Archive for the ‘Palo Alto Networks’ Category

A More Secure Everywhere. From Containers to Serverless and Beyond!

Wednesday, July 10th, 2019

By Sai Balabhadrapatruni

Today is an exciting day for Palo Alto Networks and its customers as we complete our acquisition of Twistlock. The addition of Twistlock further strengthens our capabilities in cloud security and will help customers accelerate their journey to the cloud with consistent and comprehensive security across public, private and hybrid cloud deployments. This is hot off the heels of our acquisition of PureSec, a leader in protecting serverless applications.

Most modern applications utilize a mix of platform as a service (PaaS), VMs, serverless and other resources offered by cloud service providers. The acquisitions of Twistlock and PureSec further advance Prisma leadership in cloud security by providing customers with a comprehensive set of security protections across the entire continuum of cloud workloads. 

With Twistlock and PureSec part of the Prisma cloud security suite, customers will benefit from these capabilities: 

  • Twistlock, the leader in container security, brings vulnerability management, compliance and runtime defense for cloud-native applications and workloads. 
  • PureSec empowers enterprises to embrace serverless technologies, such as AWS Lambda, Google Cloud Functions, Azure Functions and IBM Cloud Functions, without compromising on security, visibility and governance. 

Current Twistlock Customers Continue to Reap the Security Benefits 

If you’re a customer of Twistlock’s stand-alone offering, you’ll continue to receive the industry’s leading container security capabilities for your company with the same focus on simplicity, innovation and effectiveness. We’ll continue to invest in this offering, and the team will remain under the direction of Twistlock co-founder and CEO, Ben Bernstein. Over time, you’ll see more payoff to your investment as we integrate Twistlock into Prisma and provide you the broadest and most consistent security capabilities across public and private clouds.

Prisma: Cloud Security for Today and Tomorrow

Prisma™ by Palo Alto Networks – including best-in-class capabilities from Twistlock and PureSec – is the industry’s most complete cloud security offering for today and tomorrow. It provides unprecedented visibility into data, assets and risks in the cloud; consistently secures access, data and applications without compromises; enables speed and agility as organizations embrace the cloud; and reduces operational complexity and cost with a radically simple architecture.

Regardless of how your business is taking advantage of the cloud, Prisma secures your end-to-end cloud journey:

  • Secure Access: Take advantage of secure access to the cloud from branch offices and for mobile users in any part of the world without compromising the user experience.
  • Secure SaaS: Bring together data protection, governance and compliance to safely enable SaaS application adoption.
  • Secure Public Cloud: Get continuous security monitoring, compliance validation and cloud storage security capabilities across multi-cloud environments. Plus, simplify security operations through effective threat protections enhanced with comprehensive cloud context.
  • VM-Series Virtualized Next-Generation Firewall: Embedding the VM-Series in your application development life cycle to complement native security services can prevent data loss and business disruption, allowing your public cloud migration to accelerate.

A More Secure Everywhere 

We’re excited to add Twistlock’s and PureSec’s technologies to our cloud security suite and welcome two exceptional teams that bring additional cloud expertise to Palo Alto Networks. 

View the original post at Palo Alto Networks.

A Quarter of People in EMEA Prefer their Cybersecurity Managed by Artificial Intelligence

Wednesday, July 10th, 2019

Palo Alto Networks finds over half of respondents take responsibility for their data online

An online study of more than 10,000 respondents in EMEA conducted by Palo Alto Networks and YouGov alongside Dr Jessica Barker, an expert in the human nature of cybersecurity, explores attitudes towards new cybersecurity technologies, such as artificial intelligence (AI), and how these technologies protect their digital way of life.

Just over a quarter (26%) of EMEA respondents would prefer their cybersecurity to be managed by AI rather than a human. Italy has the most confidence in relying on AI (38%), while in the UK only 21 percent of people prefer AI over humans to protect their digital way of life. [each market to add local insight].

