Freely subscribe to our NEWSLETTER

According to the report, “In 2009, Gartner saw market pressures accelerate the demand for next-generation firewall platforms that provide the capability to detect and block sophisticated attacks, as well as enforce granular security policy at the application (versus port and protocol) level.”

Furthermore, Gartner stated, “The rapid growth of business applications moving from the internal data center to external software as a service (and someday cloud services), along with the impact of what Gartner calls ‘the consumerization of IT,’ has rapidly changed the definition of a ‘trust boundary’ and the types of security controls that are required at that boundary.”

In its analysis, Gartner evaluated Palo Alto Networks’ next-generation firewall (NGFW), based on “ability to execute” and “completeness of vision.”

With Palo Alto Networks technology, enterprises can accurately identify applications, scan content to stop threats, and prevent data leakage – all with a single network device. By reducing the number of security devices in their networks, companies can save both capital expenditures and operational costs.

“We believe Gartner’s report confirms that Palo Alto Networks is emerging as a key architect in the future of network security,” said René Bonvanie, vice president of worldwide marketing at Palo Alto Networks. “Increasingly, Enterprise 2.0 applications are key contributors to how businesses achieve higher productivity. Unfortunately, they also introduce threats. Our firewall empowers IT professionals to protect their business systems from modern security threats by safely enabling Enterprise 2.0 applications.”

Gartner’s recommendations from the “Defining the Next-Generation Firewall” report published in October 2009 include:

• If you have not yet deployed network intrusion prevention, require NGFW capabilities of all vendors at your next firewall refresh point.

• If you have deployed both network firewalls and network intrusion prevention, synchronize the refresh cycle for both technologies and migrate to NGFW capabilities.

• If you use managed perimeter security services, look to move up to managed NGFW services at the next contract renewal.

Palo Alto Networks has fixed the problems associated with traditional firewalls by combining three identification technologies that provide visibility and control over applications, users and content.

• App-ID identifies exactly which applications are running on the network, as well as the associated risks, so administrators can deploy comprehensive application usage control policies for inbound and outbound traffic.

• User-ID integrates with enterprise directory services (e.g. Microsoft Active Directory and other LDAP directories) to link network activity to users and groups – not just IP addresses – for application visibility, policy creation, logging and reporting.

• Content-ID combines a real-time threat prevention engine with a comprehensive URL database to detect and block a wide range of threats, limit unauthorized transfer of files and data, and control non-work related Web surfing.

As a result, IT managers can accurately determine what is running on their network and make informed policy decisions that improve their overall security posture.