SlideShare a Scribd company logo

Next-gen security platform protects digital way of life

Tran Thi Thuy Tuyet
Tran Thi Thuy Tuyet

Palo Alto Networks brochure

Devices & Hardware
1 of 8
NEXT-GEN SECURITY PLATFORMpaloaltonetworks.com Consulting_APAC@paloaltonetworks.com
2 DIGITALWAYOFLIFE PROTECTINGOUR The Digital Age Brings Risk and Reward Today’s digital landscape has seen tectonic shifts in recent years with innovations in technology. These innovations have improved our way of life and doing business, but have also provided more entry-points for cyber criminals. Due to the threats in cyberspace, enterprises and organizations are exposed to unprecedented risks. The number of victims of cyberattacks published by various research organizations are increasing by more than 50% every year. Typical cyberattacks include unauthorized access, targeted attacks, DoS attacks, phishing, spoofing, and TEMPEST. Attacks that target enterprises and organizations are rapidly increasing. In contrast to conventional threats committed just for fun, targeted attacks are conducted by organized groups in a more sophisticated manner, targeting valuable data and information. The cumulative effect of this is the undermining of the fundamental trust in technology that enables the digital age. Security Measures at the Perimeter are not Sufficient Advanced cyberattacks that are stealthy and persistent avoid traditional security measures throughout the attack lifecycle in a sophisticated manner. Moreover, some of the attacks target external businesses that have authorized access rights and infect them with malware to steal IDs and passwords to access the network. Such cyberattack techniques suggest that security measures at the organisational perimeter are not sufficient. Pitfalls in Protection That Combine Security Products from Various Vendors Organisations have implemented multi-layered protection using various security devices such as firewalls, antivirus, sandboxes, and intrusion prevention systems (IPS). With legacy security solutions, to the extent that organisations successfully detect any of the thousands of daily threats, protection and remediation require manual intervention. There is no capability to automatically coordinate or communicate with other security technologies on the network, let alone with other networks not in your organization. This is a problem because defenders increasingly rely on their least scalable resource—people—to fight machine-generated attacks. The Palo Alto Networks Next-Generation Security Platform enables enterprises, service providers, and governments to protect our digital way of life with a prevention-first approach to cybersecurity. Our platform allows organizations to reduce their threat exposure by first enabling the applications for all users or devices regardless of location, then preventing threats within application flows and tying application use to user identities across physical and cloud-based networks. NEXT-GEN SECURITY PLATFORM NEXT-GENERATION FIREWALL THREATINTELLIGENCE CLOUD AUTOMATED EXTENSIBLENATIVELY INTEGRATED ADVANCED ENDPOINT PROTECTION CLOUD NETWO R K EN DPOINT 21
NEXT-GEN As the foundational element of our enterprise security platform, App-ID provides visibility and control over applications – even those that try to evade detection by masquerading as legitimate traffic, hopping ports or sneaking through the firewall using encryption (TLS/SSL or SSH). App-ID includes a database containing well over two thousand applications, with new applications typically added every week. The application identification engine implemented in the next-generation firewall accurately identifies applications in all traffic passing through the network. ● Automatically identifies applications using multiple identification mechanisms, unlike conventional firewalls that could identify applications only by their IP addresses, ports and protocols. ● Capable of identifying traffic: communications disguised as authorized traffic, communications using dynamic ports, communications trying to go through the firewall via an SSL encryption tunnel. Even SSL or SSH encrypted communications are examined by decrypting contents with policy-based decryption, and application identification and contents scanning can be performed. ● Applies policy-based identification, decryption, and inspection to inbound and outbound SSL traffic. ● Performs policy-based identification and control of SSH tunneled traffic. APP-ID Examines encrypted traffic You can control application use depending on the business and security risks because application activities can be identified for each user (or for each group), as well as for each IP address. ● Who uses which application when and how long is visualized. Permission, prohibition, and warnings for each user can be controlled. ● Identifies users (groups) in collaboration third-party directory services, WLAN controllers, proxies, terminal servers, and more. By using various tools for visualization, analysis, and reporting, you can quickly ascertain movements on the network and perform incident analysis. ● Automatically correlate indicators of threats for improved visibility and confirmation of compromised hosts across your network. ● Centrally analyze, investigate and report on network traffic, security incidents and administrative modifications. ● View a highly customizable graphical summary of applications, users, content, and security threats. ● Generate actionable, customizable reports to view application and threat traffic, SaaS usage, and user behavior across your organization. USER-ID Visualizes usage status and attack trends Content-ID™ technology delivers a new approach based on the complete analysis of all allowed traffic, using multiple advanced threat prevention technologies in a single, unified engine. ● Blocks vulnerability exploits, buffer overflows, and port scans, protects you from the evasion and obfuscation methods used by attackers. Stops malware outbound communications, blocks access to known malware and phishing download sites, and reduces the risks associated with the transfer of unauthorized files and data. ● Uses a single stream-based approach that simplifies management, streamlines processing, and maximizes performance. The next-generation firewall secures virtualized datacenters, public and private clouds, and diverse mobile environments by securely enabling applications and preventing threats. ● VM-Series virtualized next-generation firewalls support the same next-generation firewall and threat prevention features provided by the physical appliances. Supported environments include: VMware NSX, ESXi, vCloudAir, Amazon Web Services, Microsoft Azure and Hyper-V, KVM and Citrix SDX. ● GlobalProtect that provides protection functions of nextgeneration firewall for various mobile devices used inside and outside of the organization iOS, Android, Windows, and Mac devices are supported. CONTENT-ID Supports various forms of deployment ● Inspects and controls content traversing the network to detect and block known and unknown threats in a single pass. ● Proactively identifies and defends against unknown, new or custom malware and exploits. ● Single-pass software architecture maximizes performance by scanning traffic only once, regardless of which features are enabled. 43
WildFire™ controls unknown threats intelligently. One of the largest threat analysis services in the world ● By using sandbox technology, received files and URLs are executed and analyzed in a protected virtual environment in the cloud, and unknown threats used by targeted attacks are discovered. ● For detected malware are distributed in as little as 5 minutes. ● Malware detection information worldwide is shared in the cloud, and detection logic and the virtual environment are updated to always respond to the latest threats. To discover unknown malware or exploits, the contents are executed and detected on various operating systems (OS) such as Windows and mobile devices. ● Various files: Windows PE (EXE and DLL), PDF, Microsoft Office, Java, Android APK, and Adobe Flash (6.1 and later) are supported. ● Links in e-mails are accessed and analyzed to know whether the websites contain any threats. Security managers can access WildFire analysis reports on the management screen for managers or the WildFire portal, and see how malware will behave and affect the system when the file is opened. WildFire reports enable incident response teams to quickly and easily respond to new threats and build preventive control measures for them. Unknown threats in various files are analysed Easy to understand WildFire reports Conventional sandboxes support only fixed versions of applications on fixed versions of OSs of the prepared virtual environments and they cannot detect malware that runs only on specific versions. On the other hand, WildFire service supports multiple version inspection that can simultaneously analyze multiple versions of an application to analyze malware's behavior in greater detail. Each version of Adobe Acrobat Reader, Adobe Flash (6.1 and later), and Microsoft Office is supported. WildFire service running in a cloud environment provides scalability and high expandability of the sandbox environment. In addition, hybrid operation together with WF-500, an on-site version appliance, is supported allowing various malware analysis. ● A sandbox environment in the cloud that does not require consideration of processing capacity ● New applications, versions, and file types are supported as needed. ● Distributed operations are possible, such as files downloaded from the Web are analyzed by the cloud service and files attached to e-mail are analyzed by the on-site version, WF-500. The analysis supports multiple versions Expandability provided by cloud service After a threat is detected, automatic protection from the threat without manual intervention is required. When WildFire detects new malware, it automatically generates throughout the cyberattack lifecycle, and signatures protection mechanisms for prevention to block C&C communications by the malware itself or terminals infected by the malware are automatically generated and distributed to customers worldwide. ● In addition to anti-malware signatures, C&C signatures, DNS based callback signatures, and malicious URLs are distributed globally in as little as 5 minutes. Protections are generated in as little as 5 minutes WildFire utilizes not only static analysis (a look at the characteristics of a file), but also dynamic analysis (a detailed look at the behavior of a file) in its process of detecting unknown threats. In addition, WildFire uses machine learning to apply new knowledge to future analysis requests. - Static Analysis - Dynamic Analysis - Machine Learning Cutting edge analysis methods 3.0 3.1 3.2 4.0 4.1 5.0 5 minutes WILDFIRE More than 10,000 companies worldwide are connected to WildFire, and its ability to conduct static analysis (characteristics of a file), dynamic analysis (behavior of a file), and machine learning. 65
Palo Alto Networks Traps replaces traditional antivirus with multi-method prevention, a proprietary combination of purpose-built malware and exploit prevention methods that protect users and endpoints from known and unknown threats. Traps prevents security breaches, in contrast to breach detection and incident response after critical assets have already been compromised. Traps uses an entirely new and unique approach to prevent exploits. Instead of focusing on the millions of individual attacks, or their underlying software vulnerabilities, Traps focuses on the core exploits on techniques used by all exploit-based attacks. ● Memory Corruption Prevention: Traps prevents the exploitation on techniques that manipulate the operating system’s normal memory management mechanisms for the application that opens the weaponized data file containing the exploit. ● Logic Flaw Prevention: Traps recognizes and blocks the exploitation techniques that allow an exploit to manipulate the operating system’s normal application process and execution mechanisms. ● Malicious Code Execution Prevention: In most cases, the end goal of exploitation on is to execute the attacker’s commands that are embedded in the exploit file. This prevention method recognizes the exploitation on techniques that allow the attacker’s malicious code to execute and blocks them before they succeed. Multi-Method Exploit Prevention The Traps agent is very light, having almost no impact on system resources. So it can be used in a virtual machine environment. ● The consumed memory size is about 25 MB and CPU utilization is 0.1%, requiring no daily pattern file update or periodic system scanning. ● Supported OSs are Windows Server and Workstation in a physical or virtual environment. Windows XP is supported even though it is no longer supported by Microsoft. Simple, Light and Easy to Understand Traps prevents malicious executables with a unique, multi-method prevention approach that maximizes coverage against malware while simultaneously reducing the attack surface and increasing the accuracy of malware detection. Traps can collaborate with WildFire, a threat intelligence cloud solution, enhancing protection against unknown attacks and malware. ● Executable files of unknown attacks are automatically uploaded to WildFire. ● By exchanging threat information on unknown attacks with enterprises and organizations worldwide via WildFire, comprehensive security measures are in place. Multi-Method Malware Prevention Collaboration with Networks and the Cloud When attacked, a wide range of data needed for analysis is gathered from the Traps agent and stored to support later investigative activities. ● Information on each running process is recorded and sent to the Endpoint Security Manager (ESM) server on an ongoing basis. ● Information on any attempt to stop, remove, or manipulate Traps is notified. ● When an attack is prevented, a full memory capture and information on the activities attempted by the malicious code are gathered from the endpoint. Forensic Data Gathering Traps Advanced Endpoint Protection: ● Prevents cyber breaches by preemptively blocking known and unknown malware, exploits and zero-day threats. ● Protects and enables users to conduct their daily activities and use web-based technologies without concern for known or unknown cyberthreats. ● Automates prevention by autonomously reprogramming itself using threat intelligence gained from WildFire. TRAPS Static Analysis via Machine Learning provides the ability to prevent execution of unknown malware by instantly examining hundreds of a file’s characteristics, without reliance on signatures, scanning or behavioral analysis. WildFire Inspection and Analysis leverages the WildFire cloud-based malware analysis environment to detect unknown malware and automatically reprogram Traps to prevent known malware. Trusted Publisher Execution Restrictions allows organizations to identify executable files that are among the “unknown good” because they are published and digitally signed by trusted publishers. Policy-Based Execution Restrictions: Organizations can easily define policies to restrict specific execution scenarios, thereby reducing the attack surface of any environment. Admin Override Policies: This method allows organizations to define policies, based on the hash of an executable file, to control what is allowed to run in any environment and what is not. Any executable file that is deemed to be malicious and prevented from running on the endpoint can be quarantined. 87 8