The research suggests that those who are more open to AI technologies have a positive outlook on the role cybersecurity plays in their day-to-day lives. Almost a third (29%) of respondents online who preferred their cybersecurity managed by AI feel having cybersecurity checks in place has a very positive impact on their overall online experience, compared to the combined average of 20 percent.

Greg Day, VP and CSO EMEA at Palo Alto Networks, comments on the findings: “AI is already playing a vital role in cybersecurity, helping to detect and prevent breaches with new capabilities that the human brain simply could not achieve. It is encouraging, therefore, to see the gap closing between AI- and human-managed cybersecurity technologies, and the positive attitude towards cybersecurity checks that comes with a preference for AI technologies is one we hope to see embraced by more people in the future. Humans are risk averse, yet innovation requires taking new steps, and many still see change as risk. Taking responsibility for data loss and keeping personal data secure is the first step in ensuring we are using best practice within a business, and education is key in helping respondents feel safer online.”

The study also uncovered mixed views on the perceived security of internet of things (IoT) technologies, such as smart home devices and wearables: 38 percent of EMEA respondents believe them to be secure, with a similar number (43%) thinking the opposite. However, this did vary across the region, with those in the UAE most trusting of IoT’s security (71% believe it to be secure), whereas a higher proportion in Germany (53%), France (48%), and the UK (46%) believe them to be insecure.

Topics like data privacy and ethics are becoming more mainstream, and Dr Jessica Barker says it’s not surprising to see hesitation in adopting new technologies like AI and IoT, commenting: “When any new technology emerges, there is often a reticence among many to embrace the change, even when it offers an improvement to our way of life. Telephones, trains and televisions were all a source of fear for the general public when they were first introduced. Many people are unaware of the way in which AI and machine learning are already enabling our use of technology, protecting our data and preventing cyberattacks, largely because it is often non-invasive to the end-user. This can mean people feel hesitant about the concept of embracing AI, without realising that it is already a positive presence in their lives. It is interesting to note that IoT is considered insecure by the majority of participants, whereas most people feel that technology, in general, is helping them to be more secure online. This suggests that the technology industry needs to address security and privacy concerns surrounding IoT in a meaningful and transparent manner.”

Other key findings from the online research include:

  • While there is a generational divide when it comes to preferring cybersecurity managed by AI, it isn’t as polarising as expected, with Millennials showing a marginal preference (31%) compared to Baby Boomers (23%).iv
  • Cybersecurity self-reliance is a global trend with 54 percent of respondents taking responsibility for their personal data when online:
    • The divide between the younger (18-24) and older (55+) generations is more prominent here, with only 43 percent of the younger demographic taking responsibility for their own personal data compared to 58 percent of those aged 55 and above.
  • A quarter (25%) of respondents feel cybersecurity should be the responsibility of law enforcement, and 28 percent feel it is down to the government.
  • The cybersecurity message is getting through to people; a majority of respondents (44%) agree that cybersecurity technologies give them the ability to spend less time worrying about personal data loss, versus the 14 percent who disagree.
  • 67 percent of respondents feel they are doing all they can to prevent the loss of their personal data:
    • This rises to 75 percent of respondents ages 55 and over and falls to 59 percent for 25- to 34-year-olds.
    • 77 percent of respondents in the UAE and France agree with this statement, while only 60 percent of those in Italy and Sweden agree.

Dr Barker adds: “Trust is so important in cybersecurity. People want to be actively engaged in better protecting themselves online, and they embrace technology that supports them in this. The knowledge acquired can then be transferred to other areas of their lives, most importantly, the workplace. It is interesting to see that older participants feel a greater sense of responsibility over their data than younger participants. There are a number of factors which could help explain this, one being that the older generation are more likely to have been exposed to cybersecurity training and practices in the work environment, and this could have influenced their mindset to be more security conscious. It could also be that the younger generation is more likely to regard security as a collective responsibility, as part of a culture that is more centred on sharing.”

