Access to the Internet is a vital component for doing business today. Users depend on being able to access the Internet in order to use applications, collaborate with colleagues, and to conduct research. However, the Internet can also be the conduit for both inappropriate and malicious activity. Today, applications, exploits, and malware are easily able to slip through the existing traditional firewall as well as web security gateways, proxies, and IPS security devices. Even controlling legitimate applications is problematic, due to the growing use of evasive technologies and techniques including port hopping, encryption, and proxies.
The challenge is to find a way to say "yes" to the applications that your business needs while systematically managing risks.
The Palo Alto Networks next-generation firewall allows you to provide safe access to Internet resources through an innovative approach that identifies and manages traffic. By using the core App-ID, User-ID, and Content-ID technologies, you can establish visibility and control over your traffic using the same business-oriented criteria that you use to define acceptable use. Instead of basing policy on port numbers and IP addresses, take control of your traffic by building security policies based on who can use particular applications while scanning for undesirable or inappropriate content. Understand what’s on your network by examining all traffic on all ports. The Palo Alto Networks next-generation firewall allows you to say "yes" to the applications that your organization needs without introducing unnecessary risks.
Establishing Safe Application Enablement.
Safe application enablement is a systematic approach for managing applications on your network while removing risky and undesirable elements. It starts with having the visibility to see the applications in use on your network and knowledge of the risks that they could pose. Next, the use of policies that govern the applications - tied to the identity of the specific user, not just the IP address - provides precise control over user traffic. Finally, the use of the next-generation firewall’s content inspection technologies deliver protection against malware, vulnerabilities, undesirable web content, dangerous file types, and much more. In addition, through WildFire, the next-generation firewall can protect against highly customized, targeted modern malware.
Restoring Control Back to the Firewall.
All Internet traffic passes through the firewall, but unfortunately, many firewalls simply let too much traffic through. Your firewall may be in the right location to enforce network security, but it has to be much more intelligent in understanding and managing traffic in order to be effective.
The Palo Alto Networks next-generation firewall restores control by providing a clear understanding of applications, users, and content. With the knowledge of who is using the network, what they are using, and where the traffic is going, your security teams can establish the appropriate application enablement policies for Internet access.
Extend control to users in all locations.
The Palo Alto Networks next-generation firewall provides control over user browsing and protection from threats wherever the user may go through GlobalProtect. By using GlobalProtect, users stay connected to the next-generation firewall for policy enforcement regardless of whether they are on the local network, the wireless network, or outside of the office. All of the application control, threat prevention, and URL filtering rules are in effect, providing consistent security at all times. GlobalProtect is available for Windows, Mac OS X, iOS, and Android platforms, providing coverage for laptops, smartphones, and tablets.