Next Generation Enterprise Network Security Platform

Similar documents
PALO ALTO SAFE APPLICATION ENABLEMENT

What s Next for Network Security - Visibility is king! Gøran Tømte March 2013

What s Next for the Next Generation Firewall Vendor Palo Alto Networks Overview. October 2010 Matias Cuba - Regional Sales Manager Northern Europe

Stallion SIA Seminar PREVENTION FIRST. Introducing the Enterprise Security Platform. Sami Walle Regional Sales Manager

FROM PRODUCT TO PLATFORM

Agenda , Palo Alto Networks. Confidential and Proprietary.

Next Generation Security Strategies. Marc Sarrias Regional Sales Manager

Integrated Approach to Network Security. Lee Klarich Senior Vice President, Product Management March 2013

Cybercrime: evoluzione del malware e degli attacchi. Cesare Radaelli Regional Sales Manager, Italy cradaelli@paloaltonetworks.com

Palo Alto Networks Overview

Palo Alto Networks. October 6

Hillstone Intelligent Next Generation Firewall

How Attackers are Targeting Your Mobile Devices. Wade Williamson

WildFire. Preparing for Modern Network Attacks

Advanced Security and Risk Management for Cloud and Premise environments

Firewall Feature Overview

The Advanced Attack Challenge. Creating a Government Private Threat Intelligence Cloud

Moving Beyond Proxies

Content-ID. Content-ID enables customers to apply policies to inspect and control content traversing the network.

Breaking the Cyber Attack Lifecycle

Palo Alto Networks. September 2014

Content-ID. Content-ID URLS THREATS DATA

A Modern Framework for Network Security in Government

VM-Series for VMware. PALO ALTO NETWORKS: VM-Series for VMware

Palo Alto Networks Next-Generation Firewall Overview

REVOLUTIONIZING ADVANCED THREAT PROTECTION

The Hillstone and Trend Micro Joint Solution

Critical application visibility and control with Palo Alto Networks

High Performance NGFW Extended

SourceFireNext-Generation IPS

Next-Generation Firewalls: Critical to SMB Network Security

Securing the Virtualized Data Center With Next-Generation Firewalls

Next Generation Firewalls and Sandboxing

How Palo Alto Networks Can Help With ASD's Top Cyber Intrusion Mitigation Strategies

A Modern Framework for Network Security in the Federal Government

you us MSSP are a Managed Security Service Provider looking to offer Advanced Malware Protection Services

Enterprise Security Platform for Government

McAfee Network Security Platform

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Networking for Caribbean Development

Simple security is better security Or: How complexity became the biggest security threat

Firewall Sandwich. Aleksander Kijewski Presales Engineer Dell Software Group. Dell Security Peak Performance

Why it's time to upgrade to a Next Generation Firewall. Dickens Lee Technical Manager

Unified Security, ATP and more

Technical Note. ForeScout CounterACT: Virtual Firewall

Palo Alto Networks. Re-Inventing Network Security. It s Time To Fix The Firewall?! Christian Etzold Senior System Engineer

USG6600 Next-Generation Firewall

Content Security: Protect Your Network with Five Must-Haves

THREAT INTELLIGENCE CLOUD

Palo Alto Networks Certified Network Security Engineer (PCNSE6) Study Guide

Palo Alto Networks Cyber Security Platform for the Software Defined Data center. Zekeriya Eskiocak Security Consultant Palo Alto Networks

Comprehensive Advanced Threat Defense

Preventing Data Leaks At The Firewall A Simple, Cost-Effective Way To Stop Social Security and Credit Card Numbers From Leaving Your Network

WildFire Overview. WildFire Administrator s Guide 1. Copyright Palo Alto Networks

How to Dramatically Reduce the Cost and Complexity of PCI Compliance

WHITE PAPER. Protecting Your Network From the Inside-Out. Internal Segmentation Firewall (ISFW)

WHITE PAPER. Protecting Your Network From the Inside-Out. Internal Segmentation Firewall (ISFW)

SECURITY ANALYTICS MOVES TO REAL-TIME PROTECTION

UNIFIED THREAT MANAGEMENT SOLUTIONS AND NEXT-GENERATION FIREWALLS NETWORK SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

WildFire Reporting. WildFire Administrator s Guide 55. Copyright Palo Alto Networks

The Evolution of the Enterprise And Enterprise Security

How To Sell Security Products To A Network Security Company

USG6300 Next-Generation Firewall

Next-Generation Network Security: A Buyers Guide

CASE STUDY. AUSTRIAN AIRLINES Modernizes Network Security for First Class Performance

Game changing Technology für Ihre Kunden. Thomas Bürgis System Engineering Manager CEE

Advantages of Consolidating Network Security with Wireless for Small & Mid-Size Businesses

On-Premises DDoS Mitigation for the Enterprise

Intro to NSX. Network Virtualization VMware Inc. All rights reserved.

