Updated: Nov 3, 2020
As companies need to protect an increasing number of network entrances to resist constantly evolving and escalating network attacks, Palo Alto Networks, a global network security company, recently announced the launch of a next-generation firewall (NGFW) based on machine learning technology. The product embeds machine learning (ML) technology into the core of the firewall, proactively helps and intelligently prevents threats, protects IoT devices, and recommends security strategies, which once again set a new benchmark for network security.
Nir Zuk, founder, and chief technology officer of Palo Alto Networks, said, “We created the next-generation firewall 13 years ago and completely changed the network security landscape. With the expansion of corporate networks-hybrid cloud, Internet of Things Equipment, and home office environment as well as the rapid and automated evolution of attack methods, we once again need a new way to deal with network security issues. PAN-OS 10.0 created the world's first next-generation firewall based on machine learning technology. Continuous learning in this field and proactively improving safety performance will help safety professionals not only keep up with safety trends but stay ahead.”
Palo Alto Networks’ PAN-OS 10.0 machine learning technology-based next-generation firewall introduces a number of industry-first features, including:
1. Local malware and phishing defense functions based on machine learning technology
As attackers use automatic machine deformation attacks, the value of signatures in preventing these attacks gradually decreases. In the past, network security products only used machine learning mode for remote detection, but now Palo Alto Networks' next-generation firewall based on machine learning technology uses a local machine learning model to help prevent previously unknown attacks. It also assures the security of the network.
2. Zero delay signature update
Palo Alto Networks has been in the leading position in the industry in reducing the response time of threats from days to minutes. Now zero delay protection is introduced to further reduce the probability of system infection by 99.5%.
3. Integrated Internet of things security function based on machine learning technology
New IoT devices are increasing, and often join the network without security and without the information security team's knowledge. Palo Alto Networks' new IoT security features, based on machine learning technology, provide comprehensive device visibility, including those never seen before. It also can highlight anomalies and vulnerabilities and recommend appropriate security policies - all without additional sensors or infrastructure.
4. Security strategy based on machine learning technology
The next-generation firewall based on machine learning technology can analyze a large number of telemetry data and then recommend security policies. Through PAN-OS 10.0 and IOT security features, customers will be able to view and adopt the behavior of security devices recommended by IoT security policy. This will save time, reduce the chance of human error, and help protect IoT devices.
By integrating these four industry initiatives into a single system, Palo Alto Networks' next-generation firewall based on machine learning technology can help enterprises instantly prevent up to 95% of unknown files and web threats; automatically provide security policy suggestions to save time and reduce the probability of human error; adjust and provide real-time defense function; and extend visibility and security to all devices, including unmanaged IoT devices, without the need to deploy additional transmission Sensilla.
In addition, PAN-OS 10.0 also introduces CN series, a containerized solution for the next generation firewall based on machine learning technology, as well as more than 70 innovative functions, including simplified decryption, high availability clustering, new high-performance hardware cards, threat defense, and enhanced DNS security functions.
The next-generation firewall of Palo Alto networks uses App-ID, User-ID, and Content-ID to achieve unprecedented visualization and control capabilities for applications, users, and content. These three kinds of identification technologies have been applied to each Palo Alto Networks firewall, enabling enterprises to use applications safely and confidently, while greatly reducing the total cost through device integration.
1. App-ID: identifying applications
Each App-ID automatically uses four traffic classification mechanisms to identify applications. App-ID continuously monitors application status, reclassifies traffic, and identifies various features in use. Its security policy determines how the application is handled: block, allow, or security enable (scan embedded threats and block, detect unauthorized file transfers and data types, or use QoS to control bandwidth).
2. User-ID: identify users
The new generation of Palo Alto networks security gateway can be closely connected with various user databases. By dynamically combining IP address with user and user group information, the visibility of network user activities is greatly improved. According to the information of users and user groups, the IT department can formulate various security policies and generate various user access records and management reports.
3. Content-ID: identifying content
Content-ID can easily limit unauthorized file transfer detection, block various network security threats, and control and manage various non-work-related web browsing. According to the application identification and control ability brought by the integration of content ID, and the detection and defense ability of transmission content provided by content ID, the IT department can fully grasp all network usage behaviors and transmitted content.