The port-centric design is relatively ineffective when faced with new applications that are equipped with increasingly sophisticated security evasion techniques. Bolting on Deep Packet Inspection (DPI) or Intrusion Prevention System (IPS) technologies to solve the problem has proven ineffective.
The problem is not so much the growing diversity of applications, but the inability to accurately identify any given application as good or bad. A modern security solution must be able, not only to distinguish one type of application from the next, but also to account for other contextual variables that are applicable in any given scenario, such as who is using the application, on what type of device, and for what purpose.
What's needed is a means to regain control over the applications traversing the network, identifying who is using them and their related content and, by doing so, bring policy-based control back to the network security team. To solve this, Palo Alto Networks® delivers advanced innovation for securing networks that identifies all traffic irrespective of port, protocol, evasive tactic, or SSL.
Traditional network security solutions have simply failed to keep pace with changing conditions, and the remedies put forth to compensate for their deficiencies have proven ineffective. To reinvent network security required reinventing the firewall, taking an application-centric approach to traffic classification in order to enable full visibility and control of all types of applications running on your enterprise networks. The result is the Palo Alto Networks next-generation firewall, which delivers the essentials for a truly effective, modern firewall that is able to:
Palo Alto Networks has developed an innovative approach to securing networks that identifies all traffic by applications using a variety of techniques. This replaces conventional approaches that attempt to control traffic based on port and offers the advantage of:
Leveraging the latest Palo Alto Networks Migration Tool v3.0 will help to automate and accelerate the migration from third-party firewall vendors to our next-generation firewalls, as well as enable you to take advantage of the advanced protection of app-based policies. The Migration Tool is now available through our Live Community Portal — at no charge — to assist with your migration. This tool can be very helpful, especially in the hands of experienced professionals who have performed migrations previously.
Firewall policy migration can be a challenging task, which is most effectively accomplished with professional services assistance from Palo Alto Networks and a network of solution partners, who can guide you though the migration process using a combination of automated tools and best practices.
Utilizing our services team, our customers gain years of experience and extensive knowledge of Palo Alto Networks best practices. Our Professional Services organization will accelerate your project timelines and help guarantee deployments are set up for maximum success from day one.
Taking advantage of Palo Alto Networks Consulting Services will ensure a smooth and efficient transition and get your next-generation firewall project off to a great start.
The Palo Alto Networks Migration Tool v3.0 tool helps automate and accelerate your migration to App-ID