PALO ALTO NETWORKS
NEXT GENERATION
SECURITY PLATFORM
!
!
Mar. 2016
1 | © 2016, Palo Alto Networks. Confidential and Proprietary.
PALO ALTO NETWORKS
!
2005
2012
!
!
NYSE
$M
$1,000
$928
365
$598
$600
2015
2016
26
$396
$400
120
: $297.2M (
$200
$119
$13
/ 26,000
$0
2 | © 2016, Palo Alto Networks. Confidential and Proprietary.
13,500
12,000
9,000
$255
$928.1M
1
55%UP)
19,000
20,000
16,000
2600
22
26,000
24,000
$800
24
28,000
$49
8,000
4,700
4,000
0
FY09 FY10 FY11 FY12 FY13 FY14 FY15
7月-117月-127月-137月-147月-15
CTO : Nir Zuk
2005-
Palo Alto Networks
2002-2005
NetScreen/Juniper
2000-2002
OneSecure
1994-1999
Check Point
(
(
)
)
-1999
3 | © 2016, Palo Alto Networks. Confidential and Proprietary.
(2015
)
NGFW
the network security company
“Palo Alto Networks is assessed as a
Leader, mostly because of its NGFW focus,
and because of its consistent visibility in
Gartner shortlists for advanced firewalls use
cases, frequently beating competition on
feature quality.”
--Gartner, Magic Quadrant for
Enterprise Network Firewalls
http://connect.paloaltonetworks.com/gartner-mq-2015
4 | © 2016, Palo Alto Networks. Confidential and Proprietary.
tm
4
Product
Product"Revenue
180$
160$
140$
$"in"millions
120$
the network security company
tm
100$
PANW
80$
CHKP
FTNT
60$
FEYE
40$
20$
!
5 | © 2016, Palo Alto Networks. Confidential and Proprietary.
! 
!
! 
! 
!
! 
! 
! 
AUTOMATED!
NATIVELY!INTEGRATED!
EXTENSIBLE!
! 
!
!
!
! 
! 
! 
6 | © 2016, Palo Alto Networks. Confidential and Proprietary.
/
/
!
Cyber Threat Alliance
2014 5
Fortinet
Cyber
Defense Consortium
9
McAfee Symantec
https://www.paloaltonetworks.com/company/press/
2014/mcAfee-symantec-join-fortinet-palo-altonetworks-as-cofounders-of-the-industry-first-cyberthreat-alliance.html
CYBER THREAT ALLIANCE
7 | © 2016, Palo Alto Networks. Confidential and Proprietary.
White!House!Summit!on!Cybersecurity!and!Consumer!
Protec;on!at!Stanford!University!on!February!13,!2015
8 | ©2013, Palo Alto Networks. Confidential and Proprietary.
8 | © 2016, Palo Alto Networks. Confidential and Proprietary.
!
2014
!
91
45%!
!
!
9 | © 2016, Palo Alto Networks. Confidential and Proprietary.
71%!
!
”
! 
”
”
”
攻撃ライフサイクル
偵察
武器化および配信
脆弱性攻撃
インストール
Unauthorized Access
Unauthorized Use
C&C
C&C
10 | © 2016, Palo Alto Networks. Confidential and Proprietary.
C&C 通信
ターゲットで
のアクション
≠
!
URL
DNS
SMTP
IPS
(UTM)
Internet
AV
Endpoint
DNS
DOS
AV
Endpoint
Web
AV
DNS
Enterprise Network
Web
SMTP
Web
11 | © 2016, Palo Alto Networks. Confidential and Proprietary.
!
!
!
12 | © 2016, Palo Alto Networks. Confidential and Proprietary.
!
! 
!
! 
! 
!
! 
! 
! 
AUTOMATED!
NATIVELY!INTEGRATED!
EXTENSIBLE!
! 
!
!
!
! 
! 
! 
13 | © 2016, Palo Alto Networks. Confidential and Proprietary.
1. 
2.
3.
4.
5.
14 | © 2016, Palo Alto Networks. Confidential and Proprietary.
/
/
!
15 | © 2015, Palo Alto Networks. Confidential and Proprietary.
:PA
80
App:ID
443
SSL
192.168.1.1
User:ID
10.1.1.1
?
Content:ID!
!+!WildFire
16 | © 2016, Palo Alto Networks. Confidential and Proprietary.
?
?
