PaloAlto Networks Resources

WildFire™ automatically protects your networks from new and customized malware across a wide range of applications, including malware hidden within SSL-encrypted traffic. WildFire easily extends the threat prevention capabilities of the next-generation firewall to tackle some of the most challenging threats in the world today, and does so with full visibility and enforcement at up to 10Gbps.

Find out what's new in PAN-OS 5.0

This eight-page datasheet provides a comprehensive overview of the critical PAN-OS features that power all next generation firewalls from Palo Alto Networks.

Key features, performance capacities and specifications for the VM-Series.

Key features, performance capacities and specifications for the PA-5000 Series.

Key features, performance capacities and specifications for the PA-4000 Series.

Key features, performance capacities and specifications for the PA-2000 Series.

Key features, performance capacities and specifications for the PA-3000 Series.

Key features, performance capacities and specifications for the PA-500.

Key features, performance capacities and specifications for the PA-200.

Overview of Panorama, the centralized security management system, that provides global control over multiple Palo Alto Networks’ firewalls.

Overview of GlobalProtect, full next-generation firewall controls and integrated threat prevention to any user in any location.

Overview of optional integrated URL filtering capabilities supported on all models.

Overview of optional threat prevention capabilities supported on all models.

Overview of service and support options available to Palo Alto Networks customers.

Validation Testing Services from Palo Alto Networks™ helps customers fully understand the impact of a set of proposed changes. Palo Alto Networks next-generation firewall experts will work with you to validate proposed adjustments to your existing environment.

With the Proof of Concept (PoC) testing service, get assistance from Palo Alto Networks™ product experts to take a close look at a proposed design, and ensure that it matches with requirements and expectations.

Keep your investment in the next-generation firewall operating at peak condition. The Palo Alto Networks™ Health Check and Configuration Audit Service provide a proactive examination of the solution and its operating conditions.

With a combination of tools, expertise and best practices, Palo Alto Networks™ can help analyze your existing environment, migrate policies and firewall settings to the next-generation firewall, and assist with the transition and cutover.

Get professional installation for the Palo Alto Networks Next-Generation Firewall with assistance from an experienced engineer. Remote Installation Services helps customers get projects set up quickly and installed properly for smooth deployment.

Overview of the Resident Engineer program, which provides organizations with extended on-site resources for deploying and using the Palo Alto Networks next-generation firewall.

A global view into enterprise application usage summarized from more than 3,000 network traffic assessments conducted between May 2012 and January 2013. This version of the report maps, for the first time, the application usage patterns and the specific type of threat they may or may not introduce. The application and threat patterns discussed within this report dispel the position that social networking, filesharing and video applications are the most common threat vectors, while reaffirming that internal applications are highly prized targets. Rather than use more obvious, commercially available applications, attackers are masking their activities through custom or encrypted applications.

Highlights of Global findings as well as the regional findings for Asia Pacific, Japan, Americas and Europe, Africa, Middle East.

As organizations evolve from traditional data centers to virtualized and cloud environments, security architectures must evolve to support the changing set of requirements. This white paper describes the challenges of virtualized data center and cloud computing environments, and how to address them with next-generation firewalls.

Today's networks are under attack from a new breed of threats and malware. These threats are highly evasive, are capable of persisting in the network for long periods of time and are skilled at avoiding traditional antivirus and IPS technologies. This paper provides background on these challenges and introduces WildFire, Palo Alto Networks new solution to detect and stop targeted and unknown threats attacking the network.

This whitepaper highlights the challenges security teams face when users are off network and how GlobalProtect can help address those challenges.

This whitepaper details the security challenges in a cloud computing environment, provides clarity on applicable federal standards, and how to address them in a pragmatic approach with a credible, effective and flexible network security solution.

This whitepaper by John Kindervag of Forrester Research discusses the need to realign strategies in new and more efficient ways and discard many legacy world views, particularly in network security. As it becomes more difficult to control the network, users and their devices he explains that we must take a fundamentally new approach to network and device security — a data-centric approach, so that no matter where the data is, security travels with it.

This report by John Kindervag of Forrester Research is a deep dive into a potential way in which you could use the concepts of the Zero Trust Model and conceivably implement them in a real-world environment. One goal of Zero Trust is to optimize the security architectures and technologies for future flexibility. Kindervag shows network security from a data-centric perspective and reviews the concept of designing networks from the inside out to make them more efficient, more elegant, simpler, and more cost-effective.

This report by John Kindervag of Forrester Research establishes a model to confront new threats. Information security professionals must make security ubiquitous throughout the network, not just at the perimeter. This new model for information security is called Zero Trust. The first in a series, this report will introduce the necessity and key concepts of the Zero Trust Model.

During Q3 2010, NSS Labs performed an independent group test of network intrusion prevention systems (IPS) currently on the market. While the Network IPS Group Test Report provides comparative information about those products, this Individual Test Report provides further detailed information not available elsewhere.

A summary of network application traffic assessments performed on 619 university networks around the world. Findings show that P2P file sharing continues to be used while browser-based file sharing applications are increasing in their use. And not surprisingly, applications that are more focused on entertainment than on education were used heavily. What was not expected was the relatively high use of proxies, encrypted tunneling and remote desktop access applications.

