Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking
Uploaded by Disha Shah

basic overview

advertisement 
Palo Alto
Single Pass parallel Processing
Challenges over SP3
• Port-Based Rules Were Never Secure
• Secure Traffic with Application-Based Control:App-ID allows you to identify the application
regardless of which port is being used. App-ID reduces the attack surface because only permitted
applications are allowed to traverse the network. There are fewer avenues of attack when you limit
the number of services and applications permitted on the network.
• Use Policy Optimizer to Move
from Port-Based to App-ID-Based Rules​:
App-ID Cloud Engine (ACE) with SaaS Inline Security Subscription
• The App-ID Cloud Engine (ACE) is a service that enables the firewall or Panorama to download
App-IDs from the cloud for applications that do not have specific predefined App-IDs from the Palo
Alto Networks content team. These are the applications that the firewall identifies as SSL, webbrowsing, unknown-tcp, or unknown-udp traffic. Use ACE App-IDs in Security policy rules to gain
visibility into those applications and control them; use Policy Optimizer to add and manage
applications in Security policy. You cannot use ACE App-IDs in any other types of policy rules. ACE
requires a SaaS Security Inline subscription. Each appliance that uses ACE must have a valid
device certificate installed.
• Content-ID?
• Content-ID combines a real-time threat prevention engine with a comprehensive URL database and
elements of application identification to limit unauthorized data and file transfers and detect and block a wide
range of exploits, malware, dangerous web surfing as well as targeted and unknown threats. The application
visibility and control delivered by App-ID, combined with the content inspection enabled by Content-ID
means that IT departments can regain control over application traffic and related content.
•
Content-ID delivers a new approach based on the complete analysis of all allowed
traffic using multiple threat prevention and data-loss prevention techniques in a single,
unified engine. Unlike traditional solutions,
Palo Alto Networks controls the threat vectors themselves through
the granular management of all types of applications.
•
This immediately reduces the “attack surface” of the network,
•
after which all allowed traffic is analyzed for exploits, malware,
•
malicious URLs, and dangerous or restricted files or content.
advantages of Content-ID
USER ID
• User-ID is a cornerstone feature of the NGFW’s single-pass architecture, giving organizations the ability to write
policy, display logs, and display reports by using usernames instead of IP addresses and port numbers. This
means that no matter where a user is connecting from, consistent reports can be generated and consistent
policy will be applied.
• User-ID™ technology enables our next-generation firewalls (NGFWs) to identify users in all locations, no matter
what their device type or operating system. Visibility into application activity based on users and groups, instead
of IP addresses, safely enables applications by aligning usage with business requirements.
•
User-ID is a cornerstone feature of the NGFW’s single-pass architecture, giving organizations the ability to write policy, display logs, and display reports by using
usernames instead of IP addresses and port numbers. This means that no matter where a user is connecting from, consistent reports can be generated and
consistent policy will be applied.
Device ID
• Device-ID on your firewall gives you visibility into the behavior
of devices on your network and enables you to write policies
based on the characteristics of a device.
Related documents
Muscle Reading - Temple University
Muscle Reading - Temple University
Mid-Term Quest Ace, Anita Annie, Leslie Denise, and Maggie
Mid-Term Quest Ace, Anita Annie, Leslie Denise, and Maggie
noobpreneur
noobpreneur
Invoice Template
Invoice Template
Download
advertisement