PaloAlto Networks Resources
WildFire™ automatically protects your networks from new and customized malware across a wide range of applications, including malware hidden within SSL-encrypted traffic. WildFire easily extends the threat prevention capabilities of the next-generation firewall to tackle some of the most challenging threats in the world today, and does so with full visibility and enforcement at up to 10Gbps.
Find out what's new in PAN-OS 5.0
Key features, performance capacities and specifications for all Palo Alto Networks firewalls.
Firewall Feature Overview Datasheet
This eight-page datasheet provides a comprehensive overview of the critical PAN-OS features that power all next generation firewalls from Palo Alto Networks.
Key features, performance capacities and specifications for the VM-Series.
Key features, performance capacities and specifications for the PA-5000 Series.
Key features, performance capacities and specifications for the PA-4000 Series.
Key features, performance capacities and specifications for the PA-2000 Series.
Key features, performance capacities and specifications for the PA-3000 Series.
Key features, performance capacities and specifications for the PA-500.
Key features, performance capacities and specifications for the PA-200.
Panorama Centralized Management \ M-100 Datasheet
Overview of Panorama, the centralized security management system, that provides global control over multiple Palo Alto Networks’ firewalls.
Overview of GlobalProtect, full next-generation firewall controls and integrated threat prevention to any user in any location.
Integrated URL Filtering Datasheet
Overview of optional integrated URL filtering capabilities supported on all models.
Overview of optional threat prevention capabilities supported on all models.
Palo Alto Networks Support Services Datasheet
Overview of service and support options available to Palo Alto Networks customers.
Palo Alto Networks Corporate Backgrounder
A two-page overview of Palo Alto Networks, including the company, unique differentiators, management team, and investors.
Professional Services: Validation Testing
Validation Testing Services from Palo Alto Networks™ helps customers fully understand the impact of a set of proposed changes. Palo Alto Networks next-generation firewall experts will work with you to validate proposed adjustments to your existing environment.
Professional Services: Proof of Concept Testing
With the Proof of Concept (PoC) testing service, get assistance from Palo Alto Networks™ product experts to take a close look at a proposed design, and ensure that it matches with requirements and expectations.
Professional Services: Health Check and Configuration Audit
Keep your investment in the next-generation firewall operating at peak condition. The Palo Alto Networks™ Health Check and Configuration Audit Service provide a proactive examination of the solution and its operating conditions.
Professional Services: Firewall Migration
With a combination of tools, expertise and best practices, Palo Alto Networks™ can help analyze your existing environment, migrate policies and firewall settings to the next-generation firewall, and assist with the transition and cutover.
Professional Services: Remote Installation Services
Get professional installation for the Palo Alto Networks Next-Generation Firewall with assistance from an experienced engineer. Remote Installation Services helps customers get projects set up quickly and installed properly for smooth deployment.
Professional Services: Resident Engineer
Overview of the Resident Engineer program, which provides organizations with extended on-site resources for deploying and using the Palo Alto Networks next-generation firewall.
Application Usage and Threat Report (February 2013)
A global view into enterprise application usage summarized from more than 3,000 network traffic assessments conducted between May 2012 and January 2013. This version of the report maps, for the first time, the application usage patterns and the specific type of threat they may or may not introduce. The application and threat patterns discussed within this report dispel the position that social networking, filesharing and video applications are the most common threat vectors, while reaffirming that internal applications are highly prized targets. Rather than use more obvious, commercially available applications, attackers are masking their activities through custom or encrypted applications.
Application Usage and Threat Report – Regional Findings (March 2013)
Highlights of Global findings as well as the regional findings for Asia Pacific, Japan, Americas and Europe, Africa, Middle East.
Securing the Virtualized Data Center with Next-Generation Firewalls
As organizations evolve from traditional data centers to virtualized and cloud environments, security architectures must evolve to support the changing set of requirements. This white paper describes the challenges of virtualized data center and cloud computing environments, and how to address them with next-generation firewalls.
Today's networks are under attack from a new breed of threats and malware. These threats are highly evasive, are capable of persisting in the network for long periods of time and are skilled at avoiding traditional antivirus and IPS technologies. This paper provides background on these challenges and introduces WildFire, Palo Alto Networks new solution to detect and stop targeted and unknown threats attacking the network.
