Palo Alto Networks, a global cybersecurity leader, has underscored the need for increased IT security by releasing several new capabilities that predict malicious attacks and use automation to stop them in progress.
Next-generation firewall customers who upgrade to PAN-OS version 9.0 will now get access to these new security capabilities, over 60 new features and new tools for easily implementing security best practices.
“At Palo Alto Networks, we’re focused on simplifying security by using analytics and automation,” said Lee Klarich, Chief Product Officer. “Customers choose our next-generation firewall platform because of our commitment to continuous innovation and our focus on reducing the need for standalone products. Today’s announcements include our new DNS Security service, which uses Machine Learning to stop stealthy attacks aimed at stealing information from legitimate businesses.”
Among the new capabilities announced, Palo Alto Networks also unveiled software and hardware enhancements to the leading next-generation firewall platform that will help organisations strengthen security and simplify protections across their hybrid cloud environments:
- Predict and prevent: According to Palo Alto Networks Unit 42 researchers, nearly 80% of all malware uses DNS to establish command-and-control, making it difficult to spot and stop attacks. The new DNS Security service uses Machine Learning to proactively block malicious domains and stop attacks in progress.
- Performance: Palo Alto Networks recognises that customers with large data centres, high volumes of encrypted traffic and a growing ecosystem of IoT devices need performance without compromising security. The PA-7000 Series, with new network processing cards, offers threat prevention at speeds twice as fast as the nearest competitor and delivers decryption three times faster than before.
- Simplicity: Legacy firewall rules leave dangerous security gaps. The new Policy Optimiser helps security teams replace legacy rules with intuitive policies that provide better security and are easier to manage. Taking the complexity out of managing scores of rules reduces human error, which is a leading cause of data breaches.
- Broader, faster cloud security: Organisations want consistent security across multiple public clouds and virtualised data centres. The VM-Series now provides the broadest range of public cloud and virtualised data centre environments by adding support for Oracle Cloud, Alibaba Cloud, Cisco Enterprise Network Compute System (ENCS) and Nutanix. Firewall throughput performance improvements for AWS and Azure of up to 2.5X, combined with autoscaling and transitive architectures, allow customers to automate security for dynamic and large-scale public cloud deployments.
Over the last year, Palo Alto Networks completed extensive customer research to guide the product changes.
“We listened and responded to customer feedback and found that what customers want above all is simplicity and control,” said Klarich. “With this release, we’re not only adding features like the DNS Security service, which eliminates the need for security teams to bolt on yet another standalone tool, we are minimising manual efforts that are error-prone, so teams can focus on projects aimed at growing their business.”
K2-series now available for service providers
Additionally, Palo Alto Networks announced the general availability of the K2-Series, the industry’s first 5G-ready next-generation firewall, specifically developed for service providers with 5G and IoT requirements in mind. With the K2-Series, service providers can prevent advanced cyberattacks targeting 4G and 5G mobile networks, IoT devices and mobile users with unprecedented visibility into network traffic.