Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

Palo Alto Networks Raises The Bar for Application Visibility and Control With New Next-Generation Firewall Software

PAN-OS 3.0 Adds QoS Enabling Multi-Gigabit Shaping, Fully Integrated SSL VPN Remote Access to Next-Generation Firewalls
  • 11 June, 2009 10:14

<p>SYDNEY - June 11, 2009 – Palo Alto Networks™, the leader in next-generation firewalls, today announced PAN-OS 3.0, the latest version of operating system software for its award-winning firewalls. PAN-OS 3.0 includes significant new functionality, including QoS features and a fully integrated SSL VPN. These features further enable enterprise customers to embrace new applications while managing the risks inherent in using those applications.</p>
<p>Organisations are using a wider array of Internet-based, consumer-oriented applications for cultural reasons, or to improve efficiency, foster customer intimacy, or speed up business processes. Security technologies, unfortunately, have retained an outmoded “block or allow” model, lacking the granularity and intelligence to recognise and appropriately control these new applications.</p>
<p>According to Gartner, Inc., “Through 2012, enterprises that take a ‘block or ignore’ stance toward employee use of consumer IT will incur security incident costs two to four times those of enterprises that use ‘embrace or contain’ strategies…Security companies selling products that take simple block-all approaches will need to develop capabilities that support more-granular security controls.” (1)</p>
<p>PAN-OS 3.0 introduces traffic shaping in the firewall, enabling enterprises to ensure that priority is given to business critical functions. Palo Alto Networks’ application visibility and fine-grained control capabilities are unique in the industry in offering organisations the widest array of flexible policy responses to applications – including allow, deny, allow for certain users or functions, threat scanning, and now – shape.</p>
<p>Administrators are able to manage the bandwidth consumed by applications, as well as their priority – all in firewall policy, instead of simply killing applications or having no visibility or control over them. According to the latest Application Usage and Risk Report (April, 2009), in the sample of actual application traffic from more than 900,000 users, more than half of the bandwidth was being consumed by 28 percent of the applications, most of which were consumer oriented. (2)</p>
<p>Rapidly responding to customer requirements, PAN-OS 3.0 also adds SSL VPN functionality, which employs the easy-to-use secure network extension model but extends the company’s full complement of industry-leading visibility and control over users, applications, and content. Previously, enterprises have had to choose between an open VPN approach that was simple and cost-effective, or a high-control extranet portal approach that was expensive and complex.</p>
<p>Adding these computing-intensive features while retaining enterprise-grade performance is made possible only through Palo Alto Networks’ single pass parallel processing (SP3) architecture – which couples a single-pass packet path with specialised, function-specific hardware processing. The QoS features in PAN-OS 3.0 enable organisations to shape and prioritise traffic based on application with multi-gigabit throughput, due to the single pass software married to hardware accelerated queuing. Similarly, the new SSL VPN capabilities in PAN-OS 3.0 enjoy the benefits of application visibility and control, coupled with specific SSL hardware acceleration.</p>
<p>“As an Australian managed service provider, Networx Australia seeks firewall architecture that gives us visibility and control over our network. We also require the appliance to perform basic tasks like threat management and data leakage prevention. PAN-OS3.0 will provide us with several benefits, including SSL VPN and Quality of Service features which will ensure guaranteed bandwidth thereby maximising company productivity,” said Mikhael Haidar, CEO of Networx Australia.</p>
<p>“Applications aren’t threats, but they do carry risk,” said Chris King, Palo Alto Networks director of product marketing. “As a firewall, Palo Alto Networks uses a positive security model which offers organisations the flexibility they need to embrace new applications, and yet still manage risk – going beyond the outdated ‘find it and kill it’ model that many other security technologies are based on.”</p>
<p>Pricing and Availability</p>
<p>The new functionality in PAN-OS 3.0, including the SSL VPN and QoS functionality, is delivered at no charge to customers with current software maintenance contracts. For those without maintenance contracts, pricing starts from $6,000 excluding GST. PAN-OS 3.0 is available for download later this month.</p>
<p>About Palo Alto Networks</p>
<p>Palo Alto Networks™ is the leader in next-generation firewalls, enabling unprecedented visibility and granular policy control of applications and content – by user, not just IP address – at up to 10Gbps with no performance degradation. Based on patent-pending App-ID™ technology, Palo Alto Networks firewalls accurately identify and control applications – regardless of port, protocol, evasive tactic or SSL encryption – and scan content to stop threats and prevent data leakage. Enterprises can for the first time embrace Web 2.0 and maintain complete visibility and control, while significantly reducing total cost of ownership through device consolidation. For more information, please visit</p>
<p># # #</p>
<p>Note 1 – Gartner, Inc., “Predicts 2009: Infrastructure Protection Isn’t a Monolithic Function,” John Pescatore, et al, December 19, 2008.</p>
<p>Note 2 – “Application Usage and Risk Report,” Palo Alto Networks, April 20, 2009.</p>
<p>Palo Alto Networks, the Palo Alto Networks Logo and App-ID are trademarks of Palo Alto Networks, Inc. in the United States. All other trademarks, trade names or service marks used or mentioned herein belong to their respective owners.</p>

Most Popular

Editor's Recommendations

Solution Centres


View all events Submit your own security event

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Media Release

More media release

Market Place