palo alto networks what’s next - aditinet€¦ · enterprise security platform sco check point...

PALO ALTO NETWORKSwhat’s next …what’s next …to Next Generation FW

11 | ©2014, Palo Alto Networks. Confidential and Proprietary.1

WHAT’S CHANGED?THE EVOLUTION OF THE ATTACKER

$1+CYBERCRIME NOW

$1+ trillion industry

CYBER WARFARE

100+nations

CYBER WARFARE

10 000CYBER PROFESSIONALISM

10.000+hours

2

RdB1

Diapositiva 2

RdB1 I added the 10.000+; the amount of hours over experience the hackers have.. Based on the general rule that you master something after 10.000 hrs.Ronald den Braven; 20/01/2015

THIS IS WHAT CHANGED! LIMITED VISIBILITY & CORRELATION

BAD vs GOOD ATTACKS ACCROSS PERIMETER, MOBILE AND CLOUD

CIO CONCERNS

$1 2B SALES in 18

CIO CONCERNS

$1.2B SALES in 18 MONTHS

MALWAREUPDATES

24/7 SUPPORTCYBERCRIME COST: $445B P/Y

$60B IN GERMANY ALONE

3

24/7 SUPPORT $60B IN GERMANY ALONE~1.6% ECONOMY LOSS

WHAT’S CHANGED?

SaaSSOCIAL +

CONSUMERIZATIONTHE EVOLUTION OF BUSINESS

Massive opportunityfor cyber criminals

CLOUD +

4

CLOUD +VIRTUALIZATIONMOBILITY + BYOD

President Obama Speaks at the White House Summit on Cybersecurity and Consumer Protection

5

RdB2

Diapositiva 5

RdB2 Animated slide which shows the unknown (ssl, app threat vector) challenge and turning the unknown to known (malware found stats)Ronald den Braven; 20/01/2015

FAILURE OF LEGACY SECURITY ARCHITECTURES

DNS t ti f

Limited visibility Manual responseLacks correlation

Endpoint AV

DNS protection cloudDNS protection for

outbound DNS

DNS Alert

Internet

UTM/Blades

DNS AlertEndpoint Alert

SMTP AlertAV Alert

SMTP AlertAV Alert

Web Alert

Anti-APT for port 80 APTs

Anti-APT for port 25 APTs

Network AVAnti-APT cloud

Enterprise Network

AV AlertWeb Alert

Web Alert DNS Alert

AV AlertEndpoint Alert

port 80 APTsport 25 APTs Anti-APT cloud

Vendor 1Vendor 2

Vendor 3Vendor 4

Internet ConnectionMalware Intelligence

6

WHY BREACHES STILL HAPPENCOMMON TRAITS

P t b d St ti 0 D M l ID d ti lPort basedFirewall

Static IPS

0-Day Malware and Exploits

used

ID credentialshijacked

7

WHY ONLY TRY TO DETECT MALWARE ONCE?DETECT AND PREVENT THREATS AT EVERY POINT ACROSS THE ORGANIZATION

– ITS NOT JUST ABOUT THE INTERNET EDGE

Cloud

At the internet edge

Between employees and

At the data center edge, and

At the mobile device

Within private, public and hybridedge employees and

devices within the LAN

edge, and between VM’s

device public and hybrid clouds

8

AND MORE IMPORTANTLY, SIMPLIFY THIS…

DNS t ti f

Limited visibility Manual responseLacks correlation

Endpoint AV

DNS protection cloudDNS protection for

outbound DNS

DNS Alert

Internet

UTM/Blades

DNS AlertEndpoint Alert

SMTP AlertAV Alert

SMTP AlertAV Alert

Web Alert

Anti-APT for port 80 APTs

Anti-APT for port 25 APTs

Network AVAnti-APT cloud

Enterprise Network

AV AlertWeb Alert

Web Alert DNS Alert

AV AlertEndpoint Alert

port 80 APTsport 25 APTs Anti-APT cloud

Vendor 1Vendor 2

Vendor 3Vendor 4

Internet ConnectionMalware Intelligence

9

TO THIS…DNS AlertEndpoint AlertWeb AlertAPTEndpoint Alert

WildFireTM GlobalProtect

NGFWNGFWNGFW

Traps Traps

InternetNGFW

Traps

Traps

Traps

Traps

Enterprise Network

Palo Alto Networks①Significantly reduced their risk②Malware

Prevention②Dropped their TCO③ Increased their business agility

10

Requirements for Security in todays Threat Landscape

1. Application based security rules– Including the ability to decrypt flows

2. Rules based on User Identity/User Groups

3 Wildfire subscription to detect unknown malware3. Wildfire subscription to detect unknown malware

4. Threat Prevention subscription to enable dynamic prevention signatures for malware

5. URL (PAN-DB) subscription to enable dynamic prevention of malware Command & Control

Gl b lP t t t i t th th t f ti d t h l t Id tit6. GlobalProtect to secure against the threat of time and to help assert Identity