Greg Day concludes: “The results of this study provide some key takeaways for businesses. It’s important that they take into account perceptions of technologies like AI and IoT when developing new products and services, as well as getting ahead of new threats targeting the next-generation networks they will rely on. Building and maintaining trusted capabilities will only be achieved through prioritising cybersecurity and data privacy, and communicating openly and honestly. Through applying these new technologies responsibly and adopting them into our day to day lives, we can create a world where each day is safer and more secure than the one before.”

About the Research

All figures, unless otherwise stated, are from YouGov Plc. Total sample size was 10,317 adults, of which 1,016 were from Netherlands; 1,021 were from Italy; 1,005 were from UAE; 1,041 were from France; 1,953 were from Sweden; 2,181 were from Germany; and 2,100 were from the UK. Fieldwork was undertaken between 29 April and 16 May 2019. The survey was carried out online. The figures have been weighted and are representative of all adults (aged 18+) in each country:

  • Countries surveyed were Netherlands, Italy, UAE, France, Sweden, Germany, and the UK.
  • Thinking about cybersecurity when you are online (e.g., shopping online, using social media, online banking, etc.) on any device … ;Which ONE, if either, of the following would you prefer?

  • Respondents online were given the following description to read before answering to what extent cybersecurity checks (i.e., checks that you need to pass to be able to pay for a product/service online; e.g., proving you are ‘not a robot’ [CAPTCHA], re-entering passwords/details) positively or negatively impact their overall digital experience on a 0 to 10 positivity scale with 0 being very negatively, 10 being very positively.
“Digital experience is how well or not a consumer experiences using an online service like shopping or banking.  A good digital experience includes when you searched for an item to buy online, you found it quickly, it was available to buy and you were able to checkout with little problems etc. A bad digital experience includes when the website or app runs very slowly, there were broken links, it required you to add in lots of information manually etc.” ‘Very negatively’ was defined as respondents selecting a score of 0, 1, or 2 on this scale. ‘Very positively’ was defined as respondents selecting a score of 8, 9, or 10 on this scale.
  • Millennials are defined as 18- to 34-year-olds and Baby Boomers are aged 45 and over.
  • Still thinking about cybersecurity when you are online (e.g., shopping online, using social media, online banking, etc.) on any device …  In general, which, if any, of the following do you feel should be responsible for the security of your personal data? (Please select all that apply.)

About Palo Alto Networks

Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. Our mission is to be the cybersecurity partner of choice, protecting our digital way of life. We help address the world’s greatest security challenges with continuous innovation that seizes the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are at the forefront of protecting tens of thousands of organizations across clouds, networks, and mobile devices. Our vision is a world where each day is safer and more secure than the one before. For more information, visit

Palo Alto Networks, PAN-OS, and the Palo Alto Networks logo are trademarks of Palo Alto Networks, Inc. in the United States and jurisdictions throughout the world. All other trademarks, trade names, or service marks used or mentioned herein belong to their respective owners.

SOURCE Palo Alto Networks, Inc.

Introducing Prisma, a New Approach to Cloud Security

Friday, June 21st, 2019

Today we introduced Prisma, a new cloud security suite. We believe Prisma will transform the cloud journey for our customers by securing access, protecting data, and securing applications.

From the beginning, our approach to cloud security has been aimed at delivering the best security while embracing the unique needs of the cloud. We provide customers with complete visibility as well as recommended configurations across their entire cloud environment to ensure a strong security posture from the start and consistently prevent attacks.