Establishing a Logical Perimeter
This whitepaper highlights the challenges security teams face when users are off network and how GlobalProtect can help address those challenges.
Embracing the Cloud First Initiative with Next-Generation Firewalls
This whitepaper details the security challenges in a cloud computing environment, provides clarity on applicable federal standards, and how to address them in a pragmatic approach with a credible, effective and flexible network security solution.
Forrester Research: Applying Zero Trust To The Extended Enterprise
This whitepaper by John Kindervag of Forrester Research discusses the need to realign strategies in new and more efficient ways and discard many legacy world views, particularly in network security. As it becomes more difficult to control the network, users and their devices he explains that we must take a fundamentally new approach to network and device security — a data-centric approach, so that no matter where the data is, security travels with it.
Forrester Research: Build Security Into Your Network's DNA: The Zero Trust Network Architecture
This report by John Kindervag of Forrester Research is a deep dive into a potential way in which you could use the concepts of the Zero Trust Model and conceivably implement them in a real-world environment. One goal of Zero Trust is to optimize the security architectures and technologies for future flexibility. Kindervag shows network security from a data-centric perspective and reviews the concept of designing networks from the inside out to make them more efficient, more elegant, simpler, and more cost-effective.
Forrester Research: No More Chewy Centers: Introducing The Zero Trust Model Of Information Security
This report by John Kindervag of Forrester Research establishes a model to confront new threats. Information security professionals must make security ubiquitous throughout the network, not just at the perimeter. This new model for information security is called Zero Trust. The first in a series, this report will introduce the necessity and key concepts of the Zero Trust Model.
NSS Labs: Network Intrusion Prevention Systems
During Q3 2010, NSS Labs performed an independent group test of network intrusion prevention systems (IPS) currently on the market. While the Network IPS Group Test Report provides comparative information about those products, this Individual Test Report provides further detailed information not available elsewhere.
Academic Freedom or Application Chaos: A Delicate Balancing Act (3nd Edition, April 2012)
A summary of network application traffic assessments performed on 619 university networks around the world. Findings show that P2P file sharing continues to be used while browser-based file sharing applications are increasing in their use. And not surprisingly, applications that are more focused on entertainment than on education were used heavily. What was not expected was the relatively high use of proxies, encrypted tunneling and remote desktop access applications.
What did you do in school today Junior? An analysis of application use on K-12 networks.
Analysis of applications in use on 279 K-12 networks. Findings shows that Junior is NOT always doing their math assignment. Data for these new materials is compiled from K-12 AVR reports performed worldwide from 2009 to March 2012.
Application Usage and Risk Report, 8th Edition (Dec 2011), Country Specific Findings
Summarizes social networking, browser-based filesharing, and not-port-80 application usage patterns for organizations distributed across 19 different countries.
A Pragmatic Approach to Network Security for Virtualized Computing Environments
This whitepaper by Mark Bouchard of the AimPoint Group explores the challenges enterprises face with network security in virtualized environments. Focusing on actionable recommendations, this paper examines best practices, new problems, and concludes with a framework for delivering best-practice network security in virtualized environments at any stage of sophistication or evolution.
Single Pass Parallel Processing Architecture
Outlines the benefits of integrating threat prevention into the firewall; why past approaches have failed and how Palo Alto Networks succeeded with their single pass software and parallel processing hardware approach.
Reducing Costs with Next Generation Firewalls
This paper examines three different organizations, the legacy infrastructure they replaced, the Palo Alto Networks next generation firewalls they deployed, and the substantial savings they realized – cutting both capital and operations costs by an average of 50%.
10 Things Your Next Firewall Must Do
For enterprises looking at NGFWs, the most important consideration is: Will this new technology empower security teams to securely enable applications to the benefit of the organization—it's not about blocking applications, but safely enabling them
Controlling Botnets with the Next-Generation Firewall
Botnets have changed the face of modern malware and quickly become one of the most powerful tools for hackers in their quest to compromise networks and steal information. In this paper we dig into the details of how botnets work, and introduce the unique role the next-generation firewall plays in controlling these types of threats, along with the specific best practices that enterprises can implement today to protect their networks.
NSS Labs: Network Firewall Individual Test Results
In the first half of 2011, NSS Labs performed extensive testing of 6 of the most widely deployed enterprise network firewalls in the market. The testing was focused on traditional port-based firewall features and excluded any review of next-generation firewall capabilities. Products were evaluated in terms of security effectiveness, performance, stability, and total cost of ownership.