RETHINK SECURITY FOR UNKNOWN ATTACKS

Top 10 Reasons Enterprises are Moving Security to the Cloud

Streamline PCI Compliance With Next-generation Security

Network protection and UTM Buyers Guide

Next-Generation Firewall Overview

Office 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD.

Cisco Small Business ISA500 Series Integrated Security Appliances

Achieve Deeper Network Security

Using Palo Alto Networks to Protect the Datacenter

Achieve Deeper Network Security and Application Control

May Palo Alto Networks 232 E. Java Drive Sunnyvale, CA

WHITE PAPER. Protecting Your Network From the Inside-Out. Internal Segmentation Firewall (ISFW)

Blind as a Bat? Supporting Packet Decryption for Security Scanning

Unified Threat Management, Managed Security, and the Cloud Services Model

Stop advanced targeted attacks, identify high risk users and control Insider Threats

Internal Network Firewall (INFW) Protecting your network from the inside out

The Cisco ASA 5500 as a Superior Firewall Solution

ForeScout CounterACT. Device Host and Detection Methods. Technology Brief

Analyzing HTTP/HTTPS Traffic Logs

Carbon Black and Palo Alto Networks

Palo Alto Networks and Splunk: Combining Next-generation Solutions to Defeat Advanced Threats

Symantec Enterprise Firewalls. From the Internet Thomas Jerry Scott

WHAT S NEW IN WEBSENSE TRITON RELEASE 7.8

White Paper. Why Next-Generation Firewalls Don t Stop Advanced Malware and Targeted APT Attacks

Palo Alto Networks Next-Generation Firewall Overview

Huawei Eudemon200E-N Next-Generation Firewall

Transcription:

Next Generation Enterprise Network Security Platform November 2014 Lyndon Clough - Territory Sales Manager Derran Guinan Systems Engineer

Agenda The Palo Alto Networks story Today s Threat Landscape The Kill Chain An enterprise security platform Next-generation firewall Next-generation threat cloud Closing

Palo Alto Networks at a glance Corporate highlights Founded in 2005; first customer shipment in 2007 Safely enabling applications and preventing cyber threats $600 $400 $200 $0 REVENUES $598 $MM $396 $255 $119 $13 $49 FY09 FY10 FY11 FY12 FY13 FY14 Able to address all network security and cyber-security needs Exceptional ability to support global customers ENTERPRISE CUSTOMERS 20,000 19,000 Experienced technology and management team 1,800+ employees globally 16,000 12,000 8,000 4,000 0 13,500 9,000 4,700 Jul-11 Jul-12 Jul-13 Jul-14 3 2013, Palo Alto Networks. Confidential and Proprietary.

A clear market leader again - 2014 Palo Alto Networks is assessed as a leader, mostly because of its NGFW focus, because it sets the direction of the market along the Analyst Perspectives NGFW path, and because of its consistent visibility in shortlists, increasing revenue and market share, and its proven ability to disrupt the marker. Gartner, April 2014 Gartner magic quadrant for enterprise network firewalls 4 2013, Palo Alto Networks. Confidential and Proprietary.

Many Third Parties Reach Same Conclusion Gartner Enterprise Network Firewall Magic Quadrant - Palo Alto Networks leading the market Forrester IPS Market Overview - Strong IPS solution; demonstrates effective consolidation NetworkWorld Test - Most stringent NGFW test to date; validated sustained performance and key differences NSS Tests - IPS: Palo Alto Networks NGFW tested against competitors standalone IPS devices; NSS Recommended - Firewall: traditional port-based firewall test; Palo Alto Networks most efficient by a wide margin; NSS Recommended - NGFW: Palo Alto Networks best combination of protection, performance, and value; NSS Recommended (1 of only 3) 5 2012, Palo Alto Networks. Confidential and Proprietary.

