Submit Search
Upload
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto Networks)
•
Download as PPTX, PDF
•
17 likes
•
11,015 views
BAKOTECH
Follow
End to End Security With Palo Alto Networks
Read less
Read more
Technology
Report
Share
Report
Share
1 of 74
Download now
Recommended
01- intro to firewall concepts
01- intro to firewall concepts
Mostafa El Lathy
Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013
Belsoft
19 high availability
19 high availability
Mostafa El Lathy
7 palo alto security zones & interfaces concepts
7 palo alto security zones & interfaces concepts
Mostafa El Lathy
20 palo alto site to site
20 palo alto site to site
Mostafa El Lathy
Palo alto-review
Palo alto-review
Rayan Darine
12 palo alto app-id concept
12 palo alto app-id concept
Mostafa El Lathy
9 palo alto virtual routers concept (routing on palo alto)
9 palo alto virtual routers concept (routing on palo alto)
Mostafa El Lathy
Recommended
01- intro to firewall concepts
01- intro to firewall concepts
Mostafa El Lathy
Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013
Belsoft
19 high availability
19 high availability
Mostafa El Lathy
7 palo alto security zones & interfaces concepts
7 palo alto security zones & interfaces concepts
Mostafa El Lathy
20 palo alto site to site
20 palo alto site to site
Mostafa El Lathy
Palo alto-review
Palo alto-review
Rayan Darine
12 palo alto app-id concept
12 palo alto app-id concept
Mostafa El Lathy
9 palo alto virtual routers concept (routing on palo alto)
9 palo alto virtual routers concept (routing on palo alto)
Mostafa El Lathy
6 pan-os software update & downgrade instruction
6 pan-os software update & downgrade instruction
Mostafa El Lathy
Palo alto networks product overview
Palo alto networks product overview
Belsoft
13 palo alto url web filtering concept
13 palo alto url web filtering concept
Mostafa El Lathy
Palo alto networks next generation firewalls
Palo alto networks next generation firewalls
Castleforce
8 palo alto security policy concepts
8 palo alto security policy concepts
Mostafa El Lathy
17 palo alto threat prevention concept
17 palo alto threat prevention concept
Mostafa El Lathy
10 palo alto nat policy concepts
10 palo alto nat policy concepts
Mostafa El Lathy
11 palo alto user-id concepts
11 palo alto user-id concepts
Mostafa El Lathy
2 what is the best firewall (sizing)
2 what is the best firewall (sizing)
Mostafa El Lathy
Palo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El Lathy
Mostafa El Lathy
Palo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation Firewall
Mundo Contact
3 palo alto ngfw architecture overview
3 palo alto ngfw architecture overview
Mostafa El Lathy
5 initial access to palo alto using cli
5 initial access to palo alto using cli
Mostafa El Lathy
Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Ajeet Singh
4 palo alto licenses
4 palo alto licenses
Mostafa El Lathy
ASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment Scenarios
Cisco Canada
16 palo alto ssl decryption policy concept
16 palo alto ssl decryption policy concept
Mostafa El Lathy
Presentacion Palo Alto Networks
Presentacion Palo Alto Networks
Laurent Daudré-Vignier
PAN-OS - Network Security/Prevention Everywhere
PAN-OS - Network Security/Prevention Everywhere
Global Knowledge Training
Putting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation Firewall
Cisco Canada
Palo alto networks NAT flow logic
Palo alto networks NAT flow logic
Alberto Rivai
Palo Alto Networks: Protection for Security & Compliance
Palo Alto Networks: Protection for Security & Compliance
Amazon Web Services
More Related Content
What's hot
6 pan-os software update & downgrade instruction
6 pan-os software update & downgrade instruction
Mostafa El Lathy
Palo alto networks product overview
Palo alto networks product overview
Belsoft
13 palo alto url web filtering concept
13 palo alto url web filtering concept
Mostafa El Lathy
Palo alto networks next generation firewalls
Palo alto networks next generation firewalls
Castleforce
8 palo alto security policy concepts
8 palo alto security policy concepts
Mostafa El Lathy
17 palo alto threat prevention concept
17 palo alto threat prevention concept
Mostafa El Lathy
10 palo alto nat policy concepts
10 palo alto nat policy concepts
Mostafa El Lathy
11 palo alto user-id concepts
11 palo alto user-id concepts
Mostafa El Lathy
2 what is the best firewall (sizing)
2 what is the best firewall (sizing)
Mostafa El Lathy
Palo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El Lathy
Mostafa El Lathy
Palo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation Firewall
Mundo Contact
3 palo alto ngfw architecture overview
3 palo alto ngfw architecture overview
Mostafa El Lathy
5 initial access to palo alto using cli
5 initial access to palo alto using cli
Mostafa El Lathy
Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Ajeet Singh
4 palo alto licenses
4 palo alto licenses
Mostafa El Lathy
ASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment Scenarios
Cisco Canada
16 palo alto ssl decryption policy concept
16 palo alto ssl decryption policy concept
Mostafa El Lathy
Presentacion Palo Alto Networks
Presentacion Palo Alto Networks
Laurent Daudré-Vignier
PAN-OS - Network Security/Prevention Everywhere
PAN-OS - Network Security/Prevention Everywhere
Global Knowledge Training
Putting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation Firewall
Cisco Canada
What's hot
(20)
6 pan-os software update & downgrade instruction
6 pan-os software update & downgrade instruction
Palo alto networks product overview
Palo alto networks product overview
13 palo alto url web filtering concept
13 palo alto url web filtering concept
Palo alto networks next generation firewalls
Palo alto networks next generation firewalls
8 palo alto security policy concepts
8 palo alto security policy concepts
17 palo alto threat prevention concept
17 palo alto threat prevention concept
10 palo alto nat policy concepts
10 palo alto nat policy concepts
11 palo alto user-id concepts
11 palo alto user-id concepts
2 what is the best firewall (sizing)
2 what is the best firewall (sizing)
Palo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El Lathy
Palo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation Firewall
3 palo alto ngfw architecture overview
3 palo alto ngfw architecture overview
5 initial access to palo alto using cli
5 initial access to palo alto using cli
Palo Alto Virtual firewall deployment guide on OpenStack Cloud
Palo Alto Virtual firewall deployment guide on OpenStack Cloud
4 palo alto licenses
4 palo alto licenses
ASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment Scenarios
16 palo alto ssl decryption policy concept
16 palo alto ssl decryption policy concept
Presentacion Palo Alto Networks
Presentacion Palo Alto Networks
PAN-OS - Network Security/Prevention Everywhere
PAN-OS - Network Security/Prevention Everywhere
Putting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation Firewall
Viewers also liked
Palo alto networks NAT flow logic
Palo alto networks NAT flow logic
Alberto Rivai
Palo Alto Networks: Protection for Security & Compliance
Palo Alto Networks: Protection for Security & Compliance
Amazon Web Services
Palo Alto Networks authentication
Palo Alto Networks authentication
Alberto Rivai
PALO ALTO presentation used during the SWITCHPOINT NV/SA Quarterly Experience...
