Palo Alto Networks

Palo Alto Networks is one of the global leaders in the cybersecurity space. It was founded in 2005, driven by the emerging need to safely enable the use of modern network applications. Traditional firewalls utilise simple rules, port numbers and protocols to filter traffic without an in-depth understanding of what is being blocked or allowed. To overcome this limitation Palo Alto Networks developed the Next Generation firewall with the ability to identify network applications and provide fine-grained controls and in-depth protection regardless of port numbers or protocols used. Next Generation firewalls inspect and understand all layers of the networking stack as well as the network applications enabling them to intelligently block threats invisible to traditional firewalls.

In recent years Palo Alto Networks have expanded their offerings from the original Next Generation firewalls and now provide a wide range of products and solutions as part of a comprehensive, defence-in-depth portfolio:

• STRATA: Next Generation firewalls, associated security services, PAN-OS SD-WAN
• Prisma: Prisma Access, Palo Alto Networks’ Secure Access Service Edge (SASE) solution, Prisma Cloud and Prisma SD-WAN
• Cortex: Cortex XDR and XSOAR, endpoint protection and response, Cortex Data Lake, Cortex Xpanse for Attack Surface Management and Autofocus for Threat Intelligence

The Palo Alto networks STRATA range of products includes their Next Generation firewalls and associated security services. The PA series, Palo Alto Networks’ physical appliances, range from small form-factor firewalls such as the PA-220 for small business and offices, to the modular PA-7000 series designed for large enterprises and service providers.

These Next Generation firewalls are also made available as virtualized appliances through the VM series, as part of the Prisma range of products. This enables the firewall to be run as a virtual machine in virtualized data centres, private Clouds as well as public Cloud environments such as Microsoft Azure, Amazon Web Services and Google Cloud.

Panorama is Palo Alto networks’ network security management platform offering centralized features that provide simplified device and configuration management, insight into network-wide traffic and the ability for customers to manage their fleet of firewalls, at scale from a single console.

The security services available for Palo Alto Networks Next Generation firewalls enable advanced, integrated functionality that goes beyond the built-in fine grained, application aware controls, introducing IDS, IPS and other security functionality to the platform:

• Threat Prevention: Threat Prevention consists of Antivirus, Anti-Spyware and Vulnerability Protection blocking known client- and server-side vulnerability exploits, malware, and command and control. Signatures are continuously updated to ensure the platform stays up to date with the latest emerging threats.
• Advanced URL Filtering: Advanced URL Filtering categorizes and blocks never-before-seen malicious URLs in milliseconds, before they have a chance to infect your network and end users, using the industry’s first inline ML Machine Learning powered web protection engine.
• DNS Security: DNS Security blocks DNS based attacks by applying predictive analytics, Machine Learning and automation, disrupting DNS based command and control or data theft attempts.
• WildFire: WildFire is Palo Alto Networks’ cloud-delivered malware analysis service. It detects previously unknown threats by analysing unknown files, email attachments and links in a sandbox environment including the industry’s first bare metal analysis engine. Signatures are updated in real-time reducing the exposure window to an absolute minimum.
• IoT: IoT services on the Palo Alto networks platform combine Machine Learning for accurate device discovery, risk assessment and prevention via native policy enforcement helping customers to identify, secure and manage the risk created by unmanaged IoT and IT devices.
• DLP: Enterprise Data Loss Prevention is a cloud-delivered, enterprise-grade data security service that discovers sensitive data across your networks, clouds and users and automatically monitors and protects it.
• SaaS Security: The integrated SaaS security service is designed detect and secure new SaaS applications, protect data and prevent zero-day threats, reducing shadow IT problems caused by unsanctioned SaaS apps and the associated data loss and non-compliance risks
• SD-WAN: The SD-WAN service implements integrated, secure Software-Defined WAN functionality to securely connect branch offices taking advantage of the native security controls.

Palo Alto Networks is the undisputed leader in the Next Generation firewalls space and has been a Gartner Magic Quadrant leader for nine consecutive years.

Palo Alto Networks’ Next Generation firewalls have been designed from the ground up, with modern security requirements in mind. Their appliances are based on a unique Single Pass Parallel Processing (SP3) Architecture combining Single Pass software and Parallel Processing hardware. This ensures that all advanced security functions can be performed in parallel so that packet processing can be completed in a single pass enabling low-latency, high-throughput network security. Unlike other vendor’s platforms which operate on blade and similar architectures, where each additional enabled security feature brings performance degradation and latency increase with it, Palo Alto Networks firewalls operate with reliably high and consistent performance regardless of the number of advanced security features activated.

Palo Alto Networks Next Generation firewalls are available as physical appliances in all sizes as well as virtual editions for virtualized data centres, private Clouds and public Cloud environments such as Microsoft Azure, Amazon Web Services and Google Cloud. All versions share the same User Interface and can be managed by the Panorama, the centralized management platform.

Palo Alto networks firewalls consolidate multiple security functions into a single, integrated platform, safely enabling traffic between users and applications across endpoints, networks, Cloud and SaaS environments.

The platform’s unified management and single interface user experience, as well as the native integration of a broad range of in-depth security services, reduce management complexity for IT and security teams and total cost of ownership (TCO), combining the functionality of IDS, IPS and fine-grained, network application aware access control on a single platform.

Palo Alto Networks’ Next Generation firewalls enable businesses to build secure and scalable, high performance and are key building blocks of a Zero Trust Architecture.

In a Zero Trust Architecture, the core assumptions are that nothing and no one should be trusted, that trust in itself is a vulnerability and that the Protect Surface, a subset of the organization’s Attack Surface, must be shielded from everything. The Attack Surface is defined as the sum of all points where an attacker can attempt to gain unauthorized access. This includes all systems and services, connected or disconnected, internal or external. The Protect Surface on the other hand is a limited collection of all critical data, assets, applications, and services, otherwise referred to as DAAS. Unlike the Attack Surface, the Protect Surface is usually magnitudes smaller and can be clearly identified.

Palo Alto Networks’ Next Generation firewalls are the perfect control elements to build a micro-perimeter around the Protect Surface. Their reliably outstanding performance and industry leading security features running at wire-speed ensure the crown jewels behind the Protect Surface can be kept secure without compromising availability, performance or user experience.