Palo Alto Networks
||This article appears to be written like an advertisement. (March 2013)|
|Traded as||NYSE: PANW|
|Headquarters||Santa Clara, CA, U.S.|
|Key people||Mark D. McLaughlin
Chairman, President, and CEO
Founder and CTO
Founder and Vice President, Engineering
Palo Alto Networks, Inc. is a multinational network security company based in Santa Clara, California. The company’s core product is a series of firewalls designed to provide visibility and granular control of network activity based on application, user, and content identification.
Palo Alto Networks was founded in 2005 by Nir Zuk. Zuk was the principal developer of the first stateful inspection firewall and the first intrusion prevention system. When asked why he started Palo Alto Networks, Zuk cited his objective of solving a problem enterprises were facing with existing network security solutions: the inability to safely enable employees to use modern applications, which entailed developing a firewall that could identify and provide fine-grained control of applications.
In 2009 Gartner, Inc. released a publication defining the 'next-generation firewall'. As in its definition, Palo Alto Networks firewalls contain application awareness, full stack visibility, extra-firewall intelligence, and upgrade paths in addition to the full capabilities of both traditional firewalls and intrusion prevention systems. Palo Alto Networks further refined Gartner’s next-generation firewall definition as follows:
- Identify applications regardless of port, protocol, evasive tactic or SSL
- Identify and control users regardless of IP address, location or device
- Protect against known and unknown application-borne threats
- Fine-grained visibility and policy control over application access/functionality
- Multi-gigabit, low latency, in-line deployment
Palo Alto Networks firewalls replace the traditional port-based traffic classification mechanism of stateful inspection with application identification. This largely affects the central function of access control in the firewall and provides greater visibility into, and more granular control over, what traffic is or is not allowed on a network. Policy controls can be deployed to deny unwanted applications, and allow specific applications or functions for users or groups, regardless of their location or device, through directory service integration.
Its firewalls also have wholly integrated threat prevention mechanisms, providing full intrusion prevention and antivirus. Additional functionality includes malware prevention, URL filtering, SSL decryption, data filtering, quality of service, site-to-site and remote user VPN, and custom reporting.
Palo Alto Networks delivers their 'next-generation firewall' through a family of ten purpose-built platforms, ranging from 100 Mbps – 20 Gbps of firewall throughput. The company continues to build upon its technology base, recently adding GlobalProtect and WildFire. GlobalProtect extends the same firewall policies used at headquarters locations to users in any location, regardless of proximity to the network. Palo Alto Networks stated its purpose for building GlobalProtect to help corporate security perimeters follow its users in the increasing adoption of mobile devices and cloud-based access.
WildFire is a mechanism for identifying and protecting enterprises from unknown malware. It analyzes files for malicious behavior in a virtualized environment and alerts users of its results. If malware is found, WildFire automatically generates and delivers a signature in the form of an update. WildFire was built for the purpose of protecting enterprises from previously unknown or highly targeted malware.
Recognition from industry analysts and labs for Palo Alto Networks firewalls include:
- The 2011 Gartner Magic Quadrant identified Palo Alto Networks as a leader in the enterprise firewall.
- NetworkWorld grants short list status to Palo Alto Networks’ firewalls in its next-generation firewall review in 2011 and 2012.
- NSS Labs rated Palo Alto Networks firewalls “Recommended” in 3 network security tests:
- IPS Group Test (2011) in which NSS Labs notes it exceeded datasheet performance
- Traditional Firewall Group Test (2011); additionally, evaluated as best cost solution per protected megabit
- Next-Generation Firewall Group Test (2012) also receiving an evaluation as best cost solution per protected megabit
- The Forrester Market Overview for Intrusion Prevention Systems in 2011, which credited Palo Alto Networks with “[disrupting] the detente between IPS and firewalls” and “pushing the entire vendor community toward further innovation.”
- "PANW: Summary for Palo Alto Networks, Inc. Common- Yahoo! Finance". Yahoo! Finance. Retrieved 29 October 2012.
- "US and UK gov cyber defences = big boys' trough-slurp • The Register". The Register. 2010-10-22. Retrieved 29 October 2012.
- "The Entrepreneur Questionnaire: Nir Zuk, Founder and CTO of Palo Alto Networks « Greylock VC". Retrieved 29 October 2012.
- Vance, Ashlee (October 20, 2011), Building a Firewall for the Facebook Generation
- Pescatore, John; Young, Greg, http://img1.custompublish.com/getfile.php/1434855.1861.sqqycbrdwq/Defining+the+Next-Generation+Firewall.pdf, retrieved 2012-12-02
- Next-Generation Firewall Overview, 2011, retrieved 2012-12-02
- "PA-5000 Series Specsheet". Palo Alto Networks. 2012. Retrieved 29 October 2012.
- Mathew J. Schwartz (June 22, 2010). "Palo Alto Introduces Security For Cloud, Mobile Users". Information Week. Retrieved 29 October 2012.
- "Palo Alto Networks Hits The Magic Quadrant For Firewalls". Wall Street Journal. December 16, 2011. Retrieved 23 January 2013.
- "Palo Alto earns short list status". Network World. August 22, 2011. Retrieved 23 January 2013.
- "Palo Alto Networks Earns "Recommended" Rating in NSS Labs Test". Terach. Retrieved 23 January 2013.