Monday, February 22, 2010

Palo Alto Networks Fine Tunes its Firewall for App Identification

Palo Alto Networks released new software for its security appliance that combines three identification technologies to provide the necessary visibility and control over applications, users and content. All of the required functionality resides in the firewall, such that a single network device can accurately identify applications, scan content to stop threats and prevent data leakage.


Enhancements in PAN-OS 3.1 software include:

  • App-ID has a new function-based hierarchy (versus a flat structure) for better control over application enablement. The company said this means organizations can easily enable an application and disable certain functions - like enabling Facebook while disabling Facebook apps. This new hierarchical structure in PAN-OS 3.1 allows more powerful, finer-grained policies that are easier to manage.


    Palo Alto Networks has previously said it can identify and control over 900 different applications.


  • User-ID now offers pervasive coverage with support for LDAP directories such as eDirectory and OpenLDAP, in addition to Microsoft Active Directory, so IT managers can link application traffic to specific users and groups - not just IP addresses. User-ID also now features an API for integration with other repositories. User-ID is
    unique in the firewall market in its ability to provide enterprises with both visibility and policy control of users and groups.


  • Content-ID offers even better protection with daily threat signature releases as well as the ability to customize threat signatures for specific applications and vulnerabilities. Additionally, because threat developers continue to exploit the Web 2.0 movement, Palo Alto Networks has added protections against JavaScript and HTML viruses to
    Content-ID in PAN-OS 3.1. As a result, Content-ID is a more powerful, real-time threat prevention engine that detects and blocks a wide range of threats, limits unauthorized transfer of files and data, and controls non-work related Web surfing.
http://www.paloaltonetworks.comhttp://
  • In August 2008, Palo Alto Networks, a start-up based in Sunnyvale, California, secured $27 million in Series C financing for its next-gen firewalls for enterprises. Lehman Brothers Venture Partners led the oversubscribed round, with participation from existing investors Globespan Capital Partners, Greylock Partners and Sequoia Capital. The new funds will be used to support the company's rapid growth by further expanding sales, marketing and customer service initiatives.
    # Palo Alto Networks was founded by Nir Zuk (CTO), Rajiv Batra (VP of Engineering) and Yuming Mao (Chief Architect). Zuk was previously CTO at NetScreen Technologies, which was acquired by Juniper Networks in 2004. Prior to NetScreen, Nir was co-founder and CTO at OneSecure, a pioneer in intrusion prevention and detection appliances. Nir was also a principal engineer at Check Point Software Technologies and was one of the developers of stateful inspection technology.


    Batra previously was the Vice President of Engineering at Peribit, which was acquired by Juniper Networks in 2005. He also co-founded VitalSigns Software and served as Vice President of Engineering at Bay Networks.


    Mao previously was Chief Architect and a Distinguished Engineer at Juniper Networks, which he joined through the NetScreen Technologies acquisition. At NetScreen, he was one of the initial engineering architects.

0 comments:

Post a Comment

See also