Palo Alto Networks
Palo Alto Networks is leading a new era in cybersecurity by protecting thousands of enterprise, government, and service provider networks from cyber threats. Because of their deep expertise, commitment to innovation and game-changing security platform, thousands of customers have chosen them and they are the fastest growing security company in the market.
Their security platform natively brings together all key network security functions, including advanced threat protection, firewall, IDS/IPS, and URL filtering. Because these functions are natively built into the platform and share important information across the respective disciplines, they ensure better security than legacy firewalls, UTMs, or point threat detection products.
With their platform, organizations can safely enable the use of all applications, maintain complete visibility and control, confidently pursue new technology initiatives like cloud and mobility, and protect the organization from cyber attacks — known and unknown.
Palo Alto Networks offers a full line of next-generation security appliances that range from the PA-200, designed for enterprise remote offices, to the PA-7050, which is a modular chassis designed for high-speed datacenters. Their platform architecture is based on our single-pass software engine and uses function-specific processing for networking, security, threat prevention, and management to deliver predictable performance. The same firewall functionality that is delivered in the hardware appliances is also available in the VM-Series virtual firewall, allowing you to secure your virtualized and cloud-based computing environments using the same policies applied to your perimeter or remote office firewalls.
The VM-Series supports the exact same next-generation firewall and advanced threat prevention features available in Palo Alto’s physical form factor appliances, allowing you to safely enable applications flowing into, and across your private, public and hybrid cloud computing environments.
Automation features such as VM monitoring, dynamic address groups and a REST-based API allow you to proactively monitor VM changes dynamically feeding that context into security policies, thereby eliminating the policy lag that may occur when your VMs change.
The VM-Series supports the following virtualized environments:
- VMware® ESXi™ and NSX™
- Citrix® Netscaler SDX™
- KVM/OpenStack (Centos/RHEL, Ubuntu®)
- Amazon Web Services (AWS)
Panorama™ provides you with the ability to manage your distributed network of their firewalls from a centralized location. View of all your firewall traffic; manage all aspects of device configuration; push global policies; and generate reports on traffic patterns or security incidents — all from one central location. Panorama is available as either a dedicated management appliance or as a virtual machine.
Security subscriptions allow you to safely enable applications, users, and content by selectively adding fully integrated protection from both known and unknown threats, classification and filtering of URLs, and the ability to build logical policies based on the specific security posture of a user’s device. Most importantly, these subscriptions are seamlessly integrated, sharing the context generated by App-ID and allowing you to generate policies that protect your network while also enabling your business.
The Threat Prevention subscription adds integrated protection from a variety of network-borne threats including exploits, malware, dangerous files, and content. This powerful subscription includes IPS functionality, stream-based blocking of millions of known malware samples, protection from spyware, command-and-control traffic, and a variety of hacking tools.
The Threat Prevention subscription even goes beyond simply blocking malicious content to include the control of specific file types by policy, as well as inspecting traffic for specific content to prevent data loss. As a result, this critical subscription not only provides you with critical protection from threats, but also gives you important additional policy controls that keep your network secure.
URL filtering is enabled through an annual subscription that provides you with a URL filtering database that controls web activity based on users through URL category level controls, or through customizable white- and black-lists. The URL filtering subscription is not bound by any user limitations, which provides you with greater flexibility in terms of growth and more predictable operational expenses. The URL filtering subscription includes continual updates to the URL filtering database, as well as problem resolution.
GlobalProtect Mobile Security Manager
GlobalProtect provides a unique, integrated mobile security solution to safely enable mobile devices for business use. It consists of three key components: GlobalProtect Gateway (available on the Palo Alto Networks next-generation network security platform), GlobalProtect Mobile Security Manager (available on the Palo Alto Networks GP-100), and GlobalProtect App (available for iOS and Android devices).
The WildFire subscription provides integrated protection from advanced malware and threats. WildFire adds the increasingly important ability to proactively identify and block unknown threats such as custom or polymorphic malware, which are commonly used in modern cyberattacks.
The subscription provides you with following advanced capabilities:
- WildFire signature feed – receive new malware protections every 30 minutes covering newly discovered malware identified by WildFire.
- Integrated WildFire logs – logs automatically delivered to the firewall including analysis verdicts for all analyzed files and malware.
- WildFire API – Enables you to programmatically submit files to WildFire, as well as take advantage of WildFire integration with Bit9 and Mandiant solutions.
Advanced Endpoint Protection
Compromise isn’t inevitable, or at least it shouldn’t be. Traditional endpoint protection simply cannot keep up with the rapidly evolving threat landscape, leaving organizations vulnerable to advanced attacks.
A new approach was needed, one that could rebuild confidence in endpoint security and prevent advanced attacks originating from executables, data files or network-based exploits, known and unknown, before any malicious activity could successfully run. We call this Advanced Endpoint Protection. By focusing the solution on the attacker’s core techniques and building traps to mitigate them, the attacker’s path for exploitation becomes known, even when the attack isn’t.