AskPANW

as attackers target end users as a waypoint to the data center, enterprises are realizing that they need to spend on the border between their users and the data center together with the border to the Internet

Palo Alto Networks0

Last call for questions: @nirzuk will be with us for another 10 minutes, so keep 'em coming #AskPANW

John Furrier1

Nir: What did you learn from Netscreen that you brought to Palo Alto Networks. Netscreen built a great product;

I think that everything you do uses a combination of all your past experiences. I am not sure I can put my finger on specific things I have learnt at NetScreen

Palo Alto Networks1

#AskPANW @nirzuk Another pre-submit Q: Many network security vendors claim signatures are dead, do u agree?

i disagree. Signatures are still the only mechanism that can scan traffic at multi gig speeds with acceptable latency. I think that the new network security architecture changes how quickly *relevant* signatures get generated and delivered

John Casaretto2

@nirzuk Cagefight: WildFire vs FireEye - Winner?

the solution will win over the yet another firewall helper

John Casaretto Had to go there :) FE's Aziz said they had no real competition a while back - got to love the thrill of the sport

Paul Wasek2

I have been noticing that other vendors are starting have a similar feature like wildfire. Is PANW looking to add or enhance current security features?

we have already gotten used to the other fw vendors copying everything we do. luckily we are good at staying ahead of them and increasing the gap with every release

Palo Alto Networks1

#AskPANW @nirzuk Are company insiders or company outsiders a greater threat to cyber security?

there is no much difference anymore, given that the outsiders favorite attack vector is to take over an internal machine and from there jump to the data center. For the purpose of securing the enterprise they are both the same

John Casaretto4

@nirzuk We hear much about APT's - how best to mitigate? Analytic security products seem own the headlines but not everyone is ready just yet - Are slow-adopters left to process/technology?

4 Votes Vote

the solution will be a combination of processes and technologies all working together. enterprises are still trying to figure out what to do. a quick advise - if you think you found a killer solution - you are probably wrong

I think we'll end up with a new network security architecture to deal with modern threats

ilan2

Are the enterprise really serious about BYOD?

They don't have a choice. End users are not asking them whether it's okay to BYOD. Sensitive coprorate information is making its way to personal mobile devices and something needs to be done to protect it

Pires Fábio1

The best PAN appliance has an throughput of 20Gbps (firewall) and 15(threat), but hauwei has 35Gbps (firewall) and 25(threat). is nice to know that pan as GSP support but In an ISP scneario, witch one will be the best appliance to ensure the security ?

it's not about how fast you run but rather what you do at that speed. ISPs are trying to provide more than basic firewall and are turning to Palo Alto Networks for help. In any case, we have already said a 100Gbps device is in the works

Pires Fábio Thanks for the repply. So PAN can be applied not only in corporative scnearios but in ISP too, right ? And you a 100Gbps appliance to deal with it. is it? Can you tell me more about anti-spam ? i know palo alto do not support that, but in ISP...

Pires Fábio ... is impossible to have blacklists and block users.. in your opinion, what is the best solution ?

I believe anti-spam belongs in a dedicated system rather than in an inline firewall