Panorama: Integrated Management Platform Deployment Scenarios With Panorama, you can view all your next-generation firewalls' traffic, manage device configurations overall, allocate global policies, and generate reports on traffic patterns or security incidents - all from one central location. Logs of next-generation firewalls under Panorama are stored and managed in an integrated way. ● Unified Visibility: Applications of all managed next-generation firewalls, URLs, threats, and data (files and patterns) can be graphically displayed. ● Flexible Policy Control: Globally consistent policy control as well as local level policy control are supported, allowing well balanced security management according to your requirements. ● Flexible Deployment Options: Deployment with a Dedicated Management Appliance or Virtual Machines: Can be deployed on either M-100 or M-500 dedicated high performance hardware or on VMware ESX/ESX i virtual appliances. Appliances can also be deployed as dedicated log collectors for a more distributed deployment and streamlined log collection. Panorama's management function and logging function can be deployed with a dedicated appliance. Furthermore, a distributed environment that separates the management and logging functions can also be built. ● Memory size: 16 GB ● Internal SSD 120 GB ● Up to 4 TB storage (RAID1) Note: Rack size is 1U Panorama dedicated appliance suitable for deployment in datacenters and large environments. ● Memory size: 128 GB ● Internal SSD 240 GB ● Up to 8 TB storage (RAID1) Note: Rack size is 2U M-100 M-500 Palo Alto Networks enterprise security platform provides a consistent security platform in various scenarios and locations, such as deployment in the boundaries between enterprise networks and the Internet, deployment in networks distributed to different locations, and deployment in a physical datacenter as well as private and public clouds. In order to implement our next- generation security platform, installation of various subscription based functions as well as the basic functions of the next- generation firewall are required. ● Network visualization and control functions provided by next-generation firewalls: App- ID and User-ID ● Control of Web use, protection from threats, and restrictions on unauthorized transfer of files and data: Threat Prevention and URL Filtering ● Countermeasures for targeted attacks and unknown malware: WildFire ● Multi-tenant function to implement multiple virtual firewalls: Virtual Systems Boundaries of Enterprise Networks ● Next-generation firewall appliances can function at the boundary between a datacenter and the network, enabling applications and preventing threats with: App-ID, User-ID, Threat Prevention, URL Filtering, and WildFire ● The VM-Series virtualized next-generation firewall enabling applications and preventing threats in private and public clouds ● Panorama centrally manages policies across appliance and virtualized instances of the next-generation firewall ● All functions of the next-generation firewall are provided in a consistent way by models appropriate for the size of headquarters and local sites: App-ID, User-ID, and others ● Endpoint protection against zero-day attacks exploiting software vulnerabilities: Traps ● Safe communications for various devices of mobile workers: GlobalProtect ● Centralised management of next-generation firewalls in various locations: Panorama Distributed Enterprise Datacenter, Private and Public Cloud corporate network / DMZ N etw ork Security M anagem ent Securing North - South Traffic V irtualServers P hysicalServers Securing East - West Traffic VMware ESXi VH-0001-MV W EB A P P D B NSX vSwitch VMware ESXi VH-0001-MV W EB A P P D B NSX vSwitch PANORAMA APPLICATION NETWORK SECURITY VMware ESXi VH-0001-MV W EB A P P D B NSX vSwitchVMware ESXi VH-0001-MV W EB A P P D B NSX vSwitch Securing East - West Traffic Virtual Servers Physical Servers VMware ES Xi VH-0001-MV W EB APP DB NSX vS witch Mobile Branches Headquarters Data Center GP TR AF WF T Threat Prevention U URL Filterring A App-ID U User-ID W WildFire* V Virtual System T U A U W V G G GlobalProtect* * Some functions are free. <Charged Functions> <Functions Free of Charge> The Panorama management platform can manage a distributed network of Palo Alto Networks next-generation firewalls in a centralized way, reducing the workload and cost for security management. 10 P A N O R A M A vCloud Air SQ L D B ShareP oint W eb FE 9
Next-Generation Firewall Specifications Overview VM Series Specifications Overview PA-7080 PA-7050 PA-7000-20G-NPC PA-7000-20GQ-NPC PA-5060 PA-5050 PA-5020 PA-3060 PA-3050 PA-3020 PA-500 PA-200 App-ID Firewall Throughput* 200 Gbps 120 Gbps 20 Gbps 20 Gbps 20 Gbps 10 Gbps 5 Gbps 4 Gbps 4 Gbps 2 Gbps 250 Mbps 100 Mbps Threat Prevention Throughput* 100 Gbps 60 Gbps 10 Gbps 10 Gbps 10 Gbps 5 Gbps 2 Gbps 2 Gbps 2 Gbps 1 Gbps 100 Mbps 50 Mbps Max Sessions (IPv4 or IPv6) 80,000,000 48,000,000 4,000,000 4,000,000 4,000,000 2,000,000 1,000,000 500,000 500,000 250,000 64,000 64,000 Connections Per Second 1,200,000 720,000 120,000 120,000 120,000 120,000 120,000 50,000 50,000 50,000 7,500 1,000 Maximum Number of Ports Up to 10 NPC are supported. Up to 6 NPC are supported. 4x SFP+, 8xSFP, 12x10/100/1000 2x40Gig QSFP + 12xSFP+ 4 SFP+ 8 SFP 12 copper gigabit 4 SFP+ 8 SFP 12 copper gigabit 8 SFP 12 copper gigabit 2 SFP+ 8 SFP 8 copper gigabit 8 SFP 12 copper gigabit 8 SFP 12 copper gigabit 8 copper gigabit 4 copper gigabit Management Interfaces CLI WebUI (HTTP/ HTTPS) Telnet SSH2 XML API N/A N/A CLI WebUI (HTTP/ HTTPS) Telnet SSH2 XML API CLI WebUI (HTTP/ HTTPS) Telnet SSH2 XML API Management Tools SNMPv2c/ v3 Syslog NetFlow N/A N/A SNMPv2c/ v3 Syslog NetFlow SNMPv2c/ v3 Syslog NetFlow Rack Size 19U 9U N/A N/A 2U 2U 2U 1.5U 1U 1U (Mount Kit Option) Weight 135.8kg (Chassis Unit) 85.0kg (Chassis Unit) N/A N/A 18.6kg 8.17kg 6.8kg 3.62kg 1.27kg Power Supply 2+2 2500W AC/ DC 4+4 2500W AC/ DC 2+2 2500W AC/ DC N/A N/A 450W AC/ DC (Redundant) 400W AC (Redundant) 250W AC 180W AC 40W AC Disk Size 2TB RAID1 N/A N/A 120 GB or 240 GB SSD, RAID Option 120GB SSD 160GB 16GB SSD VM-1000-HV VM-300 VM-200 VM-100 App-ID Firewall Throughput** 1 Gbps 1 Gbps 1 Gbps 1 Gbps Threat Prevention Throughput** 600 Mbps 600 Mbps 600 Mbps 600 Mbps Max Sessions (IPv4 or IPv6) 250,000 250,000 100,000 50,000 Connections Per Second 8,000 8,000 8,000 8,000 Subscriptions for next-generation firewalls Subscriptions for Endpoint Protection and Threat Intelligence AutoFocus cyberthreat intelligence service provides correlation data of cyberthreat information collected globally for each organization. The correlation data is created based on WildFire information being used worldwide, research results of the threat research team, and information from AutoFocus users. Equipped with a function showing priorities of threat information, AutoFocus also provides background information on attack contents, attackers, and organized attacks such as information on the specific industry being attacked. Protects endpoint completely from zero-day attacks that exploit software vulnerabilities and advanced malware attacks. ● Functions such as protection against exploits (attack codes that use vulnerabilities), protection against malware, and forensic data gathering are provided. ● By exchanging analysis information on unknown threats with WildFire users worldwide in collaboration with WildFire, integrated security measures are in place. AutoFocus Traps Vulnerability exploits, buffer overflows, port scans, and exploit kits are detected and stopped using signatures, heuristics, and statistical anomaly detection. In addition, we deliver predictable IPS performance to you through hardware acceleration, a uniform signature format, and a single-pass software architecture. Threat Prevention WildFire™ cloud-based analysis service analyzes files and links globally and designates never-before- seen items for further investigation using static and dynamic analysis over multiple operating systems and application versions. If a sample is categorized as malicious, WildFire automatically generates new preventions for our Next-Generation Security Platform and integration partners in as little as 5 minutes. ● Windows® XP, Windows 7, Android® and Mac® OS X® operating systems, with full visibility into common file types, including: EXE, DLL, ZIP, PDF, as well as Microsoft® Office documents, Java® files, Android APKs, Adobe® Flash® applets, and webpages, including high-risk, embedded content, such as Java and Adobe Flash files and images. ● WildFire appliance WF-500 available as a private cloud for additional data privacy. WildFire Endpoint security solution for remote users of note PCs and mobile devices who are expanding the boundaries of physical networks. ● Next-generation firewalls, GlobalProtect, and GlobalProtect Mobile Security Manager collaborate to provide 3 functions: device management, device control, and data access control. ● Android 4.0.3 and later, iOS 6.0 and later, Windows 7/8/8.1, and Mac OS X 10.6 and later are supported. GlobalProtect The integration of URL Filtering with both WildFire and the next-generation firewalls' single pass architecture quickly and automatically enhances your company’s security posture and keeps it up to date. Combining fast cloud URL lookups with a local cache, instead of a big database download, significantly reduces latency and increases both the accuracy and relevance of the categorization, and lowers total cost of ownership. URL Filtering Licenses for next-generation firewalls Virtual systems are separate, logical firewall instances within a single physical Palo Alto Networks firewall. Rather than using multiple firewalls, managed service providers and enterprises can use a single pair of firewalls (for high availability) and enable virtual systems on them. Each virtual system (vsys) is an independent, separately-managed firewall with its traffic kept separate from the traffic of other virtual systems. Virtual System L S S S S S S * The performance is measured in an ideal test environment on PAN-OS7.0 when App-ID enabled. ** The performance of VM-series is measured in an ideal test environment on PAN-OS7.0 and with four CPU cores when App-ID enabled. L S License: Permanent right to use paid at the time of purchase Subscription: Right to use requiring annual updates ● PA-3000 series: Maximum 6 instances ● PA-5020: Standard 10/Maximum 20 instances ● PA-5050: Standard 25/Maximum 125 instances ● PA-5060/PA-7050/PA-7080: Standard 25/ Maximum 225 instances 1211 Appliances M-100 M-500 WF-500 Hardware Specifications 16GB memory 120GB SSD (Internal use) Up to 4 TB storage (RAID1) 128GB memory 240GB SSD (Internal use) Up to 8 TB storage (RAID1) 128GB memory 120GB SSD 2 TB storage (RAID1) Rack Size 1U 2U 2U Remarks Panorama Management Appliances Select either 1 TB or 4 TB log storage. M-100's expanded capacity version. Can be used as offline PAN-DB as well as conventional Panorama/log collector function. On-site version of Wildfire Cloud
Palo Alto Networks is the next-generation security company maintaining trust in the digital age by helping tens of thousands of organizations worldwide prevent cyber breaches. With our deep cybersecurity expertise, commitment to innovation, and game-changing Next-Generation Security Platform, customers can confidently pursue a digital-first strategy and embark on new technology initiatives, such as cloud and mobility. This kind of thinking and know-how helps customer organizations grow their business and empower employees all while maintaining complete visibility and the control needed to protect their critical control systems and most valued data assets. Revenue FY09 $13m FY10 $49m FY11 $119m FY12 $255m FY13 $396m FY14 FY15 FY16 $598m $928m $1.4bn $1400 $1200 $1000 $800 $600 $400 $200 $0 Analysis report of applications and risks are provided free of charge. Security Lifecycle Review is a set of services in which we bring our next-generation firewalls into your network environment, analyze application usage, and security risks based on collected traffic data, and provide you with the countermeasures in writing. Based on application operating characteristics defined by Palo Alto Networks research team, the risk level of each application is ranked at 1 to 5, and the top 35 applications are classified into categories and subcategories and displayed; moreover, the top 25 applications in the order of how much bandwidth is consumed and use HTTP the most, and high level threats passing through networks are displayed and reported. Business Risks Caused by High Risk Applications For high risk applications with their risk level 4 or 5, their business risks are evaluated based on the following factors and presented: activity hiding, file transfer/information leaks/copyright infringement, personal use of communication applications, heavy consumption of bandwidth, and so on. Recommended measures based on risk analysis and evaluation are presented For risk items identified by traffic analysis, specific measures are recommended such as policies to be applied to the use of applications and Web, handling of high risk applications such as transfer/sharing of online files, and policies to be applied to the use of proxies and remote access applications. Services can be used without requiring changes to your network environment The design of the existing network does not need to be changed. After you set mirror ports in your network devices (such as firewalls and L2/L3 switches), we install the next-generation firewalls. For the use of Security Lifecycle Review services, contact our website. go.paloaltonetworks.com/slr Palo Alto Networks History 2005 Founded. 2007 Started shipment of next-generation firewalls. November 2011 Started offering the WildFire™ Cloud service against targeted attacks. July 2012 IPO on the NYSE November 2012 Started shipping the VM-Series virtualized next-generation firewall. November 2012 Started shipping the M-100 dedicated high-performance management appliances. May 2013 Obtained Common Criteria EAL4+ Certification. Jun 2013 Started shipping the WildFire™ Appliance WF-500. September 2014 Launched Traps (Endpoint Security). April 2015 Ranked as "leader" in Gartner Magic Quadrant for 4th consecutive year. October 2015 Launched AutoFocus threat analysis service. April 2016 Released the lastest OS for the next-generation firewall: PAN-OS 7.1 May 2016 Ranked as “leader” in Gartner Magic Quadrant for 5th consecutive year. August 2016 Closed fiscal year 2016 with over 34,000 customers worldwide. ABOUT PALO ALTO NETWORKS SECURITY LIFECYCLE REVIEW 1413

