Palo Alto Networks is restoring visibility and control over applications, users and content with a next-generation firewall. By "fixing the firewall," Palo Alto Networks solves a variety of customer problems – while often simplifying enterprise infrastructures. With the ability to control applications, users, and content at the firewall, customers realize improvements in security, performance, and cost. With our award-winning technologies, organizations regain the visibility and control often sought, but rarely achieved with complex, expensive, traditional security infrastructures.
Your network has run amok with applications you cannot see or control. Hundreds of applications are currently traversing your network and your firewall cannot see them. Streaming audio and video, file sharing, collaboration, and social networks are just a few types of applications that are capable of hopping from port to port, using encryption and non-standard ports all as a means of evading traditional firewalls. The business value these applications provide varies widely, but all of them introduce a range of risks including loss of productivity, compliance issues, threat propagation and data leakage.
Attempts at regaining control by bolstering the port-based firewall with IPS, URL filtering or proxies have been exercises in futility. None of these offerings are capable of seeing all the traffic on the network nor are they designed to act as the most strategic security element on the network – the firewall. Palo Alto Networks’ is restoring the firewalls’ strategic importance as the center of the security infrastructure with a family of next-generation firewalls that identify and control applications, users and content. Three unique technologies enable Palo Alto Networks’ next-generation firewall to restore visibility and control over the network: App-ID, User-ID and Content-ID.
Customers around the world are regaining visibility and control by deploying the Palo Alto Networks next-generation firewall in a wide range of network locations that include the perimeter, the DMZ, internally for network segmentation and in the datacenter.