Palo Alto Networks founder: Our competitors are on 'death row'

LAS VEGAS -- Palo Alto Networks founder and CTO Nir Zuk took to the stage to deliver the closing keynote address at the company's first-ever user conference here by trumpeting his company's success in firewall innovation and what he described as his competitors' weak attempts to follow.

RELATED: Palo Alto Networks aspires to anti-malware defense role with WildFire

Zuk, an engineer who once worked at Check Point and Juniper, has more than once enjoyed delivering feisty jabs at his former employers which, along with others such as Sourcefire and Cisco, have come to develop application-aware firewalls that compete with Palo Alto's next-generation firewalls (NGFW). But yesterday in his keynote address, Zuk pulled out all the stops and lambasted his competitors, whom he ridiculed as being on "death row" in terms of their ability to compete against Palo Alto.

"They do what all inmates do, file appeals," Zuk said. He said competitors' products with NGFW application-layer controls can only be considered "lipstick on a pig," a statement illustrated on the movie-size screen behind him on stage by a pig with bright red lips.

Israeli-born Zuk then turned to his native language, Hebrew, to dismiss them all with a biblical expression, saying their fate in the NGFW market can be summed up as "Let me die with the Philistines," the cry of Samson as he pulled the temple down around him. He added: "It sounds better in Hebrew."

But that was just for starters. Zuk continued his rant against Check Point, claiming this rival is offering 85% discounts to customers to take their firewall products, basically saying they "give away products for free" because of Palo Alto's success. Check Point "truly believes they do what Palo Alto does," he said, dismissing Check Point as weak in the area where Palo Alto has focused, application-aware firewalls.

Zuk then turned his attention to a new class of competitors, firms that offer specialized anti-malware services and products, including Damballa, Sourcefire and FireEye. He ran through a list of perceived shortcomings in how they might detect malware and provide prevention, an exercise clearly intended to promote Palo Alto's own WildFire anti-malware service associated with its NGFW.

Palo Alto's growing focus on making its NGFW the place in the enterprise network to manage security in a range of ways was highlighted by Zuk's brief remarks that, as far as the future goes, there's thought being given to how mobile device malware detection could be done well on the network rather than via scans on the device itself. But he left it at that, saying there are a few technology areas that Palo Alto does not see getting into: Web application firewalls or full-featured data-loss prevention.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: @MessmerE. Email:

Read more about wide area network in Network World's Wide Area Network section.

Tags: palo alto networks, sourcefire, Nir Zuk, Check Point vs. Palo Alto Networks, next-generation firewall, Firewall & UTM, security, NGFW

Espionage outpacing financial crime as better reporting improves security picture: Verizon

Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Deep Security - Enterprise Virtualization Security

Advanced protection for physical, virtual and cloud servers

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).

  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.