Recommended

Insecure magazine - 52
Insecure magazine - 52Insecure magazine - 52
Insecure magazine - 52Felipe Prado
 
SDK Whitepaper
SDK WhitepaperSDK Whitepaper
SDK Whitepaperhanniw79
 
Level 3 Security solutions
Level 3 Security solutionsLevel 3 Security solutions
Level 3 Security solutionsAlan Rudd
 
Darktrace enterprise immune system whitepaper_digital
Darktrace enterprise immune system whitepaper_digitalDarktrace enterprise immune system whitepaper_digital
Darktrace enterprise immune system whitepaper_digitalCMR WORLD TECH
 
The Next Generation Cognitive Security Operations Center: Network Flow Forens...
The Next Generation Cognitive Security Operations Center: Network Flow Forens...The Next Generation Cognitive Security Operations Center: Network Flow Forens...
The Next Generation Cognitive Security Operations Center: Network Flow Forens...Konstantinos Demertzis
 
Panda Adaptive Defense - The evolution of malware
Panda Adaptive Defense - The evolution of malwarePanda Adaptive Defense - The evolution of malware
Panda Adaptive Defense - The evolution of malwarePanda Security
 
Contending Malware Threat using Hybrid Security Model
Contending Malware Threat using Hybrid Security ModelContending Malware Threat using Hybrid Security Model
Contending Malware Threat using Hybrid Security ModelIRJET Journal
 
Darktrace_WhitePaper_Needle_final
Darktrace_WhitePaper_Needle_finalDarktrace_WhitePaper_Needle_final
Darktrace_WhitePaper_Needle_finalJerome Chapolard
 

Recommended

Insecure magazine - 52
Insecure magazine - 52Insecure magazine - 52
Insecure magazine - 52Felipe Prado
 
SDK Whitepaper
SDK WhitepaperSDK Whitepaper
SDK Whitepaperhanniw79
 
Level 3 Security solutions
Level 3 Security solutionsLevel 3 Security solutions
Level 3 Security solutionsAlan Rudd
 
Darktrace enterprise immune system whitepaper_digital
Darktrace enterprise immune system whitepaper_digitalDarktrace enterprise immune system whitepaper_digital
Darktrace enterprise immune system whitepaper_digitalCMR WORLD TECH
 
The Next Generation Cognitive Security Operations Center: Network Flow Forens...
The Next Generation Cognitive Security Operations Center: Network Flow Forens...The Next Generation Cognitive Security Operations Center: Network Flow Forens...
The Next Generation Cognitive Security Operations Center: Network Flow Forens...Konstantinos Demertzis
 
Panda Adaptive Defense - The evolution of malware
Panda Adaptive Defense - The evolution of malwarePanda Adaptive Defense - The evolution of malware
Panda Adaptive Defense - The evolution of malwarePanda Security
 
Contending Malware Threat using Hybrid Security Model
Contending Malware Threat using Hybrid Security ModelContending Malware Threat using Hybrid Security Model
Contending Malware Threat using Hybrid Security ModelIRJET Journal
 
Darktrace_WhitePaper_Needle_final
Darktrace_WhitePaper_Needle_finalDarktrace_WhitePaper_Needle_final
Darktrace_WhitePaper_Needle_finalJerome Chapolard
 
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...Andris Soroka
 
Web application firewall solution market
Web application firewall solution marketWeb application firewall solution market
Web application firewall solution marketSameerShaikh225
 
Darktrace white paper_ics_final
Darktrace white paper_ics_finalDarktrace white paper_ics_final
Darktrace white paper_ics_finalCMR WORLD TECH
 
An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...
An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...
An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...ijtsrd
 
Risks and Security of Internet and System
Risks and Security of Internet and SystemRisks and Security of Internet and System
Risks and Security of Internet and SystemParam Nanavati
 
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...EC-Council
 
VeriSign iDefense Security Intelligence Services
VeriSign iDefense Security Intelligence ServicesVeriSign iDefense Security Intelligence Services
VeriSign iDefense Security Intelligence ServicesTechBiz Forense Digital
 
Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Global Business Events
 
SCADA Security Training
SCADA Security TrainingSCADA Security Training
SCADA Security TrainingBryan Len
 
EXTERNAL - Whitepaper - How 3 Cyber ThreatsTransform Incident Response 081516
EXTERNAL - Whitepaper - How 3 Cyber ThreatsTransform Incident Response 081516EXTERNAL - Whitepaper - How 3 Cyber ThreatsTransform Incident Response 081516
EXTERNAL - Whitepaper - How 3 Cyber ThreatsTransform Incident Response 081516Yasser Mohammed
 
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Minh Le
 
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...Lacoon Mobile Security
 
Transforming Smart Building Cybersecurity Strategy for the Age of IoT
Transforming Smart Building Cybersecurity Strategy for the Age of IoTTransforming Smart Building Cybersecurity Strategy for the Age of IoT
Transforming Smart Building Cybersecurity Strategy for the Age of IoTForescout Technologies Inc
 
2013 Security Threat Report Presentation
2013 Security Threat Report Presentation2013 Security Threat Report Presentation
2013 Security Threat Report PresentationSophos
 
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...FireEye, Inc.
 