Over 17,000 Organizations Trust Palo Alto Networks Health Care Financial Services Government Media / Entertainment / Retail Service Providers / Services Mfg / High Tech / Energy Education Page 6

Western Canada Page 7

Agenda The Palo Alto Networks story Today s Threat Landscape The Kill Chain An enterprise security platform Next-generation firewall Next-generation threat cloud Closing

Today s Threat Landscape Organized Attackers Remediation is broken Must prevent attacks across perimeter, cloud and mobile Increasing Volume Sophisticated Limited correlation across disjointed security technologies. Limited security expertise CSO challenges

Tectonic Shifts Create the Perfect Storm SaaS ENCRYPTION SOCIAL + CONSUMERIZATION MOBILITY + BYOD CLOUD + VIRTUALIZATION Massive opportunity for cyber attackers COMMODIZATION OF THREATS

Current Approaches Are Failing Detection-focused Alert Overload Manual Response Required Enterprise Network UTM/ Blades Anti-APT for port 25 APTs DNS protection for outbound DNS Anti-APT for port 80 APTs DNS protection cloud Internet Anti-APT cloud Endpoint AV Network AV DNS Alert Endpoint Alert Web Alert SMTP Alert SMTP Alert SMTP Alert SMTP Alert Web Alert DNS Alert DNS Alert SMTP Alert APT Web Alert Web Alert AV Alert AV Alert Web Alert DNS Alert SMTP Alert Endpoint Alert Vendor 1 Vendor 2 Internet Connection Vendor 3 Vendor 4 Malware Intelligence

Agenda The Palo Alto Networks story Today s Threat Landscape The Kill Chain An enterprise security platform Next-generation firewall Next-generation threat cloud Closing

Understanding the Attack Kill-chain Attack kill-chain BREACH PERIMETER DELIVER MALWARE ENDPOINT OPERATIONS EXFILTRATE DATA Initial compromise Deliver malware and communicate with attacker Move laterally and infect additional hosts Steal intellectual property Prevent attacks by stopping one step in the kill-chain

Agenda The Palo Alto Networks story Today s Threat Landscape The Kill Chain An enterprise security platform Next-generation firewall Next-generation threat cloud Closing

A True Platform Approach Identify, control & decrypt Detect & prevent known & unknown threats Automated closed-loop protections & forensics Network Endpoint Traditional infrastructure Cloud Mobile devices SaaS Public Cloud Private Cloud Threat Cloud

Next-Generation Security Platform Palo Alto Networks Next-Generation Threat Cloud Next-Generation Firewall Inspects all traffic Safely enables applications Sends unknown threats to cloud Blocks network based threats Next-Generation Threat Cloud Gathers potential threats from network and endpoints Analyses and correlates threat intelligence Disseminates threat intelligence to network and endpoints Palo Alto Networks Next-Generation Firewall Next-Generation Endpoint Inspects all processes and files Prevents both known and unknown exploits Protects fixed, virtual, and mobile endpoints Lightweight client and cloud based Palo Alto Networks Next-Generation Endpoint

Palo Alto Networks and the Kill-Chain Attack kill-chain BREACH PERIMETER DELIVER MALWARE ENDPOINT OPERATIONS EXFILTRATE DATA Next-generation Firewall Visibility into all traffic and selectively decrypt SSL Whitelist applications, block high-risk Apps Block commonly exploited file types Segment sensitive resources Threat Prevention (IPS/IDS) WildFire Detect unknown malware Detect unknown exploits Detect unknown commandand-control Threat Prevention (Network anti-malware) Next-generation Endpoint & GlobalProtect Prevent zero-day exploits without prior knowledge Extend policy & protection to all endpoints, including mobile Cover all processes on OSs and third-party software Threat Prevention Block outbound command-and-control communications Block file and data pattern uploads DNS monitoring and sinkholing URL Filtering Block known: Exploits Malware Command-and-control Command-and-Control (URL, DNS, custom) Lateral movement Block outbound communication to known malicious URLs and IP addresses == URL Filtering Block bad URLs, Domains, IPs

Agenda The Palo Alto Networks story Today s Threat Landscape The Kill Chain An enterprise security platform Next-generation firewall Next-generation threat cloud Closing

What do these have in common? 19 2012, Palo Alto Networks. Confidential and Proprietary.

Stateful Inspection: When the world was simple When stateful inspection worked: Applications based on specific port# Predictable application behavior Evasive applications did not exist Zero-day malware did not exist 20 2013, Palo Alto Networks. Confidential and Proprietary.

The stateful inspection firewall is broken Cannot address: Many thousands of applications Changing application behavior Exponential Data Growth Millions of advanced threats 21 2013, Palo Alto Networks. Confidential and Proprietary.

Technology Sprawl and Creep Aren t the Answer More stuff doesn t solve the problem Firewall helpers have limited view of traffic Complex and costly to buy and maintain Doesn t address application control challenges UTM Internet IPS DLP IM AV URL Proxy Enterprise Network 22 2012, Palo Alto Networks. Confidential and Proprietary.

Do you recognize this person? CTO and Founder of Palo Alto Networks 23 2012, Palo Alto Networks. Confidential and Proprietary.

