parallax background
 

Paloaltonetworks - intellectual security

The world's first NGFW based on machine learning

Palo Alto Networks Security Solutions

Palo Alto Networks is a leading provider of enterprise information security solutions. The company's products, integrated into the security operating system, protect the corporate environment - network, endpoints, and hybrid clouds, allowing you to detect and prevent the most complex attacks.

Palo Alto Networks Unified Cybersecurity Platform

 

NGFW is the backbone of Palo Alto Networks' unified cybersecurity platform.


It gives full visibility and control over all applications on the network, including those that try to pretend to be legitimate by working on non-standard ports or using data encryption (for example, TLS/SSL or SSH).

 

Palo Alto Networks NGFW:
- Inspects and controls network traffic to detect and block known and unknown threats, all in one scan.
- Increases performance by using a single-pass architecture, which ensures that traffic is scanned only once, regardless of the enabled features.
- Effectively identifies and blocks unknown, new or specialized malware and exploits.
- NGFW uses a single-pass, parallel processing architecture that uses App-ID, User-ID, and Content-ID technologies to identify applications, users, and content analysis, respectively, which provides NGFW with unrivaled cybersecurity capabilities.

REQUEST A FREE DEMO

STRATA - comprehensive NGFW network protection

App-ID™ - application identification

The App-ID™ application identification system accurately recognizes applications in the data stream passing through the NGFW.



App-ID™ can:
- Identify applications using various identification methods, unlike classic firewalls that use an IP address, port or protocol.
- Identify applications masquerading as allowed traffic using dynamic ports, or attempting to pass through a firewall through an SSL encrypted tunnel.
- Apply special policies (Decryption Policy) to decrypt and inspect incoming and outgoing SSL traffic.
- Control traffic through SSH tunnels.

User-ID™ - user identification

Visualizing applications by the user rather than by IP address allows you to control the applications on your network.
You can customize how applications are used according to your business requirements and, if necessary, inform users of policy violations or even block their apps.



User-ID™ allows you to:
- Create policies for the secure use of applications by users or groups of users, inbound or outbound. For example, access to useful tools such as SSH, telnet, and FTP on standard ports can only be granted to members of the IT department.
- Control local and remote users, regardless of the type of devices used and their location.
- Generate reports with data on user actions. You can create your own report form or use standard templates.

Content-ID™ - contect identification

Content-ID™ data identification technology provides the ability to conduct a complete analysis of all traffic in order to prevent threats.



Content-ID™ will help:
- Block vulnerabilities in the system, prevent buffer overflows and port scanning; protect the system from intrusions and various masking methods used by intruders.
- Block external connections of malware.
— Block access to malicious and phishing sites.
— Reduce the risks associated with the unauthorized transfer of files and data.
- Use a single flow approach that simplifies the management process, allows you to modernize the data processing process, and significantly improves system performance.

REQUEST A DEMO

Network Security Subscriptions:

Threat Prevention
Threat Prevention Subscription provides the following:
— Protection against viruses, spyware (C&C) and vulnerabilities (IPS);
- Built-in external dynamic lists (External Dynamic Lists), which you can use to protect your network from malicious hosts;
- Ability to identify infected hosts that are trying to connect to malicious domains (DNS Sinkhole) based on locally loaded DNS signatures.
URL Filtering
URL Filtering Subscription provides the ability to control Internet access by categories, blacklists and whitelists of sites, and allows you to control how users interact with online content based on dynamic URL categories. This subscription also helps prevent credential theft by controlling which sites users can submit their corporate credentials to.
As part of this subscription, it is possible to configure access to the PAN-DB public cloud or the PAN-DB private cloud to retrieve site categories.
DNS Security
URL Filtering Subscription provides the ability to control Internet access by categories, blacklists and whitelists of sites, and allows you to control how users interact with online content based on dynamic URL categories. This subscription also helps prevent credential theft by controlling which sites users can submit their corporate credentials to.
As part of this subscription, it is possible to configure access to the PAN-DB public cloud or the PAN-DB private cloud to retrieve site categories.
WildFire
WildFire Subscription provides enhanced 0-day and previously unknown malware detection (sandboxing) for organizations that require immediate threat detection, frequent WildFire signature updates, enhanced support for parsed file types (APK, PDF, Microsoft Office, and Java applets), as well as the ability to upload files using the WildFire API. A WildFire subscription is also required if your NGFWs will send files for analysis to the local WF-500
IoT Security
IoT Security Subscription and Serviceprovides IoT infrastructure monitoring and security. A subscription is purchased for each firewall. The IoT Security service includes the following features:
— Detection and monitoring of IoT devices without the need for signatures;
— Identification of threats, risks and anomalies of IoT devices;
— Application of security policies on the ITU for various devices using the Device-ID qualifier.
GlobalProtect
GlobalProtect Subscription gives you access to VPN mobile apps and advanced VPN features. Without this subscription, you can deploy GlobalProtect portals and gateways for remote access. The following features are available with a GlobalProtect subscription:

— HIP checks and related content updates;
— GlobalProtect mobile applications for iOS and Android;
— IPv6 connections;
— Clientless GlobalProtect VPN;
— Device quarantine at the GlobalProtect client level when malicious traffic is detected.
SD-WAN
SD-WAN Subscription provides intelligent and dynamic traffic routing path selection in addition to existing PAN-OS threat protection. The SD-WAN implementation is managed by Panorama and includes the following features:
— Centralized configuration management;
— Automatic creation of VPN topology;
— Traffic distribution;
— Monitoring and troubleshooting.
Virtual Systems
Virtual Systems License is required to enable support for multiple virtual systems in the ITU PA-3200. In addition, you need to purchase a virtual systems license if you want to increase the number of virtual systems beyond those enabled by default for the PA-5200 and PA-7000 series (the base number varies by platform). The PA-800, PA-220, and VM-Series firewalls do not support virtual systems.
GET MORE INFORMATION
 

Not sure how to start improving your security?

Schedule a free test drive!
 
 

 

 

 
CONTACT US