Trend micro real time threat management press presentation
Trend micro real time threat management press presentationTrend micro real time threat management press presentation
Trend micro real time threat management press presentationAndrew Wong
 
Symantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionSymantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionDLT Solutions
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3Shawn Croswell
 
Viruses & Malware: Effects On Enterprise Networks
Viruses & Malware: Effects On Enterprise NetworksViruses & Malware: Effects On Enterprise Networks
Viruses & Malware: Effects On Enterprise NetworksDiane M. Metcalf
 
network_security.docx_2.pdf
network_security.docx_2.pdfnetwork_security.docx_2.pdf
network_security.docx_2.pdfahmed53254
 
Light sec for service providers brochure
Light sec for service providers brochureLight sec for service providers brochure
Light sec for service providers brochureGeorge Wainblat
 
Advanced Business Endpoint Protection
Advanced Business Endpoint ProtectionAdvanced Business Endpoint Protection
Advanced Business Endpoint ProtectionDan Buckley
 

More Related Content

What's hot

DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...Andris Soroka
 
Web application firewall solution market
Web application firewall solution marketWeb application firewall solution market
Web application firewall solution marketSameerShaikh225
 
Darktrace white paper_ics_final
Darktrace white paper_ics_finalDarktrace white paper_ics_final
Darktrace white paper_ics_finalCMR WORLD TECH
 
An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...
An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...
An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...ijtsrd
 
Risks and Security of Internet and System
Risks and Security of Internet and SystemRisks and Security of Internet and System
Risks and Security of Internet and SystemParam Nanavati
 
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...EC-Council
 
VeriSign iDefense Security Intelligence Services
VeriSign iDefense Security Intelligence ServicesVeriSign iDefense Security Intelligence Services
VeriSign iDefense Security Intelligence ServicesTechBiz Forense Digital
 
Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Global Business Events
 
SCADA Security Training
SCADA Security TrainingSCADA Security Training
SCADA Security TrainingBryan Len
 
EXTERNAL - Whitepaper - How 3 Cyber ThreatsTransform Incident Response 081516
EXTERNAL - Whitepaper - How 3 Cyber ThreatsTransform Incident Response 081516EXTERNAL - Whitepaper - How 3 Cyber ThreatsTransform Incident Response 081516
EXTERNAL - Whitepaper - How 3 Cyber ThreatsTransform Incident Response 081516Yasser Mohammed
 
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Minh Le
 
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...Lacoon Mobile Security
 
Transforming Smart Building Cybersecurity Strategy for the Age of IoT
Transforming Smart Building Cybersecurity Strategy for the Age of IoTTransforming Smart Building Cybersecurity Strategy for the Age of IoT
Transforming Smart Building Cybersecurity Strategy for the Age of IoTForescout Technologies Inc
 
2013 Security Threat Report Presentation
2013 Security Threat Report Presentation2013 Security Threat Report Presentation
2013 Security Threat Report PresentationSophos
 
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...FireEye, Inc.
 
Trend micro real time threat management press presentation
Trend micro real time threat management press presentationTrend micro real time threat management press presentation
Trend micro real time threat management press presentationAndrew Wong
 
Symantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionSymantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionDLT Solutions
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3Shawn Croswell
 
Viruses & Malware: Effects On Enterprise Networks
Viruses & Malware: Effects On Enterprise NetworksViruses & Malware: Effects On Enterprise Networks
Viruses & Malware: Effects On Enterprise NetworksDiane M. Metcalf
 

What's hot (19)

DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
 
Web application firewall solution market
Web application firewall solution marketWeb application firewall solution market
Web application firewall solution market
 
Darktrace white paper_ics_final
Darktrace white paper_ics_finalDarktrace white paper_ics_final
Darktrace white paper_ics_final
 
An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...
An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...
An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...
 
Risks and Security of Internet and System
Risks and Security of Internet and SystemRisks and Security of Internet and System
Risks and Security of Internet and System
 
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...
 
VeriSign iDefense Security Intelligence Services
VeriSign iDefense Security Intelligence ServicesVeriSign iDefense Security Intelligence Services
VeriSign iDefense Security Intelligence Services
 
Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?
 
SCADA Security Training
SCADA Security TrainingSCADA Security Training
SCADA Security Training
 
EXTERNAL - Whitepaper - How 3 Cyber ThreatsTransform Incident Response 081516
EXTERNAL - Whitepaper - How 3 Cyber ThreatsTransform Incident Response 081516EXTERNAL - Whitepaper - How 3 Cyber ThreatsTransform Incident Response 081516
EXTERNAL - Whitepaper - How 3 Cyber ThreatsTransform Incident Response 081516
 
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
 
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...
 
Transforming Smart Building Cybersecurity Strategy for the Age of IoT
Transforming Smart Building Cybersecurity Strategy for the Age of IoTTransforming Smart Building Cybersecurity Strategy for the Age of IoT
Transforming Smart Building Cybersecurity Strategy for the Age of IoT
 
2013 Security Threat Report Presentation
2013 Security Threat Report Presentation2013 Security Threat Report Presentation
2013 Security Threat Report Presentation
 
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...
 
Trend micro real time threat management press presentation
Trend micro real time threat management press presentationTrend micro real time threat management press presentation
Trend micro real time threat management press presentation
 
Symantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionSymantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security Solution
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3
 
Viruses & Malware: Effects On Enterprise Networks
Viruses & Malware: Effects On Enterprise NetworksViruses & Malware: Effects On Enterprise Networks
Viruses & Malware: Effects On Enterprise Networks
 

Similar to Next-gen security platform protects digital way of life

network_security.docx_2.pdf
network_security.docx_2.pdfnetwork_security.docx_2.pdf
network_security.docx_2.pdfahmed53254
 
Light sec for service providers brochure
Light sec for service providers brochureLight sec for service providers brochure
Light sec for service providers brochureGeorge Wainblat
 
Advanced Business Endpoint Protection
Advanced Business Endpoint ProtectionAdvanced Business Endpoint Protection
Advanced Business Endpoint ProtectionDan Buckley
 
Advanced Business Endpoint Protection
Advanced Business Endpoint ProtectionAdvanced Business Endpoint Protection
Advanced Business Endpoint ProtectionDan Buckley
 
Advanced business endpoint protection (1)
Advanced business endpoint protection (1)Advanced business endpoint protection (1)
Advanced business endpoint protection (1)Dan Buckley
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
 
INSECURE Magazine - 37
INSECURE Magazine - 37INSECURE Magazine - 37
INSECURE Magazine - 37Felipe Prado
 
Proactive Security That Works
Proactive Security That WorksProactive Security That Works
Proactive Security That WorksBrett L. Scott
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attackMark Silver
 
Unique Security Challenges in the Datacenter Demand Innovative Solutions
Unique Security Challenges in the Datacenter Demand Innovative SolutionsUnique Security Challenges in the Datacenter Demand Innovative Solutions
Unique Security Challenges in the Datacenter Demand Innovative SolutionsJuniper Networks
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2SHOLOVE INTERNATIONAL LLC
 
Different Types Of Network Security Devices And Tools.docx
Different Types Of Network Security Devices And Tools.docxDifferent Types Of Network Security Devices And Tools.docx
Different Types Of Network Security Devices And Tools.docxSameerShaik43
 
WithSecure Deepguard WhitePaper
WithSecure Deepguard WhitePaperWithSecure Deepguard WhitePaper
WithSecure Deepguard WhitePaperlincktello
 
Comodo advanced endpoint protection
Comodo advanced endpoint protectionComodo advanced endpoint protection
Comodo advanced endpoint protectionDavid Waugh
 
Edu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdfEdu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdfANJUMOHANANU
 
How Modern Cybersecurity Software Shields Against the Latest Threats.pdf
How Modern Cybersecurity Software Shields Against the Latest Threats.pdfHow Modern Cybersecurity Software Shields Against the Latest Threats.pdf
How Modern Cybersecurity Software Shields Against the Latest Threats.pdfWebtrills1
 

Similar to Next-gen security platform protects digital way of life (20)

network_security.docx_2.pdf
network_security.docx_2.pdfnetwork_security.docx_2.pdf
network_security.docx_2.pdf
 
Light sec for service providers brochure
Light sec for service providers brochureLight sec for service providers brochure
Light sec for service providers brochure
 
Advanced Business Endpoint Protection
Advanced Business Endpoint ProtectionAdvanced Business Endpoint Protection
Advanced Business Endpoint Protection
 
Advanced Business Endpoint Protection
Advanced Business Endpoint ProtectionAdvanced Business Endpoint Protection
Advanced Business Endpoint Protection
 
Advanced business endpoint protection (1)
Advanced business endpoint protection (1)Advanced business endpoint protection (1)
Advanced business endpoint protection (1)
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
 
INSECURE Magazine - 37
INSECURE Magazine - 37INSECURE Magazine - 37
INSECURE Magazine - 37
 
Proactive Security That Works
Proactive Security That WorksProactive Security That Works
Proactive Security That Works
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attack
 
Unique Security Challenges in the Datacenter Demand Innovative Solutions
Unique Security Challenges in the Datacenter Demand Innovative SolutionsUnique Security Challenges in the Datacenter Demand Innovative Solutions
Unique Security Challenges in the Datacenter Demand Innovative Solutions
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2
 
