Firewalls offer real-time visibility, risk-based protection.
May 1, 2008 -
By helping identify, categorize, and control applications as well as user behavior, PA-4000 Series firewalls enable enterprises to safely deploy Web 2.0 and other applications while implementing application-centric security and compliance policies. They increase visibility into, and policy control over, applications flowing in and out of networks, regardless of port, protocol, or SSL encryption. Powered by App-ID(TM) technology, firewalls facilitate move to risk-based security model.
(Archive News Story - Products mentioned in this Archive News Story may or may not be available from the manufacturer.)
|Original Press release |
Palo Alto Networks
2130 Gold Street, Suite 200
Alviso, CA, 95002
Palo Alto Networks Announces v2.0 of PAN-OS, Strengthens Application Visibility and Control Leadership
Uses the Power of App-ID(TM) for Dynamic Application Policy, Richer Reporting and Greater User Visibility
LAS VEGAS, April 28 -- INTEROP Booth 433 -- Palo Alto Networks today announced several first-to-market features for its PA-4000 Series next-generation firewalls that greatly expand the ability for organizations to identify, categorize and control applications and user behavior. As a result, enterprises can safely deploy Web 2.0 and other new, beneficial applications, while implementing effective, application-centric security and compliance policies.
Palo Alto Networks' inaugural Application Usage and Risk Report, released earlier this month, highlights that end-users are evading IT security controls and using unsanctioned applications for both professional and personal use. The report also notes the lack of visibility IT groups had into these activities. Many of these applications offer substantial benefits to the enterprise, but they often introduce significant risk via their behavior. These include risks to productivity, compliance, business continuity, operational costs and data loss/leakage.
According to Gartner research, "The days when port = protocol = application are behind us. An increasing percentage of enterprise network traffic is being funneled through a few well-known ports, more port-hopping or dynamic application content, such as Web 2.0 and other mashups. In many cases, itraffic is being encrypted."( )
App-ID(TM), Palo Alto Networks' innovative technology, is the basis for all of Palo Alto Networks' application understanding and control, and made the Application Usage and Risk Report possible. PAN-OS 2.0 leverages the power of App-ID and makes it even more compelling for enterprises by expanding on an industry-first platform for application visibility and control in three key areas:
(1) Dynamic Policy for Dynamic Applications -- using a new application browser, enterprises can dynamically categorize and filter the universe of applications by category (e.g., media, collaboration), behavior (e.g., file transfer, tunneling, port-hopping), risk level, technology (e.g., browser-based, client/server, peer-to-peer), or any combination to create policies that meet the particular risk mitigation needs of that individual, group or customer.
(2) Exposing the Value of App-ID to the Whole Enterprise -- the new reporting and visualization features of PAN-OS 2.0 include a geographical view of application traffic, executive and custom reports, and greater sharing -- through scheduled PDF and email reports.
(3) Deeper and Wider User Visibility and Control -- the new user behavior summary, expanded and improved Active Directory support, and new Captive Portal features ensure organizations see and control users as well as applications, regardless of client platform.
"Users are demanding access to new types of applications and technologies, some work-related, some not," said Steve Mullaney, Vice President of Marketing, Palo Alto Networks. "Unfortunately, because traditional security controls are inadequate, the IT group has said 'no' to most of those requests. So, users stop asking IT and start getting applications directly. The PA-4000 Series, powered by App-ID, enables organizations to move to a risk-based security model, allowing IT security folks to say yes, while still protecting the business.
The PA-4000 Series is a next-generation firewall that gives organizations unmatched visibility into, and policy control over, applications flowing in and out of its networks, regardless of port, protocol or SSL encryption. The PA-4000 Series identifies traditional and emerging applications -- including those embedded in an SSL session -- to facilitate total application access and usage control while enabling broad, real-time threat prevention.
About Palo Alto Networks
Palo Alto Networks(TM) enables visibility and policy control of applications running on enterprise networks. Based on innovative App-ID(TM) application classification technology, the Palo Alto Networks PA-4000 Series next-generation firewall accurately identifies applications -- regardless of port, protocol, evasive tactic or even SSL encryption -- at 10Gbps with no performance degradation. Enterprises can now set and enforce application usage policies to meet compliance requirements, improve threat mitigation and lower operational costs. The Palo Alto Networks team includes security and networking industry veterans from Check Point, NetScreen, McAfee, Cisco, Juniper and Blue Coat. It is backed by investors Globespan Capital Partners, Greylock Partners and Sequoia Capital. For more information, visit www.paloaltonetworks.com.
Palo Alto Networks, the Palo Alto Networks Logo and App-ID are trademarks of Palo Alto Networks, Inc. in the United States. All other trademarks, trade names or service marks used or mentioned herein belong to their respective owners.
(i) Magic Quadrant for Enterprise Network Firewalls, 2H07. Greg Young, John Pescatore, 13 September 2007.
CONTACT: Juli Greenwood of CHEN PR, +1-781-672-3137, firstname.lastname@example.org, for Palo Alto Networks