11

DELIVERING THE NEXT-GENERATION SECURITY PLATFORM

THREAT INTELLIGENCE

CLOUD

AUTOMATED

NATIVELY INTEGRATED EXTENSIBLEINTEGRATED

12

NEXT-GENERATION FIREWALL

ADVANCED ENDPOINT PROTECTION

TRAPS : benefits

Install Patches on Network

and CloudPrevent

Zero Day

Your Own Schedule Signature-

less No

and Cloud integration

Vulnerabilities and Unknown

Malware Protect ANY Minimal

less No Frequent Updates

Application From Exploits

Performance Impact

Save Time and Money

13

Threat Intelligence CloudAutomated Prevention & Reporting

THREAT INTELLIGENCE CLOUD

192,000Anti-malware

24 00024,000URL

13,500DNSNew protections per day

DNS

Forensics & Reporting

Threat Prevention

URL Filtering

WildFire

p yDelivered in 15 minutes

14

p g

WildFire: Protecting Against The UnknownSandboxing The Unknown

Protections developed withSSL encryptionAll ports

Email

SMTP

Protections developed with in-line enforcement across the kill-chainIntelligence correlated across:

Web WildFire

All trafficSSL encryption

Data centerEndpoint

FTP

SMB g

D t t k

WildFire Threat Prevention URL FilteringPerimeter

All commonly exploited file types

SMB

Detect unknown Malware Exploits Command-and-control

3rd party data

15

DNS queries Malware URLs

There’s Never Been A Better Time to Migrate to Palo Alto Networks Minimize Risk by Migrating in Phasesy g g

Migration from Migration to Enterprise Security

Ci Application based security

Migration from Legacy Firewall

Migration to App-ID

Enterprise Security Platform

Cisco Check Point Fortinet McAfee

Application-based security polices

WildFire URL Filtering Threat Protection Traps (Endpoint)

Juniperp ( p )

AutoFocus Global Protect

T k d t f thInitial Migration of third-party vendor firewall to

Palo Alto Networks port-based mode

Migrating fromPalo Alto Networks Port-based mode to App-ID

Take advantage of the advanced protection of Palo Alto Networks full

security platform

1616 | ©2015, Palo Alto Networks. Confidential and Proprietary.

WHY PALO ALTO NETWORKS

Zero-D

Reduce Risk PolicyDetection Mobility

Respon Control CorrelationPeople

Application

Prevention

DayReduce Risk y

VisibilityBYOD Management

nsive

Public Cloud

Segm

Users Virtualization

PreventionEndpoint

Exploit

AutomationPrivate Cloud

Scalability

mentatio

AgileSupport

C

Data CenterVulnerability

Anti-Malware Forensics

Perfo

Scalability on

Inte

Com

mand-

Safe EnablementRemediation

ormance

Applications

Perimeter

grated

Web Security

-&-Contro

EcosystemContext

S i17

ePlatform

yol Services Culture

PALO ALTO NETWORKS AT-A-GLANCE

CORPORATE HIGHLIGHTSCORPORATE HIGHLIGHTS

• Founded in 2005; first customer shipment in 2007 $598$600

$MM

REVENUESREVENUES ENTERPRISE CUSTOMERSENTERPRISE CUSTOMERS

19 00020 000• Safely enabling applications and

preventing cyber threats

• Able to address all enterprise cybersecurity needs

$

$396

$598

$400

$600

9 000

13,500

19,000

12.000

16.000

20.000

• Exceptional ability to support global customers

• Experienced team of 2,000+ employees $13 $49

$119

$255

$0

$2004.700

9.000

4.000

8.000

• Q3FY15 : $234M (55% YoY)$0

FY09 FY10 FY11 FY12 FY13 FY14 0lug-11 lug-12 lug-13 lug-14

18

Customer growth

19

Recent Highlights

20

Autofocus : cyber threat intelligence

21

2015 Magic Quadrant for Network Enterprise Firewalls

22

23