Analysis of applications in use on 279 K-12 networks. Findings shows that Junior is NOT always doing their math assignment. Data for these new materials is compiled from K-12 AVR reports performed worldwide from 2009 to March 2012.

Summarizes social networking, browser-based filesharing, and not-port-80 application usage patterns for organizations distributed across 19 different countries.

This whitepaper by Mark Bouchard of the AimPoint Group explores the challenges enterprises face with network security in virtualized environments. Focusing on actionable recommendations, this paper examines best practices, new problems, and concludes with a framework for delivering best-practice network security in virtualized environments at any stage of sophistication or evolution.

Outlines the benefits of integrating threat prevention into the firewall; why past approaches have failed and how Palo Alto Networks succeeded with their single pass software and parallel processing hardware approach.

This paper examines three different organizations, the legacy infrastructure they replaced, the Palo Alto Networks next generation firewalls they deployed, and the substantial savings they realized – cutting both capital and operations costs by an average of 50%.

For enterprises looking at NGFWs, the most important consideration is: Will this new technology empower security teams to securely enable applications to the benefit of the organization—it's not about blocking applications, but safely enabling them

Botnets have changed the face of modern malware and quickly become one of the most powerful tools for hackers in their quest to compromise networks and steal information. In this paper we dig into the details of how botnets work, and introduce the unique role the next-generation firewall plays in controlling these types of threats, along with the specific best practices that enterprises can implement today to protect their networks.

In the first half of 2011, NSS Labs performed extensive testing of 6 of the most widely deployed enterprise network firewalls in the market. The testing was focused on traditional port-based firewall features and excluded any review of next-generation firewall capabilities. Products were evaluated in terms of security effectiveness, performance, stability, and total cost of ownership.

This whitepaper, written by a SANS analyst, provides the latest research regarding social networking applications, explains the benefits and risks that they bring to corporate networks, and provides a recommendation for defining a secure social networking policy.

This Securosis white paper analyzes the disruption happening at the enterprise perimeter, the various technical architectures capable of addressing the new requirements, and deployment considerations for optimal security, availability, and performance. The whitepaper also guides the reader through advanced firewall features such as IPS, content filtering, and anti-malware.

IANS, a leading research company focused on information security, has just published their risk assessment of adopting Web 2.0 technologies in the enterprise.

New research conducted by Forrester provides insights about how IT decision makers from large enterprises are addressing the challenges of securing web 2.0 applications.

Find out how we're re-inventing network security, starting with the firewall. By focusing on applications, users, and content – not ports and protocols – as the key elements to deliver visibility and control, our next-generation firewalls allow enterprises to safely enable modern applications, without taking on the unnecessary risks that accompany them.

There is a serious problem with today's enterprise networks – the users are in control. This paper examines the difficult tradeoffs that IT departments face when determining the appropriate strategy and policies for Web 2.0/Enterprise 2.0 applications.

A summary of network application traffic assessments performed on 41 healthcare networks around the world. Findings show applications that enable employees to circumvent controls were in use, as were P2P and browser-based file sharing applications. Applications that are entertainment oriented were being used heavily.

This report describes the existing and emerging set of security threats and the limitations of the current generation of firewalls. The report also describes what is needed in a next generation firewall to ensure that the product can do a fundamentally better job of protecting the organization from security threats than is possible with the current generation of firewalls.

This paper explores a combination of ongoing and emerging factors that are exposing a variety of deficiencies with current firewall designs. These issues and flaws are then used to establish the criteria that define the ideal solution: a next-generation firewall that incorporates application inspection at its core.

This solution brief describes a secure “VMWare on FlexPod” architecture with Palo Alto Networks next-generation firewall. This design allows enterprises to quickly deploy a secure infrastructure stack to deliver on-demand, self-service, virtualized applications for data centers.

Federal agencies are under tremendous pressure to address the needs of its user population while maintaining the highest levels of security. Read this paper for insights on developing a developing a strategy that can strengthen security, enable applications, and reduce complexity by leveraging the Palo Alto Networks next-generation firewall.

Viruses, worms, and other malware are increasingly targeting applications and enterprises are struggling to defend the corporate network from these sophisticated threats with their existing security infrastructure. Learn why Gartner believes the future of IPS is a next-generation firewall.

The old model of security was simple, but business, applications, and technology require more sophistication in network security – since applications aren’t threats. This paper discusses how to have more business-relevant network security (beyond simple block/allow at the network port) without increasing complexity and cost.

Learn how Palo Alto Networks can help IT managers detect and control Microsoft SharePoint deployments.

Learn how Palo Alto Networks provides enterprises with visibility into and control over applications traversing the network irrespective of port, protocol, SSL encryption or evasive tactic used.

This paper describes how segmentation and policy control over applications, users and content reduces PCI compliance burden.

This paper discusses the problems organizations face trying to identify and prevent data leakage, the shortfalls of DLP technology, and Palo Alto Networks' simple, cost effective and extremely powerful solution.