Network security is the number one job. Every enterprise should have a network security team. Cybersecurity threats pose a serious threat to governments, businesses, and nations. You can see news stories about so-called advanced persistent threat (APTs), which include ransomware, data breaches and denial of service attacks, as well as other serious threats.
These threats are best dealt with through the use of network security technology and practices. Firewalls of various types help protect against threats by controlling and monitoring traffic that enters and leaves the network. The firewall was initially intended to act as a barrier between trusted enterprise networks and traffic from untrusted networks.
Firewalls were originally physical devices that were often integrated into network routers. However, as enterprise networks developed, we began to see firewall functionality as a part of the network.
A changing security landscape
As new technologies and architectures have emerged, the network security landscape has changed. Virtual private networks (VPNs) have been plagued by security integration and scaling issues. This has led to a rise in software-defined wide-area networks (SD-WAN) that integrate security mechanisms.
One of the major outcomes of the constant cybersecurity attacks was the realization that the traditional security trust model was not feasible. It became clear that trusting everyone and everything in an organization’s network was no longer a good idea. Therefore, the shift to the “Zero Trust” model was made. Credentials are not trusted but verified.
The goal is to stop outside infiltrators or malicious inside users from accessing one section of the network and then freely moving to other areas of enterprise. Zero Trust Architectures introduce the concept “protect surfaces”. Instead of trying to protect all aspects of your enterprise, you place security controls on the most important and valuable data, assets and applications (DAAS). Next Generation Firewalls (NGFW), are used to create a secure perimeter that controls access to the protected DAAS.
NGFWs can do all the same things as traditional firewalls, and more. NGFWs can filter traffic based upon application, identify and block malware, and are better able than traditional firewalls to combat advanced persistent threats. NGFWs are often more cost-effective than traditional firewalls because they include malware detection, threat management, and other security apps.
It shouldn’t surprise that firewalls are following the same trend as the rest of the industry, which embraces cloud-based and software-defined functionality. Many companies are opting to use software-defined firewalls instead of physical hardware. They are also shifting their firewalls, network security, and other IT functions to the cloud.
Why Palo Alto Firewalls
Palo Alto Technologies is one of the most popular vendors that offers these new network security capabilities. Palo Alto Technologies has become a leader in network security, having made significant acquisitions and innovated over the past few years.
This is the first post in a series about Palo Alto’s technology, its place in the network security landscape and the career opportunities available to Palo Alto-certified technicians and engineers.
Palo Alto Technologies is the market leader in network security products and services.
Palo Alto’s main network security offering is the Next Generation Firewall (NGFW). The firewall is available in many forms:
Physical Firewall Appliances (PA-series): These appliances can handle throughputs of 500 Mbps to 10Gbps. They are designed to handle different customer scenarios such as data centers, branch offices, and more.
Virtual Firewall Editions