PALO ALTO presentation used during the SWITCHPOINT NV/SA Quarterly Experience...
SWITCHPOINT NV/SA
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
BAKOTECH
User Expert forum Wildfire configuration
User Expert forum Wildfire configuration
Alberto Rivai
Palo Alto Networks - Just another Firewall
Palo Alto Networks - Just another Firewall
pillardata
User id installation and configuration
User id installation and configuration
Alberto Rivai
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
Amazon Web Services
Palo Alto
Palo Alto
Hajar Otmani
Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"
Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"
CloudCamp Chicago
Drive by downloads-cns
Drive by downloads-cns
mmubashirkhan
OpenStack Summit Tokyo 2015: Scale or Fail: Containers on OpenStack with Open...
OpenStack Summit Tokyo 2015: Scale or Fail: Containers on OpenStack with Open...
Diane Mueller
Prevent ssh-tunneling
Prevent ssh-tunneling
Yudi Arijanto
How to prevent ssh-tunneling using Palo Alto Networks NGFW
How to prevent ssh-tunneling using Palo Alto Networks NGFW
Yudi Arijanto
Luncheon - 2016-05-19 IBM Security - Threat Intelligence by Michael Montecillo
Luncheon - 2016-05-19 IBM Security - Threat Intelligence by Michael Montecillo
North Texas Chapter of the ISSA
PANOS 4.1 Administrators Guide
PANOS 4.1 Administrators Guide
Altaware, Inc.
Palo alto networks pcnse6 study guide feb 2015
Palo alto networks pcnse6 study guide feb 2015
Silva_2
Palo Alto Networks - Next-generation Firewall Security with Expanding Scalabi...
Palo Alto Networks - Next-generation Firewall Security with Expanding Scalabi...
LiveAction Next Generation Network Management Software
Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...
Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...
IBM Security
Viewers also liked
(20)
Palo alto networks NAT flow logic
Palo alto networks NAT flow logic
Palo Alto Networks: Protection for Security & Compliance
Palo Alto Networks: Protection for Security & Compliance
Palo Alto Networks authentication
Palo Alto Networks authentication
PALO ALTO presentation used during the SWITCHPOINT NV/SA Quarterly Experience...
PALO ALTO presentation used during the SWITCHPOINT NV/SA Quarterly Experience...
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
User Expert forum Wildfire configuration
User Expert forum Wildfire configuration
Palo Alto Networks - Just another Firewall
Palo Alto Networks - Just another Firewall
User id installation and configuration
User id installation and configuration
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
Palo Alto
Palo Alto
Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"
Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"
Drive by downloads-cns
Drive by downloads-cns
OpenStack Summit Tokyo 2015: Scale or Fail: Containers on OpenStack with Open...
OpenStack Summit Tokyo 2015: Scale or Fail: Containers on OpenStack with Open...
Prevent ssh-tunneling
Prevent ssh-tunneling
How to prevent ssh-tunneling using Palo Alto Networks NGFW
How to prevent ssh-tunneling using Palo Alto Networks NGFW
Luncheon - 2016-05-19 IBM Security - Threat Intelligence by Michael Montecillo
Luncheon - 2016-05-19 IBM Security - Threat Intelligence by Michael Montecillo
PANOS 4.1 Administrators Guide
PANOS 4.1 Administrators Guide
Palo alto networks pcnse6 study guide feb 2015
Palo alto networks pcnse6 study guide feb 2015
Palo Alto Networks - Next-generation Firewall Security with Expanding Scalabi...
Palo Alto Networks - Next-generation Firewall Security with Expanding Scalabi...
Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...
Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...
