Threat Prevention
A recent SANS Top 20 Threats list indicated that of the top 20 threats enterprise IT security groups should be concerned about, 80% were application-level threats. Further compounding the issue, threats come in more and more flavors, are multi-vector, and resist traditional definitions (e.g., virus, exploit, or worm).
Threats to an organization can take many forms. They can target an application, or can be carried by an application. The traditional defense mechanisms - firewalls and IPS/IDS – cannot effectively control applications, and can’t recognize the variety of threats targeting the applications anyway – since IPS/IDS only look at threats formally defined as "exploits".
Next-Generation Firewalls
In order to prevent threats effectively, enterprises need to first reduce the avenues of attack – start controlling which applications run on the enterprise network. Then, enterprises need to scan allowed application traffic for threats more broadly – not limiting themselves to a strict definition of a particular type of threat (e.g., "virus" or "exploit"). Finally, in today’s economic environment, organizations need to do it without increasing complexity and cost.
Palo Alto Networks next generation firewalls deliver a high performance threat prevention solution. With a low-latency, multi-Gbps platform based on our SP3 Architecture, Palo Alto Networks next generation firewalls:
- Block “bad” or undesirable applications
- Scan "good" applications for a wide variety of threats – exploits, viruses, spyware, even confidential data leaks – with a single pass, stream-based scan
- Simplify infrastructure with a single policy, high port-count, and high performance
Specific Solution Examples:
Intrusion prevention: See why application control is the first step to improved prevention of vulnerability exploits, and why the firewall is the right place to do intrusion prevention.
Data leak prevention: See how you can reduce the unauthorized transfer of corporate data and confidential personal information.
