Jon's Network

SonicWALL has released “Project Super Massive” – marketing lingo for their next-gen firewall along the lines of what Palo Alto Networks has been doing for a while and which Gartner recently endorsed. They mention Reassembly-Free Deep Packet Inspection (RFDPI), which I think means this is completely new architecture and drastic change for SonicWALL. They use [...]

[Read more →]

Marketing game by Palo Alto Networks: Block or Not

[Read more →]

Palo Alto Networks releases an Application Usage and Risk Report report twice a year that summarizes the data they collect from traffic assessments (I’m pretty sure this means evaluation units). The Fall 09 report includes data from more than 200 organizations. Some specific findings from the research include: Twitter session use grew more than 250 [...]

[Read more →]

Here’s a short article at Businessweek.com about Palo Alto Networks enabling businesses to allow policy-based Web 2.0 use and reduce the odds of something bad happening because of it. The title doesn’t really describe the content of the article. Consumer Tech Invades the Enterprise

[Read more →]

In October, Gartner released a research note on Next-Generation Firewalls. In the paper, Gartner states that an NGFW should at least: support bump-in-the-wire configuration act as a platform for network traffic inspection and network policy enforcement with the following minimum features: standard first-generation firewall capabilities: packet filtering, NAT, stateful inspection, VPN, etc. integrated IPS and [...]

[Read more →]

Palo Alto Networks regularly updates their software to detect and control more types of traffic to give customers more granular control. The latest content update included control over Facebook applications. If you are a company that wants to allow Facebook use for business reasons but want to avoid the distraction of the third-party applications, you [...]

[Read more →]

Palo Alto Networks has shifted the firewall paradigm from port and protocol to application and user. Their App-ID technology uses signatures to identify and control applications on the network regardless of port, protocol or evasive tactic. It identifies encrypted SSL applications too. They integrate with Active Directory so you can control traffic based on users and groups (eDirectory and other LDAP integration are on the way). They block a wide range of threats and unauthorized file transfers and control web surfing. Top it off with QOS, SSL-VPN and a tad of DLP. (Link: Palo Alto Networks)

[Read more →]

In November 2007 I predicted that Fortinet would add SSL inspection to their Fortigate appliances to catch up with Palo Alto Networks. I was wrong by 4 months. FortOS 4.0, with SSL inspection, was released today. It boasts: Application Control SSL Inspection Data Leakage Prevention (DLP) WAN Optimization The first three are to catch up [...]

[Read more →]

Fix-the-Firewall-PAN-ebook.pdf This ebook provides a brief introduction to the limitations of traditional port-blocking firewalls and explains how Palo Alto Networks resolves these problems. There is an in-depth product demo here. More discussion on the topic at What is a Firewall.

[Read more →]

Nir Zuk of Palo Alto Networks posted a video response to this online video argument about firewall innovation that I mentioned before. Via Nir Zuk responds | ThreatChaos

[Read more →]