Palo Alto Networks

homuskratNetworking and Communications

Nov 20, 2013 (4 years and 1 month ago)

87 views

Palo
Alto Networks

OMREŽNA VARNOST

Lancom 21.4.2011

Silvester
Drobnič, CHS d.o.o.

s
ilvester.drobnic@chs.si


N
ew
generation of addicted Internet users


smarter than
you
?

About Palo Alto Networks


Palo Alto Networks is the
Network
Security
Company


World
-
class team with strong security and networking experience

-
Founded in 2005 by security visionary
Nir

Zuk

-
Top
-
tier investors


Builds next
-
generation firewalls that identify
/
control

1100+
applications

-
Restores the firewall as the core of the enterprise network security infrastructure

-
Innovations: App
-
ID™, User
-
ID™, Content
-
ID™


Global footprint:

2,200+ customers in
50+ countries, 24/7 support



Legendary Customer Support Experience


Strong TSE team with deep
network security and
infrastructure knowledge

-
Experience with every major
firewall

-
TSEs average over 15 years of
experience


TSEs co
-
located with
engineering


in Sunnyvale, CA


Premium and Standard offerings


Rave reviews from customers

Customer support has always been
amazing. Whenever I call, I always get
someone knowledgeable right away, and
never have to wait. They give me the
answer I need quickly and completely.
Every support rep I have spoken with
knows his stuff.

-
Mark Kimball, Hewlett
-
Packard

Customer support has been extraordinarily
helpful


which is not the norm when
dealing with technology companies. Their
level of knowledge, their willingness to
participate


it’s night and day compared
to other companies. It’s an incredible
strength of Palo Alto Networks.

-
James Jones, UPMC

2010 Magic Quadrant for Enterprise Network Firewalls

Palo
Alto
Networks

Check Point Software Technologies

Juniper Networks

Cisco

Fortinet

McAfee

Stonesoft

SonicWALL

WatchGuard

NETASQ

Astaro

phion

3Com/H3C

completeness of vision

visionaries

ability to execute

As of March 2010

niche players

Source: Gartner

Gartner: Palo Alto Networks is a Visionary


Enterprises need next
-
generation firewalls

-
“In 2009, Gartner saw market pressures
accelerate the demand for next
-
generation firewall platforms that provide
the capability to detect and block
sophisticated attacks, as well as enforce
granular security policy at the application
(versus port and protocol) level. ”


Palo Alto Networks’ next generation firewalls
are leading the market

-
Gartner notes: “Palo Alto Networks is
highly disruptive within the firewall market
because the product has been designed
as a next
-
generation firewall and has
competitors being forced to change road
maps and sell defensively.”


Palo Alto Networks generated the most firewall
inquiries among Gartner customers in 2009.

Gartner: Firewalls Are Not Commoditized


Next
-
generation firewalls are
evolving the enterprise network
firewall market


Running on general purpose
server hardware won’t perform
next
-
generation firewall features
well for the enterprise


Established vendors are milking
their installed base


raising prices
without delivering new features


UTM is for SMB. SMB ≠ enterprise
branch office.

NSS Labs test


PAN as IPS



The
highest IPS block rate in
recent history (93.4%)


100
% resistance to IPS evasion
techniques


Simple
IPS configuration and
tuning
.


Provided
all the above while
exceeding the datasheet
performance metrics


PAN

Hardware & Licenses

Hardware


Enota se izbira glede na zahtevano propustnost


Možna je HA postavitev enot v A
-
P in A
-
A načinu


Licence


Support licenca je obvezna


Opcijski licenci:

-
Thread licenca (IPS, AV, AS)

-
URL filtering


Ostale licence:

-
Virtual Firewall

-
Global Protect


POMEMBNO


Ni omejitve na uporabnike


Ni dodatnih licenc za VPN


PA
-
500

PA
-
2020

PA
-
2050

PA
-
4020

PA
-
4050

PA
-
4060

PA
-
5
060

PA
-
5
0
5
0

PA
-
5
0
2
0

Redefine Network Security


and Save Money!

Cut by as much
as
80%

Cut by as much
as
65%


Capital cost


replace multiple devices

-
Legacy firewall, IPS, URL filtering device (e.g.
proxy, secure web gateway…)


“Hard” operational expenses

-
Support contracts

-
Subscriptions

-
Power and HVAC



Save on “soft” costs too

-
Rack space, deployment/integration, headcount,
training, help desk calls

Next
-
Generation Firewalls Are Network Security

S
tart
by understanding what’s really happening


Application
Usage and Risk
Report



Findings

-
347 large enterprises worldwide

-
750+ different Internet applications

-
Employees have created Enterprise 2.0


Rewards

-
Enterprises are embracing social networking apps

-
Proven to deliver measurable value to business


Risks

-
Incoming threats are increasing

-
Potential for data leakage is increasing

-
Existing security infrastructure ineffective

Research Center

DEMO
-

Flexible Deployment Options

Visibility

Transparent In
-
Line

Firewall Replacement


Application, user and content
visibility without inline
deployment


IPS with app visibility & control


Consolidation of IPS & URL
filtering


Firewall replacement with app
visibility & control


Firewall + IPS


Firewall + IPS + URL filtering

Application
Visibility

and Risk Report



Tells
the budget holder what we
are going to review


Presents findings in clear,
business oriented manner


Introduces business risks
associated with the application
traffic

Zaključek

Kako naprej:


Vprašajte pri Lancomu za test PANa


Po testu zahtevajte AVR poročilo



V vmesnem času:

-
PAN AUR poročilo

-
Gartnerjeva NGF definicija

-
Gartnerjevo zadnje poročilo o požarnih pregradah

-
NSS Labs poročilo o PAN IPS zmogljivosti

-
PAN Research center na WEBu

-
Ocenite CAPEX in OPEX vaše trenutne opreme

-
Vprašajte se ali veste kaj spušča vaš obstoječi FW v omrežje