The end goal of security is to enable your operations to flourish and keep your organization out of the headlines associated with cyber breaches. This means reducing the likelihood of a successful attack. By focusing on preventing successful attacks, Palo Alto Networks Firewalls reduces cybersecurity risk so that it is manageable and quantifiable, allowing organizations to compartmentalize their biggest threats and focus on business operations. Palo Alto Networks Firewalls protects our digital way of life by safely enabling applications and preventing known and unknown threats across the network, cloud, and endpoints. The native integration of Palo Alto Networks Firewalls delivers a prevention architecture that can provide superior security at lower total cost of ownership. With Palo Alto Networks Firewalls, the discovery of a new threat triggers the automated creation and delivery of protection mechanisms to network, cloud, and endpoint environments.
Natively integrated technologies that leverage a single pass prevention architecture to exert positive control based on applications, users, and content to reduce organizational attack surface, that support open communication, orchestration, and visibility, and enable consistent security posture from the network, to the cloud, to the endpoint. Automated creation and delivery of protection mechanisms against new threats to network, cloud, and endpoint environments. Extensibility and flexibility that allows for protection of customers as they expand, move off their physical network, or adopt new technologies. Threat intelligence sharing that provides protection by taking advantage of the network effects of a community of comprehensive global threat data to minimize the spread of attacks. Palo Alto Networks Firewalls approach identifies all network traffic based on applications, users, content and devices, and lets you express your business policies in the form of easy to understand security rules.
Palo Alto Networks Firewalls
Palo Alto Networks Firewalls classifies all traffic, including encrypted traffic, based on application, application function, user and content. You can create comprehensive, precise security policies, resulting in safe enablement of applications. This lets only authorized users run sanctioned applications, greatly reducing the surface area of cyber attacks across the organization The combination of Content—IDTM and WildFire provides protection from known and unknown threats. Content—ID limits unauthorized data transfer and detects and blocks a wide range of threats. Palo Alto Networks WildFire identifies unknown malware, zero day exploits, and advanced persistent threats (APTs) through static and dynamic analysis in a scalable, virtual environment, and automatically disseminates updated protections globally. Relying on manual response to confront the volume and sophistication of cyber attacks facing organizations has led to predictable results, which will only worsen unless prevention becomes automated.
Complete visibility and precise control: Palo Alto Networks Firewalls provide complete visibility into all network traffic based on applications, users, content and devices. Automated security: Innovative features reduce manual tasks and enhance your security posture, for example, by disseminating protections from previously unknown threats globally in near real—time, correlating a series of related threat events to indicate a likely attack on your network, and using dynamic address groups in security rules to avoid updating server IP addresses frequently. The security platform has extensibility and flexibility that allows for protection of customers as they expand, move off their physical network, or adopt new technologies. Today’s security architectures are a result of adding uncoordinated security layers one at a time, making them ineffective in dealing with modern threats. Unlike legacy firewalls that are based on this “layered security” architecture, Palo Alto Networks Firewalls use a unified security design that classifies all traffic into full context before applying one set of flexible security rules in a single pass.
Allowing you to define granular, context—aware policy control, Palo Alto Networks Aperture gives you the ability to drive enforcement, and the quarantine of users and data, as soon as a violation occurs. This enables you to quickly and easily satisfy data risk compliance requirements, such as PCI and PII, while still maintaining the benefits of cloud—based applications. The use of SaaS applications is creating new risks and gaps in security visibility for malware propagation, data leakage and regulatory non—compliance.
Palo Alto Networks Aperture delivers complete visibility and granular enforcement across all user, folder and file activity within sanctioned SaaS applications, providing detailed analysis and analytics on usage without requiring any additional hardware, software or network changes. Palo Alto Networks Aperture provides complete visibility across all user, folder and file activity, providing detailed analysis that helps you transition from a position of speculation to one of knowing exactly what’s happening at any given point in time. This gives you the ability to view deep analytics into day—to—day usage, which enables you to quickly determine if there are any data risk or compliance related policy violations.
Preventing successful cyber attacks—the end goal of security is to enable your operations to flourish and keep your organization out of the headlines associated with cyber breaches. This means reducing the likelihood of a successful attack. By focusing on preventing successful attacks, the Palo Alto Networks next—generation security platform reduces cybersecurity risk so that it is manageable and quantifiable, allowing organizations to compartmentalize their biggest threats and focus on business operations.
The Palo Alto Networks next—generation security platform protects your digital way of life by safely enabling applications and preventing known and unknown threats across the network, cloud, and endpoints. The native integration of the platform delivers a prevention architecture that can provide superior security at lower total cost of ownership. Palo Alto Networks Panorama network security management lets you view all firewall traffic, manage device configuration, push global policies, and generate reports on patterns or incidents—all from one central location. Palo Alto Networks Panorama network security management provides static rules and dynamic security updates in an ever—changing threat landscape.
With a few clicks, you gain visibility into the application bandwidth and session consumption, the associated threats, as well as the source and destination of the application traffic. With this knowledge, you can proactively align application usage with your business requirements. Palo Alto Networks malware protections reduce the number of available attack vectors by terminating malware downloads. The blocked malware name, malicious URL or application, and the victim user are logged within the UI, so you have the contextual information needed to apply additional policies, if necessary.
Palo Alto Networks IPS, available within the threat prevention subscription, prevents exploits at the network level, using targeted vulnerability and exploit kit based signatures to thwart multiple variations of exploits and a wide variety of exploit kits. The Palo Alto Networks skilled threat research team, whose job it is to continuously investigate and reverse engineer network and application vulnerabilities, creates these protections and automatically pushes them to all subscribed devices on a weekly and emergency basis, fortifying your network against the latest exploits.
Defined as an environment in which you are responsible for the management of all aspects of the virtualization, hardware, compute, networking and security, a private cloud is often considered to be synonymous with your data center, and in fact, many data centers are 100 percent virtualized using VMware, Microsoft Hyper—V, KVM or other private cloud technologies. The Palo Alto Networks VM—Series allows you to protect your private cloud infrastructure using application enablement policies while simultaneously preventing known and unknown threats.
The Palo Alto Networks VM—Series supports the following private cloud environments: VMware ESXi and NSX, Citrix NetScaler SDX, Microsoft Hyper—V and KVM/OpenStack. In a public cloud, ensuring your applications and data are kept safe from attackers is your responsibility, and that is where the Palo Alto Networks VM—Series can help. The Palo Alto Networks VM—Series protects your public cloud infrastructure using application enablement policies while simultaneously preventing known and unknown threats. The Palo Alto Networks VM—Series supports the following public cloud environments: VMware vCloud Air, Amazon Web Services (AWS) and Microsoft Azure.