Resources.

Articles

Firewalls

Three Key Highlights of Palo Alto’s Next Generation Firewall

Share on FacebookTweet about this on TwitterShare on LinkedIn

There are three unique technologies within the Palo Alto Networks’ next-generation firewall that enable visibility and control over applications users and content: App-IDTM, User-ID, and Content-ID. Each of the three technologies are industry firsts and are delivered in the form of a purpose-built firewall platform that helps administrators restore visibility and control. A complete set of traditional firewall, management, and networking features allows customers to deploy a Palo Alto Networks next-generation firewall into any networking environment.

    • App-IDTM: The first firewall traffic classification engine to use as many as four different mechanisms to accurately identify exactly which applications are running on the network, irrespective of port, protocol, SSL encryption, or evasive tactic employed. The determination of the application identity is the first task performed by the firewall and that information is then used as the basis for all firewall policy decisions.

 

    • User-ID: Seamless integration with enterprise directory services such as Active Directory, eDirectory, LDAP, and Citrix is unique to Palo Alto Networks and enables administrators to view and control application usage based on individual users and groups of users, as opposed to just IP addresses. User information is pervasive across all features including application and threat visibility, policy creation, forensic investigation, and reporting.

 

    • Content-ID: A stream-based scanning engine uses a uniform signature format to block a wide range of threats and limit the transfer of unauthorized files and sensitive data, while a comprehensive URL database controls web surfing. The breadth of threat prevention, done in a single pass, is unique to Palo Alto Networks and when combined with the application visibility and control delivered by App-ID, IT departments regain control over applications and related threats.

 

  • Purpose-built Platform: Multi-Gbps throughput is enabled through function-specific processing for networking, security, threat prevention and management, which are tightly integrated with a single pass software engine to maximize throughput. A 10Gbps data plane smoothes traffic flow between processors while the physical separation of control and data plane ensures that management access is always available, irrespective of traffic load.