Similar to End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto Networks)
Palo_Alto_Networks_Cust_June_2009.ppt
Palo_Alto_Networks_Cust_June_2009.ppt
PatrickAng14
[CLASS 2014] Palestra Técnica - Delfin Rodillas
[CLASS 2014] Palestra Técnica - Delfin Rodillas
TI Safe
Palo Alto Networks, The Networking Security Company
Palo Alto Networks, The Networking Security Company
dtimal
Palo Alto Networks Soc Ent Okt2009
Palo Alto Networks Soc Ent Okt2009
Zernike College
Secure Enterprise Mobility
Secure Enterprise Mobility
Aruba, a Hewlett Packard Enterprise company
Palo alto safe application enablement
Palo alto safe application enablement
responsedatacomms
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
Chrysostomos Christofi
Check Point Solutions Portfolio- Detailed
Check Point Solutions Portfolio- Detailed
Moti Sagey מוטי שגיא
Adaptive Trust for Strong Network Security
Adaptive Trust for Strong Network Security
Aruba, a Hewlett Packard Enterprise company
Defining Advanced AAA Policies for Access Networks
Defining Advanced AAA Policies for Access Networks
Aruba, a Hewlett Packard Enterprise company
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Cristian Garcia G.
Invea - Jiri Tobola
Invea - Jiri Tobola
Jan Fried
Vancouver security road show master deck final
Vancouver security road show master deck final
Scalar Decisions
Advanced Access Management with Aruba ClearPass #AirheadsConf Italy
Advanced Access Management with Aruba ClearPass #AirheadsConf Italy
Aruba, a Hewlett Packard Enterprise company
Pangpse training q12011
Pangpse training q12011
Joe Palo Alto
asdasdsadsadasdasdaddasdasdasdasdweqweqewqe
asdasdsadsadasdasdaddasdasdasdasdweqweqewqe
almondzzzz938
Cyberoam Firewall Presentation
Cyberoam Firewall Presentation
Manoj Kumar Mishra
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
CA API Management
Air heads rio 2010 aruba pef overview
Air heads rio 2010 aruba pef overview
Aruba, a Hewlett Packard Enterprise company
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud Journey
Cloudflare
Similar to End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto Networks)
(20)
Palo_Alto_Networks_Cust_June_2009.ppt
Palo_Alto_Networks_Cust_June_2009.ppt
[CLASS 2014] Palestra Técnica - Delfin Rodillas
[CLASS 2014] Palestra Técnica - Delfin Rodillas
Palo Alto Networks, The Networking Security Company
Palo Alto Networks, The Networking Security Company
Palo Alto Networks Soc Ent Okt2009
Palo Alto Networks Soc Ent Okt2009
Secure Enterprise Mobility
Secure Enterprise Mobility
Palo alto safe application enablement
Palo alto safe application enablement
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
Check Point Solutions Portfolio- Detailed
Check Point Solutions Portfolio- Detailed
Adaptive Trust for Strong Network Security
Adaptive Trust for Strong Network Security
Defining Advanced AAA Policies for Access Networks
Defining Advanced AAA Policies for Access Networks
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Invea - Jiri Tobola
Invea - Jiri Tobola
Vancouver security road show master deck final
Vancouver security road show master deck final
Advanced Access Management with Aruba ClearPass #AirheadsConf Italy
Advanced Access Management with Aruba ClearPass #AirheadsConf Italy
Pangpse training q12011
Pangpse training q12011
asdasdsadsadasdasdaddasdasdasdasdweqweqewqe
asdasdsadsadasdasdaddasdasdasdasdweqweqewqe
Cyberoam Firewall Presentation
Cyberoam Firewall Presentation
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Air heads rio 2010 aruba pef overview
Air heads rio 2010 aruba pef overview
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud Journey
More from BAKOTECH
SOAR
SOAR
BAKOTECH
Upd pci compliance
Upd pci compliance
BAKOTECH
Threat Detection & Response
Threat Detection & Response
BAKOTECH
WatchGuard SD-WAN
WatchGuard SD-WAN
BAKOTECH
WatchGuard WIPS
WatchGuard WIPS
BAKOTECH
WatchGuard Authpoint
WatchGuard Authpoint
BAKOTECH
McAfee Labs Threats Report, August 2019
McAfee Labs Threats Report, August 2019
BAKOTECH
F5 labs 2018. Отчет по защите веб-приложений
F5 labs 2018. Отчет по защите веб-приложений
BAKOTECH
Miercom Unified Threat Management Report - WatchGuard M270
Miercom Unified Threat Management Report - WatchGuard M270
BAKOTECH
WatchGuard Internet Security Report
WatchGuard Internet Security Report
BAKOTECH
BreakingPoint от Ixia
BreakingPoint от Ixia
BAKOTECH
Cloud Visibility for Dummies от IXIA
Cloud Visibility for Dummies от IXIA
BAKOTECH
Network Visibility for Dummies
Network Visibility for Dummies
BAKOTECH
SIEM for Beginners
SIEM for Beginners
BAKOTECH
SIEM для чайников
SIEM для чайников
BAKOTECH
Обеспечение безопасности активов современного бизнеса с помощью криптографии
Обеспечение безопасности активов современного бизнеса с помощью криптографии
BAKOTECH
Надежная защита от утечек информации в условиях современных тенденций ИТ
Надежная защита от утечек информации в условиях современных тенденций ИТ
BAKOTECH
Проблематика безопасности баз данных. Выявление уязвимостей, контроль транзак...
Проблематика безопасности баз данных. Выявление уязвимостей, контроль транзак...
