Palo Alto

Palo Alto Networks™ delivers next-generation firewalls that provide user-based visibility and QoS policy control of applications and content running on enterprise networks. Based on patent-pending App-ID™ technology, Palo Alto Networks firewalls accurately identify applications – regardless of port, protocol, evasive tactic or SSL encryption – and scan content to stop a broad range of threats and prevent data leakage at 10Gbps with no performance degradation. Enterprises can now embrace the world of Web 2.0 applications in a manner that is safe for the business and its users, while offering significantly lowering total cost of ownership through device consolidation.

Palo Alto Networks Next-Generation Firewalls Features and Benefits

• Application visibility and control: Accurate identification of the applications traversing the network enables policy-based control over application usage at the firewall, the strategic center of the security infrastructure.
• Visualization tools: Graphical visibility tools, customizable reporting and logging enables administrators to make a more informed decision on how to treat the applications traversing the network.
• Application browser: Helps administrators quickly research what the application is, its' behavioral characteristics and underlying technology resulting in a more informed decision making process on how to treat the application.
• User-based visibility and control: Seamless integration with Microsoft Active Directory (AD) facilitates application visibility and policy creation based on user and group information in AD, not just IP address.
• Citrix and terminal services visibility: The identity of users sitting behind Citrix or terminal services is now collected and used to enable policy-based visibility and control over applications, users and content.
• Real-time threat prevention: Detects and blocks viruses, spyware, worms and application vulnerabilities; controls web activity; all in real-time, dramatically improving performance and accuracy.
• File and data filtering: Taking full advantage of the in-depth application inspection being performed by App-ID, administrators can implement several different types of policies that reduce the risk associated with unauthorized file and data transfer.
• SP3 architecture: combines single pass software with parallel processing hardware to deliver the multi-Gbps performance necessary to protect today's high speed networks.
• Legacy firewall support: Support for traditional inbound and outbound port-based firewall rules mixed with application-based rules smoothes the transition to a Palo Alto Networks next generation firewall.
• Networking architecture: Support for dynamic routing, site-to-site IPSec VPN, virtual wire mode and layer 2/layer 3 modes facilitates deployment in nearly any networking environment.
• VPN connectivity: Secure site-to-site connectivity is enabled through standards-based IPSec VPN support and while remote user access is delivered via SSL VPN connectivity.
• Quality of Service (QoS): Deploy traffic shaping policies (guaranteed, maximum and priority) enable positive policy controls over bandwidth intensive, non-work related applications such as streaming media while preserving the performance of business applications.