News & Events

Palo Alto Networks announce PAN OS 8.0, new hardware & more

  • 14 February, 2017

Industry News, Palo Alto Networks, Security

Last week Palo Alto Networks had audiences eagerly awaiting major new announcements on a day that PAN described as ‘Security’s Colossal Event’. The event ran without a hitch and with it came a number of interesting announcements on both the hardware and software side.

Notable announcements from the event itself include:

  • Secure any cloud - AWS, Azure & more
  • Secure SaaS (Office 365, Box, Slack) with visibility and enforcement
  • Prevent Sandbox evasion, automate C2 detection and leverage advanced intel sharing
  • Prevent credential theft usage and abuse
  • Simplify security operations with enhanced management, speed and automation
  • New high-performance hardware models to tackle encrypted traffic and more

Key highlights:

Accelerating Multi-Cloud Deployments

Organisations are rapidly embracing multi-cloud architectures that span software-defined data centres (private clouds) and public cloud environments. New scalability and resiliency features for Microsoft Azure and Amazon Web Services enable organisations to build secure cloud-centric architectures. Workflow automation features for VMware NSX and KVM with OpenStack help streamline VM-Series deployments.

Enabling the safe use of SaaS Applications

Software-as-a-service (SaaS) applications are changing the way organisations do business. Despite being incredibly useful tools to drive productivity, they pose high levels of risk. PAN provides detailed SaaS visibility and granular control, data governance, automated risk remediation and malware prevention, so organisations can achieve complete SaaS protection.

Preventing Credential-Based Attacks

With stolen credentials, any adversary can bypass the entire attack lifecycle by impersonating a valid user, move uninterrupted throughout the organisation’s network and shift to the abuse of credentials from within. The platform identifies and prevents attempts to steal credentials by stopping the submission of valid corporate credentials to illegitimate websites. The platform also neutralises an attacker’s ability to use stolen credentials for lateral movement and network compromises by enforcing authentication policies at the network layer.

WildFire with multi-method threat prevention innovations

WildFire introduces several industry-first innovations that drive forward our ability to detect and prevent the most evasive threats, block command-and-control traffic in far more effective ways and allow our customers to gain leverage from any threat intelligence source.

WildFire now has an all-new anti-evasion analysis engine that brings together the benefit of multiple independent detection techniques:

New machine learning that operates on thousands of extracted features to further the WildFire service’s ability to detect more malware and variants while maintaining high accuracy.

An innovative bare-metal execution environment where suspicious, evasive files are dynamically steered for detonation on real hardware systems, enabling detection for the most evasive anti-VM threats.

Advancing command-and-control (C2) prevention by introducing end-to-end automation of the generation, delivery and enforcement of payload-based C2 protections, based on data from WildFire customers.

High-performance, intelligent, centralised management

Panorama is now around 10x faster and is able to ingest Palo Alto Networks’ Traps logs, providing better visibility end-to-end. Combined with complete network visibility and increased automation, organisations are able to streamline management workflows and focus on the issues that matter most.

New family of breakthrough performance hardware

The increasing use of encrypted traffic and rapid consumption of cloud-based applications, coupled with ever-increasing data centre consolidation, are driving new processing power, performance and capacity requirements. The new hardware appliances help deliver next generation of security capabilities anywhere in the network, including data centre cores, enterprise perimeters, as well as branch and remote offices.

Our pick from the announcements is the platforms new ability to identify and prevent a Credential Based Attack.

We’ll be taking a more in-depth look at this feature over the coming weeks.

More information can be found on the Palo Alto Networks website.

A full replay of the event can be found here:

Get in touch with us if you’d like to find out more about any of the specific features mentioned above.