Reinventing Network Security, One Firewall at a Time

Howard TingDirector of Marketing

www.paloaltonetworks.com

Agenda

About Palo Alto Networks

The Evolving Nature of Applications

Why Traditional Security Solutions No Longer Work

How Next-Generation Firewalls are Reinventing Network Security

Conclusions

Learn More

About Palo Alto Networks

• Palo Alto Networks is the Network Security Company• World-class team with strong security and networking experience

- Founded in 2005 by security visionary Nir Zuk

• Builds next-generation firewalls that identify / control 1000+ applications

- Restores the firewall as the core of the enterprise network security infrastructure- Innovations: App-ID™, User-ID™, Content-ID™

• Global footprint: 1,500+ customers in 60+ countries, 24/7 support

Applications Have Changed – Firewalls Have Not

• The gateway at the trust border is the right place to enforce policy control

Sees all traffic

Defines trust boundary

Collaboration / MediaSaaS Personal

• But applications have changed

Ports ≠ Applications

IP addresses ≠ Users

Headers ≠ Content

Need to Restore Application Visibility & Control in the Firewall

Applications Carry Risk

Applications can be “threats”P2P file sharing, tunneling applications, anonymizers,

media/video

Applications carry threatsSANS Top 20 Threats – majority are

application-level threats

Application-level threats result in major breaches – Pfizer, VA, US Army

Enterprise 2.0 Applications and Risks Widespread

Palo Alto Networks’ latest Application Usage & Risk Report highlights actual behavior of 1M+ users across more than 340 organizations

- Enterprise 2.0 applications – like Twitter, Facebook, and SharePoint – continue to rise for both personal and business use. Facebook and Google extend dominance outside of core applications

- Tunneling and port hopping are common- Bottom line: all had firewalls, and most had IPS, proxies, &

URL filtering – but none of these organizations could control what applications ran on their networks

Circumvention Tools Get Around Security

Traditional Way of Dealing with the Problem

Sprawl Is Not The Answer

• Complex to manage

• Expensive to buy and maintain

• Firewall “helpers” have limited view of traffic

• Ultimately, doesn’t solve the problem

Internet

New Requirements for the Firewall

1.  Identify applications regardless of port, protocol, evasive tactic or SSL

2.  Identify users regardless of IP address 

3.  Scan application content in real‐time      (prevent threats and data leaks)

4. Granular visibility and policy control over application access / functionality

5.  Multi‐gigabit, in‐line deployment with no performance degradation

The Right Answer: Make the Firewall Do Its Job

Redefine Network Security – and Save Money!

Cut by as much as 80%

Cut by as much as 65%

Capital cost – replace multiple devices

Legacy firewall, IPS, URL filtering device

“Hard” operational expensesSupport contracts

SubscriptionsPower and HVAC

Save on “soft” costs tooRack space

Deployment/integration,Headcount, training, help desk calls

Varies by Company

Conclusions

Applications have evolved but your security infrastructure has not

Threats against the enterprise are increasingly targeted and use applications as

conduits for attack

Traditional network security solutions are unable to stop these threats

Sprawl is not the answer

Next-generation firewalls have emerged to redefine network security

Compelling ROI

Learn More…

Attend our afternoon sessionhSocial Networking in the Enterprise: A Delicate Balance Between Security

and Enablement

See a product demo in our booth (#417)Visit us online: www.paloaltonetworks.comCall us for a complimentary network security assessment: 866.320.4788

Thank You

Howard TingDirector of Marketing

www.paloaltonetworks.com