Back to Insights

ML Powered NGFW From Palo Alto Network

Managed services 07/14/2020 - 14:01 by Ruchika Tyagi

Palo Alto is launching the World’s first ML-powered NGFW to defend networks and IoT device

Next-Generation Firewall (NGFW) is a 3rd generation firewall that is available in hardware and software versions. NGFW is capable of detecting and blocking sophisticated attacks. Gartner defines it as a “deep-packet inspection firewall that moves beyond port/protocol inspection and blocking to add application-level inspection, intrusion prevention, and bringing intelligence from outside the firewall”.

Network Perimeter Security and its Challenges

The network perimeter is the first layer that needs to be protected to secure companies from outside threats. Cyber-attacks are rising at a rapid pace and traditional security approaches cannot keep up with millions of new devices, different flavors of operating systems, and different software applications coming into the network.

IoT devices are growing exponentially. They have different agents, patches, and operating systems. It is difficult to set security policies around them.

Evaluating huge amounts of data that we are collecting from different security solutions is also a challenge.

To add to this complexity, workspaces, and technology have become more volatile. Hence trying to protect the network by traditional methods is no longer effective.

It’s now time to rethink perimeter-based security models and evaluate the entire infrastructure from a security point of view. Enterprise networks are widening with hybrid clouds, WAN, Access edges, IoT, Containers, 5G, and LAN. It is practically not possible to keep the security policy updated with manual methods.

The need for today is a proactive Cybersecurity paradigm shift from reactive security.

As businesses defend their ever-increasing points of entry against cyberattacks, Palo Alto Networks, a global cybersecurity leader, introduced the World’s first Machine Learning(ML)-powered NGFW, which runs on ML in the core of the firewall to provide real-time protection, securing IoT devices, recommending policies.

Advanced features in the ML-powered NGFW – expansion and its performance

  1. Prevents up to 95% of advanced threats by using inline machine learning(ML) in the core of the firewall to provide real-time threat prevention from unknown attacks.
  2. It analyses the traffic behavior with the help of telemetry information from the network and combines it with existing Palo Alto data.
  3. behavioral analysis helps in detecting threats to IoT devices without deploying any new sensors. Palo Alto Networks IoT security is powered by ML to deliver complete device visibility; highlight anomalies, and vulnerabilities, and recommend security policies.
  4. A combination of cloud-based CPU and ML helps in detecting new attacks and also recommends policy changes. It saves time and reduces human error, a leading cause of breaches.
  5. Zero delay signatures and action to prevent cyber-attacks in real-time resulting in a 99.5% reduction in systems infected.

Additional security

Palo Alto has introduced 70 new features with PAN-OS version 10.0 Operating Systems like easier decryption, prevent DNS attacks, and support transportation layer security 1.3. PAN-OS 10.0 supports a subscription that prevents IoT, high availability clustering of 16 devices, a new high-performance hardware card, Snort support in threat prevention, and DNS security enhancements with deep visibility.

IoT service is based on cloud-based IoT discovery, identity, and security technology which identifies the application running in the Firewall. Palo Alto App-ID will automatically discover new IoT devices, assess and the basis of analysis recommend policy changes to secure IoT.

The new version of the Next Generation firewall is called CN Series. PAN 10.0 introduces the CN-Series a containerized form factor for the ML-powered NGFW. It will protect Kubernetes containers. CN series will provide full visibility in Layer 7 into container traffic and offer protection to not only inbound traffic but also to east-west and outbound traffic.

CN series provides NGFW protection and is not dependent on where the application is hosted.

PAN-OS version 10.0 is expected to be available by mid-July. It will be available as software, an appliance, or as a cloud service. It is also a part of Palo Alto’s cloud-based security package, Prisma.

How we can help you?

Teceze provides combined expertise in security, cloud, and networking technologies. We help our clients protect their infrastructure, from the core to the edge.

Developing the expertise or finding the resources to properly deploy and manage NGFW can be challenging. Inappropriate configured security policies can bring as much risk as vulnerabilities from unpatched systems. Teceze can help reduce the attack surface by effectively utilizing the power of NGFW.

Cybersecurity is our DNA. We have committed time and resources, and our expert certifications from Palo Alto Network with years of hands-on experience are a testament to this accomplishment.

Do you know who is in your network? What applications and IoT are running in your network? Why spend time and money when we can provide expert management with our flexible offering to support your business?

The only way to protect what you’ve worked hard to build is to be vigilant when it comes to cybersecurity. If you’d like to know more about how your business can benefit from managed services, just give us a call, we are here to help.

The World's First ML Powered NGFW. Legacy firewall security solutions react to new threats. Palo Alto Networks to make security Intelligent and proactive.