The Prisma suite gives customers what they need to govern access, protect data and secure applications. It has four key components:

  • Prisma Access secures access to the cloud for branch offices and mobile users anywhere in the world with a scalable, cloud-native architecture, blending enterprise-grade security with a globally scalable network. It will soon run on Google Cloud Platform (GCP™), extending the service to more than 100 locations for an even faster and more localized experience.
  • Prisma Public Cloud provides continuous visibility, security and compliance monitoring across public multi-cloud deployments. Powered by machine learning, it correlates data and assesses risk across the cloud environment. Starting today, customers can further reduce their attack surface early in the development cycle through a “shift left” approach to security. With the ability to detect vulnerabilities and fix improper configurations in customers’ infrastructure-as-code templates, developers can reduce risk without sacrificing agility.  
  • Prisma SaaS is a multi-mode cloud access security broker (CASB) service that safely enables SaaS application adoption. New integrations will bring improved administration experience across IT-sanctioned and IT-unsanctioned SaaS applications with unified visibility and management.
  • VM-Series is the virtualized form factor of the Palo Alto Networks Next-Generation Firewall that can be deployed in private and public cloud computing environments, including Amazon Web Services (AWS®), GCP, Microsoft Azure®, Oracle Cloud®, Alibaba Cloud®, and VMware NSX®.

Check out the new Prisma site for details on products in the suite and how they can provide security support at every stage of your cloud journey.

All Layers Are Not Created Equal

Tuesday, May 14th, 2019

By John Kindervag

How the Principles of Journalism Help Define Zero Trust Policy

Everyone knows that in order for a news article, blog post or white paper to have any credibility, a writer needs to cover the “who, what, where, when, why and how” of the topic. Without covering these things, the reader is left with a partial story. We can credit Rudyard Kipling for clearly defining these journalistic essentials for us:

I keep six honest serving-men

(They taught me all I knew);

Their names are What and Why and When

And How and Where and Who.

-Rudyard Kipling, Just So Stories, 1902

However, the usefulness of this “Kipling Method” extends far beyond journalistic best practices. For years, I have used the Kipling Method to help companies define policy and build Zero Trust networks. It ensures that security teams are thorough in their definitions and that anyone, including non-technical business executives, can understand cybersecurity policies due to the simplicity of the approach. Given that the first design principle of Zero Trust is to focus on business objectives, this method is particularly useful.

Policy at Layer 3 vs. Policy at Layer 7

In order to actually apply the Kipling Method and build a real Zero Trust architecture, you need to understand why it cannot be done with Layer 3 technologies.

First, what is the difference between Layer 3 and Layer 7? Layer 3 is the layer where information is evaluated based only on IP address, port or protocol. It is severely limited by the lack of information that can be seen. IP addresses can be spoofed. Simple port scans will uncover all the open ports so that the attacker can encapsulate stolen data and exfiltrated across the open port, and the protocol is really just a metadata tag to help the administrator understand the type of traffic that is supposed to be traversing a specific port. Most importantly, ALL adversaries know how to bypass Layer 3 controls. You need to be able to define things with higher fidelity to keep your company secure.

Layer 7 is much more specific. It is where information is evaluated based on the actual application that’s being used (for example, defining Facebook as a unique application rather than traffic running across ports 80 and 443). While at Forrester, I created a five-step methodology to a Zero Trust network. The fourth step states that you need to write policy rules for your segmentation gateway based on the expected behaviour of the data and the user or applications that interact with that data. This is what the Palo Alto Networks Next-Generation Firewall, serving as a segmentation gateway in a Zero Trust environment, allows you to do, and due to the granularity of the policy, it can only be done at Layer 7.

Applying the Kipling Method Using the Palo Alto Networks Next-Generation Firewall

Here’s how you can apply the Kipling Method when deploying the Palo Alto Networks Next-Generation Firewall, using our revolutionary User-ID, App-ID and Content-ID technologies:

User-ID becomes a WHO statement: “Who is accessing a resource?”

User-ID is a Layer 7 instantiation of the approximation given by the source IP address. For example, we can grab OUs from Active Directory to pull domain users into a custom User-ID. We can then add things like multifactor authentication (MFA) or the Host Information Profile (HIP) from our GlobalProtect client to enrich the fidelity of the “Who” statement. We can also add MFA to a User-ID and an additional attribute for more granular control.

App-ID becomes a WHAT statement: “What application is being used to access the resource?”