Different Types Of Network Security Devices And Tools.docx
Different Types Of Network Security Devices And Tools.docxDifferent Types Of Network Security Devices And Tools.docx
Different Types Of Network Security Devices And Tools.docx
 
WithSecure Deepguard WhitePaper
WithSecure Deepguard WhitePaperWithSecure Deepguard WhitePaper
WithSecure Deepguard WhitePaper
 
Comodo advanced endpoint protection
Comodo advanced endpoint protectionComodo advanced endpoint protection
Comodo advanced endpoint protection
 
What are the Different Types of Endpoint Security Solutions-converted.pdf
What are the Different Types of Endpoint Security Solutions-converted.pdfWhat are the Different Types of Endpoint Security Solutions-converted.pdf
What are the Different Types of Endpoint Security Solutions-converted.pdf
 
Edu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdfEdu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdf
 
M1_Introduction_IPS.pptx
M1_Introduction_IPS.pptxM1_Introduction_IPS.pptx
M1_Introduction_IPS.pptx
 
Self defending networks
Self defending networksSelf defending networks
Self defending networks
 
185
185185
185
 
How Modern Cybersecurity Software Shields Against the Latest Threats.pdf
How Modern Cybersecurity Software Shields Against the Latest Threats.pdfHow Modern Cybersecurity Software Shields Against the Latest Threats.pdf
How Modern Cybersecurity Software Shields Against the Latest Threats.pdf
 

Recently uploaded

NO1 Qualified Best Black Magic Specialist Near Me Spiritual Healer Powerful L...
NO1 Qualified Best Black Magic Specialist Near Me Spiritual Healer Powerful L...NO1 Qualified Best Black Magic Specialist Near Me Spiritual Healer Powerful L...
NO1 Qualified Best Black Magic Specialist Near Me Spiritual Healer Powerful L...Amil baba
 
(PARI) Alandi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(PARI) Alandi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(PARI) Alandi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(PARI) Alandi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escortsranjana rawat
 
Call Girls Delhi {Rs-10000 Laxmi Nagar] 9711199012 Whats Up Number
Call Girls Delhi {Rs-10000 Laxmi Nagar] 9711199012 Whats Up NumberCall Girls Delhi {Rs-10000 Laxmi Nagar] 9711199012 Whats Up Number
Call Girls Delhi {Rs-10000 Laxmi Nagar] 9711199012 Whats Up NumberMs Riya
 
定制加拿大滑铁卢大学毕业证(Waterloo毕业证书)成绩单(文凭)原版一比一
定制加拿大滑铁卢大学毕业证(Waterloo毕业证书)成绩单(文凭)原版一比一定制加拿大滑铁卢大学毕业证(Waterloo毕业证书)成绩单(文凭)原版一比一
定制加拿大滑铁卢大学毕业证(Waterloo毕业证书)成绩单(文凭)原版一比一zul5vf0pq
 
Presentation.pptxjnfoigneoifnvoeifnvklfnvf
Presentation.pptxjnfoigneoifnvoeifnvklfnvfPresentation.pptxjnfoigneoifnvoeifnvklfnvf
Presentation.pptxjnfoigneoifnvoeifnvklfnvfchapmanellie27
 
如何办理萨省大学毕业证(UofS毕业证)成绩单留信学历认证原版一比一
如何办理萨省大学毕业证(UofS毕业证)成绩单留信学历认证原版一比一如何办理萨省大学毕业证(UofS毕业证)成绩单留信学历认证原版一比一
如何办理萨省大学毕业证(UofS毕业证)成绩单留信学历认证原版一比一ga6c6bdl
 
Call Girls Delhi {Rohini} 9711199012 high profile service
Call Girls Delhi {Rohini} 9711199012 high profile serviceCall Girls Delhi {Rohini} 9711199012 high profile service
Call Girls Delhi {Rohini} 9711199012 high profile servicerehmti665
 
(SANA) Call Girls Landewadi ( 7001035870 ) HI-Fi Pune Escorts Service
(SANA) Call Girls Landewadi ( 7001035870 ) HI-Fi Pune Escorts Service(SANA) Call Girls Landewadi ( 7001035870 ) HI-Fi Pune Escorts Service
(SANA) Call Girls Landewadi ( 7001035870 ) HI-Fi Pune Escorts Serviceranjana rawat
 
(MEGHA) Hinjewadi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune E...
(MEGHA) Hinjewadi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune E...(MEGHA) Hinjewadi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune E...
(MEGHA) Hinjewadi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune E...ranjana rawat
 
如何办理伦敦大学伯贝克学院毕业证(BBK毕业证) 成绩单留信学历认证原版一比一
如何办理伦敦大学伯贝克学院毕业证(BBK毕业证) 成绩单留信学历认证原版一比一如何办理伦敦大学伯贝克学院毕业证(BBK毕业证) 成绩单留信学历认证原版一比一
如何办理伦敦大学伯贝克学院毕业证(BBK毕业证) 成绩单留信学历认证原版一比一ga6c6bdl
 
Kalyan callg Girls, { 07738631006 } || Call Girl In Kalyan Women Seeking Men ...
Kalyan callg Girls, { 07738631006 } || Call Girl In Kalyan Women Seeking Men ...Kalyan callg Girls, { 07738631006 } || Call Girl In Kalyan Women Seeking Men ...
Kalyan callg Girls, { 07738631006 } || Call Girl In Kalyan Women Seeking Men ...Pooja Nehwal
 
Alambagh Call Girl 9548273370 , Call Girls Service Lucknow
Alambagh Call Girl 9548273370 , Call Girls Service LucknowAlambagh Call Girl 9548273370 , Call Girls Service Lucknow
Alambagh Call Girl 9548273370 , Call Girls Service Lucknowmakika9823
 
Call Girls in Nagpur Bhavna Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Bhavna Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Bhavna Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Bhavna Call 7001035870 Meet With Nagpur Escortsranjana rawat
 
如何办理(Adelaide毕业证)阿德莱德大学毕业证成绩单Adelaide学历认证真实可查
如何办理(Adelaide毕业证)阿德莱德大学毕业证成绩单Adelaide学历认证真实可查如何办理(Adelaide毕业证)阿德莱德大学毕业证成绩单Adelaide学历认证真实可查
如何办理(Adelaide毕业证)阿德莱德大学毕业证成绩单Adelaide学历认证真实可查awo24iot
 
WhatsApp 9892124323 ✓Call Girls In Khar ( Mumbai ) secure service - Bandra F...
WhatsApp 9892124323 ✓Call Girls In Khar ( Mumbai ) secure service - Bandra F...WhatsApp 9892124323 ✓Call Girls In Khar ( Mumbai ) secure service - Bandra F...
WhatsApp 9892124323 ✓Call Girls In Khar ( Mumbai ) secure service - Bandra F...Pooja Nehwal
 
定制(Salford学位证)索尔福德大学毕业证成绩单原版一比一
定制(Salford学位证)索尔福德大学毕业证成绩单原版一比一定制(Salford学位证)索尔福德大学毕业证成绩单原版一比一
定制(Salford学位证)索尔福德大学毕业证成绩单原版一比一ss ss
 
Thane Escorts, (Pooja 09892124323), Thane Call Girls
Thane Escorts, (Pooja 09892124323), Thane Call GirlsThane Escorts, (Pooja 09892124323), Thane Call Girls
Thane Escorts, (Pooja 09892124323), Thane Call GirlsPooja Nehwal
 
Call Girls In Andheri East Call 9892124323 Book Hot And Sexy Girls,
Call Girls In Andheri East Call 9892124323 Book Hot And Sexy Girls,Call Girls In Andheri East Call 9892124323 Book Hot And Sexy Girls,
Call Girls In Andheri East Call 9892124323 Book Hot And Sexy Girls,Pooja Nehwal
 
Beautiful Sapna Call Girls CP 9711199012 ☎ Call /Whatsapps
Beautiful Sapna Call Girls CP 9711199012 ☎ Call /WhatsappsBeautiful Sapna Call Girls CP 9711199012 ☎ Call /Whatsapps
Beautiful Sapna Call Girls CP 9711199012 ☎ Call /Whatsappssapnasaifi408
 

Recently uploaded (20)

NO1 Qualified Best Black Magic Specialist Near Me Spiritual Healer Powerful L...
NO1 Qualified Best Black Magic Specialist Near Me Spiritual Healer Powerful L...NO1 Qualified Best Black Magic Specialist Near Me Spiritual Healer Powerful L...
NO1 Qualified Best Black Magic Specialist Near Me Spiritual Healer Powerful L...
 
(PARI) Alandi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(PARI) Alandi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(PARI) Alandi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(PARI) Alandi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
 
Call Girls Delhi {Rs-10000 Laxmi Nagar] 9711199012 Whats Up Number
Call Girls Delhi {Rs-10000 Laxmi Nagar] 9711199012 Whats Up NumberCall Girls Delhi {Rs-10000 Laxmi Nagar] 9711199012 Whats Up Number
Call Girls Delhi {Rs-10000 Laxmi Nagar] 9711199012 Whats Up Number
 
定制加拿大滑铁卢大学毕业证(Waterloo毕业证书)成绩单(文凭)原版一比一
定制加拿大滑铁卢大学毕业证(Waterloo毕业证书)成绩单(文凭)原版一比一定制加拿大滑铁卢大学毕业证(Waterloo毕业证书)成绩单(文凭)原版一比一
定制加拿大滑铁卢大学毕业证(Waterloo毕业证书)成绩单(文凭)原版一比一
 
Presentation.pptxjnfoigneoifnvoeifnvklfnvf
Presentation.pptxjnfoigneoifnvoeifnvklfnvfPresentation.pptxjnfoigneoifnvoeifnvklfnvf
Presentation.pptxjnfoigneoifnvoeifnvklfnvf
 
如何办理萨省大学毕业证(UofS毕业证)成绩单留信学历认证原版一比一
如何办理萨省大学毕业证(UofS毕业证)成绩单留信学历认证原版一比一如何办理萨省大学毕业证(UofS毕业证)成绩单留信学历认证原版一比一
如何办理萨省大学毕业证(UofS毕业证)成绩单留信学历认证原版一比一
 
Call Girls Delhi {Rohini} 9711199012 high profile service
Call Girls Delhi {Rohini} 9711199012 high profile serviceCall Girls Delhi {Rohini} 9711199012 high profile service
Call Girls Delhi {Rohini} 9711199012 high profile service
 
(SANA) Call Girls Landewadi ( 7001035870 ) HI-Fi Pune Escorts Service
(SANA) Call Girls Landewadi ( 7001035870 ) HI-Fi Pune Escorts Service(SANA) Call Girls Landewadi ( 7001035870 ) HI-Fi Pune Escorts Service
(SANA) Call Girls Landewadi ( 7001035870 ) HI-Fi Pune Escorts Service
 
(MEGHA) Hinjewadi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune E...
(MEGHA) Hinjewadi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune E...(MEGHA) Hinjewadi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune E...
(MEGHA) Hinjewadi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune E...
 
