palo alto NETWORKS

Palo Alto Networks was founded in 2005 by visionary in the field of security technologies > Nir Zuk , to create otherwise  firewall technology.

The reason was to develop a network security device that will help re-gain the necessary visibility in the corporate network at constant growth of new types of threats and new dynamic applications. Palo Alto Networks brought to market first real NEXT-GENERATION FIREWALL, which is ranked in first place against other firewall vendors.

Key safe enablement requirements of Next-Generation Firewall

  • Identify applications, not ports. Classify traffic, as soon as it hits the firewall, to determine the application identity, irrespective of protocol, encryption, or evasive tactic. Then use that identity as the basis for all security policies.
  • Tie application usage to user identity, not IP address, regardless of location or device.Employ user and group information from enterprise directories and other user stores to deploy consistent enablement policies for all your users, regardless of location or device.
  • Protest against all threats—both known and unknown. Prevent known vulnerability exploits, malware,    spyware, malicious URLs while analyzing traffic for, and automatically delivering protection against highly     targeted and previously unknown malware.
  • Simplify policy management. Safely enable applications and reduce administrative efforts with    easy-to-use graphical tools, a unified policy editor, templates, and device groups.
  • Support of VMs delivers comprehensive visibility, control and safe application enablement for virtualized and      cloud environments.

Palo Alto Networks next-generation firewalls enable visibility and control of applications, users, and content – not just ports, IP addresses, and packets – using three unique identification technologies:  App-ID, User-ID, and Content-ID. These identification technologies, found in every Palo Alto Networks’ enterprise firewall, enable enterprises to embrace Web 2.0 applications and maintain complete visibility and control, while significantly reducing total cost of ownership through device consolidation.

App-ID: Classifying Applications, All Ports, All the Time

Accurate traffic classification is the heart of any firewall, with the result becoming the basis of the security policy. Traditional firewalls classify traffic by port and protocol, which, at one point, was a satisfactory mechanism for securing the perimeter. Today, applications can easily bypass a port-based firewall; hopping ports, using SSL and SSH, sneaking across port 80, or using non-standard ports. App-ID addresses the traffic classification visibility limitations by   applying multiple classification mechanisms to the traffic stream to determine the exact identity of applications traversing the   network. App-ID continually classifies the traffic, using the appropriate identification mechanism, resulting in consistent and   accurate application identification, across all ports, for all the traffic, all the time, in many cases, down to the function level.

A detailed overview of current and identifiable information about applications can be found at: 

User-ID: Enabling Applications by Users and Groups

More information

More vendors