BAKOTECH
Внутренняя угроза: выявление и защита с помощью ObserveIT
Внутренняя угроза: выявление и защита с помощью ObserveIT
BAKOTECH
Обзор инструментов Toad для администраторов Oracle
Обзор инструментов Toad для администраторов Oracle
BAKOTECH
More from BAKOTECH
(20)
SOAR
SOAR
Upd pci compliance
Upd pci compliance
Threat Detection & Response
Threat Detection & Response
WatchGuard SD-WAN
WatchGuard SD-WAN
WatchGuard WIPS
WatchGuard WIPS
WatchGuard Authpoint
WatchGuard Authpoint
McAfee Labs Threats Report, August 2019
McAfee Labs Threats Report, August 2019
F5 labs 2018. Отчет по защите веб-приложений
F5 labs 2018. Отчет по защите веб-приложений
Miercom Unified Threat Management Report - WatchGuard M270
Miercom Unified Threat Management Report - WatchGuard M270
WatchGuard Internet Security Report
WatchGuard Internet Security Report
BreakingPoint от Ixia
BreakingPoint от Ixia
Cloud Visibility for Dummies от IXIA
Cloud Visibility for Dummies от IXIA
Network Visibility for Dummies
Network Visibility for Dummies
SIEM for Beginners
SIEM for Beginners
SIEM для чайников
SIEM для чайников
Обеспечение безопасности активов современного бизнеса с помощью криптографии
Обеспечение безопасности активов современного бизнеса с помощью криптографии
Надежная защита от утечек информации в условиях современных тенденций ИТ
Надежная защита от утечек информации в условиях современных тенденций ИТ
Проблематика безопасности баз данных. Выявление уязвимостей, контроль транзак...
Проблематика безопасности баз данных. Выявление уязвимостей, контроль транзак...
Внутренняя угроза: выявление и защита с помощью ObserveIT
Внутренняя угроза: выявление и защита с помощью ObserveIT
Обзор инструментов Toad для администраторов Oracle
Обзор инструментов Toad для администраторов Oracle
Recently uploaded
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
BkGupta21
Training state-of-the-art general text embedding
Training state-of-the-art general text embedding
Zilliz
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
UiPathCommunity
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
Curtis Poe
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
Stephanie Beckett
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
BookNet Canada
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
Lonnie McRorey
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
2toLead Limited
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
Lars Bell
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
Addepto
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
LoriGlavin3
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
Lorenzo Miniero
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
BookNet Canada
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
BookNet Canada
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
ScyllaDB
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
Fwdays
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
LoriGlavin3
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
Hervé Boutemy
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
Nathaniel Shimoni
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
Rick Flair
Recently uploaded
(20)
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
Training state-of-the-art general text embedding
Training state-of-the-art general text embedding
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto Networks)
1.
Copyright © 2014,
Palo Alto Networks End to End Security With Palo Alto Networks Onur Kasap Systems Engineer November 2014-Kiev
2.
PALO ALTO NETWORKS
AT-A-GLANCE CORPORATE HIGHLIGHTS • Founded in 2005; first customer shipment in 2007 • Safely enabling applications and preventing cyber threats • Able to address all enterprise cybersecurity needs • Exceptional ability to support global customers • Experienced team of 1,700+ employees • Q4FY14: $178.2M revenue Copyright © 2014, Palo Alto Networks $13 REVENUES ENTERPRISE CUSTOMERS $49 $255 $MM $119 $598 $396 $600 $400 $200 $0 FY09 FY10 FY11 FY12 FY13 FY14 4,700 9,000 13,500 19,000 20,000 16,000 12,000 8,000 4,000 0 Jul-11 Jul-12 Jul-13 Jul-14
3.
A clear market
leader – again Copyright © 2014, Palo Alto Networks A leader for 3 years in a row in the magic quadrant for enterprise network firewalls
4.
Applications Have Changed,
Firewalls Haven’t Network security policy is enforced at the firewall • Sees all traffic • Defines boundary • Enables access Traditional firewalls don’t work any more Copyright © 2014, Palo Alto Networks
5.
Encrypted Applications: Unseen
by Firewalls What happens traffic is encrypted? • SSL • Proprietary encryption Copyright © 2014, Palo Alto Networks
6.
Technology Sprawl and
Creep Aren’t the Answer Copyright © 2014, Palo Alto Networks Enterprise Network • “More stuff” doesn’t solve the problem • Firewall “helpers” have limited view of traffic • Complex and costly to buy and maintain • Doesn’t address application “accessibility” features UTM IPS DLP IM AV URL Proxy Internet
7.
Competitors Firewall Architecture
Copyright © 2014, Palo Alto Networks App Signatures IPS Signatures Virus Signature s URL Signatures Application Policy Application Inspection IPS Policy Threat Inspection Anti-Virus Proxy AV Inspection Web Filtering Policy URL Inspection Packet Inspection Flow L4 Session Table Stateful FW policy Port-based session Inspection
8.
Application Control Belongs
in the Firewall Traffic Port Port Policy Decision Copyright © 2014, Palo Alto Networks App Ctrl Policy Decision Application Control as an Add-on • Port-based decision first, apps second • Applications treated as threats; only block what you expressly look for Ramifications • Two policies/log databases, no reconciliation • Unable to effectively manage unknowns IPS Applications Firewall Traffic Application Firewall IPS App Ctrl Policy Decision Scan Application for Threats Applications Application Control in the Firewall • Firewall determines application identity; across all ports, for all traffic, all the time • All policy decisions made based on application Ramifications • Single policy/log database – all context is shared • Policy decisions made based on shared context • Unknowns systematically managed
9.
Evasive Applications •Yahoo
Messenger •BitTorrent Client Copyright © 2014, Palo Alto Networks •Port 80 •Open Port 5050 Blocked Port 6681 Blocked Port-Based Firewall
10.