The Answer? Make the Firewall Do Its Job 1. Identify applications regardless of port, protocol, evasive tactic or SSL 2. Identify and control users regardless of IP address, location, or device 3. Protect against known and unknown application-borne threats 4. Fine-grained visibility and policy control over application access / functionality 5. Multi-gigabit, low latency, in-line deployment 24 2012, Palo Alto Networks. Confidential and Proprietary.

Powered by our Single-Pass, Parallel Processing (SP3) Architecture Single-pass SW Performs operations once per packet Application identification User/group mapping Content scanning One policy that integrates apps, user and content Support for HA/Redundancy QoS feature to shape traffic based on application Parallel processing hardware Function-specific parallel processing HW engines Separate data plane and control plane Our firewalls are powered by our single-pass, parallel processing architecture which delivers high performance and promotes high availability

PAN-OS Core Firewall Features Visibility and control of applications, users and content complement core firewall features Strong networking foundation VPN Dynamic routing (BGP, OSPF, RIPv2) Tap mode connect to SPAN port Virtual wire ( Layer 1 ) for true transparent in-line deployment L2/L3 switching foundation Policy-based forwarding Site-to-site IPSec VPN SSL VPN QoS traffic shaping Max/guaranteed and priority By user, app, interface, zone, & more Real-time bandwidth monitor 28 2012, Palo Alto Networks. Confidential and Proprietary. Zone-based architecture All interfaces assigned to security zones for policy enforcement High Availability Active/active, active/passive Configuration and session synchronization Path, link, and HA monitoring Virtual Systems Establish multiple virtual firewalls in a single device (PA-5000 and PA-3000 Series) Simple, flexible management CLI, Web, Panorama, SNMP, Syslog VM 100 VM 200 VM 300

Palo Alto Networks NGFW Hardware Platforms Firewall Firewall Throughput PA-7050 120 Gbps 60 Gbps Full Threat Prevention Throughput Ports 6 NPC s - 4 SFP+ (10 Gig) - 8 SFP (1 Gig) - 12 copper gigabit Session Capacity 24,000,000 PA-5060 20 Gbps 10 Gbps PA-5050 10 Gbps 5 Gbps PA-5020 5 Gbps 2 Gbps PA-3050 4 Gbps 2 Gbps PA-3020 2 Gbps 1 Gbps 4 SFP+ (10 Gig) 8 SFP (1 Gig) 12 copper gigabit 4 SFP+ (10 Gig) 8 SFP (1 Gig) 12 copper gigabit 8 SFP 12 copper gigabit 8 SFP 12 copper gigabit 8 SFP 12 copper gigabit 4,000,000 2,000,000 1,000,000 500,000 250,000 PA-500 250 Mbps 100 Mbps 8 copper gigabit 64,000 PA-200 100 Mbps 50 Mbps 4 copper gigabit 64,000 29 2012, Palo Alto Networks. Confidential and Proprietary.

Agenda The Palo Alto Networks story Today s Threat Landscape The Kill Chain An enterprise security platform Next-generation firewall Next-generation threat cloud Closing

Next Generation Threat Cloud Email SSL encryption Endpoint SMB SMTP 7,000+ All ports FTP Data center All commonly exploited file types users All traffic Web Perimeter WildFire Protections developed with in-line enforcement across the kill-chain Intelligence correlated across: WildFire 17,500 Customers protected Threat Prevention URL Filtering 3 rd party data Malware Exploits Malicious URLs DNS queries Commandand-control Intelligence

WildFire Cloud-based Architecture Scales WildFire Approach WildFire TM WildFire cloud or appliance Easy to manage and operationalize Scalable Cost effective APT Add-on Approach Web Sandbox Hard to manage Doesn t scale Expensive Manual analysis Central manager Email Sandbox File share Sandbox Requires multiple devices at each ingress, egress, and point of segmentation

Page 33 2012 Palo Alto Networks. Proprietary and Confidential.

Introducing Traps The right way to deal with advanced cyber threats Prevent Exploits Including zero-day exploits Prevent Malware Including advanced & unknown malware Collect Attempted-Attack Forensics For further analysis Scalable & Lightweight Must be user-friendly and cover complete enterprise Integrate with Network and Cloud Security For data exchange and crossed-organization protection

Exploit prevention how it works Reported to ESM CPU <0.1% Forensic data is collected Process is terminated Safe! User\admin is notified Document is opened by user Traps seamlessly injected into processes Process is protected as exploit attempt is trapped Traps triggers immediate actions Attack is blocked before any successful malicious activity When an exploitation attempt is made, the exploit hits a trap and fails before any malicious activity is initiated.

Malware prevention how it works File is allowed to execute User tries to open executable file Policy-based Restrictions Applied HASH checked against WildFire Malware technique prevention employed Safe! Reported to ESM

37 2012, Palo Alto Networks. Confidential and Proprietary.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information