Upload
others
View
8
Download
0
Embed Size (px)
Citation preview
PALO ALTO NETWORKSwhat’s next …what’s next …to Next Generation FW
11 | ©2014, Palo Alto Networks. Confidential and Proprietary.1
WHAT’S CHANGED?THE EVOLUTION OF THE ATTACKER
$1+CYBERCRIME NOW
$1+ trillion industry
CYBER WARFARE
100+nations
CYBER WARFARE
10 000CYBER PROFESSIONALISM
10.000+hours
2
RdB1
Diapositiva 2
RdB1 I added the 10.000+; the amount of hours over experience the hackers have.. Based on the general rule that you master something after 10.000 hrs.Ronald den Braven; 20/01/2015
THIS IS WHAT CHANGED! LIMITED VISIBILITY & CORRELATION
BAD vs GOOD ATTACKS ACCROSS PERIMETER, MOBILE AND CLOUD
CIO CONCERNS
$1 2B SALES in 18
CIO CONCERNS
$1.2B SALES in 18 MONTHS
MALWAREUPDATES
24/7 SUPPORTCYBERCRIME COST: $445B P/Y
$60B IN GERMANY ALONE
3
24/7 SUPPORT $60B IN GERMANY ALONE~1.6% ECONOMY LOSS
WHAT’S CHANGED?
SaaSSOCIAL +
CONSUMERIZATIONTHE EVOLUTION OF BUSINESS
Massive opportunityfor cyber criminals
CLOUD +
4
CLOUD +VIRTUALIZATIONMOBILITY + BYOD
President Obama Speaks at the White House Summit on Cybersecurity and Consumer Protection
5
RdB2
Diapositiva 5
RdB2 Animated slide which shows the unknown (ssl, app threat vector) challenge and turning the unknown to known (malware found stats)Ronald den Braven; 20/01/2015
FAILURE OF LEGACY SECURITY ARCHITECTURES
DNS t ti f
Limited visibility Manual responseLacks correlation
Endpoint AV
DNS protection cloudDNS protection for
outbound DNS
DNS Alert
Internet
UTM/Blades
DNS AlertEndpoint Alert
SMTP AlertAV Alert
SMTP AlertAV Alert
Web Alert
Anti-APT for port 80 APTs
Anti-APT for port 25 APTs
Network AVAnti-APT cloud
Enterprise Network
AV AlertWeb Alert
Web Alert DNS Alert
AV AlertEndpoint Alert
port 80 APTsport 25 APTs Anti-APT cloud
Vendor 1Vendor 2
Vendor 3Vendor 4
Internet ConnectionMalware Intelligence
6
WHY BREACHES STILL HAPPENCOMMON TRAITS
P t b d St ti 0 D M l ID d ti lPort basedFirewall
Static IPS
0-Day Malware and Exploits
used
ID credentialshijacked
7
WHY ONLY TRY TO DETECT MALWARE ONCE?DETECT AND PREVENT THREATS AT EVERY POINT ACROSS THE ORGANIZATION
– ITS NOT JUST ABOUT THE INTERNET EDGE
Cloud
At the internet edge
Between employees and
At the data center edge, and
At the mobile device
Within private, public and hybridedge employees and
devices within the LAN
edge, and between VM’s
device public and hybrid clouds
8
AND MORE IMPORTANTLY, SIMPLIFY THIS…
DNS t ti f
Limited visibility Manual responseLacks correlation
Endpoint AV
DNS protection cloudDNS protection for
outbound DNS
DNS Alert
Internet
UTM/Blades
DNS AlertEndpoint Alert
SMTP AlertAV Alert
SMTP AlertAV Alert
Web Alert
Anti-APT for port 80 APTs
Anti-APT for port 25 APTs
Network AVAnti-APT cloud
Enterprise Network
AV AlertWeb Alert
Web Alert DNS Alert
AV AlertEndpoint Alert
port 80 APTsport 25 APTs Anti-APT cloud
Vendor 1Vendor 2
Vendor 3Vendor 4
Internet ConnectionMalware Intelligence
9
TO THIS…DNS AlertEndpoint AlertWeb AlertAPTEndpoint Alert
WildFireTM GlobalProtect
NGFWNGFWNGFW
Traps Traps
InternetNGFW
Traps
Traps
Traps
Traps
Enterprise Network
Palo Alto Networks①Significantly reduced their risk②Malware
Prevention②Dropped their TCO③ Increased their business agility
10
Requirements for Security in todays Threat Landscape
1. Application based security rules– Including the ability to decrypt flows
2. Rules based on User Identity/User Groups
3 Wildfire subscription to detect unknown malware3. Wildfire subscription to detect unknown malware
