Paloaltonetworks - intellectual security
The world's first NGFW based on machine learning
Palo Alto Networks Security Solutions
Palo Alto Networks is a leading provider of enterprise information security solutions. The company's products, integrated into the security operating system, protect the corporate environment - network, endpoints, and hybrid clouds, allowing you to detect and prevent the most complex attacks.
Palo Alto Networks Unified Cybersecurity Platform
NGFW is the backbone of Palo Alto Networks' unified cybersecurity platform.
It gives full visibility and control over all applications on the network, including those that try to pretend to be legitimate by working on non-standard ports or using data encryption (for example, TLS/SSL or SSH).
Palo Alto Networks NGFW:
- Inspects and controls network traffic to detect and block known and unknown threats, all in one scan.
- Increases performance by using a single-pass architecture, which ensures that traffic is scanned only once, regardless of the enabled features.
- Effectively identifies and blocks unknown, new or specialized malware and exploits.
- NGFW uses a single-pass, parallel processing architecture that uses App-ID, User-ID, and Content-ID technologies to identify applications, users, and content analysis, respectively, which provides NGFW with unrivaled cybersecurity capabilities.
STRATA - comprehensive NGFW network protection
App-ID™ - application identification
The App-ID™ application identification system accurately recognizes applications in the data stream passing through the NGFW.
- Identify applications using various identification methods, unlike classic firewalls that use an IP address, port or protocol.
- Identify applications masquerading as allowed traffic using dynamic ports, or attempting to pass through a firewall through an SSL encrypted tunnel.
- Apply special policies (Decryption Policy) to decrypt and inspect incoming and outgoing SSL traffic.
- Control traffic through SSH tunnels.
User-ID™ - user identification
Visualizing applications by the user rather than by IP address allows you to control the applications on your network.
You can customize how applications are used according to your business requirements and, if necessary, inform users of policy violations or even block their apps.
User-ID™ allows you to:
- Create policies for the secure use of applications by users or groups of users, inbound or outbound. For example, access to useful tools such as SSH, telnet, and FTP on standard ports can only be granted to members of the IT department.
- Control local and remote users, regardless of the type of devices used and their location.
- Generate reports with data on user actions. You can create your own report form or use standard templates.
Content-ID™ - contect identification
Content-ID™ data identification technology provides the ability to conduct a complete analysis of all traffic in order to prevent threats.
Content-ID™ will help:
- Block vulnerabilities in the system, prevent buffer overflows and port scanning; protect the system from intrusions and various masking methods used by intruders.
- Block external connections of malware.
— Block access to malicious and phishing sites.
— Reduce the risks associated with the unauthorized transfer of files and data.
- Use a single flow approach that simplifies the management process, allows you to modernize the data processing process, and significantly improves system performance.