如何办理伦敦大学伯贝克学院毕业证(BBK毕业证) 成绩单留信学历认证原版一比一
如何办理伦敦大学伯贝克学院毕业证(BBK毕业证) 成绩单留信学历认证原版一比一如何办理伦敦大学伯贝克学院毕业证(BBK毕业证) 成绩单留信学历认证原版一比一
如何办理伦敦大学伯贝克学院毕业证(BBK毕业证) 成绩单留信学历认证原版一比一
 
Kalyan callg Girls, { 07738631006 } || Call Girl In Kalyan Women Seeking Men ...
Kalyan callg Girls, { 07738631006 } || Call Girl In Kalyan Women Seeking Men ...Kalyan callg Girls, { 07738631006 } || Call Girl In Kalyan Women Seeking Men ...
Kalyan callg Girls, { 07738631006 } || Call Girl In Kalyan Women Seeking Men ...
 
Alambagh Call Girl 9548273370 , Call Girls Service Lucknow
Alambagh Call Girl 9548273370 , Call Girls Service LucknowAlambagh Call Girl 9548273370 , Call Girls Service Lucknow
Alambagh Call Girl 9548273370 , Call Girls Service Lucknow
 
Call Girls in Nagpur Bhavna Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Bhavna Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Bhavna Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Bhavna Call 7001035870 Meet With Nagpur Escorts
 
如何办理(Adelaide毕业证)阿德莱德大学毕业证成绩单Adelaide学历认证真实可查
如何办理(Adelaide毕业证)阿德莱德大学毕业证成绩单Adelaide学历认证真实可查如何办理(Adelaide毕业证)阿德莱德大学毕业证成绩单Adelaide学历认证真实可查
如何办理(Adelaide毕业证)阿德莱德大学毕业证成绩单Adelaide学历认证真实可查
 
WhatsApp 9892124323 ✓Call Girls In Khar ( Mumbai ) secure service - Bandra F...
WhatsApp 9892124323 ✓Call Girls In Khar ( Mumbai ) secure service - Bandra F...WhatsApp 9892124323 ✓Call Girls In Khar ( Mumbai ) secure service - Bandra F...
WhatsApp 9892124323 ✓Call Girls In Khar ( Mumbai ) secure service - Bandra F...
 
定制(Salford学位证)索尔福德大学毕业证成绩单原版一比一
定制(Salford学位证)索尔福德大学毕业证成绩单原版一比一定制(Salford学位证)索尔福德大学毕业证成绩单原版一比一
定制(Salford学位证)索尔福德大学毕业证成绩单原版一比一
 
Thane Escorts, (Pooja 09892124323), Thane Call Girls
Thane Escorts, (Pooja 09892124323), Thane Call GirlsThane Escorts, (Pooja 09892124323), Thane Call Girls
Thane Escorts, (Pooja 09892124323), Thane Call Girls
 
Call Girls In Andheri East Call 9892124323 Book Hot And Sexy Girls,
Call Girls In Andheri East Call 9892124323 Book Hot And Sexy Girls,Call Girls In Andheri East Call 9892124323 Book Hot And Sexy Girls,
Call Girls In Andheri East Call 9892124323 Book Hot And Sexy Girls,
 
CIVIL ENGINEERING
CIVIL ENGINEERINGCIVIL ENGINEERING
CIVIL ENGINEERING
 
Beautiful Sapna Call Girls CP 9711199012 ☎ Call /Whatsapps
Beautiful Sapna Call Girls CP 9711199012 ☎ Call /WhatsappsBeautiful Sapna Call Girls CP 9711199012 ☎ Call /Whatsapps
Beautiful Sapna Call Girls CP 9711199012 ☎ Call /Whatsapps
 