Palo Alto Networks currently has more than 2800 published App-IDs (visit Applipedia to see the growing list) to be used in building these rules. This means that attackers can no longer use a generic application, such as web services (HTTP/HTTPS), to bypass the security control.

Content-ID becomes a HOW statement: “How should the User-ID and App-ID traffic be allowed to access a resource?”

Content-ID includes Threat Prevention rules, our advanced intrusion prevention capability; SSL Decryption so that malicious traffic and stolen data can’t hide inside of encrypted tunnels; URL Filtering so that users don’t go to malicious or phishing domains; WildFire, our state-of-the-art sandbox technology that redefines the way malware is stopped; and our new DNS Security service, which applies predictive analytics for automated protections to thwart attacks that use DNS.

With these three technologies defining WHO, WHAT and HOW statements, a basic Kipling Method Layer 7 rule can be easily defined and then implemented using our Panorama management system. Additionally, PAN-OS has the ability to add a WHEN statement (a time delineated rule); a WHERE statement, which is the location of the resource (this can often be automatically pulled into Panorama via an API); or a WHY statement by reading metadata from a data classification tool and using that in the rule.

The Kipling method has been designed to help both business leaders and security administrators define granular, Layer 7 policies using the simple who, what, when, where, why and how methodology given to us by Rudyard Kipling. Individuals who have never considered writing firewall policy can easily understand this methodology and help define the criteria necessary to create a rule set for your segmentation gateway.

View the original post by John Kindervag, Palo Alto Networks.

Palo Alto Networks Introduces Cortex, the Industry’s Only Open and Integrated, AI-Based Continuous Security Platform

Friday, March 8th, 2019

Palo Alto Networks (NYSE: PANW), the global cybersecurity leader, today introduced three significant advancements aimed at harnessing the power of advanced AI and machine learning to transform how security will be managed in the future.

Introducing Cortex™
Cortex is the industry’s only open and integrated, AI-based continuous security platform. Cortex is a significant evolution of the Application Framework designed to simplify security operations and considerably improve outcomes. Deployed on a global, scalable public cloud platform, Cortex allows security operations teams to speed the analysis of massive data sets. Cortex is enabled by the Cortex Data Lake, where customers can securely and privately store and analyze large amounts of data that is normalized for advanced AI and machine learning to find threats and orchestrate responses quickly.

Cortex XDR™ – Breaking Data Silos
Cortex XDR is the first-of-its-kind detection, investigation and response product that natively integrates network, endpoint and cloud data. Cortex XDR uncovers threats using behavioral analytics, accelerates investigations with automation, and stops attacks before damage is done through tight integration with existing enforcement points.

Traps™ 6.0 – Great Prevention Gets Even Better
Traps endpoint protection and response now includes a Behavioral Threat Protection engine that stops advanced threats in real time by stitching together a chain of events to identify malicious activity. Traps 6.0 acts as the ultimate data collection sensor for Cortex Data Lake, gathering the most comprehensive endpoint security data in the industry. In conjunction with Cortex XDR, customers can use Traps to extend their prevention capabilities to include detection and response across their entire digital infrastructure with a single agent.


“While detection and response are integral components of cybersecurity defense, the current model of disjointed standalone products leaves organizations with blind spots and conflicting data,” said Lee Klarich, chief product officer at Palo Alto Networks. “We believe the only way to solve this is with best-in-class prevention, combined with the ability to normalize and analyze data at scale from as many sources as possible, applying AI and machine learning to automatically detect and quickly respond to threats.”

“While endpoint and detection response tools are valuable, they give a limited view of what an attack may look like,” said Fernando Montenegro, senior analyst at 451 Research. “Security teams need more sources of data so that they can find and block threats faster across what are increasingly complex enterprise environments. We believe integrating data across endpoint, network and cloud is a positive step toward better addressing these security needs.”

