• 03/22/2008
    4:01 AM
  • Network Computing
  • News
  • Connect Directly
  • Rating: 
    0 votes
    Vote up!
    Vote down!

From The Labs: Palo Alto's Firewall Appliance

Using signatures to identify unwanted apps, Palo Alto Networks puts control over network traffic back in the hands of IT.
CLAIM:  The PA-4000 line of firewall appliances filters traffic based on applications rather than just IP addresses and TCP/IP ports and offers optional integrated network antivirus and URL blocking. Palo Alto can tie firewall rules to individual users through Microsoft Active Directory.
CONTEXT:  Application identification isn't unique to Palo Alto--Fortinet, Packeteer, and Procera do it, too. But the fact that IT can enforce which applications are allowed and which aren't sets the device line apart from rival products.
CREDIBILITY:  The signatures that identify applications are accurate, and the company routinely releases new ones. Though Palo Alto Networks is a startup, it's loaded with firewall industry luminaries such as CTO Nir Zuk, who helped develop stateful packet inspection technology while at Check Point.

Does your firewall really stop all the traffic you want it to block? Given the spread of software that tunnels network traffic over HTTP or hops TCP/IP ports to evade firewalls, it's all too likely that the answer is no.

Palo Alto Networks' PA-4000 series firewall appliances use proprietary App-ID signature technology to determine the applications entering and leaving your network, even those encrypted via SSL. This enables IT to better enforce security policies stating which applications are allowed to enter and leave the network. What's more, Palo Alto offers integration with Microsoft Active Directory, so firewall rules can be applied to specific users. Add the beginnings of in-line antivirus and intrusion prevention, and Palo Alto is shaping up to be a very potent competitor in the unified threat management market.

InformationWeek Reports

Firewalls are supposed to act as network gatekeepers, allowing or denying traffic based on IT policy. However, it's no secret that almost every firewall allows Web traffic, leading software developers to game the system by sneaking their applications' traffic onto networks, using Web protocols. For instance, Microsoft's RPC over HTTP is frequently used to slip connections from Outlook clients to Exchange servers past firewalls.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.

Log in or Register to post comments