Next-gen security platform protects digital way of life

  • 2. 2 DIGITALWAYOFLIFE PROTECTINGOUR The Digital Age Brings Risk and Reward Today’s digital landscape has seen tectonic shifts in recent years with innovations in technology. These innovations have improved our way of life and doing business, but have also provided more entry-points for cyber criminals. Due to the threats in cyberspace, enterprises and organizations are exposed to unprecedented risks. The number of victims of cyberattacks published by various research organizations are increasing by more than 50% every year. Typical cyberattacks include unauthorized access, targeted attacks, DoS attacks, phishing, spoofing, and TEMPEST. Attacks that target enterprises and organizations are rapidly increasing. In contrast to conventional threats committed just for fun, targeted attacks are conducted by organized groups in a more sophisticated manner, targeting valuable data and information. The cumulative effect of this is the undermining of the fundamental trust in technology that enables the digital age. Security Measures at the Perimeter are not Sufficient Advanced cyberattacks that are stealthy and persistent avoid traditional security measures throughout the attack lifecycle in a sophisticated manner. Moreover, some of the attacks target external businesses that have authorized access rights and infect them with malware to steal IDs and passwords to access the network. Such cyberattack techniques suggest that security measures at the organisational perimeter are not sufficient. Pitfalls in Protection That Combine Security Products from Various Vendors Organisations have implemented multi-layered protection using various security devices such as firewalls, antivirus, sandboxes, and intrusion prevention systems (IPS). With legacy security solutions, to the extent that organisations successfully detect any of the thousands of daily threats, protection and remediation require manual intervention. There is no capability to automatically coordinate or communicate with other security technologies on the network, let alone with other networks not in your organization. This is a problem because defenders increasingly rely on their least scalable resource—people—to fight machine-generated attacks. The Palo Alto Networks Next-Generation Security Platform enables enterprises, service providers, and governments to protect our digital way of life with a prevention-first approach to cybersecurity. Our platform allows organizations to reduce their threat exposure by first enabling the applications for all users or devices regardless of location, then preventing threats within application flows and tying application use to user identities across physical and cloud-based networks. NEXT-GEN SECURITY PLATFORM NEXT-GENERATION FIREWALL THREATINTELLIGENCE CLOUD AUTOMATED EXTENSIBLENATIVELY INTEGRATED ADVANCED ENDPOINT PROTECTION CLOUD NETWO R K EN DPOINT 21
  • 3. NEXT-GEN As the foundational element of our enterprise security platform, App-ID provides visibility and control over applications – even those that try to evade detection by masquerading as legitimate traffic, hopping ports or sneaking through the firewall using encryption (TLS/SSL or SSH). App-ID includes a database containing well over two thousand applications, with new applications typically added every week. The application identification engine implemented in the next-generation firewall accurately identifies applications in all traffic passing through the network. ● Automatically identifies applications using multiple identification mechanisms, unlike conventional firewalls that could identify applications only by their IP addresses, ports and protocols. ● Capable of identifying traffic: communications disguised as authorized traffic, communications using dynamic ports, communications trying to go through the firewall via an SSL encryption tunnel. Even SSL or SSH encrypted communications are examined by decrypting contents with policy-based decryption, and application identification and contents scanning can be performed. ● Applies policy-based identification, decryption, and inspection to inbound and outbound SSL traffic. ● Performs policy-based identification and control of SSH tunneled traffic. APP-ID Examines encrypted traffic You can control application use depending on the business and security risks because application activities can be identified for each user (or for each group), as well as for each IP address. ● Who uses which application when and how long is visualized. Permission, prohibition, and warnings for each user can be controlled. ● Identifies users (groups) in collaboration third-party directory services, WLAN controllers, proxies, terminal servers, and more. By using various tools for visualization, analysis, and reporting, you can quickly ascertain movements on the network and perform incident analysis. ● Automatically correlate indicators of threats for improved visibility and confirmation of compromised hosts across your network. ● Centrally analyze, investigate and report on network traffic, security incidents and administrative modifications. ● View a highly customizable graphical summary of applications, users, content, and security threats. ● Generate actionable, customizable reports to view application and threat traffic, SaaS usage, and user behavior across your organization. USER-ID Visualizes usage status and attack trends Content-ID™ technology delivers a new approach based on the complete analysis of all allowed traffic, using multiple advanced threat prevention technologies in a single, unified engine. ● Blocks vulnerability exploits, buffer overflows, and port scans, protects you from the evasion and obfuscation methods used by attackers. Stops malware outbound communications, blocks access to known malware and phishing download sites, and reduces the risks associated with the transfer of unauthorized files and data. ● Uses a single stream-based approach that simplifies management, streamlines processing, and maximizes performance. The next-generation firewall secures virtualized datacenters, public and private clouds, and diverse mobile environments by securely enabling applications and preventing threats. ● VM-Series virtualized next-generation firewalls support the same next-generation firewall and threat prevention features provided by the physical appliances. Supported environments include: VMware NSX, ESXi, vCloudAir, Amazon Web Services, Microsoft Azure and Hyper-V, KVM and Citrix SDX. ● GlobalProtect that provides protection functions of nextgeneration firewall for various mobile devices used inside and outside of the organization iOS, Android, Windows, and Mac devices are supported. CONTENT-ID Supports various forms of deployment ● Inspects and controls content traversing the network to detect and block known and unknown threats in a single pass. ● Proactively identifies and defends against unknown, new or custom malware and exploits. ● Single-pass software architecture maximizes performance by scanning traffic only once, regardless of which features are enabled. 43
  • 4. WildFire™ controls unknown threats intelligently. One of the largest threat analysis services in the world ● By using sandbox technology, received files and URLs are executed and analyzed in a protected virtual environment in the cloud, and unknown threats used by targeted attacks are discovered. ● For detected malware are distributed in as little as 5 minutes. ● Malware detection information worldwide is shared in the cloud, and detection logic and the virtual environment are updated to always respond to the latest threats. To discover unknown malware or exploits, the contents are executed and detected on various operating systems (OS) such as Windows and mobile devices. ● Various files: Windows PE (EXE and DLL), PDF, Microsoft Office, Java, Android APK, and Adobe Flash (6.1 and later) are supported. ● Links in e-mails are accessed and analyzed to know whether the websites contain any threats. Security managers can access WildFire analysis reports on the management screen for managers or the WildFire portal, and see how malware will behave and affect the system when the file is opened. WildFire reports enable incident response teams to quickly and easily respond to new threats and build preventive control measures for them. Unknown threats in various files are analysed Easy to understand WildFire reports Conventional sandboxes support only fixed versions of applications on fixed versions of OSs of the prepared virtual environments and they cannot detect malware that runs only on specific versions. On the other hand, WildFire service supports multiple version inspection that can simultaneously analyze multiple versions of an application to analyze malware's behavior in greater detail. Each version of Adobe Acrobat Reader, Adobe Flash (6.1 and later), and Microsoft Office is supported. WildFire service running in a cloud environment provides scalability and high expandability of the sandbox environment. In addition, hybrid operation together with WF-500, an on-site version appliance, is supported allowing various malware analysis. ● A sandbox environment in the cloud that does not require consideration of processing capacity ● New applications, versions, and file types are supported as needed. ● Distributed operations are possible, such as files downloaded from the Web are analyzed by the cloud service and files attached to e-mail are analyzed by the on-site version, WF-500. The analysis supports multiple versions Expandability provided by cloud service After a threat is detected, automatic protection from the threat without manual intervention is required. When WildFire detects new malware, it automatically generates throughout the cyberattack lifecycle, and signatures protection mechanisms for prevention to block C&C communications by the malware itself or terminals infected by the malware are automatically generated and distributed to customers worldwide. ● In addition to anti-malware signatures, C&C signatures, DNS based callback signatures, and malicious URLs are distributed globally in as little as 5 minutes. Protections are generated in as little as 5 minutes WildFire utilizes not only static analysis (a look at the characteristics of a file), but also dynamic analysis (a detailed look at the behavior of a file) in its process of detecting unknown threats. In addition, WildFire uses machine learning to apply new knowledge to future analysis requests. - Static Analysis - Dynamic Analysis - Machine Learning Cutting edge analysis methods 3.0 3.1 3.2 4.0 4.1 5.0 5 minutes WILDFIRE More than 10,000 companies worldwide are connected to WildFire, and its ability to conduct static analysis (characteristics of a file), dynamic analysis (behavior of a file), and machine learning. 65
  • 5. Palo Alto Networks Traps replaces traditional antivirus with multi-method prevention, a proprietary combination of purpose-built malware and exploit prevention methods that protect users and endpoints from known and unknown threats. Traps prevents security breaches, in contrast to breach detection and incident response after critical assets have already been compromised. Traps uses an entirely new and unique approach to prevent exploits. Instead of focusing on the millions of individual attacks, or their underlying software vulnerabilities, Traps focuses on the core exploits on techniques used by all exploit-based attacks. ● Memory Corruption Prevention: Traps prevents the exploitation on techniques that manipulate the operating system’s normal memory management mechanisms for the application that opens the weaponized data file containing the exploit. ● Logic Flaw Prevention: Traps recognizes and blocks the exploitation techniques that allow an exploit to manipulate the operating system’s normal application process and execution mechanisms. ● Malicious Code Execution Prevention: In most cases, the end goal of exploitation on is to execute the attacker’s commands that are embedded in the exploit file. This prevention method recognizes the exploitation on techniques that allow the attacker’s malicious code to execute and blocks them before they succeed. Multi-Method Exploit Prevention The Traps agent is very light, having almost no impact on system resources. So it can be used in a virtual machine environment. ● The consumed memory size is about 25 MB and CPU utilization is 0.1%, requiring no daily pattern file update or periodic system scanning. ● Supported OSs are Windows Server and Workstation in a physical or virtual environment. Windows XP is supported even though it is no longer supported by Microsoft. Simple, Light and Easy to Understand Traps prevents malicious executables with a unique, multi-method prevention approach that maximizes coverage against malware while simultaneously reducing the attack surface and increasing the accuracy of malware detection. Traps can collaborate with WildFire, a threat intelligence cloud solution, enhancing protection against unknown attacks and malware. ● Executable files of unknown attacks are automatically uploaded to WildFire. ● By exchanging threat information on unknown attacks with enterprises and organizations worldwide via WildFire, comprehensive security measures are in place. Multi-Method Malware Prevention Collaboration with Networks and the Cloud When attacked, a wide range of data needed for analysis is gathered from the Traps agent and stored to support later investigative activities. ● Information on each running process is recorded and sent to the Endpoint Security Manager (ESM) server on an ongoing basis. ● Information on any attempt to stop, remove, or manipulate Traps is notified. ● When an attack is prevented, a full memory capture and information on the activities attempted by the malicious code are gathered from the endpoint. Forensic Data Gathering Traps Advanced Endpoint Protection: ● Prevents cyber breaches by preemptively blocking known and unknown malware, exploits and zero-day threats. ● Protects and enables users to conduct their daily activities and use web-based technologies without concern for known or unknown cyberthreats. ● Automates prevention by autonomously reprogramming itself using threat intelligence gained from WildFire. TRAPS Static Analysis via Machine Learning provides the ability to prevent execution of unknown malware by instantly examining hundreds of a file’s characteristics, without reliance on signatures, scanning or behavioral analysis. WildFire Inspection and Analysis leverages the WildFire cloud-based malware analysis environment to detect unknown malware and automatically reprogram Traps to prevent known malware. Trusted Publisher Execution Restrictions allows organizations to identify executable files that are among the “unknown good” because they are published and digitally signed by trusted publishers. Policy-Based Execution Restrictions: Organizations can easily define policies to restrict specific execution scenarios, thereby reducing the attack surface of any environment. Admin Override Policies: This method allows organizations to define policies, based on the hash of an executable file, to control what is allowed to run in any environment and what is not. Any executable file that is deemed to be malicious and prevented from running on the endpoint can be quarantined. 87 8
