Palo Alto Next Generation Firewall PA-1400 Series

The ML-based next-generation firewalls in the PA-1400 series from Palo Alto Networks, consisting of the PA-1420 and PA-1410 models, have been specially developed to provide secure connectivity for branch offices and medium-sized businesses. These firewalls are based on PAN-OS, the same software that runs all Palo Alto Networks NGFWs, and are capable of natively classifying all traffic, including applications, threats and content, and linking this traffic to the user regardless of location or device type. By using applications, content and users as the basis for your security policies, which are the essential elements of your business, the PA-1400 series can help improve your security posture and reduce incident response time.

Highlights

• As the world's first ML-powered NGFW, this product has been named a leader in the Gartner Magic Quadrant for Network Firewalls eleven times and a leader in The Forrester Wave: Enterprise Firewalls, Q4 2022.
• It delivers predictable performance with security services and simplifies the deployment of large numbers of firewalls with optional Zero Touch Provisioning (ZTP).
• The NGFW's native web proxy support also simplifies and consolidates the management of firewall and proxy functions.
• In addition, the product supports centralised management with Panorama network security management and extends visibility and security to all devices, including unmanaged IoT devices, without the need to deploy additional sensors.
• With support for high availability in active/active and active/passive modes, this product maximises security investments and prevents business interruptions with AIOp.

Key security and connectivity features

• ML-powered next-generation firewall

• The core of the firewall integrates machine learning (ML) to enable signatureless inline attack prevention for file-based attacks, while quickly detecting and stopping previously unknown phishing attempts.
   o The PA-1400 series is capable of continuously identifying and categorising all applications, regardless of the port used, with full Layer 7 inspection. The firewall can identify applications moving through your network, regardless of the port used, protocol, evasion manoeuvres or encryption (TLS/SSL). In addition, with the SaaS security subscription, it can automatically detect and control new applications as they emerge to keep pace with the explosive growth of SaaS. This gives you complete visibility and control over the applications used on your network at all times.

• Enforces security for users at any location and on any device, while adapting policies to user activities This solution enables improved visibility, security policies, reporting, and forensics based on user and group identities rather than relying solely on IP addresses. In addition, it integrates seamlessly with various repositories such as Wi-Fi controllers, VPNs, directory servers, SIEMs, proxies and more to leverage user information.

• Prevents malicious activities hidden in encrypted traffic
   o The PA-1400 series is capable of inspecting and enforcing policies for both inbound and outbound TLS/SSL-encrypted traffic, including traffic using TLS 1.3 and HTTP/2. It provides detailed insights into TLS traffic, such as the amount of encrypted traffic, TLS/SSL versions, encryption suites and other relevant information, without the need for decryption. In addition, it enables control over the use of older TLS protocols, insecure ciphers and misconfigured certificates, helping to mitigate potential risks.

• Provides centralised management and visibility
    o Centralised management, configuration, and visibility for multiple Palo Alto Networks NGFWs (regardless of location or scale) can be achieved through Panorama network security management. This provides a unified user interface for all devices and enables simplified management and monitoring.

• Native web proxy support for next-generation firewalls
   o Palo Alto NG firewalls enable the consolidation of firewall and proxy functions on a single platform that can be managed via a centralised management platform to create and implement policies.

• Offers a unique approach to packet processing with single-pass architecture PA-1400 products use a stream-based, unified signature comparison approach that allows traffic to be scanned for all signatures in a single pass, avoiding potential latency issues.

• SD-WAN functionality

• Detects and prevents complex threats with cloud-based security services
   In today's digital landscape, cyber attacks are becoming increasingly sophisticated and can generate up to 45,000 variants in just 30 minutes, using multiple threat vectors and advanced techniques to deliver malicious payloads. Traditional isolated security measures can pose significant challenges for businesses, including security gaps, increased workload for security teams, and business productivity issues due to inconsistent access and visibility. Seamlessly integrated with our industry-leading NGFWs, our cloud-based security services leverage the network effect of over 80,000 customers to coordinate intelligence and provide comprehensive protection against all threats across all vectors. This eliminates gaps in coverage at your locations and provides you with best-in-class security that is consistently delivered on a single platform and protects against even the most advanced and difficult-to-detect threats.
   o Advanced threat defence: Our security solution effectively stops known exploits, malware, spyware and command-and-control threats (C2). In addition, we use prevention methods that are unique in the industry to ward off zero-day attacks. This prevents up to 60% more unknown injection attacks and 48% more hard-to-detect command-and-control traffic than traditional IPS solutions.
   o Advanced WildFire: Palo Alto has automatic protection that ensures files are protected from known, unknown and hard-to-detect malware. With the industry's largest threat intelligence and malware prevention engine, we can defend against such threats 60 times faster.
   o Advanced URL filtering Our security solution guarantees secure access to the internet and offers real-time protection against known and unknown threats, preventing 40% more web-based attacks. Thanks to our industry-unique real-time prevention capabilities, we can stop 88% of malicious URLs at least 48 hours before other vendors, providing outstanding protection against Internet-based threats.
   o DNS security: Increase your protection against DNS attacks by 40% and prevent 80% of attacks that exploit DNS for data theft and command-and-control without making any changes to your existing infrastructure.
   o Enterprise DLP: Reduce the likelihood of data breaches, prevent unauthorised data transfers, and ensure compliance across your entire organisation with twice the coverage of any other cloud-based enterprise DLP solution.
   o SaaS Security: Keep pace with the rapidly growing SaaS landscape with our next-generation CASB, the industry's only solution that can automatically discover and secure all applications across any protocol.
   o IoT security: Protect all your connected devices and implement zero-trust security for your devices 20 times faster with the industry's most intelligent security solution designed specifically for smart devices.