Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Palo Alto Networks aspires to anti-malware defense role with WildFire

Ellen Messmer | Nov. 15, 2012
Palo Alto Networks wants its next-generation firewall to be the center of enterprise security, giving it a malware-detection and analysis capability called WildFire that's intended to inspect all traffic passing through the firewall to detect targeted attacks within 30 minutes.

Klarich further piled on the antivirus vendors, saying days go by and still the A/V vendors don't have coverage for 40% of the malware Palo Alto is finding. But it's the first 24 hours that are important to respond to any attack that penetrates into the corporate network, he said.

In spite of its tough words for antivirus vendors, Palo Alto says it regards WildFire as an addition to network defense, not a substitute for antivirus software. Klarich acknowledged WildFire still remains an evolving threat-detection service.

Palo Alto's stance is that its NGFW can and should be the cornerstone for an expanding wide range of defense based on application-aware controls and features such as URL and reputation-based filtering, which Palo Alto this week said it is now doing based on its own research and development, rather than relying on third-party licensing.

But in an age where companies are now trying to come to grips with the influx of mobile devices, including Google Android and Apple iOS smartphones and tablets, often in situations where employees are allowed to "bring your own device," it's a question how successful a strategy can be that relies on pushing traffic through corporate firewalls to meet security policies.

Palo Alto does have client software called GlobalProtect for Windows and Mac computers that can direct remote traffic to the firewall for application-aware security, and versions for Apple iOS and Google Android that connect via IPsec.

Mike Dundas, senior manager, security architecture at TD Bank, who yesterday spoke at the Ignite user conference about the bank's global rollout and centralized management of Palo Alto NGFWs, pointed out the application-aware firewalls are playing a key role in understanding if TD Bank is being attacked. But he acknowledged his firm is grappling with the BYOD question.

"We're just exploring BYOD," Dundas noted, adding that the bank does use some tablets. TD Bank is not using the Palo Alto software but that's under consideration, as well as using another vendor's mobile-device management software. Next year will be when TD Bank wants to finalize its security approach to BYOD and mobile, said Dundas.


Previous Page  1  2 

Sign up for CIO Asia eNewsletters.