  • 6. Panorama: Integrated Management Platform Deployment Scenarios With Panorama, you can view all your next-generation firewalls' traffic, manage device configurations overall, allocate global policies, and generate reports on traffic patterns or security incidents - all from one central location. Logs of next-generation firewalls under Panorama are stored and managed in an integrated way. ● Unified Visibility: Applications of all managed next-generation firewalls, URLs, threats, and data (files and patterns) can be graphically displayed. ● Flexible Policy Control: Globally consistent policy control as well as local level policy control are supported, allowing well balanced security management according to your requirements. ● Flexible Deployment Options: Deployment with a Dedicated Management Appliance or Virtual Machines: Can be deployed on either M-100 or M-500 dedicated high performance hardware or on VMware ESX/ESX i virtual appliances. Appliances can also be deployed as dedicated log collectors for a more distributed deployment and streamlined log collection. Panorama's management function and logging function can be deployed with a dedicated appliance. Furthermore, a distributed environment that separates the management and logging functions can also be built. ● Memory size: 16 GB ● Internal SSD 120 GB ● Up to 4 TB storage (RAID1) Note: Rack size is 1U Panorama dedicated appliance suitable for deployment in datacenters and large environments. ● Memory size: 128 GB ● Internal SSD 240 GB ● Up to 8 TB storage (RAID1) Note: Rack size is 2U M-100 M-500 Palo Alto Networks enterprise security platform provides a consistent security platform in various scenarios and locations, such as deployment in the boundaries between enterprise networks and the Internet, deployment in networks distributed to different locations, and deployment in a physical datacenter as well as private and public clouds. In order to implement our next- generation security platform, installation of various subscription based functions as well as the basic functions of the next- generation firewall are required. ● Network visualization and control functions provided by next-generation firewalls: App- ID and User-ID ● Control of Web use, protection from threats, and restrictions on unauthorized transfer of files and data: Threat Prevention and URL Filtering ● Countermeasures for targeted attacks and unknown malware: WildFire ● Multi-tenant function to implement multiple virtual firewalls: Virtual Systems Boundaries of Enterprise Networks ● Next-generation firewall appliances can function at the boundary between a datacenter and the network, enabling applications and preventing threats with: App-ID, User-ID, Threat Prevention, URL Filtering, and WildFire ● The VM-Series virtualized next-generation firewall enabling applications and preventing threats in private and public clouds ● Panorama centrally manages policies across appliance and virtualized instances of the next-generation firewall ● All functions of the next-generation firewall are provided in a consistent way by models appropriate for the size of headquarters and local sites: App-ID, User-ID, and others ● Endpoint protection against zero-day attacks exploiting software vulnerabilities: Traps ● Safe communications for various devices of mobile workers: GlobalProtect ● Centralised management of next-generation firewalls in various locations: Panorama Distributed Enterprise Datacenter, Private and Public Cloud corporate network / DMZ N etw ork Security M anagem ent Securing North - South Traffic V irtualServers P hysicalServers Securing East - West Traffic VMware ESXi VH-0001-MV W EB A P P D B NSX vSwitch VMware ESXi VH-0001-MV W EB A P P D B NSX vSwitch PANORAMA APPLICATION NETWORK SECURITY VMware ESXi VH-0001-MV W EB A P P D B NSX vSwitchVMware ESXi VH-0001-MV W EB A P P D B NSX vSwitch Securing East - West Traffic Virtual Servers Physical Servers VMware ES Xi VH-0001-MV W EB APP DB NSX vS witch Mobile Branches Headquarters Data Center GP TR AF WF T Threat Prevention U URL Filterring A App-ID U User-ID W WildFire* V Virtual System T U A U W V G G GlobalProtect* * Some functions are free. <Charged Functions> <Functions Free of Charge> The Panorama management platform can manage a distributed network of Palo Alto Networks next-generation firewalls in a centralized way, reducing the workload and cost for security management. 10 P A N O R A M A vCloud Air SQ L D B ShareP oint W eb FE 9
  • 7. Next-Generation Firewall Specifications Overview VM Series Specifications Overview PA-7080 PA-7050 PA-7000-20G-NPC PA-7000-20GQ-NPC PA-5060 PA-5050 PA-5020 PA-3060 PA-3050 PA-3020 PA-500 PA-200 App-ID Firewall Throughput* 200 Gbps 120 Gbps 20 Gbps 20 Gbps 20 Gbps 10 Gbps 5 Gbps 4 Gbps 4 Gbps 2 Gbps 250 Mbps 100 Mbps Threat Prevention Throughput* 100 Gbps 60 Gbps 10 Gbps 10 Gbps 10 Gbps 5 Gbps 2 Gbps 2 Gbps 2 Gbps 1 Gbps 100 Mbps 50 Mbps Max Sessions (IPv4 or IPv6) 80,000,000 48,000,000 4,000,000 4,000,000 4,000,000 2,000,000 1,000,000 500,000 500,000 250,000 64,000 64,000 Connections Per Second 1,200,000 720,000 120,000 120,000 120,000 120,000 120,000 50,000 50,000 50,000 7,500 1,000 Maximum Number of Ports Up to 10 NPC are supported. Up to 6 NPC are supported. 4x SFP+, 8xSFP, 12x10/100/1000 2x40Gig QSFP + 12xSFP+ 4 SFP+ 8 SFP 12 copper gigabit 4 SFP+ 8 SFP 12 copper gigabit 8 SFP 12 copper gigabit 2 SFP+ 8 SFP 8 copper gigabit 8 SFP 12 copper gigabit 8 SFP 12 copper gigabit 8 copper gigabit 4 copper gigabit Management Interfaces CLI WebUI (HTTP/ HTTPS) Telnet SSH2 XML API N/A N/A CLI WebUI (HTTP/ HTTPS) Telnet SSH2 XML API CLI WebUI (HTTP/ HTTPS) Telnet SSH2 XML API Management Tools SNMPv2c/ v3 Syslog NetFlow N/A N/A SNMPv2c/ v3 Syslog NetFlow SNMPv2c/ v3 Syslog NetFlow Rack Size 19U 9U N/A N/A 2U 2U 2U 1.5U 1U 1U (Mount Kit Option) Weight 135.8kg (Chassis Unit) 85.0kg (Chassis Unit) N/A N/A 18.6kg 8.17kg 6.8kg 3.62kg 1.27kg Power Supply 2+2 2500W AC/ DC 4+4 2500W AC/ DC 2+2 2500W AC/ DC N/A N/A 450W AC/ DC (Redundant) 400W AC (Redundant) 250W AC 180W AC 40W AC Disk Size 2TB RAID1 N/A N/A 120 GB or 240 GB SSD, RAID Option 120GB SSD 160GB 16GB SSD VM-1000-HV VM-300 VM-200 VM-100 App-ID Firewall Throughput** 1 Gbps 1 Gbps 1 Gbps 1 Gbps Threat Prevention Throughput** 600 Mbps 600 Mbps 600 Mbps 600 Mbps Max Sessions (IPv4 or IPv6) 250,000 250,000 100,000 50,000 Connections Per Second 8,000 8,000 8,000 8,000 Subscriptions for next-generation firewalls Subscriptions for Endpoint Protection and Threat Intelligence AutoFocus cyberthreat intelligence service provides correlation data of cyberthreat information collected globally for each organization. The correlation data is created based on WildFire information being used worldwide, research results of the threat research team, and information from AutoFocus users. Equipped with a function showing priorities of threat information, AutoFocus also provides background information on attack contents, attackers, and organized attacks such as information on the specific industry being attacked. Protects endpoint completely from zero-day attacks that exploit software vulnerabilities and advanced malware attacks. ● Functions such as protection against exploits (attack codes that use vulnerabilities), protection against malware, and forensic data gathering are provided. ● By exchanging analysis information on unknown threats with WildFire users worldwide in collaboration with WildFire, integrated security measures are in place. AutoFocus Traps Vulnerability exploits, buffer overflows, port scans, and exploit kits are detected and stopped using signatures, heuristics, and statistical anomaly detection. In addition, we deliver predictable IPS performance to you through hardware acceleration, a uniform signature format, and a single-pass software architecture. Threat Prevention WildFire™ cloud-based analysis service analyzes files and links globally and designates never-before- seen items for further investigation using static and dynamic analysis over multiple operating systems and application versions. If a sample is categorized as malicious, WildFire automatically generates new preventions for our Next-Generation Security Platform and integration partners in as little as 5 minutes. ● Windows® XP, Windows 7, Android® and Mac® OS X® operating systems, with full visibility into common file types, including: EXE, DLL, ZIP, PDF, as well as Microsoft® Office documents, Java® files, Android APKs, Adobe® Flash® applets, and webpages, including high-risk, embedded content, such as Java and Adobe Flash files and images. ● WildFire appliance WF-500 available as a private cloud for additional data privacy. WildFire Endpoint security solution for remote users of note PCs and mobile devices who are expanding the boundaries of physical networks. ● Next-generation firewalls, GlobalProtect, and GlobalProtect Mobile Security Manager collaborate to provide 3 functions: device management, device control, and data access control. ● Android 4.0.3 and later, iOS 6.0 and later, Windows 7/8/8.1, and Mac OS X 10.6 and later are supported. GlobalProtect The integration of URL Filtering with both WildFire and the next-generation firewalls' single pass architecture quickly and automatically enhances your company’s security posture and keeps it up to date. Combining fast cloud URL lookups with a local cache, instead of a big database download, significantly reduces latency and increases both the accuracy and relevance of the categorization, and lowers total cost of ownership. URL Filtering Licenses for next-generation firewalls Virtual systems are separate, logical firewall instances within a single physical Palo Alto Networks firewall. Rather than using multiple firewalls, managed service providers and enterprises can use a single pair of firewalls (for high availability) and enable virtual systems on them. Each virtual system (vsys) is an independent, separately-managed firewall with its traffic kept separate from the traffic of other virtual systems. Virtual System L S S S S S S * The performance is measured in an ideal test environment on PAN-OS7.0 when App-ID enabled. ** The performance of VM-series is measured in an ideal test environment on PAN-OS7.0 and with four CPU cores when App-ID enabled. L S License: Permanent right to use paid at the time of purchase Subscription: Right to use requiring annual updates ● PA-3000 series: Maximum 6 instances ● PA-5020: Standard 10/Maximum 20 instances ● PA-5050: Standard 25/Maximum 125 instances ● PA-5060/PA-7050/PA-7080: Standard 25/ Maximum 225 instances 1211 Appliances M-100 M-500 WF-500 Hardware Specifications 16GB memory 120GB SSD (Internal use) Up to 4 TB storage (RAID1) 128GB memory 240GB SSD (Internal use) Up to 8 TB storage (RAID1) 128GB memory 120GB SSD 2 TB storage (RAID1) Rack Size 1U 2U 2U Remarks Panorama Management Appliances Select either 1 TB or 4 TB log storage. M-100's expanded capacity version. Can be used as offline PAN-DB as well as conventional Panorama/log collector function. On-site version of Wildfire Cloud
  • 8. Palo Alto Networks is the next-generation security company maintaining trust in the digital age by helping tens of thousands of organizations worldwide prevent cyber breaches. With our deep cybersecurity expertise, commitment to innovation, and game-changing Next-Generation Security Platform, customers can confidently pursue a digital-first strategy and embark on new technology initiatives, such as cloud and mobility. This kind of thinking and know-how helps customer organizations grow their business and empower employees all while maintaining complete visibility and the control needed to protect their critical control systems and most valued data assets. Revenue FY09 $13m FY10 $49m FY11 $119m FY12 $255m FY13 $396m FY14 FY15 FY16 $598m $928m $1.4bn $1400 $1200 $1000 $800 $600 $400 $200 $0 Analysis report of applications and risks are provided free of charge. Security Lifecycle Review is a set of services in which we bring our next-generation firewalls into your network environment, analyze application usage, and security risks based on collected traffic data, and provide you with the countermeasures in writing. Based on application operating characteristics defined by Palo Alto Networks research team, the risk level of each application is ranked at 1 to 5, and the top 35 applications are classified into categories and subcategories and displayed; moreover, the top 25 applications in the order of how much bandwidth is consumed and use HTTP the most, and high level threats passing through networks are displayed and reported. Business Risks Caused by High Risk Applications For high risk applications with their risk level 4 or 5, their business risks are evaluated based on the following factors and presented: activity hiding, file transfer/information leaks/copyright infringement, personal use of communication applications, heavy consumption of bandwidth, and so on. Recommended measures based on risk analysis and evaluation are presented For risk items identified by traffic analysis, specific measures are recommended such as policies to be applied to the use of applications and Web, handling of high risk applications such as transfer/sharing of online files, and policies to be applied to the use of proxies and remote access applications. Services can be used without requiring changes to your network environment The design of the existing network does not need to be changed. After you set mirror ports in your network devices (such as firewalls and L2/L3 switches), we install the next-generation firewalls. For the use of Security Lifecycle Review services, contact our website. go.paloaltonetworks.com/slr Palo Alto Networks History 2005 Founded. 2007 Started shipment of next-generation firewalls. November 2011 Started offering the WildFire™ Cloud service against targeted attacks. July 2012 IPO on the NYSE November 2012 Started shipping the VM-Series virtualized next-generation firewall. November 2012 Started shipping the M-100 dedicated high-performance management appliances. May 2013 Obtained Common Criteria EAL4+ Certification. Jun 2013 Started shipping the WildFire™ Appliance WF-500. September 2014 Launched Traps (Endpoint Security). April 2015 Ranked as "leader" in Gartner Magic Quadrant for 4th consecutive year. October 2015 Launched AutoFocus threat analysis service. April 2016 Released the lastest OS for the next-generation firewall: PAN-OS 7.1 May 2016 Ranked as “leader” in Gartner Magic Quadrant for 5th consecutive year. August 2016 Closed fiscal year 2016 with over 34,000 customers worldwide. ABOUT PALO ALTO NETWORKS SECURITY LIFECYCLE REVIEW 1413