Palo Alto is truly among the very top names in cyber-security. They enjoy an almost mythical reputation among IT wonks, and their track record of innovation is a huge reason for this. The Palo Alto 1400 series firewalls certainly uphold the Palo Alto reputation.
The Palo Alto PA-1400 series (PA-1410 and PA-1420) is the first Next-Gen firewall family powered by machine learning. In order to understand why this is a big deal, we need a decent working definition of ML, so here goes:
“Machine Learning is the science of getting computers to learn and act like humans do, and improve their learning over time in autonomous fashion, by feeding them data and information in the form of observations and real-world interactions.” This isn’t our definition, but it’s a pretty good one.
Why it’s a big deal
In short, ML is the science of getting computers to get smarter over time, on their own, like humans do. It is not exactly the same as Artificial Intelligence, but for our purposes, it’s close. There’s an old axiom about computers; they don’t do what you want them to; they do what you tell them to.
So it’s not hard to see why you might want a firewall that can think, spot patterns, and act without being specifically programmed. In other words, it does what you want, without having to be told. ML is simply a device harnessing data, observations, and interactions in order to correctly generalize to new settings.
The controlling element of the PA-1400 Series is PAN-OS. It’s the same software that runs all Palo Alto firewalls. PAN-OS natively classifies all traffic, inclusive of applications, threats, and content. It then ties that traffic to the user regardless of location or device type The application, content, and user (the elements that run your business) then serve as the basis of your security policies. This results in improved security posture and reduced response times.
Features… lots of features
Palo Alto PA-1410 and PA-1420 are ML-Powered firewalls. They embed machine learning in the core of the firewall to provide inline signatureless attack prevention for file-based attacks. At the same time, they identify and immediately stop never-before-seen phishing attempts. It also leverages cloud-based ML processes to push zero-delay signatures and instructions back to the NGFW. The PA-1400 series also uses behavioral analysis to detect IoT devices and make policy recommendations.
This firewall will also Identify the applications traversing your network. Everything, irrespective of port, protocol, evasive techniques, or encryption (TLS/SSL). It automatically discovers and controls new applications to keep pace with the SaaS explosion with SaaS Security subscription.
Palo Alto firewalls use the application, not the port, as the basis for all your safe enablement policy decisions: allow, deny, schedule, inspect, and apply traffic-shaping.
Palo Alto enforces security for users at any location, on any device, while adapting policy based on user activity.
The PA-1400s apply consistent policies, no matter the users’ locations (office, home, travel, etc.) and devices. That includes iOS and Android mobile devices; macOS, Windows, and Linux desktops and laptops; Citrix and Microsoft VDI; and terminal servers. It also prevents corporate credentials from leaking to third-party websites and prevents reuse of stolen creds. How? By enabling multifactor authentication (MFA) at the network layer for any application without any application changes. And the afore-mentioned Machine Learning provides dynamic security actions based on user behavior to restrict suspicious or malicious users.
And there’s more
Palo Alto firewalls consistently authenticate and authorize your users, no matter their location and where user identity stores live. It quickly moves you towards a Zero Trust security posture with Cloud Identity
Engine, which is an entirely new cloud based architecture for identity based security. The PA-1400 series also prevents malicious activity hidden in encrypted traffic. It does this by inspecting and applying policy to TLS/SSL-encrypted traffic, both inbound and outbound. This includes for traffic that uses TLS 1.3 and HTTP/2. It offers rich visibility into TLS traffic, such as amount of encrypted traffic, TLS/SSL versions, cipher suites, and more, without decrypting.
The Palo Alto PA-1410 pushes up to 8.9 Gbps of Total Firewall Throughput, 3.3 Gbps of Threat Prevention Throughput, and 4.6 Gbps of IPsec VPN Throughput. It delivers 100,000 new sessions per second, and 945,000 max sessions.
The Palo Alto PA-1420 delivers up to 9.9 Gbps Total Firewall Throughput, 5.2 Gbps of Threat Prevention Throughput, and 6.9 Gbps of IPsec VPN Throughput. It manages 140,000 new sessions per second and 1.4 million max sessions.
Palo Alto PA-415 highlights
|Total Firewall Throughput: 1.6 Gbps|
|IPSec VPN Throughput: .93 Gbps|
|Threat Prevention Throughput: .685 Gbps|
|Single-pass traffic scanning reduces latency|