4. Threat Prevention subscription to enable dynamic prevention signatures for malware
5. URL (PAN-DB) subscription to enable dynamic prevention of malware Command & Control
Gl b lP t t t i t th th t f ti d t h l t Id tit6. GlobalProtect to secure against the threat of time and to help assert Identity
11
DELIVERING THE NEXT-GENERATION SECURITY PLATFORM
THREAT INTELLIGENCE
CLOUD
AUTOMATED
NATIVELY INTEGRATED EXTENSIBLEINTEGRATED
12
NEXT-GENERATION FIREWALL
ADVANCED ENDPOINT PROTECTION
TRAPS : benefits
Install Patches on Network
and CloudPrevent
Zero Day
Your Own Schedule Signature-
less No
and Cloud integration
Vulnerabilities and Unknown
Malware Protect ANY Minimal
less No Frequent Updates
Application From Exploits
Performance Impact
Save Time and Money
13
Threat Intelligence CloudAutomated Prevention & Reporting
THREAT INTELLIGENCE CLOUD
192,000Anti-malware
24 00024,000URL
13,500DNSNew protections per day
DNS
Forensics & Reporting
Threat Prevention
URL Filtering
WildFire
p yDelivered in 15 minutes
14
p g
WildFire: Protecting Against The UnknownSandboxing The Unknown
Protections developed withSSL encryptionAll ports
SMTP
Protections developed with in-line enforcement across the kill-chainIntelligence correlated across:
Web WildFire
All trafficSSL encryption
Data centerEndpoint
FTP
SMB g
D t t k
WildFire Threat Prevention URL FilteringPerimeter
All commonly exploited file types
SMB
Detect unknown Malware Exploits Command-and-control
3rd party data
15
DNS queries Malware URLs
There’s Never Been A Better Time to Migrate to Palo Alto Networks Minimize Risk by Migrating in Phasesy g g
Migration from Migration to Enterprise Security
Ci Application based security
Migration from Legacy Firewall
Migration to App-ID
Enterprise Security Platform
Cisco Check Point Fortinet McAfee
Application-based security polices
WildFire URL Filtering Threat Protection Traps (Endpoint)
Juniperp ( p )
AutoFocus Global Protect
T k d t f thInitial Migration of third-party vendor firewall to
Palo Alto Networks port-based mode
Migrating fromPalo Alto Networks Port-based mode to App-ID
Take advantage of the advanced protection of Palo Alto Networks full
security platform
1616 | ©2015, Palo Alto Networks. Confidential and Proprietary.
WHY PALO ALTO NETWORKS
Zero-D
Reduce Risk PolicyDetection Mobility
Respon Control CorrelationPeople
Application
Prevention
DayReduce Risk y
VisibilityBYOD Management
nsive
Public Cloud
Segm
Users Virtualization
PreventionEndpoint
Exploit
AutomationPrivate Cloud
Scalability
mentatio
AgileSupport
C
Data CenterVulnerability
Anti-Malware Forensics
Perfo
Scalability on
Inte
Com
mand-
Safe EnablementRemediation
ormance
Applications
Perimeter
grated
Web Security
-&-Contro
EcosystemContext
S i17
ePlatform
yol Services Culture
PALO ALTO NETWORKS AT-A-GLANCE
CORPORATE HIGHLIGHTSCORPORATE HIGHLIGHTS
• Founded in 2005; first customer shipment in 2007 $598$600
$MM
REVENUESREVENUES ENTERPRISE CUSTOMERSENTERPRISE CUSTOMERS
19 00020 000• Safely enabling applications and
preventing cyber threats
• Able to address all enterprise cybersecurity needs
$
$396
$598
$400
$600
9 000
13,500
19,000
12.000
16.000
20.000
• Exceptional ability to support global customers
• Experienced team of 2,000+ employees $13 $49
$119
$255
$0
$2004.700
9.000
4.000
8.000
• Q3FY15 : $234M (55% YoY)$0
FY09 FY10 FY11 FY12 FY13 FY14 0lug-11 lug-12 lug-13 lug-14
18
Customer growth
19
Recent Highlights
20
Autofocus : cyber threat intelligence
21
2015 Magic Quadrant for Network Enterprise Firewalls
22
23