint Win 2008 R2 “sp” MySQL Servers MySQL Ubuntu “db” Miami DC“mia” San Jose Linux Web Servers “sjc” “web” Ubuntu IP Name SharePoint Servers MySQL Servers Miami DC San Jose Linux Web Servers SourceDestinationAction San Jose Linux Web Servers SharePoint Servers ✔ MySQL Servers Miami DC  db-mia Ubuntu 12.04MySQL | ©2014, Palo Alto Networks. Confidential and Proprietary.

Introducing VM-Series on Citrix NetScaler SDX VM-Series (running PAN-OS TM ) now supported on SDX and Series: Safely enable applications by apps, users, content Protect against known and unknown threats Address risk and compliance mandates Key use cases (details on next 2 slides): Integrated solution for XA/XD deployments Multi-tenant (business units, application owners, service provider) cloud deployments 23 | ©2013, Palo Alto Networks. Confidential and Proprietary. Citrix NetScaler SDX

Consolidated Security and Availability for XenApp/XenDesktop 24 | ©2013, Palo Alto Networks. Confidential and Proprietary. Validated, consolidated security and ADC for XenApp/XenDesktop Secure remote access and high availability Safe application enablement for XenApp/XenDesktop users Unique User-ID & Terminal-Services agent integration Segmentation of XenApp/XenDesktop infrastructure Any User Any Device Anywhere Internet applications Citrix NetScaler SDX with VM-Series On-premise applications Citrix Receiver XenApp/XenDesktop (VDI Environment)

Multi-tenant Security and ADC Services 25 | ©2013, Palo Alto Networks. Confidential and Proprietary. Multi-tenant security and availability for enterprises and cloud data centers Dedicated instances of network services for different tenants Addresses independent security and load balancing needs Per application load balancing with dedicated firewalling Firewall ADC Tenant 1 Tenant 2 Tenant 3 Citrix NetScaler with VM-Series

WildFire registry changes DNS lookups visited URLs C2 traffic system file tampering RAT download global input 26 | ©2014 Palo Alto Networks. Confidential and Proprietary.

Basic WildFireWildFire Subscription WF-500 PAN-OS 5.0PAN-OS 6.0PAN-OS 5.0PAN-OS minute signatures ✓✓ Public Cloud Integrated logging ✓✓✓✓ WF-500 support ✓✓ N/A API access ✓✓ Public Cloud Windows PE (DLL & EXE) ✓✓✓✓✓ PDF ✓✓ Office Documents ✓✓ Java ✓✓ Windows XP ✓✓✓✓✓ Windows 7 ✓✓✓✓✓ Android APK ✓ 27 | ©2014 Palo Alto Networks. Confidential and Proprietary.

GlobalProtect patched encrypted storage corporate device OS version jailbroken passcode malware installed 28 | ©2014 Palo Alto Networks. Confidential and Proprietary.

HeadquartersBranch Office Home Office Hotel Airport Enterprise-secured with full protection Exposed to threats, risky apps, and data leakage 29 | ©2014 Palo Alto Networks. Confidential and Proprietary.

GlobalProtect Mobile Security Solution

Summary  New, high performance hardware platforms  Continued innovation in the battle against advanced cyber threats  More security automation in virtualized environments  Expanding further into mobile security 31 | ©2014, Palo Alto Networks. Confidential and Proprietary.

Q&A

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.