• • PA-4000 Series Firewall
  • Management Tools
  • Technology
  • How To Buy
• • Press Releases
  • In The News
  • People Are Talking
  • Events
• • About Us
  • Management Team
  • Board of Directors
  • Investors
  • Careers
  • Contact Us

application research center

The PA-4000 Series classifies traffic based on the accurate identification of the application, irrespective of port, protocol, SSL encryption or evasive tactic employed.

People Are Talking

ANALYSTS

"The days when port = protocol = application are behind us. An increasing percentage of enterprise network traffic is being funneled through a few well-known ports, more port-hopping or dynamic application content, such as Web 2.0. In many cases, traffic is being encrypted."

"Most enterprise firewalls are not fully featured NGFW but, rather, early versions. This slowness to market has opened the door to competition, such as that from startups — for example, Palo Alto Networks offers a purpose-built NGFW with a service view of traffic, rather than a port-only view."

Greg Young, Research Vice President,
Gartner

"In every company in the world users install and use applications that are not approved by IT, which makes it challenging to establish uniform security and compliance policies. Establishing application visibility and control based on actual user identity, not just IP address, is an important feature in next-generation firewalls."

Jeff Wilson, Research Vice President,

Infonetics Research

"Firewalls must go beyond port/protocol identification to deliver visibility and control of applications—in particular those encrypted with SSL—to provide granular visibility and control over all traffic rather than a percentage of it."

Rob Whiteley, Senior Analyst
Forrester Research

 

CUSTOMERS

"Our existing firewalls and proxies weren’t giving us the level of control we needed. The PA-4000 Series enables us to distinguish between business and non-business applications, decide which applications will run on our network and offers the added benefit of making our IT infrastructure simpler and easier to use."

 

Pat Wagner, IT Director
Curt G. Joa, Inc

 

 

"Our existing security infrastructure was completely blind to what was tunneling over port 80. With the PA-4000 Series, we have visibility and control over all Web traffic, enabling our employees the access they need to work effectively, without compromising network bandwidth or security. And the integration with Active Directory enables us to monitor and control applications on a per-user basis, resulting in more effective application usage and security policies. This has enabled us to improve our intellectual property protection dramatically. We can consolidate our firewall infrastructure and provide better protection in doing so."

 

Roger Blakely, Vice President of Information Security
Sonic Solutions

 

 

"With Palo Alto Networks, we now know what we didn’t know. And it’s scary what some of our users and contractors were doing."

 

Mark Rein, Senior Director, Information Technology
Mercy Medical Center

 

"We know that port 80 is used for more than just Web surfing. The PA-4000 Series gives us visibility into and control over what’s on our network at all times, allowing us to be proactive in our security."

Frank Chambers, Director, Information Security Management
Constellation Energy

 

"With Palo Alto Networks, we are now for the first time able to identify rogue applications on the network such as P2P and Skype, and then block them accordingly."

Justin Smith, Staff Network Engineer
SanDisk Corporation

 

"Like many successful organizations, we needed to ensure that our infrastructure addressed our current security and compliance needs, but also protected us against emerging threats. Not knowing what was flowing in and out of our network was a huge vulnerability. The PA-4000 Series gives us a comprehensive view of our application and Internet traffic, and as a result we’re able to set smarter, more effective policies to allow what we want and restrict what we don’t."

George Morse, Senior Network Analyst
Nordson Corporation

 

"Palo Alto Networks has created a new generation of security device that identifies applications – not just ports, protocols and source/destination IP addresses – and enforces policies concerning its use. The granular visibility and control that Palo Alto Networks gives us has allowed us to re-write and enforce our acceptable application usage policies and protect the city."

Michael Hamilton, CISO
City of Seattle

 

"We had major plans to upgrade our network infrastructure in conjunction with implementing an MPLS data network. With a single Internet connection for the MPLS network at a co-location site, we needed to put in a good, high-performance firewall to protect the agency. The first day of deploying the PA-4000 Series I was able to see and fix bad things on my network that I did not previously know was happening."

Will Bailey, IT Manager
Catholic Charities of Santa Clara County

 

"I never had any idea what my users were doing on the Internet, and the pipe was getting saturated with traffic and made the Internet almost unusable for a lot of users. I just wanted to be able to see what was happening on my network and be able set policies based on users to more tightly control the traffic traversing our network. With Palo Alto Networks, I have eliminated the non-business activities and have reclaimed the Internet as a productive business tool for my users."

Chuyen Nguyen, IS Manager
State of Pennsylvania

PRESS

"This week, we've seen some genuine innovation – and perhaps more importantly, some new approaches to solving some very old problems…. Just when you thought firewalls had dead-ended, for example, startup Palo Alto Networks launched a new firewall, the PA-4000, which can identify – and restrict – more than 500 types of application traffic. Instead of just two settings for Port 80 ("off" or "on") this firewall enables enterprises to allow, block, or truncate the use of all sorts of applications, including those running over SSL."

Tim Wilson
Dark Reading

 

"Enterprises are frustrated with their traditional perimeter firewalls, because firewall ports increasingly are opened up to allow business traffic, particularly over Port 80. The PA-4000 line is offered as a transitional technology that works behind traditional, port-based firewalls to monitor applications and apply security rules to them."

Ellen Messmer, Senior Editor and Cara Garretson, Senior Events Editor
Network World

 

"[The PA-4000 Series] makes all kinds of interesting things possible…. First, it provides visibility into and control of the applications on your network. If you don't want users fooling around with P2P apps, you shut them down at the gateway. If you only want them to use a corporate-approved IM system, Palo Alto's firewall allows that one and no others."

Andrew Conry-Murray
InformationWeek / Network Computing

   

 

"The one lone voice in the wilderness these days that seems to be questioning much of the conventional wisdom of the security industry these days is Nir Zuk, who is the founder and chief technology officer for Palo Alto Networks, a startup company that is dedicated to overhauling the firewall has we know it….After 10 years of watching security infrastructure costs spiral out of control, it’s nice to see somebody talking about not only an improved firewall design but also a more efficient approach to the whole security model."

Mike Vizard
Ziff Davis

 

"First it was ports, then protocols, and now, applications: A new generation of firewalls is slowly emerging with more sophisticated inspection and blocking features at higher speeds. These new devices will not only do intrusion prevention, but also filter by application type. The protocol inspection method used by traditional firewalls is no longer enough, as more and more applications use Port 80, or HTTP."

Kelly Jackson Higgins
Dark Reading

 

"The App-ID software on Palo Alto's PA-4000 machines detects all application traffic across all ports, including SSL encrypted traffic and software-as-a-service, instant messaging, Web mail, P2P and other software types. Moreover, the software can view the application's profile to track usage, source, destination and risk level."

Clint Boulton
Internetnews.com

 

"With a cast of characters that represents much of the intellectual capital surrounding firewalls, it’s a pretty fair bet that its efforts to clean up the security perimeter nightmare is going to attract some big-time attention."

eWEEK Staff

Copyright ©2007 Palo Alto Networks. All rights Reserved.  |  Privacy  |  Site Map   |  Contact Us  |  Terms of Use