WildFire
– App-ID™
17 | © 2016, Palo Alto Networks. Confidential and Proprietary.
– User-ID™
eDirectory
Aerohive
AP
Blue
Coat
Juniper
UAC
Syslog
11.11.11.11
12.12.12.12
AD
LDAP
18 | ©2016, Palo Alto Networks. Confidential and Proprietary
XX
XML API
" 
" 
" 
19 | © 2016, Palo Alto Networks. Confidential and Proprietary.
!
!
!
(+SSL
URL
!
!
!
!
!
!
!
!
C&C
)!
!
DNS
IPS!
!
!
!
!
/
!
WildFire!
!
/
C&C
C&C
!
20 | © 2016, Palo Alto Networks. Confidential and Proprietary.
C&C
C&C
21 | © 2016, Palo Alto Networks. Confidential and Proprietary.
FW+
(AV,AS,IPS/IDS)
!  Palo!Alto!Networks!PAP7050!
–  Max!throughput! !
–  AppID!FW!+!TH(DSRI)
–  83%!
100%!
83%!
75%!
50%!
25%!
0%!
13%!
15%!
18%!
!  Checkpoint!61000!
–  Max!throughput! !
!400!Gbps!
–  FW!+!IPS!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!70!Gbps!
–  17.5%!
!  Juniper!SRX!5800!
–  Max!throughput! !
!200!Gbps!
–  AppSecure!+!IPS!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!30!Gbps!
–  15%!
!  For;gate!5000!Security!Blade!
–  Max!throughput !
–  Flow!based!AV
!
–  12.5%!
NGFW!Rate!
!120!Gbps!
!100!Gbps!
!!!40!Gbps!
!!!!!5!Gbps!
Adver;sed!Max!
Source: Performance metrics are from public facing datasheets for fully loaded Palo Alto Networks PA-7050, Check Point 61000, Juniper SRX 5800 and Fortinet 5140B
22 | © 2016, Palo Alto Networks. Confidential and Proprietary.
• 
• 
!
SSD!
• 
Core!1! Core!2!
RAM!
!
CPU!
• 
Signature!
Match!
!
• 
(IPS),!
,!
,!
!
CPU!
1!
CPU! ... CPU!
2!
12!
SSD!
SSL!
!
IPSec!
RAM!
CPU!
1!
RAM!
DeP
Compress.!
10Gbps!
CPU! ... CPU!
2!
12!
SSL!
IPSec!
RAM!
RAM!
DeP
Compress.!
CPU!
1!
RAM!
CPU! ... CPU!
2!
12!
SSL!
IPSec!
RAM!
DeP
Compress.!
20Gbps
!
• 
!
!
• 
QoS!
RAM!
RAM!
10Gbps!
SSD!
•  80!Gbps!
!
•  20!Gbps!QoS!
RAM!
RAM!
Signature!
Match!
RAM!
RAM!
RAM!
Core!3! Core!4!
RAM!
RAM!
Switch!
Fabric!
decompression)!
Flow!!
control!
(SSL,!IPSec,!
Route,!
ARP,!
MAC!
lookup!
NAT!
!
•  20!Gbps!
• 
NAT
!
23 | © 2016, Palo Alto Networks. Confidential and Proprietary.
! 
!
! 
! 
!
! 
! 
! 
AUTOMATED!
NATIVELY!INTEGRATED!
EXTENSIBLE!
! 
!
!
!
! 
! 
! 
24 | © 2016, Palo Alto Networks. Confidential and Proprietary.
/
/
!
!
MAC
WildFire™
!
• 
" 
!
"  15
" 
!
!
TM
WildFire
• 
• 
• 
15
15
30
AV
DNS
URL
(*)
91%
1.9%
: ICSAlabs https://
www.icsalabs.com/sites/default/
files/
FINAL_PaloAlto_ATD_Cert_Testing
_Report_20151222.pdf
25 | © 2016, Palo Alto Networks. Confidential and Proprietary.
WildFire™
WF-500
• 
WildFire
• 
. WF-500
(
)
• 
WF-500
WF-500
• 
WF-500
(AV/DNS/URL
• 
WF-500
)
WF-500
FW
5
• 
• 
Wildfire
5
26 | © 2016, Palo Alto Networks. Confidential and Proprietary.
26 | © 2015, Palo Alto Networks. Confidential and Proprietary.
(AV/URL/DNS
FW
!