Scenario 1: DNS
Traffic Legacy Firewalls Firewall Rule: ALLOW Port 53 Firewall Rule: ALLOW DNS DNS DNS DNS DNS Copyright © 2014, Palo Alto Networks Palo Alto Networks Firewalls with App-ID Firewall Firewall Bittorrent BitTorrent Packet on Port 53: Allow DNS = DNS: Allow BitTorrent ≠ DNS: Deny Visibility: BitTorrent detected and blocked BitTorrent Packet on Port 53: Allow Visibility: Port 53 allowed
11.
Scenario 2: BitTorrent
with Application IPS Legacy Firewalls Firewall Rule: ALLOW Port 53 Firewall Rule: ALLOW DNS Application IPS Rule: Block Bittorrent DNS DNS DNS DNS DNS Firewall App IPS Firewall Bittorrent Packet on Port 53: Allow DNS=DNS: Allow Copyright © 2014, Palo Alto Networks Bittorrent Bittorrent ≠ DNS: Deny Visibility: Bittorrent detected and blocked Bittorrent Bittorrent: Deny Visibility: Bittorrent detected and blocked Palo Alto Networks Firewalls with App-ID
12.
Scenario 3: Zero-day
Malware Application IPS Rule: Block Bittorrent Firewall App IPS Firewall DNS DNS DNS DNS Copyright © 2014, Palo Alto Networks Legacy Firewalls Firewall Rule: ALLOW Port 53 Firewall Rule: ALLOW DNS Zero-day C & C Packet on Port 53: Allow DNS=DNS: Allow Command & Control ≠ DNS: Deny Visibility: Unknown traffic detected and blocked Bittorrent Visibility: Packet on Port 53 allowed DNS Bittorrent Bittorrent Zero-day C & C Zero-day C & C Zero-day C & C C & C ≠ Bittorrent: Allow Palo Alto Networks Firewalls with App-ID
13.
The Answer? Make
the Firewall Do Its Job 1. Identify applications regardless of port, protocol, evasive tactic or SSL 2. Identify and control users regardless of IP address, location, or device 3. Protect against known and unknown application-borne threats 4. Fine-grained visibility and policy control over application access / functionality 5. Multi-gigabit, low latency, in-line deployment Copyright © 2014, Palo Alto Networks .
14.
Making the Firewall
a Business Enablement Tool •App-ID™ •Identify the application •Content-ID™ •Scan the content •User-ID™ •Identify the user Copyright © 2014, Palo Alto Networks
15.
Enabling Applications, Users
and Content Copyright © 2014, Palo Alto Networks
16.
Single-Pass Parallel Processing™
(SP3) Architecture Copyright © 2014, Palo Alto Networks Single Pass • Operations once per packet - Traffic classification (app identification) - User/group mapping - Content scanning – threats, URLs, confidential data • One policy Parallel Processing • Function-specific parallel processing hardware engines • Separate data/control planes
17.
Single Pass Platform
Architecture Copyright © 2014, Palo Alto Networks
18.
PAN-OS Core Firewall
Features Visibility and control of applications, users and content complement core firewall features Strong networking foundation Dynamic routing (BGP, OSPF, RIPv2) Tap mode – connect to SPAN port Virtual wire (“Layer 1”) for true transparent in-line deployment L2/L3 switching foundation Policy-based forwarding VPN Site-to-site IPSec VPN Remote Access (SSL) VPN QoS traffic shaping Max/guaranteed and priority By user, app, interface, zone, & more Real-time bandwidth monitor Copyright © 2014, Palo Alto Networks Zone-based architecture All interfaces assigned to security zones for policy enforcement High Availability Active/active, active/passive Configuration and session synchronization Path, link, and HA monitoring Virtual Systems Establish multiple virtual firewalls in a single device (PA-7050, PA-5000, PA- 3000, and PA-2000 Series) Simple, flexible management CLI, Web, Panorama, SNMP, Syslog PA-7050 PA-5000 Series PA-5060, PA-5050 PA-5020 PA-3000 Series PA-3050, PA-3020 PA-2000 Series PA-2050, PA-2020 PA-500 PA-200 VM-Series VM-300, VM-200, VM-100, VM-1000-HV
19.
Flexible Deployment Options
For Ethernet Interfaces Tap Mode Virtual Wire Mode Layer 3 Mode • Application, user and content visibility without inline deployment • Evaluation and Audit of existing networks Copyright © 2014, Palo Alto Networks • Application ID, Content ID, User ID, SSL Decryption • Includes NAT capability • All of the Virtual Wire Mode capabilities with the addition of Layer 3 services: Virtual Routers, VPN and, Routing Protocols
20.
Threat Prevention of
Zero-Day Attacks Copyright © 2014, Palo Alto Networks WildFire and Traps
21.
Why change Copyright
© 2014, Palo Alto Networks Attackers are more 91%increase in targeted attacks in 2013 sophisticated and well funded of exploit kits utilize vulnerabilities less than 2 years old 78% Launching Zero-Day attacks is more accessible and common of breaches involve a targeted user device 71% Targeted attacks can only be solved on the endpoint
22.
Flow of a
RAT Attack with 0-day Malware The victim downloads and installs the malware that takes the station in the botnet Copyright © 2014, Palo Alto Networks Hop Point Popular websites(Landing Site) Malware repository Víctim Attacker (C&C) The victim visits the URL and the drive-by download executes The victim visits the site and is redirected to the malicious URL (iframe) @ The attacker injects the URL, in a legitimate site preferably, under his control
23.
Attack Stages of
a Drive-by Download / Web Attack Targeted malicious email sent to user Copyright © 2014, Palo Alto Networks User clicks on link to a malicious website Malicious website silently exploits client-side vulnerability With Web Attack Toolkit Drive-by download of malicious payload
24.
