Why Palo Alto Networks isn't a firewall anymore and You should STOP calling it that!

Before we start finishing each other's sentences I think it's important to clarify right up front, this isn't an article about next generation firewalls . That post belongs in 2008, a time when the world was coming to terms with the uselessness (real word) of filtering ports.

But even that definition "NGFW" is dated. Most people believe Palo Alto Networks makes a firewall. They don't. I don't think they ever did. The word firewall conjures a virtual gateway in which information cannot be accessed unless permitted over a network. It can do that, but I don't think that was ever the intent.

They do one thing: Prevent Threats. I think what's clear here is that a small part of that includes inspecting traffic in order to prevent access.

Which brings me to how to do that, the ABC's of threat prevention. A litmus test for whether you can prevent threats is to take a common one, say "Malware" and think Crypto-Locker. There's a few ways in and a few things to infect See Diagram for a gross over simplification of your IT environment:

A) Data Center: Your Off network Files (Cloud) or Datacenter Systems You can go home, connect to 3G access the cloud and download malware all you want.

B) Endpoint: Get out the USBs pre-infected with malware, the lateral movement on flat networks and the ever present list of services on Microsoft laptops which allow full control of your machine over the network.

C) Network: Flat, Dense and accessible by everyone, your network is a breading ground for malware. I would know I work in product management for IntelliGO Network Access control, most people don't even authorize devices to their network. So anything goes and so does the malware. Most people also still don't even conceive of VMware as a network, nope, just a bunch of servers sitting side by side. Anyway. Security researchers have thought about this, heavily. This isn't a futurist network. This is your network. These are your threats. So, to keep you up to date Palo Alto Networks has invested heavily in building endpoint, cloud and virtual tools that help you protect these together.

You can't UTM your way to a Platform. You are either Best of Breed or You're Not.
You want a Firewall you invite Palo Alto Networks, Checkpoint and Cisco.
You think about URL Filtering you're going to invite Palo Alto Networks, Websense.
You want IPS you invite Palo Alto Networks, SourceFire.
You want APT protection you invite Palo Alto Networks and FireEye.
But if you want to be a platform you need to be best of breed in all these categories or you won't get used for it.
- Nir Zuk Founder or Palo Alto Network at Ignite 2015. (DISCLAIMER: Serious paraphrasing and liberties taken).

Since their IPO I think few realize this. See update Graphic:
A) Data Center: Includes the cloud, Aperture helps secure files in drop-box, onedrive etc. It's about preventing threats, the data breach and that can happen with Shadow IT not just sanctioned apps heading out the corporate egress. For most people this is called a CASBY, but most don't understand how the market leader in safe application enablement has security for apps off-network as well.

B) Endpoint: includes Windows, Mac, Linux etc and is server and workstation and blocks threats in coordination with the other tools. This is called traps, and the coordination story allows you to protect your endpoints, wherever they are from getting exploited by malware.

C) Network: Includes VMware, Cloud and East-West Traffic. If your network only remind you of a switch then this article isn't for you. Everywhere traffic is, network inspection needs to be: Yes: the SSL protected traffic in your VM environment needs to be inspected. In summary: The market has redefined what a firewall can be today. These terms still don't define the Platform story of Palo Alto Networks. To enable this platform is our mission so that we can prevent attacks and change point solution thinking for organizations. So the next time you have a "Firewall" "Content Filtering" "NAC" "CASBY" "Endpoint Security" project, I suggest you take the litmus test. Given the malware infections above would these tools stop an attack across A, B and C? If the answer is no then you're likely still looking for a platform.

Adam Mansour CTO: IntelliGO Networks Inc.

Social Media Updates

Wed May 17 14:54:15 +0000 2017

Wed May 17 13:47:48 +0000 2017

How our customers can protect themselves from WannaCry Ransomeware attack: https://t.co/d6zmUx5R9Y
Sat May 13 18:29:59 +0000 2017

Ransomware WannaCry now hits 99 Countries! over 75,000 Cases! https://t.co/ediq2Llt1f https://t.co/4B5TlX8cxd
Sat May 13 18:28:34 +0000 2017

Largest Cyber Attack in History NSA Vulnerability leads to Ransomeware across dozens of organizations… https://t.co/1F1nddOQ12
Sat May 13 18:25:15 +0000 2017

IntelliGO MSS Platform Version 6.0 Unveiling at GISEC 2017 in Dubai FREE TICKET GIVEAWAY : https://t.co/78IbJHoxd6 https://t.co/EgSFzWf2Sw
Sat May 13 18:19:53 +0000 2017

Happy Holidays to Everyone from IntelliGO Networks. This year our card helps test your Malware Defenses (Safely) -> https://t.co/fgeOZJ8fib
Wed Dec 21 14:33:50 +0000 2016

Fri Dec 09 05:40:17 +0000 2016

Fri Dec 09 05:33:08 +0000 2016

Wed Nov 30 20:58:30 +0000 2016

Time is running out Join us This Tuesday, Nov 29th 11:30 AM @ Culinaria Mississauga Register:… https://t.co/7IZXT7IFSi
Mon Nov 28 00:51:50 +0000 2016

Thu Nov 17 05:00:23 +0000 2016

Thu Nov 17 04:52:31 +0000 2016

Join IntelliGO & Palo Alto Networks Advanced Endpoint Prevention Event Nov 29th 11:30 AM @ Culinaria Mississauga… https://t.co/NXI7QJkUa3
Thu Nov 10 18:54:59 +0000 2016

Tue Oct 25 01:25:39 +0000 2016

Mon Oct 24 19:50:46 +0000 2016

Mon Oct 24 18:15:00 +0000 2016

Mon Oct 24 18:14:38 +0000 2016

Mon Oct 24 18:13:57 +0000 2016

Mon Oct 24 18:13:12 +0000 2016

From Goblin Panda to Flying Kitten: the latest online security threats - http://t.co/UEWv1GdDGa
Fri Feb 13 15:45:15 +0000 2015

Hackers can get into most 'connected cars' - http://t.co/Pzi8j2NM6g
Thu Feb 12 20:28:56 +0000 2015