Published on February 21, 2022 Show
Network security is job No. 1 for every enterprise today. It's no secret that cybersecurity threats are a significant danger to businesses, governments, and nations. Just watch the news and you'll see stories of so-called advanced persistent threats (APTs) — major incidents of ransomware, data breaches, denial of service, and other serious attacks. Networking security technology and practices are key aspects of the enterprise response to these threats. Firewalls in various forms help protect against threats by monitoring and controlling traffic that comes in and out of the network. Initially, the notion was for the firewall to be a barrier between the trusted enterprise network and traffic from external, untrusted networks. Early firewalls were physical devices and were often incorporated into the network routers, but as enterprise networks evolved, we started to see firewall functionality as part of the network. An Evolving Security LandscapeThe network security landscape evolved in recent years as new technologies and architectures emerged. For example, issues of scalability and security integration associated with virtual private networks (VPN) have led to an uptake in software-defined wide area networks (SD-WAN) with integrated security mechanisms. Certainly, one major result of the relentless cybersecurity attacks has been the realization that the traditional security trust model was unworkable. It was clear that the notion of trusting everyone and everything within the organization's network did not make sense anymore. Hence the move toward the "Zero Trust" model, where credentials are never trusted, but always verified. The goal is to prevent external infiltrators, or malicious inside users, from accessing one segment of the network and then moving freely to other areas of the enterprise. Zero Trust Architectures also introduce the concept of "protect surfaces." Rather than trying to protect everything in your enterprise, you focus security controls on the most critical and valuable data, assets, applications, and services (DAAS). Next Generation Firewalls (NGFW) are used to create a secure perimeter to control access to the protected DAAS. NGFWs do everything that a traditional firewall does, plus a lot more. NGFWs are able to filter traffic based on application and can identify and block malware and are better able to counter advanced persistent threats. Additionally, NGFWs often include malware detection, threat management, antivirus, and other security applications, so they are more cost effective than traditional firewalls. As the industry in general embraces software-defined and cloud-based functionality, it should be no surprise that firewalls are going the same way. Many enterprises are choosing to deploy software-defined firewalls rather than physical hardware variants. They are also moving their firewalls and network security to the cloud. Why Palo Alto Firewalls?One of the hottest vendors providing these new network security capabilities is Palo Alto Technologies. With significant acquisition and innovation in the last few years, Palo Alto has overhauled Cisco — the '800-pound gorilla' — as a leader in network security. This post is the first in a series that will discuss Palo Alto, its technology, its position in the network security landscape, and the career opportunities afforded to Palo Alto-certified engineers and technicians. With a broad range of network security products and services, Palo Alto Technologies has become the leading vendor for network security appliances and WAN edge infrastructure solutions. Palo Alto's principal network security offering is their Next Generation Firewall (NGFW). They offer the firewall in a variety of forms:
Palo Alto Firewall FeaturesSo, let's look at some of the stand-out features of Palo Alto's firewall offerings. Extensible, Efficient ArchitecturePalo Alto firewalls are based on a single-pass architecture that processes each packet just once for all security features or processes. This means that, unlike most other firewalls, Palo Alto NGFW performance does not degrade as more security features are enabled. The architecture also allows new security features and firewall rules to be added to installed systems, thus helping extend the useful life of the customer's investment. For example, Palo Alto has introduced and deployed new capabilities such as IoT Security and the WildFire threat intelligence service. Policy-Based ControlCombined with the single-pass architecture, Palo Alto's NGFWs use three unique traffic classification engines to enable policy-based control over applications, users, and content. The three classification IDs are:
Machine-LearningTraditional firewalls are only able to react to known types of threats! But as we know, hackers and cybercriminals are continuously changing their mode of attack to bypass network defenses. Palo Alto's Next Generation Firewall technology is smart and proactive — employing machine learning (ML) to detect and respond to threats, automating security policy updates, and helping reduce human error in protecting the network. Palo Alto claims that their ML-powered firewall prevents up to 95% of new threats — immediately stopping malicious scripts and files — and protects IoT devices without the need for additional hardware. Palo Alto's machine learning technology is based on the following four mechanisms:
Advanced Threat Detection and PreventionEnabled by the single-pass architecture and ML-based analysis of traffic data, Palo Alto firewall customers can select one or more of a set of threat detection and prevention capabilities to help protect against even the most advanced threats. These capability modules include:
Final ThoughtsPalo Alto network security and security appliance offerings are scoring high marks with technology consultants and customers are voting with their dollars. Palo Alto is on a hot streak, as enterprises of all sizes are opting for their next gen firewalls. This is reflected in the growing demand for security professionals with Palo Alto certifications. Let's not write off Cisco and other vendor offerings! As we'll see in a subsequent article, there's still plenty of career opportunities in that space and there is value in holding both Palo Alto and Cisco certifications! If Palo Alto certification is on your career trajectory, then check out Keith Barker's new online training classes for the Palo Alto Networks Certified Network Security Administrator (PCNSA) and Certified Network Security Engineer (PCNSE). If you're looking for an entry into cybersecurity, then you should take a look at Keith's course for the Certified Cybersecurity Entry-level Technician (PCCET). Download Don't Miss OutGet great content delivered to your inbox. I have read and understood the privacy policy, and am able to consent to it. What is the advantage of Palo Alto firewall?Palo Alto Networks offers superior architecture with superior benefits: Complete visibility and precise control: Our next-generation firewalls provide complete visibility into all network traffic based on applications, users, content and devices.
What are the features of Palo Alto firewall?Overview.. Advanced Threat Prevention.. Advanced URL Filtering.. DNS Security.. WildFire®. Enterprise Data Loss Prevention.. What are the 3 pillars of Palo Alto Networks strategy?Visibility and access control.. Data loss protection.. Threat prevention.. |