Académique Documents
Professionnel Documents
Culture Documents
Welcome to:
CORPORATE HIGHLIGHTS
$MM
$598
$600
19,000
20,000
16,000
13,500
$396
$400
12,000
9,000
$255
$200
$0
ENTERPRISE CUSTOMERS
REVENUES
8,000
4,700
$119
$13
$49
4,000
0
Jul-11 Jul-12 Jul-13 Jul-14
WHATS CHANGED?
THE EVOLUTION OF THE ATTACKER
CYBERCRIME NOW
100+ nations
WHATS CHANGED?
THE EVOLUTION OF THE ATTACK
Mobile Threats
Lateral Movement
Evasive Command-and-Control
Known Threats
Organizational Risk
SSL Encryption
Lacks Integration
Manual Response
DNS Alert
SMTP Alert
Web Alert
AV Alert
Endpoint Alert
DNS Alert
SMTP Alert
AV Alert
Endpoint Alert
Web Alert
AV Alert
DNS Alert
Web Alert
UTM/Blades
Internet
Enterprise Network
Anti-APT for
port 25 APTs
Anti-APT for
port 80 APTs
Vendor 1
Vendor 3
Internet Connection
Vendor 2
Vendor 4
Malware Intelligence
Network AV
Anti-APT cloud
Cloud
At the
mobile device
At the
internet edge
Between
employees and
devices within
the LAN
At the
data center
edge and
between VMs
Within private,
public and
hybrid clouds
DELIVERING A NEXT-GENERATION
SECURITY PLATFORM
THREAT
INTELLIGENCE
CLOUD
AUTOMATED
NATIVELY
INTEGRATED
NEXT-GENERATION
FIREWALL
EXTENSIBLE
ADVANCED ENDPOINT
PROTECTION
Public
Cloud
Private
Cloud
Enterprise Network
App-Control
Add-on
Allow port
80
Applications
Policy
Decision #1
Open ports to
allow the application
Policy
Decision #2
300+ applications allowed*
Allow Facebook
Facebook allowedwhat
about the other 299 apps?
Key Difference
Ramifications
More Work. Two policies = double the admin effort (data entry, mgmt, etc)
Possible security holes. No policy reconciliation tools to find potential holes
Less visibility with more effort. informed policy decisions require more effort ,
slows reaction time
Increased risk. Unknown is found on every network = low volume, high risk
More work, less flexible. Significant effort to investigate; limited ability to manage
if it is found.
Firewall
Allow Facebook
App-ID
Policy Decision
Key Difference
Benefit
Systematic management of
unknowns
Less work, more secure. Quickly identify high risk traffic and systematically
manage it.
App-ID
Identify the application
Content-ID
Scan the content
User-ID
Identify the user
EXAMPLE: DNS
Legacy Firewalls
Security Rule: ALLOW Port 53
DNS
DNS
DNS
Firewall
BitTorrent
DNS
Firewall
BitTorrent
Bittorrent
EXAMPLE: BITTORRENT
Legacy Firewalls
Security Rule: ALLOW Port 53
DNS
DNS
DNS
Firewall
Bittorrent
DNS
App IPS
Bittorrent
DNS
Firewall
Bittorrent
DNS=DNS: Allow
Bittorrent: Deny
Firewall
App IPS
Firewall
DNS
DNS
Bittorrent
Bittorrent
Zero-day
C&C
Zero-day
C&C
DNS
DNS
DNS
Bittorrent
Zero-day
C&C
Zero-day
C&C
DNS=DNS: Allow
Command & Control DNS: Deny
Visibility: Unknown traffic
detected and blocked
FACILITATE ACCESS
REDUCE AND CONTROL RISK
MOBILE SECURITY
GlobalProtect protects the mobile workforce
Use the enterprise security platform to extend security to laptops, mobile
phones and tablets. Enforce policy no matter where users go.
Mobile Threat
Prevention
Protect the
Network
Manage
Applications &
Data
Data center/cloud
Enterprise perimeter
Distributed/BYOD
Endpoint
Next-generation
appliances
Physical: PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series, PA-7050
WildFire: WF-500
Virtual: VM-Series & VM-Series-HV for NSX
Threat Prevention
URL Filtering
GlobalProtect
Subscriptions
WildFire
Endpoint (Traps)
Use cases
Next-Generation
Firewall
Cybersecurity:
IDS / IPS / APT
Web gateway
Management system
Operating system
PAN-OS
VPN
Gartner, Magic Quadrant for Enterprise Network Firewalls, Adam Hils, et al, April 22, 2015. This
graphic was published by Gartner, Inc. as part of a larger research document and should be
evaluated in the context of the entire document. The Gartner document is available upon request
from go.paloaltonetworks.com/gartnermq2015.
Gartner does not endorse any vendor, product or service depicted in its research publications,
and does not advise technology users to select only those vendors with the highest ratings or
other designation. Gartner research publications consist of the opinions of Gartner's research
organization and should not be construed as statements of fact. Gartner disclaims all warranties,
expressed or implied, with respect to this research, including any warranties of merchantability or
fitness for a particular purpose.