Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Palo Alto Networks Targets Data Centers and Remote Workforce with New Products

Palo Alto Networks, the company best known as being an early innovator in next generation firewalls, today announced a series of product updates and services that clearly appear to be the most important since the company’s initial launch.

Palo Alto Networks, the company best known as being an early innovator in next generation firewalls, today announced a series of product updates and services that clearly appear to be the most important since the company’s initial launch.

With the launch, Palo Alto Networks is making a push to get more of its units inside the walls of data centers, as well as offering new technology designed to protect remote workers. Additionally, the company announced PAN-OS 4.0, the latest version of the core operating system that powers its firewalls, touting over 50 new features and increased visibility into what traffic and threats are passing through enterprise networks.

With the latest release of PAN-OS, enterprises can write custom App-IDs for their internally developed applications as well as new capabilities to identify previously unknown applications and suspicious traffic that could indicate botnet infections. In addition, new SSH Tunneling Control allows for authorized use of SSH while preventing tunneling and port-forwarding. They also added Country-specific Application Control, enabling enterprises to set specific policies based on corporate policies and regulations depending on geographical location.

PA-5000 Series Next Generation Firewalls

For hardware, the Palo Alto Networks PA-5000 Series is comprised of three high performance units, the PA-5020, the PA-5050 and the PA-5060, all of which are targeted at high-speed Internet gateway and datacenter deployments.

I was able to sit with founder and CTO, Nir Zuk at the RSA Conference last month to discuss the new offerings. (Sidenote: Zuk, previously served as CTO at Jupiter Networks for a short time following its acquisition of NetScreen). After diving into the new features, Zuk was quick to criticize other security vendors that market their products with certain performance, but when enabling somewhat basic security features, end up with significantly slowed throughput. Palo Alto Networks claims that with its new hardware, enterprises can sustain 20Gbps of all apps, all ports, all the time next-generation firewall performance across their networks.

In an effort to expand beyond company and data center walls, the company also announced availability of GlobalProtect, a solution that provides enterprises the ability to extend protection over all types of traffic, applications, and threats beyond the physical corporate perimeter. GlobalProtect allows enterprises to extend the same policies, visibility and control of the next-generation firewall to any and all user network connections regardless of their location. It works by installing an agent that resides on the endpoint, which can be delivered to the user automatically via Active Directory, SMS or Microsoft System Configuration Manager or can be downloaded directly from the GlobalProtect Portal. Currently the GlobalProtect Agent only supports Windows operating systems but the company did tell us a Mac OS version is in the works. GlobalProtect can serve as a single sign-on solution for end-users, and integrates with the Windows Login utility to securely store logon information for subsequent logons such as VPN authentication. Used as a transparent SSL VPN, it can also help prevent remote users from being lured into “honeypot” connections or falling into Man-in-the-Middle (MITM) exploits by ensuring that all traffic remains encrypted between the end-user laptop and the Palo Alto Networks gateway.

“For the first time in our industry’s twenty-year history, enterprises en masse are sending their traditional network security devices to pasture,” said Rene Bonvanie, vice president of marketing at Palo Alto Networks. “Enterprises want to embrace an architecture that provides consistent protection and enforcement to their remote workforce, making network security a fundamental part of every connection by design, as opposed to something that is tacked on at the end,” added Bonvanie.

Palo Alto Networks has only been selling a product since August 2008, but the company claims over 3,500 customers and a run rate that exceeded $100 million in annual sales in 2010, which the company plans to at least double in 2011. The company prides itself on having 100% of its design and manufacturing taking place on United States soil.

Advertisement. Scroll to continue reading.

All products and services covered in today’s announcement are all available immediately. Pricing for the PA-5000 Series, which includes PA-5020, PA-5050 and PA-5060, starts at $40,000. GlobalProtect is licensed on a per firewall basis, rather than per user licensing model.

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

A zero-day vulnerability named HTTP/2 Rapid Reset has been exploited to launch some of the largest DDoS attacks in history.