Palo Alto Networks PA-5450
ML-Powered NextGeneration Firewall (NGFW)

ML-Powered Next-Generation Firewall

• Embeds machine learning (ML) in the core of the firewall to provide inline signatureless attack prevention for file- based attacks while identifying and immediately stopping never-before-seen phishing attempts.
• Leverages cloud-based ML processes to push zero-delay signatures and instructions back to the NGFW.
• Uses behavioral analysis to detect IoT devices and make policy recommendations as part of a cloud-delivered and natively integrated service on the NGFW.
• Automates policy recommendations that save time and reduce the chance of human error.

Identifies and Categorizes All Applications, on All Ports, All the Time, with Full Layer 7 Inspection

• Identifies the applications traversing your network irrespective of port, protocol, evasive techniques, or encryption (TLS/SSL)
• Uses the application, not the port, as the basis for all your safe enablement policy decisions: allow, deny, schedule, inspect, and apply traffic-shaping.
• Offers the ability to create custom App-ID™ tags for pro- prietary applications or request App-ID development for new applications from Palo Alto Networks.
• Identifies all payload data within an application (e.g., files and data patterns) to block malicious files and thwart exfil- tration attempts.
• Creates standard and customized application usage reports, including software-as-a-service (SaaS) reports that provide insight into all sanctioned and unsanctioned SaaS traffic on your network.
• Enables safe migration of legacy Layer 4 rule sets to App-ID-based rules with built-in Policy Optimizer, giving you a rule set that is more secure and easier to manage.

Offers AI-Powered Unified Management and Operations with Strata Cloud Manager

• Prevent network disruptions: Forecast deployment health and proactively identify capacity bottlenecks up to seven days in advance with predictive analytics to proactively prevent operational disruptions.
• Strengthen security in real time: AI-powered analysis of policies and real-time compliance checks against industry and Palo Alto Networks best practices.
• Enable simple and consistent network security management and ops: Manage configuration and security policies across all form factors, including SASE, hardware and software firewalls, and all security services to ensure consistency and reduce operational overhead.

Best-in-Class Cloud-Delivered Security Services Powered by Precision AI

• Advanced Threat Prevention: Stop known and unknown exploits, malware, spyware, and command-and-control (C2) threats, including 60% more injection attacks and 48% more highly evasive C2 traffic than traditional IPS solutions with industry-first zero-day attack prevention.
• Advanced WildFire®: Ensure safe access to files with the industry’s largest malware prevention engine, stopping up to 22% more unknown malware and turning detection into prevention 180X faster than competitors.
• Advanced URL Filtering: Ensure safe access to the web and prevent 40% more threats in real time than traditional filtering databases with industry-first prevention of known and unknown phishing attacks, stopping up to 88% of malicious URLs at least 48 hours before competitors.
• Advanced DNS Security: Protect your DNS traffic and stop advanced DNS-layer threats, including DNS hijacking, all in real time with 2X more DNS-layer threat coverage than competitors.
• Next-Generation CASB: Discover and control all SaaS consumption in your network with visibility into 60K+ SaaS apps and protect your data with 28+ API integrations.
• IoT Security: Secure your blind spots and protect every connected device unique to your vertical with the industry’s most comprehensive Zero Trust solution for IoT devices, discovering 90% of devices within 48 hours

Enables SD-WAN functionality

• Allows you to easily adopt SD-WAN by simply enabling it on your existing firewalls.
• Enables you to safely implement SD-WAN, which is natively integrated with our industry-leading security.
• Delivers an exceptional end user experience by minimizing latency, jitter, and packet loss.

Prevents malicious activity concealed in encrypted traffic

• Inspects and applies policy to TLS/SSL-encrypted traffic, both inbound and outbound, including for traffic that uses TLS 1.3 and HTTP/2.
• Offers rich visibility into TLS traffic, such as amount of encrypted traffic, TLS/SSL versions, cipher suites, and more, without decrypting.
• Enables control over use of legacy TLS protocols, insecure ciphers, and misconfigured certificates to mitigate risks.
• Facilitates easy deployment of decryption and lets you use built-in logs to troubleshoot issues, such as applications with pinned certificates.
• Lets you enable or disable decryption flexibly based on URL category, source and destination zone, address, user, user group, device, and port, for privacy and compliance purposes.
• Allows you to create a copy of decrypted traffic from the firewall (i.e., decryption mirroring) and send it to traffic collection tools for forensics, historical purposes, or data loss prevention (DLP).

Delivers a unique approach to packet processing with Single-Pass Architecture

• Performs networking, policy lookup, application and de- coding, and signature matching-for all threats and con- tent-in a single pass. This significantly reduces the amount of processing overhead required to perform multi- ple functions in one security device.
• Avoids introducing latency by scanning traffic for all signa- tures in a single pass, using stream-based, uniform signa- ture matching.
• Enables consistent and predictable performance when security subscriptions are enabled. (In Table 1, "Threat Prevention throughput" is measured with multiple sub- scriptions enabled.)

Enforces security for users at any location, on any device, while adapting policy based on user activity

• Enables visibility, security policies, reporting, and forensics based on users and groups-not just IP addresses.
• Easily integrates with a wide range of repositories to lever- age user information: wireless LAN controllers, VPNs, directory servers, SIEMs, proxies, and more.
• Allows you to define Dynamic User Groups (DUGs) on the firewall to take time-bound security actions without wait- ing for changes to be applied to user directories.
• Applies consistent policies irrespective of users' locations (office, home, travel, etc.) and devices (iOS and Android® mobile devices, macOS®, Windows®, Linux desktops, lap- tops; Citrix and Microsoft VDI and Terminal Servers).
• Prevents corporate credentials from leaking to third-party websites and prevents reuse of stolen credentials by enabling multi-factor authentication (MFA) at the network layer for any application without any application changes.
• Provides dynamic security actions based on user behavior to restrict suspicious or malicious users.
• Consistently authenticates and authorizes your users, regardless of location and where user identity stores live, to move quickly toward a Zero Trust security posture with Cloud Identity Engine—an entirely new cloud-based architecture for identity-based security