SANS: Enabling Social Networking Applications for Enterprise Usage
This whitepaper, written by a SANS analyst, provides the latest research regarding social networking applications, explains the benefits and risks that they bring to corporate networks, and provides a recommendation for defining a secure social networking policy.
Securosis: Understanding and Selecting an Enterprise Firewall
This Securosis white paper analyzes the disruption happening at the enterprise perimeter, the various technical architectures capable of addressing the new requirements, and deployment considerations for optimal security, availability, and performance. The whitepaper also guides the reader through advanced firewall features such as IPS, content filtering, and anti-malware.
IANS: Impact of Web 2.0 on the Enterprise
IANS, a leading research company focused on information security, has just published their risk assessment of adopting Web 2.0 technologies in the enterprise.
Forrester Research: How Enterprises View and Address the Risks of New Collaboration and Web 2.0 Technologies
New research conducted by Forrester provides insights about how IT decision makers from large enterprises are addressing the challenges of securing web 2.0 applications.
Find out how we're re-inventing network security, starting with the firewall. By focusing on applications, users, and content – not ports and protocols – as the key elements to deliver visibility and control, our next-generation firewalls allow enterprises to safely enable modern applications, without taking on the unnecessary risks that accompany them.
To Block or Not. Is That the Question?
There is a serious problem with today's enterprise networks – the users are in control. This paper examines the difficult tradeoffs that IT departments face when determining the appropriate strategy and policies for Web 2.0/Enterprise 2.0 applications.
Side Effects of End-User Applications on Healthcare Networks
A summary of network application traffic assessments performed on 41 healthcare networks around the world. Findings show applications that enable employees to circumvent controls were in use, as were P2P and browser-based file sharing applications. Applications that are entertainment oriented were being used heavily.
Next Generation Firewalls - The Policy and Security Control Point
This report describes the existing and emerging set of security threats and the limitations of the current generation of firewalls. The report also describes what is needed in a next generation firewall to ensure that the product can do a fundamentally better job of protecting the organization from security threats than is possible with the current generation of firewalls.
Next Generation Firewalls - Restoring Effectiveness Through Application Visibility and Control
This paper explores a combination of ongoing and emerging factors that are exposing a variety of deficiencies with current firewall designs. These issues and flaws are then used to establish the criteria that define the ideal solution: a next-generation firewall that incorporates application inspection at its core.
SOLUTION / TECHNOLOGY WHITE PAPERS
Securing FlexPod Deployments with Next-Generation Firewalls
This solution brief describes a secure “VMWare on FlexPod” architecture with Palo Alto Networks next-generation firewall. This design allows enterprises to quickly deploy a secure infrastructure stack to deliver on-demand, self-service, virtualized applications for data centers.
A Modern Framework for Network Security in the Federal Government
Federal agencies are under tremendous pressure to address the needs of its user population while maintaining the highest levels of security. Read this paper for insights on developing a developing a strategy that can strengthen security, enable applications, and reduce complexity by leveraging the Palo Alto Networks next-generation firewall.
The Future of Intrusion Prevention
Viruses, worms, and other malware are increasingly targeting applications and enterprises are struggling to defend the corporate network from these sophisticated threats with their existing security infrastructure. Learn why Gartner believes the future of IPS is a next-generation firewall.
Moving Network Security From Black and White to Color
The old model of security was simple, but business, applications, and technology require more sophistication in network security – since applications aren’t threats. This paper discusses how to have more business-relevant network security (beyond simple block/allow at the network port) without increasing complexity and cost.
Palo Alto Networks to Protect Microsoft SharePoint Deployments
Learn how Palo Alto Networks can help IT managers detect and control Microsoft SharePoint deployments.
Controlling Peer-to-Peer Applications With Palo Alto Networks
Learn how Palo Alto Networks provides enterprises with visibility into and control over applications traversing the network irrespective of port, protocol, SSL encryption or evasive tactic used.
How to Reduce the Cost and Complexity of PCI Compliance
This paper describes how segmentation and policy control over applications, users and content reduces PCI compliance burden.
Preventing Data Leaks at the Firewall
This paper discusses the problems organizations face trying to identify and prevent data leakage, the shortfalls of DLP technology, and Palo Alto Networks' simple, cost effective and extremely powerful solution.