Presentation is loading. Please wait.

Presentation is loading. Please wait.

New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.

Published byMaya Leap Modified over 9 years ago

Similar presentations

Presentation on theme: "New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential."— Presentation transcript:

1 New Solutions to New Threats

2 The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential

3 Security Technology Hasn’t Kept Up The gateway on the trust border is the right place to exert control - All traffic goes through - Defines trust boundary Strategy is sound… BUT… - Can only see ports, protocol, and IP address - Blind to applications, users, and content - Blind to dynamic, multipronged threats Execution is flawed Collaboration / Media SaaS Personal Page 3 | © 2008 Palo Alto Networks. Proprietary and Confidential

4 Threat Prevention Must Get Smarter Stop threats - Block bad applications - Block a widening array of threats (exploits, viruses, spyware downloads and phone home) Enable business - Safely enable applications - Don’t slow down business traffic – i.e., manage risk at speed of business One policy = no gaps Page 4 | © 2008 Palo Alto Networks. Proprietary and Confidential

5 About Palo Alto Networks Founded in 2005 by Nir Zuk, inventor of stateful inspection technology World class team with strong security and networking experience Builds next generation firewalls with innovative identification technologies that manage applications, users, and content Named Gartner Cool Vendor in 2008; 2008 Best of Interop Grand Prize Page 5 | © 2008 Palo Alto Networks. Proprietary and Confidential

6 Our Identification Technologies Change the Game App-ID Identify the application User-ID Identify the user Content-ID Scan the content Page 6 | © 2008 Palo Alto Networks. Proprietary and Confidential

7 Traditional Multi-Pass Architectures Port/Protocol-based ID L2/L3 Networking, HA, Config Management, Reporting Port/Protocol-based ID HTTP Decoder L2/L3 Networking, HA, Config Management, Reporting URL Filtering Policy Port/Protocol-based ID IPS Signatures L2/L3 Networking, HA, Config Management, Reporting IPS Policy Port/Protocol-based ID AV Signatures L2/L3 Networking, HA, Config Management, Reporting AV Policy Firewall Policy IPS Decoder AV Decoder & Proxy Page 7 | © 2008 Palo Alto Networks. Proprietary and Confidential

8 PAN-OS Architecture L2/L3 Networking, HA, Config Management, Reporting APP-ID CONTENT-ID Policy Engine Application Protocol Detection and Decryption Application Protocol Decoding Heuristics Application Signatures URL Filtering Real-Time Threat Prevention Data Filtering Page 8 | © 2008 Palo Alto Networks. Proprietary and Confidential

9 Real-Time Content Scanning With Content-ID Stream-based, not file-based, for real-time performance - Dynamic reassembly Uniform signature engine scans for broad range of threats in single pass Threat detection covers vulnerability exploits (IPS), virus, and spyware (both downloads and phone-home ) Time File-based ScanningStream-based Scanning ID Content Buffer File Time Scan File Deliver Content ID Content Scan Content Deliver Content Page 9 | © 2008 Palo Alto Networks. Proprietary and Confidential

10 Purpose-Built Hardware: PA-4000 Series Flash Matching HW Engine Palo Alto Networks’ uniform signatures Multiple memory banks – memory bandwidth scales performance Multi-Core Security Processor High density processing for flexible security functionality Hardware-acceleration for standardized complex functions (SSL, IPSec, decompression) Dedicated Control Plane Highly available mgmt High speed logging and route updates 10Gbps 10 Gig Network Processor Front-end network processing offloads security processors Hardware accelerated QoS, route lookup, MAC lookup and NAT. 10Gbps Control Plane Data Plane Page 10 | © 2008 Palo Alto Networks. Proprietary and Confidential

11 Adds Up to Superior Performance Performance Remote Office/ Medium Enterprise Large Enterprise PA-2000 Series 1Gbps; 500Mbps threat prevention PA-4000 Series 500Mbps; 200Mbps threat prevention 2Gbps; 2Gbps threat prevention 10Gbps; 5Gbps threat prevention 10Gbps; 5Gbps threat prevention (XFP interfaces) Page 11 | © 2008 Palo Alto Networks. Proprietary and Confidential