Targeted Attack Example
Source; http://infosec3t.com/wp-content/uploads/2010/03/contagio_targeted_attack_email_2.png Copyright © 2014, Palo Alto Networks
25.
Copyright © 2014,
Palo Alto Networks Source: http://www.symantec.com/threatreport/topic.jsp?id=malicious_code_trends&aid=triage_analysis_of_targeted_attacks
26.
Copyright © 2014,
Palo Alto Networks
27.
Detection-focused technology investments
Network Security IPS deployed as IDS App blades that only detect and report SSL traffic allowed without decryption When decrypted, SSL just port-mirrored Sandboxes deployed to detect malware Snort engines to detect traffic to high risk IPs Copyright © 2014, Palo Alto Networks Endpoint Protection Forensics agents to capture what happened IOC scanners Massive PCAP storage Remediation tools to try and fix what was detected $1,000/hour incident response consultants to tell you who stole your data Answer: Detection and Prevention of Advanced Threats
28.
Advanced threat requires
a solution, not point products 1 Reduce the attack surface Known viruses and exploits Copyright © 2014, Palo Alto Networks Client Exploit Command/Control HTTP SSL DNS URL / C&C EXE, Java, .LNK, DLL High-risk applications 2 Detect the unknown 3 Create protections • Whitelist applications or block high-risk apps • Block known viruses, exploits • Block commonly exploited file types • Analysis of all application traffic • SSL decryption • WildFire sandboxing of exploitive files Detection and blocking of C&C via: • Bad domains in DNS traffic • URLs (PAN-DB) • C&C signatures (anti-spyware) Failed attempts Successful spear-phishing email Post-compromise activity
29.
Why do you
need network, endpoint, and cloud Copyright © 2014, Palo Alto Networks working together?
30.
Requirements for a
new approach 1 Prevent attacks - even attacks seen for the first time 2 Protect all users and applications - including mobile and virtualized 3 Seamlessly combine network and endpoint security, as each has unique strengths 4 Provide rapid analysis of new threats Requires next-generation network, endpoint, and threat intelligence cloud capabilities Copyright © 2014, Palo Alto Networks
31.
Platform approach Next-Generation
Firewall Inspects all traffic Blocks known threats Sends unknown to cloud Extensible to mobile & virtual networks Copyright © 2014, Palo Alto Networks
32.
Platform approach Copyright
© 2014, Palo Alto Networks Next-Generation Endpoint Protection Inspects all processes and files Prevents both known & unknown exploits Integrates with cloud to prevent known & unknown malware
33.
Platform approach Copyright
© 2014, Palo Alto Networks Threat Intelligence Cloud Gathers potential threats from network and endpoints Analyzes and correlates threat intelligence Disseminates threat intelligence to network and endpoints
34.
The making of
a platform: information sharing Unknowns Copyright © 2014, Palo Alto Networks Unknowns & zero-day discoveries
35.
The making of
a platform: prevention distribution Copyright © 2014, Palo Alto Networks Real-time signatures
36.
The making of
a platform: correlated analytics Copyright © 2014, Palo Alto Networks Integrated reporting Confirm detection
37.
Reaching Effects of
WildFire AV Signatures DNS Signatures Malware URL Filtering Anti-C&C Signatures Copyright © 2014, Palo Alto Networks Threat Intelligence Sources WildFire Users
38.
Next-Generation Appliances |
Malware Management WF-500 is a private cloud Designed for organizations with regulatory or privacy concerns. Copyright © 2014, Palo Alto Networks WF-500
39.
WildFire cloud-based architecture
scales Manual analysis Copyright © 2014, Palo Alto Networks Web Sandbox Email Sandbox File share Sandbox Central manager APT Add-on Approach WildFireTM Public cloud or Private cloud appliance WildFire Approach Easy to manage and operationalize Scalable Cost effective Hard to manage Doesn’t scale Expensive Requires multiple devices at each ingress, egress, and point of segmentation
40.
WildFire Subscription Copyright
© 2014, Palo Alto Networks WildFire WildFire Subscription WildFire analysis of PE analysis Daily signature feed (TP subscription required) WildFire logs integrated within PAN-OS WildFire analysis of all other file types (PDF, MS Office, Java, Flash, APK*) 15-min signature feed WildFire Cloud API key Use of WF-500
41.
Signature hierarchy App-ID
updates “IPS” signatures Copyright © 2014, Palo Alto Networks Weekly (vulnerability, anti-spyware) Daily 15-minute IP geolocation Antivirus Botnet support (zone file, dynamic DNS, malware URLs) DNS signatures WildFire signatures
42.
Copyright © 2014,
Palo Alto Networks Traps Advanced Endpoint Protection
43.
The failures of
traditional approaches EXE Targeted Evasive Advanced PDF NO Copyright © 2014, Palo Alto Networks Known signature? NO Known strings? NO Previously seen behavior? Legacy Endpoint Protection Malware direct execution Exploit vulnerability to run any code
44.
Introducing Traps The
right way to deal with advanced cyber threats Prevent Exploits Including zero-day exploits Prevent Malware Including advanced & unknown malware Collect Attempted-Attack Forensics For further analysis Scalable & Lightweight Must be user-friendly and cover complete enterprise Integrate with Network and Cloud Security For data exchange and crossed-organization protection Copyright © 2014, Palo Alto Networks
45.
Block the core
techniques – not the individual attacks Software Vulnerability Exploits Exploitation Techniques Thousands of new vulnerabilities and Copyright © 2014, Palo Alto Networks exploits a year Only 2-4 new exploit techniques a year Malware Malware Techniques Millions of new malware every year 10’s – 100’s of new malware sub-techniques every year
46.