New Partnerships Behind Cortex
To support the rollout of Cortex XDR, five managed security service partners will launch offerings that deliver round-the-clock threat monitoring, detection and response services to Palo Alto Networks customers. The partnerships in place are with PwC, Critical Start, ON2IT, BDO and Trustwave.

Pricing and Availability
Cortex Data Lake and Traps 6.0 will be available immediately to customers worldwide. Cortex XDR will be available to customers on March 4, 2019.

Learn More
Cortex XDR
Cortex Data Lake
Traps endpoint protection and response

View the original post by Palo Alto Networks.

Introducing PAN-OS 9.0: Stop Threats Hiding in DNS, Close Security Gaps

Tuesday, February 19th, 2019

We’re excited to announce PAN-OS 9.0, the latest version of the software that powers our next-generation firewalls. PAN-OS 9.0 delivers over 60 tightly integrated innovations that strengthen security. The new DNS Security service continues our tradition of expanding the platform and replacing disconnected point products. We have always set the standard for next-generation firewalls — keeping you on the cutting edge while simplifying security.

Here are a few highlights from PAN-OS 9.0.

Stop threats hiding in DNS traffic

DNS is essential to running your business, but according to the Unit 42 threat research team, almost 80 percent of malware uses DNS to establish command and control. Today, security teams lack the visibility, scale, and agility needed to stop threats that use DNS. Our new DNS Security service applies predictive analytics and infinite cloud scale to disrupt attacks that use DNS for command and control or data theft. Using shared threat intelligence and machine learning, DNS Security enables teams to quickly identify threats hidden in DNS traffic. Because the service is tightly integrated with our next-generation firewall, customers get automated protections and eliminate the need for independent tools or changes to DNS infrastructure.

Close dangerous policy gaps faster and more easily

The new Policy Optimizer strengthens security by closing dangerous policy gaps left by legacy firewall policies. Policy Optimizer’s simple workflows use intelligence gathered by PAN-OS to easily move from legacy rules to App-ID-based rules. Taking complexity out by removing scores of legacy rules reduces human error, which is a leading cause of data breaches. With PAN-OS 9.0, we continue to deliver the tools you need to implement best practices that reduce the risk of attack.

Reduce web-based threat exposure

We’ve taken URL Filtering to the next level with powerful new capabilities to protect your organization from web-based threats. Applied analytics powers granular web policy for more control and flexibility than ever. New risk ratings take the guesswork out of choosing which sites to block or allow. Based on policy, automated actions let you trigger additional inspection or containment, including turning on SSL decryption. Machine learning-based image recognition dramatically increases phishing detection, finding even the most evasive sites attempting to steal your credentials. And finally, your protection is always up to date with instant updates for newly discovered malicious sites.

Protect your network with the fastest next-generation firewall ever

Organizations with large data centers, high volumes of encrypted traffic, and a growing ecosystem of internet of things (IoT) devices must secure more network traffic than ever. Our PA-7000 Series, with new line cards, is the fastest next-generation firewall in the industry, delivering performance without compromising security. Our all-new Network Processing Cards (NPCs), Switch Management Cards (SMCs), and Log Forwarding Cards (LFCs) deliver 350 Gbps of protected throughput, measured with application identification, intrusion prevention, antivirus, anti-spyware, advanced malware analysis, and logging enabled. Palo Alto Networks customers can use the improved cards with their existing chassis and cards, ensuring their security investments are protected.

Consistently secure all of your clouds

Organizations want consistent security across multiple public clouds and virtualized data centers. The VM-Series now provides the broadest range of public cloud and virtualized data center environments by adding support for Oracle Cloud, Alibaba Cloud, Cisco ENCS, and Nutanix. Firewall throughput performance improvements for AWS and Azure of up to 2.5X combined with autoscaling and transitive architectures allow our customers to automate security for dynamic and large-scale public cloud deployments.