12 Flexible Deployment Options Application Visibility Transparent In-Line Firewall Replacement Connect to span port Enables threat and application visibility without inline deployment Connect to span port Enables threat and application visibility without inline deployment Deploy transparently behind existing firewall Enables application control and threat prevention without networking changes Deploy transparently behind existing firewall Enables application control and threat prevention without networking changes Replace existing firewall Enables threat prevention, application and network visibility and control, consolidated policy, high performance Replace existing firewall Enables threat prevention, application and network visibility and control, consolidated policy, high performance Page 12 | © 2008 Palo Alto Networks. Proprietary and Confidential

13 App-ID enables visibility and control over applications - Safe usage Traditional perimeter security technology hasn’t kept up with change in threats SPA Next Gen Firewall delivers - Performance - Single policy - TCO Summary Page 13 | © 2008 Palo Alto Networks. Proprietary and Confidential

14 Thank You

Download ppt "New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential."

Similar presentations

Next Generation FWs Against Modern Malware and Threads Hakan Unsal – Technical Security Consultant Tunc Cokkeser – Regional Sales Manager.

Next Generation FWs Against Modern Malware and Threads Hakan Unsal – Technical Security Consultant Tunc Cokkeser – Regional Sales Manager.
Palo Alto Networks Jay Flanyak Channel Business Manager

Palo Alto Networks Jay Flanyak Channel Business Manager
Palo Alto Networks Overview

Palo Alto Networks Overview
Business Solutions Network Security Solutions Gateway Security

Business Solutions Network Security Solutions Gateway Security
Breaking the Lifecycle of the Modern Threat Santiago Polo Sr. Systems Engineer Palo Alto Networks, Inc.

Breaking the Lifecycle of the Modern Threat Santiago Polo Sr. Systems Engineer Palo Alto Networks, Inc.
Visibility. Then Control. Keep good employees from doing bad things on the Internet.

Visibility. Then Control. Keep good employees from doing bad things on the Internet.
IBM Security Network IPS models, End of Support Dates and Replacement options 1.

IBM Security Network IPS models, End of Support Dates and Replacement options 1.
Next Generation Network Security Carlos Heller System Engineering.

Next Generation Network Security Carlos Heller System Engineering.
True Unified Threat Management

True Unified Threat Management
Palo Alto Networks Threat Prevention. Palo Alto Networks at a Glance Corporate Highlights Founded in 2005; First Customer Shipment in 2007 Safely Enabling.

Palo Alto Networks Threat Prevention. Palo Alto Networks at a Glance Corporate Highlights Founded in 2005; First Customer Shipment in 2007 Safely Enabling.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.

Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.
Palo Alto Networks Solution Overview May 2010 Denis Pechnov Sales, EMEA.

Palo Alto Networks Solution Overview May 2010 Denis Pechnov Sales, EMEA.
© 2007 Palo Alto Networks. Proprietary and Confidential Page 1 | Next Generation Firewalls Nir Zuk Founder and CTO.

© 2007 Palo Alto Networks. Proprietary and Confidential Page 1 | Next Generation Firewalls Nir Zuk Founder and CTO.
Palo Alto Networks Customer Presentation

Palo Alto Networks Customer Presentation
SECURE CLOUD-READY DATA CENTERS AppSecure development IDC IT Security conference – 2011 Budapest.

SECURE CLOUD-READY DATA CENTERS AppSecure development IDC IT Security conference – 2011 Budapest.
MIGRATION FROM SCREENOS TO JUNOS based firewall

MIGRATION FROM SCREENOS TO JUNOS based firewall
1 Cost-Effective Strategies for Countering Security Threats: IPSEC, SSLi and DDoS Mitigation Bruce Hembree, Senior Systems Engineer A10 Networks.

1 Cost-Effective Strategies for Countering Security Threats: IPSEC, SSLi and DDoS Mitigation Bruce Hembree, Senior Systems Engineer A10 Networks.
Barracuda Web Filter Overview March 26, 2008 Alan Pearson, Monroe County School District Marcus Burge, Network Engineer.

Barracuda Web Filter Overview March 26, 2008 Alan Pearson, Monroe County School District Marcus Burge, Network Engineer.

Similar presentations

Ads by Google