Exploitation technique prevention
– Clandestine Fox Preparation Triggering Circumvention Post Malicious Activity Heap Spray Use after free Utilizing OS Prevention of one technique in the chain will block the entire attack Copyright © 2014, Palo Alto Networks Memory Corruption Mitigation Logic-Flaws Real-Time Intervention OS Functions Shielding Algorithmic Memory Traps Placement function ROP CVE-2014-1776
47.
Exploit technique prevention
how it works Document is opened by user Copyright © 2014, Palo Alto Networks Traps seamlessly injected into processes CPU <0.1% Process is protected as exploit attempt is trapped Forensic data is collected Reported to ESM Process is Safe! terminated Attack is blocked before any successful malicious activity Useradmin is notified Traps triggers immediate actions When an exploitation attempt is made, the exploit hits a “trap” and fails before any malicious activity is initiated.
48.
Malware prevention Policy-Based
Restrictions WildFire Inspection Malware Techniques Mitigation Copyright © 2014, Palo Alto Networks Limit surface area of attack control source of file installation Prevent known malware with cloud-based integration Prevent unknown malware with technique-based mitigation
49.
User tries to
open executable file Copyright © 2014, Palo Alto Networks Policy-based Restrictions Applied HASH checked against WildFire File is allowed to execute Malware technique prevention employed Malware prevention how it works Safe! Reported to ESM
50.
Forensics capture Ongoing
capture and attack-triggered capture Copyright © 2014, Palo Alto Networks Ongoing recording - Any files execution - Time of execution - File name - File HASH - User name - Computer name - IP address - OS version - File’s malicious history - Any interference with Traps service - Traps Process shutdown attempt - Traps Service shutdown attempt - Related system logs Exploit or malware hits a “trap” and triggers real-time collection - Attack-related forensics - Time stamp - Triggering File (non executable) - File source - Involved URLsURI - Prevented exploitation technique - IP address - OS version - Version of attempted vulnerable software - All components loaded to memory under attacked process - Full memory dump - Indications of further memory corruption activity - User name and computer name
51.
Coverage and system
requirements Supported operating systems Workstations • Windows XP SP3 • Windows 7 • Windows 8.1 Servers • Windows Server 2003 • Windows Server 2008 (+R2) • Windows Server 2012 (+R2) Copyright © 2014, Palo Alto Networks Footprint • 25 MB • 0.1% CPU • Very Low IO
52.
Benefits Copyright ©
2014, Palo Alto Networks Business Prevent breaches, not just detect Increases business continuity Lowers TCO Operations Save time and money on Forensics and remediation Easy to manage, does not require frequent updates Zero-day coverage IT Install patches on your own schedule Compatible with existing solutions Minimal performance impact Intelligence Access to threat intel through WildFire integration Attack-triggered forensics collection
53.
Copyright © 2014,
Palo Alto Networks The Virtual Data Center
54.
East/West Traffic flows
often greater than North/South flows Copyright © 2014, Palo Alto Networks Enterprise Network
55.
Security challenges Physical
firewalls may not see the East-West traffic DB App Web Copyright © 2014, Palo Alto Networks Firewalls placement is designed around expectation of layer 3 segmentation Network configuration changes required to secure East-West traffic flows are manual, time-consuming and complex Ability to transparently insert security into the traffic flow is needed Hypervisor Hardware Firewall
56.
Security challenges Static
policies cannot keep pace with dynamic workload deployments Copyright © 2014, Palo Alto Networks Provisioning of applications can occur in minutes with frequent changes Security approvals and configurations may take weeks/months Dynamic security policies that understand VM context are needed
57.
What happens when
a VM is vMotioned? App Web Hypervisor Copyright © 2014, Palo Alto Networks DB Hypervisor vMotion Data Center Core Network Hardware Firewall
58.
VM-Series Next Generation
Security Platform Copyright © 2014, Palo Alto Networks • Consistent Features as hardware-based next-generation firewall App-ID User-ID Content-ID Wildfire • Inspects and Safely Enables Intra-Host Communications (East-West traffic) • Tracks VM Creation and Movement with Dynamic Address Group objects API integration with orchestration: Automate Workflows Centrally Managed through Panorama 58 | ©2014, Palo Alto Networks. Confidential and Proprietary.
59.
VM-Series deployment options
VM-Series for VMware vSphere (ESXi) • VM-100, VM-200, VM-300, and VM-1000-HV deployed as guest VMs on VMware ESXi • Deployed as part of virtual network configuration for East- West traffic inspection Copyright © 2014, Palo Alto Networks VM-Series for Citrix NetScaler SDX • VM-100, VM-200, VM-300, and VM-1000-HV deployed as guest VMs on Citrix NetScaler SDX • Consolidates ADC and security services for multi-tenant and Citrix XenApp/XenDesktop deployments VM-Series for VMware NSX • VM-Series for NSX deployed as a service with VMware NSX and Panorama • Ideal for East-West traffic inspection
60.
