Jon's Network

Marketing game by Palo Alto Networks:

Block or Not

[Read more →]

Palo Alto Networks releases an Application Usage and Risk Report report twice a year that summarizes the data they collect from traffic assessments (I’m pretty sure this means evaluation units). The Fall 09 report includes data from more than 200 organizations.

Some specific findings from the research include:

Twitter session use grew [...]

[Read more →]

Here’s a short article at Businessweek.com about Palo Alto Networks enabling businesses to allow policy-based Web 2.0 use and reduce the odds of something bad happening because of it. The title doesn’t really describe the content of the article.

Consumer Tech Invades the Enterprise

[Read more →]

In October, Gartner released a research note on Next-Generation Firewalls.

In the paper, Gartner states that an NGFW should at least:

support bump-in-the-wire configuration act as a platform for network traffic inspection and network policy enforcement with the following minimum features: standard first-generation firewall capabilities: packet filtering, NAT, stateful inspection, VPN, etc. integrated IPS and threat prevention (not colocated like [...]

[Read more →]

Palo Alto Networks regularly updates their software to detect and control more types of traffic to give customers more granular control. The latest content update included control over Facebook applications. If you are a company that wants to allow Facebook use for business reasons but want to avoid the distraction of the third-party [...]

[Read more →]

Palo Alto Networks has shifted the firewall paradigm from port and protocol to application and user. Their App-ID technology uses signatures to identify and control applications on the network regardless of port, protocol or evasive tactic. It identifies encrypted SSL applications too. They integrate with Active Directory so you can control traffic based on users and groups (eDirectory and other LDAP integration are on the way). They block a wide range of threats and unauthorized file transfers and control web surfing. Top it off with QOS, SSL-VPN and a tad of DLP. (Link: Palo Alto Networks)

[Read more →]

In November 2007 I predicted that Fortinet would add SSL inspection to their Fortigate appliances to catch up with Palo Alto Networks.

I was wrong by 4 months. FortOS 4.0, with SSL inspection, was released today. It boasts:

Application Control SSL Inspection Data Leakage Prevention (DLP) WAN Optimization

The first three are to catch up with Palo Alto, but [...]

[Read more →]

Fix-the-Firewall-PAN-ebook.pdf

This ebook provides a brief introduction to the limitations of traditional port-blocking firewalls and explains how Palo Alto Networks resolves these problems.

There is an in-depth product demo here.

More discussion on the topic at What is a Firewall.

[Read more →]

Nir Zuk of Palo Alto Networks posted a video response to this online video argument about firewall innovation that I mentioned before.

Via Nir Zuk responds | ThreatChaos

[Read more →]

Richard Stiennon hosted a round-table discussion about firewall innovation. Two main opinions were argued. Mike Murray argued that there hasn’t been any innovation for the past decade, that firewalls do stateful inspection to keep most of the garbage out and that is it. Adding functionality from other parts of the security market [...]

[Read more →]