Secure large environments at scale

New innovations to Panorama make scaling network security easier. With PAN-OS 9.0, security teams can manage up to 5,000 firewalls with a single instance of Panorama. When required, customers can use Panorama Interconnect plugin to scale the single pane of glass to 30,000 firewalls. Panorama manages security for the entire network using a single security rule base for firewall, threat prevention, URL filtering, application awareness, user identification, advanced malware analysis, file blocking, and data filtering. Panorama helps administrators reduce operational workload and meet budget constraints, while improving overall security posture.

Strengthen network and security operations

New Transformation Services offerings will strengthen security with deep analysis of configuration and network traffic as well as enforcement of advanced security policies. These next-generation firewall, threat, and security operations services are designed to complement our Security Operating Platform by focusing on operational capabilities. This provides maximum protection to enable businesses for future growth.

To learn more, visit our PAN-OS 9.0 security page.

Watch Lee Klarich, chief product officer, dive into what’s new in PAN-OS 9.0.

View the original post by Palo Alto Networks.

Palo Alto Networks Joins Net-Ctrl on Stand C61

Thursday, January 10th, 2019

Net-Ctrl will be able to demo a range of Palo Alto Networks solutions on our BETT stand (C61).

Cyberattacks in the Education Sector are increasing year on year. This area is one that cybercriminals feel they can exploit more successfully as they know that IT teams are stretched. They know that due to tight budgets equipment is likely to be ageing and with the introduction of BYOD the attack surface is only increasing which has a knock-on effect adding even more pressure to schools to keep their students and their data secure.

Palo Alto Networks aims to help schools with this by putting in an Automated Security Platform that works without the need for human intervention, with their Threat Intelligence cloud they ensure that the system is constantly updated with the latest threats in the industry and with their TRAPS endpoint protection they can extend this protection out to endpoints and BYOD devices.

Outside of Core Security Palo Alto Networks are also able to assist Schools with Safe-Guarding with the following:

  • URL Filtering
  • Categorisation and Control of Websites
  • Application Control
  • Ensure that only authorised applications are in use on the School Network
  • Search Engine Alerts
  • Real-Time awareness of search queries
  • Visibility Reports
  • Show granular visibility of Network and web-based activity by user

Come and visit Net-Ctrl and Palo Alto Networks on stand C61 at BETT 2019 to learn more about how Palo Alto Networks can fit into your school’s infrastructure. We will have a dedicated team able to answer your questions and provide solution demonstrations.

BETT 2019 is going to be held at the Excel in London from the 23rd – 26th January. Book your free ticket now.

If you would like to book a meeting slot in advance email

Enhanced Network Security with Pulse Policy Secure and Palo Alto Networks Firewall

Thursday, December 13th, 2018

In today’s IT world, Internet and networking technologies have evolved to offer unprecedented services to the end users. Billions of Internet of Things devices are being deployed across all industries, and with this also means allowing access to important and confidential data and resources which brings significant security risks to business IT systems.

Organizations need to implement solutions to address challenges from a security standpoint and the best way to eliminate every possible risk associated with technology is to bring ecosystem and interoperate. One such solution is our award-winning Pulse Policy Secure (NAC) integrated with Palo Alto Networks Firewall.

Pulse Policy Secure provides a Network Access Control solution at an endpoint/user level and provides intelligent Identity-based access by quickly learning contextual data (endpoint IP address, User ID and User role) and shares this with Palo Alto Networks firewall to take appropriate actions to allow or deny access.

Pulse Policy Secure also provides enhanced network security to protect from vulnerable devices with altering based integration with PAN Firewall. Through this joint solution, organizations, users, and customers are protected from cyber threats.

In addition to the above integration, Pulse Secure offers a seamless secure access solution using session federation via IF-MAP framework. This can be achieved within an enterprise network by sharing session information across Pulse Policy Secure or Pulse Connect Secure using an IF-MAP protocol through an IF-MAP server. Once an end user connects remotely or locally to the corporate network and gets authenticated by Pulse Connect Secure or Pulse Policy Secure. The federation requires Dynamic AUTH table provisioning on the PAN firewall and allows secure access to the protected resource based on the resource access policies that are configured on PPS.