Dynamic Address Groups
and VM Monitoring VMware vCenter or ESXi Name IP Guest OS Container web-sjc-01 10.1.1.2 Ubuntu 12.04 Web sp-sjc-04 10.1.5.4 Win 2008 R2 SharePoint web-sjc-02 10.1.1.3 Ubuntu 12.04 Web exch-mia-03 10.4.2.2 Win 2008 R2 Exchange exch-dfw-03 10.4.2.3 Win 2008 R2 Exchange sp-mia-07 10.1.5.8 Win 2008 R2 SharePoint db-mia-01 10.5.1.5 Ubuntu 12.04 MySQL db-dfw-02 10.5.1.2 Ubuntu 12.04 MySQL Copyright © 2014, Palo Alto Networks PAN-OS Dynamic Address Groups Name Tags Addresses SharePoint Win 2008 R2 “sp” SharePoint Servers MySQL Servers MySQL Servers MySQL Ubuntu 12.04 “db” Miami DC Miami DC “mia” San Jose Linux Web Servers San Jose Linux Web Servers “sjc” “web” Ubuntu 12.04 10.1.5.4 10.1.5.8 10.5.1.5 10.5.1.2 10.4.2.2 10.1.5.8 10.5.1.5 10.1.1.2 10.1.1.3 PAN-OS Security Policy Source Destination Action SharePoint Servers San Jose Linux Web Servers ✔ MySQL Servers Miami DC db-mia-05 10.5.1.9 Ubuntu 12.04 MySQL 10.5.1.9 60 | ©2014, Palo Alto Networks. Confidential and Proprietary.
61.
Copyright © 2014,
Palo Alto Networks Model Sessions Rules Security Zones Address Objects IPSec VPN Tunnels SSL VPN Tunnels VM-100 50,000 250 10 2,500 25 25 VM-200 100,000 2,000 20 4,000 500 200 VM-300 250,000 5,000 40 10,000 1,000 500 VM-1000-HV 250,000 10,000 40 100,000 2,000 500
62.
2 Core Configuration:
Core 1 = Management Plane Core 2 = Data Plane 4 Core Configuration: Core 1 = Management Plane Core 2 = Data Plane: Read & Transmit packets Core 3 & Core 4 = Data Plane: Process packets 8 Core Configuration: Core 1 = Management Plane Core 2 = Data Plane: Reads packets Core 3 = Data Plane: Transmit packets Core 4 thru Core 8 = Data Plane: Process packets Copyright © 2014, Palo Alto Networks Effect of dedicating cores
63.
Copyright © 2014,
Palo Alto Networks Safely Enabling Mobile Devices GlobalProtect™
64.
Challenge: Quality of
Security Tied to Location Headquarters Branch Offices Enterprise-secured with full protection Copyright © 2014, Palo Alto Networks malware botnets exploits Airport Hotel Home Office Exposed to threats, risky apps, and data leakage
65.
GlobalProtect™: Consistent Security
Everywhere •Headquarters •Branch Office Copyright © 2014, Palo Alto Networks malware botnets exploits • VPN connection to a purpose-built firewall that is performing the security work • Automatic protected connectivity for users both inside and outside • Unified policy control, visibility, compliance and reporting
66.
Unlocking The Potential
of Mobile Depends On Security Copyright © 2014, Palo Alto Networks Intranet Running Your Business on Mobile Devices Benefits to Business Mobile Maturity Email Accessing Business Apps
67.
New Approach to
Safely Enabling Mobile Devices Manage the Device Protect the Device Control the Data Ensure devices are safely enabled while simplifying deployment & setup • Ensure proper settings in place, such as strong passcodes and encryption • Simplify provisioning of common configuration like email and certificates Copyright © 2014, Palo Alto Networks Protect the mobile device from exploits and malware • Protecting the device from infection also protects confidential data and unauthorized network access Control access to data and movement of between applications •Control access by app, user, and device state •Extend data movement controls to the device to ensure data stays within “business apps”
68.
GlobalProtect Mobile Security
Solution Copyright © 2014, Palo Alto Networks GlobalProtect App GlobalProtect Gateway Delivers mobile threat prevention and policy enforcement based on apps, users, content and device state Enables device management, provides device state information, and establishes secure connectivity GlobalProtect Mobile Security Manager Provides device management, malware detection, and device state
69.
Manage The Device
Manage Device Settings Copyright © 2014, Palo Alto Networks Enforce security settings such as passcode Restricts device functions such as camera Configure accounts such as email, VPN, Wi- Fi settings Understand Device State Monitor and report device state for policy enforcement, such as: Whitelisted / blacklisted apps Rooted / jailbroken Perform Key Operations Ex: lock, unlock, wipe, send a message Detect Android Malware Detect and react to the presence of malware GlobalProtect Mobile Security Manager GlobalProtect App
70.
Protect The Device
Consistent Security Everywhere Copyright © 2014, Palo Alto Networks IPsec/SSL VPN connection to a purpose- built next-generation security platform for policy enforcement regardless of the device location Mobile Threat Prevention Vulnerability (IPS) and malware (AV) protection for mobile threats URL filtering for protection against malicious websites WildFire™ static and dynamic analysis for advanced mobile threats Threats GlobalProtect Gateway GlobalProtect App
71.
Control The Data
Copyright © 2014, Palo Alto Networks Control Access to Applications and Data Granular policy determines which users and devices can access sensitive applications and data Policy criteria based on application, user, content, device, and device state for control and visibility Identify device types such as iOS, Android, Windows, Mac devices Identify device ownership such as personal (BYOD) or corporate issued Identify device states such as rooted/jailbroken File blocking based on content and content type Control Data Movement Between Apps on the Device Solution provides the foundation for future developments in data protection Applications and Data GlobalProtect Gateway GlobalProtect App
72.
How the Integrated
Solution Works Copyright © 2014, Palo Alto Networks
73.
Copyright © 2014,
Palo Alto Networks Internet WildFire Cloud Traps Advanced Endpoint Protection
74.
Copyright © 2014,
Palo Alto Networks
Download now