Palo Alto Looks To Secure Branch Offices

Palo Alto Networks launched new enterprise-class network security products to protect branch-office and remote users.

The next-generation PA-200 firewall comes in a small form factor and allows enterprises to extend the same level of security for applications, users and content available at headquarters to the branch office, Palo Alto Networks said on 7 November. Additionally, the WildFire capability adds malware-fighting capabilities to the firewall.

Branch office security

As a general rule, enterprises deploy best-practices network security at the company headquarters, but compensate by reducing costs when it comes to securing the branch office and remote users, according to Chris King, director of product marketing at Palo Alto Networks.

The branch office often deploys security products designed for small and midsized businesses in order to get “the best security available for a certain price”, King told eWEEK. Remote users most often have limited security protection, often limited to just endpoint security products such as an antivirus tool, he said.

For most organisations, the only ways to secure the network is to either divert all traffic back to headquarters for proper scanning first or “go cheap” on security, King said. Considering very few organisations have a large swathe of employees and other types of enterprise users working within headquarters, the goal was to extend the “exact same security experience” to the branch office, King said.

The PA-200 allows the IT team to have the same firewall protection across all branch offices without breaking the bank, according to King.

The company also announced a new version of its GlobalProtect remote access technology to protect remote users running Mac OS X and iOS devices. GlobalProtect, which already supported Microsoft Windows devices, protects remote users with the same policies and controls that are being applied back at the corporate office, according to King. The auto-firewall is “just on”, so users don’t have to think about turning it on or checking to see what it’s doing, King said.

The iOS version of GlobalProtect is not a new application, so Palo Alto Networks doesn’t have to wait on Apple to approve it, according to King. Instead, it uses the native VPN capability on iOS devices, and is configured using mobile-device management tools to provide the protection.

Front-line defence

The company’s newly announced WildFire capability focuses on blocking malware specifically designed to bypass front-line defences. With WildFire running, the firewall can identify outbound traffic generated by malware on an already-compromised system on the network and generate a signature to identify the traffic to stop future incidents.

WildFire identifies malicious files by unpacking and executing them in a virtual cloud-based sandbox, King said. If the file in question really is malicious, such as changing registry settings or injecting itself into processes, the damage is done in the virtual environment and keeps the victim’s computer and networks safe, according to King.

Palo Alto Networks automatically generates new signatures when new malware is discovered using this new capability. Palo Alto Networks will also provide customers with information about how the malware behaves, who was targeted and how it entered the network, according to the company.

By integrating the firewall with the cloud-based analysis engine, WildFire reduces the time-to-protection for all customers, Palo Alto Networks said. WildFire will be distributed as a free upgrade for the company’s firewall products.

“Combining prior technical contributions such as sandboxing technology and cloud-based malware analysis with the unprecedented capabilities of a next-generation firewall has resulted in innovation that enterprises can feasibly deploy throughout their networks,” said Nir Zuk, founder and CTO of Palo Alto Networks.