)
2. WF-500
WildFire™
• 
Internet&U(lity&
6%&
Gaming&
1%&
• 
storage9backup&
1%&
Proxy&
3%&
ERP/CRM&
1%&
Remote&Access&
1%&
email&
17%&
business&systems&
11%&
Collabora(on&
5%&
Internet&U(lity&
5%&
Social&
Networking&
8%&
File&Sharing&
33%&
Office&programs&
1%&
audio&streaming&
1%&
photo9video&
6%&
WildFire™
290,562!
47,714!
2015 7
WildFire
850,260!
11,223!
88%
8,839,258'
未検出!
2015
1∼2社!
3∼10社!
Palo Alto Networks AutoFocus
28 | © 2015, Palo Alto Networks. Confidential and Proprietary.
11∼30社!
31社以上!
9
3
PE PE64
5/
1/
14
"
7/
1/
14
"
9/
1/
14
"
11
/1
/1
4"
1/
1/
15
"
3/
1/
15
"
5/
1/
15
"
• 
• 
Wildfire
C&C
2015
460
• 
12
15
DNS
30
URL
0"
150-300
• 
" 
" 
!
Unit42
CSIRT
30 | © 2016, Palo Alto Networks. Confidential and Proprietary.
2014.05.01.001"
2014.05.08.001"
2014.05.15.001"
2014.05.22.001"
2014.05.29.001"
2014.06.05.001"
2014.06.12.001"
2014.06.19.001"
2014.06.26.001"
2014.07.03.001"
2014.07.10.001"
2014.07.17.001"
2014.07.24.001"
2014.07.31.001"
2014.08.07.001"
2014.08.14.001"
2014.08.21.001"
2014.08.28.001"
2014.09.04.001"
2014.09.11.001"
2014.09.18.001"
2014.09.25.001"
2014.10.02.001"
2014.10.09.001"
2014.10.16.001"
2014.10.23.001"
2014.10.30.001"
2014.11.06.001"
2014.11.13.001"
2014.11.20.001"
2014.11.27.001"
2014.12.04.001"
2014.12.11.001"
2014.12.18.001"
2014.12.25.001"
2015.01.01.001"
2015.01.08.001"
2015.01.15.001"
2015.01.22.001"
2015.01.29.001"
2015.02.05.001"
2015.02.12.001"
2015.02.19.001"
WildFire™
C&C
1600000"
Total&Malware&URLs&Blocked&
1400000"
1200000"
1000000"
800000"
600000"
400000"
200000"
DNS/pDNS&updates&per&day&
45000"
40000"
35000"
30000"
25000"
20000"
15000"
10000"
5000"
0"
DNS"Updates"from"WF"
Passive"DNS"
AUTOFOCUS™
WildFire
!
!
" 
!
TM
WildFire
SaaS
APERTURE™
31 | © 2016, Palo Alto Networks. Confidential and Proprietary.
! 
!
! 
! 
!
! 
! 
! 
AUTOMATED!
NATIVELY!INTEGRATED!
EXTENSIBLE!
! 
!
!
!
! 
! 
! 
32 | © 2016, Palo Alto Networks. Confidential and Proprietary.
/
/
!
Traps™
!
!
!
!
!
!
!
!
33 | © 2016, Palo Alto Networks. Confidential and Proprietary.
App:ID!
URL!
!
!
!
!
!
!
/DNS
!
!
Drive-bydownload
!
WildFire!
!
Botnet
!
!
Traps!
34 | © 2016, Palo Alto Networks. Confidential and Proprietary.
Traps
!
Advanced Endpoint Protection
!
WildFireTM
Internet
Internet
WAN
VM VM VM
35 | © 2016, Palo Alto Networks. Confidential and Proprietary.
DC
Enterprise
Platform
Cyber Kill
Chain
MSS
IPS
2003
Proxy
36 | © 2016, Palo Alto Networks. Confidential and Proprietary.
SDN
SCADA
Connected
Car
SIEM
• 
+
+
• 
• 
”
”
• 
• 
•  Auto Focus Aperture
• 
• 
37 | © 2016, Palo Alto Networks. Confidential and Proprietary.
38 | © 2016, Palo Alto Networks. Confidential and Proprietary.
+
+
(TRAPS)

PDF形式/95KB

平成27年10月から平成28年9月まで適用

販売・サポート終了製品のお知らせ