Additional information on how to deploy and implement this joint solution is available at

Check out these resources on our latest NAC release, Pulse Policy Secure 9.0r3:

Zero Trust Secure Access for The Smart Factory Floor Infographic

Pulse Secure Access for the Industrial Internet of Things (IIoT)

Pulse Secure Expands Zero Trust Security for IoT


View the original post by Pulse Secure.

Palo Alto Networks a Seven-Time Gartner Magic Quadrant Leader

Wednesday, October 10th, 2018

Palo Alto Networks® (NYSE: PANW), the global cybersecurity leader, today announced that, for the seventh consecutive time, the company has been recognized in the Leaders quadrant of the “Magic Quadrant for Enterprise Network Firewalls” by Gartner Inc.

According to the report, “The Leaders quadrant contains vendors that build products that fulfil enterprise requirements. These requirements include a wide range of models, support for virtualization and virtual LANs, and a management and reporting capability that is designed for complex and high-volume environments, such as multitier administration and rule/policy minimization. A solid NGFW capability is an important element, as enterprises continue to move away from having dedicated IPS appliances at their perimeter and remote locations. Vendors in this quadrant lead the market in offering new features that protect customers from emerging threats, provide expert capability rather than treat the firewall as a commodity and have a good track record of avoiding vulnerabilities in their security products. Common characteristics include handling the highest throughput with minimal performance loss, offering options for hardware acceleration and offering form factors that protect enterprises as they move to new infrastructure form factors.”

The Magic Quadrant for Enterprise Network Firewalls(1) evaluates vendors’ ability to execute as well as their completeness of vision.


“We’re thrilled that Gartner has recognized our leadership over the past seven times in its Gartner Magic Quadrant for Enterprise Network Firewalls. In the past 15 months, we have introduced updated versions of almost every next-generation firewall we offer, and have delivered new models which allow us to solve additional use cases for our customers. We believe our cloud-delivered subscriptions are natively integrated into our firewalls and offer best-in-class network security protection, as well as eliminate the need for our customers to deploy multiple point product offerings.”
– René Bonvanie, CMO, Palo Alto Networks

More than 54,000 customers in more than 150 countries have chosen Palo Alto Networks for its continuous innovation in security, automation and analytics.

To learn more about the Palo Alto Networks Security Operating Platform, visit:

To learn more about the Palo Alto Networks Next-Generation Firewall, visit:

To read a complimentary copy of the complete report, visit:

  1. Gartner, Magic Quadrant for Enterprise Network Firewalls, Adam Hils, Jeremy D’Hoinne, Rajpreet Kaur, October 4, 2018.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

View the original posts at

You Don’t Know What You’re Missing on Your Network

Tuesday, March 27th, 2018

Today’s cyber threats hide in plain sight amidst your network traffic, making them nearly impossible to defend against. These advanced threats use applications as their infiltration vector, exhibit application-like evasion tactics and they leverage commonly used network applications for exfiltration.

Legacy point products are blind to much of what goes on in the network. Hackers exploit this.

Net-Ctrl and Palo Alto Networks are offering an assessment that reveals the Unknown in your network.

Here is some of what you will see:

  • Malware and spyware on your network
  • Unauthorised applications
  • Violations of your security policies
  • Malicious websites employees are accessing
  • Non-work-related applications and activity
  • Shadow IT

How it works: We put the Palo Alto Networks® Next-Generation Security Platform on your network to passively monitor traffic for just one week.

We deliver to you the Security Lifecycle Review (SLR). The SLR reveals under-the-radar activity on your network and the risks to your business. We meet with you to explain the findings, answer your questions, and offer practical recommendations. The SLR is cost-free, risk-free and obligation-free.

To schedule or learn more about the SLR, please complete our Contact Form and we will schedule a call with one of our engineers.