Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

From The Labs: Palo Alto's Firewall Appliance

The PA-4000 line of firewall appliances filters traffic based on applications rather than just IP addresses and TCP/IP ports and offers optional integrated network antivirus and URL blocking. Palo Alto can tie firewall rules to individual users through Microsoft Active Directory.
Application identification isn't unique to Palo Alto--Fortinet, Packeteer, and Procera do it, too. But the fact that IT can enforce which applications are allowed and which aren't sets the device line apart from rival products.
The signatures that identify applications are accurate, and the company routinely releases new ones. Though Palo Alto Networks is a startup, it's loaded with firewall industry luminaries such as CTO Nir Zuk, who helped develop stateful packet inspection technology while at Check Point.

Does your firewall really stop all the traffic you want it to block? Given the spread of software that tunnels network traffic over HTTP or hops TCP/IP ports to evade firewalls, it's all too likely that the answer is no.

Palo Alto Networks' PA-4000 series firewall appliances use proprietary App-ID signature technology to determine the applications entering and leaving your network, even those encrypted via SSL. This enables IT to better enforce security policies stating which applications are allowed to enter and leave the network. What's more, Palo Alto offers integration with Microsoft Active Directory, so firewall rules can be applied to specific users. Add the beginnings of in-line antivirus and intrusion prevention, and Palo Alto is shaping up to be a very potent competitor in the unified threat management market.

InformationWeek Reports

Firewalls are supposed to act as network gatekeepers, allowing or denying traffic based on IT policy. However, it's no secret that almost every firewall allows Web traffic, leading software developers to game the system by sneaking their applications' traffic onto networks, using Web protocols. For instance, Microsoft's RPC over HTTP is frequently used to slip connections from Outlook clients to Exchange servers past firewalls.

  • 1