Panorama is a centralized security management system that provides global control over a network of Palo Alto Networks next-generation firewalls. Using the same look and feel that the individual device management interface carries, Panorama eliminates any learning curve associated with switching from one mechanism to another.
Centralized policy management
Panorama allows administrators to control all aspects of the devices and/or virtual systems under management (security, NAT, QoS, policy based forwarding, decryption, application override, captive portal, and DoS protection). Using pre- and post-rules, Panorama administrators can enforce shared policies while allowing local policy flexibility. Rules in between the pre- and post-rules can be edited locally or by a Panorama administrator who has switched to the local firewall context.
Simplifying firewall deployments and updates
Panorama enables organizations to centrally manage device software and associated updates: SSL-VPN clients, GlobalProtect clients, dynamic content updates (Applications, Threats and antivirus), and software licenses.
Centralized logging and reporting
View logs and run reports across dynamic or locally queried data aggregated from managed devices. Distributed reporting can be done without a need to forward logs from FWs to Panorama. Aggregate user activity reports can be run for mobile users that travel between branches. This will report the users activity regardless of where they are currently located globally.
Log Storage and High Availability
Using NFS, organizations can use Panorama to expand the log storage for long-term event investigation and analysis. Reliability is ensured through high-availability which will provide fail over of central management.
Palo Alto Networks continues to expand the definition of next-generation firewall functionality with new products, platforms and features. GlobalProtect will enable enterprises to employ and enforce consistent policies to all users, on and off the network while the new PA-5000 Series will extend next-generation firewall features further into the datacenter. New, innovative next-generation firewall features such as SSH decryption, behavioral botnet detection and drive-by download prevention make up just a few of the more than 50 new features now available on every Palo Alto Networks platform.
Global Protect: Extending Consistent Policy & Enforcement for All Users
GlobalProtect extends the same next-generation firewall-based policies that are utilized within the physical perimeter to all users, no matter where they are located, in effect, establishing a logical perimeter. Employees working from home, on the road for business, or logging in from a coffee shop will be protected by a logical perimeter in the same manner that they would be if they were working from their office. Learn more.
PA-5000 Series: Full Stack Traffic Classification at 20 Gbps
The PA-5000 Series extends visibility and control over applications, users and content deeper into the datacenter and the network core where consistent performance with security services enabled is critical. Learn more.
Complete Visibility: SSH, Unknown Applications, Threats
Now, in addition to SSL decryption capabilities, Palo Alto Networks introduces an industry first: SSH decryption in the firewall allowing you to ensure SSH is used in an appropriate manner. Additional control over unknown applications via customizable App-IDs, Botnet detection, and drive-by download, PDF virus protection are just a few of the new features that can help you. Learn More.
Solving Complex Problems Efficiently: Active/Active High Availability
Active/Active high availability helps customers solve two complex challenges. The first is hardware redundancy in business critical environments and the second is full application and content inspection in asymmetrically routed environments. Either, or both of these challenges can be solved using an active/active deployment. Learn more.
These are just a few of the more than 50 new features supported in PAN-OS 4.0, the latest software release from Palo Alto Networks.
Next Generation Firewalls
Palo Alto Networks' next-generation firewalls enable enterprises to identify and control applications, users, and content—not just ports, IP addresses, and packets—using three unique identification technologies: App-ID, User-ID, and Content-ID. These identification technologies allow enterprises to securely enable application usage using business-relevant concepts, instead of following the traditional "all-or-nothing" approach offered by traditional port-blocking firewalls used in many security infrastructures.
- Application Visibility
- Policy Control
- Device Management
- Botnet Protection
- Data Filtering
- URL Filtering
- Networking & VPN
- Redundancy & Resiliency
- Centralized Management
Classify all traffic, on all ports, all the time—irrespective of protocol, encryption or evasive tactic.
Securely enable applications on your network based on users and groups—not just IP addresses.
Real-time content scanning blocks threats, controls web surfing and limits data and file transfers.
- PA-5000 Series
- PA-4000 Series
- PA-2000 Series
Delivered as a purpose-built appliance, every Palo Alto Networks next-generation firewall utilizes dedicated, function specific processing that is tightly integrated with a single-pass software engine. This unique combination of hardware and software maximizes network throughput while minimizing latency. Each of the hardware platforms supports the same rich set of next-generation firewall features ensuring consistent operation across the entire line.
WildFire: Protection from Targeted and Unknown Malware
Problem: Modern malware has evolved from being simple replicating viruses to highly evasive and adaptable network applications that allow hackers to launch increasingly sophisticated and targeted attacks. This new breed of malware is at the heart of many of today's most sophisticated intrusions – enabling attackers to gain a foothold within the enterprise from which they can dig deeper into the network, control their attack and steal information. As malware has become more powerful, it has also become more targeted and customized for a particular network, thus helping it to avoid traditional signature-based anti-malware solutions. This shift has put IT security teams at a disadvantage inasmuch as the malware that represents the greatest risk to the enterprise is also the most difficult to detect.
Solution: To meet this challenge, Palo Alto Networks has developed WildFire, which provides the ability to identify malicious behaviors in executable files by running them in a virtual environment and observing their behaviors. This enables Palo Alto Networks to identify malware quickly and accurately, even if the particular sample of malware has never been seen in the wild before.
Integration of firewall and the cloud.
WildFire makes use of a customer's on-premises firewalls in conjunction with Palo Alto Networks cloud-based analysis engine to deliver an ideal blend of protection and performance. The inline firewall captures unknown files and performs inline enforcement while maintaining high network throughput and low latency. The analysis of unknown files is offloaded to a secure cloud-based engine to identify unknown malware and subsequently deliver protections to all locations.
WildFire virtualized sandbox.
When the Palo Alto Networks firewall encounters an unknown file, the file can be submitted to the hosted WildFire virtualized sandbox. Submissions can be made manually or automatically based on policy. The sandbox provides virtual targets for the suspected malware where Palo Alto Networks can directly observe more than 70 malicious behaviors that can reveal the presence of malware.
Automated signature generator.
When a sample is identified as malware, the sample is then passed on to the signature generator, which automatically writes a signature for the sample and tests it for accuracy. Signatures are then delivered to all Palo Alto Networks customers as part of the daily malware signature updates.
Deep visibility and analysis.
In addition to providing protection from modern malware, users can see a wealth of information about the detected malware in reports available on the WildFire Portal. This includes the ability to see all behaviors of the malware, the user that was targeted, the application that delivered the malware, and all URLs involved in delivery or phone-home of the malware.