- HP buys EDS for $13.9 billion
- What EDS is telling its people about HP deal
- 10 ways the Chinese Internet is different
- Clock is ticking on .me domain names
- Philly's Wi-Fi net to be shut down
Rss FeedRss Feed
Crackin' the Kraken bot. Listen now!
Wireless dangers at airports. Listen now!
Discover Juniper's continued commitment to the enterprise with its new line of LAN switches and a series of partnerships with several IT vendors, including IBM, Microsoft and Oracle. Customers can expect a tighter integration between Juniper and its vendor partner's products. Get all of the details in this informative report from respected consulting firm IDC.
Get the latest on storage technologies that allow IT professionals to better cope with new IT demands. Learn how storage technologies can help you successfully tackle e-Discover, regulatory compliance, green data center initiatives and the data explosion. Get all the details now.
Find out how you can consolidate Windows workloads and create a more efficient virtualized data center in this informative webcast, "Reduce Complexity and Cost - Windows Server Consolidation with Virtualization." Six concise webcast modules are available for your viewing. Watch them all consecutively or only the topics that interest you. The modules cover performance, user case studies, enterprise-level support, managing windows workloads, setup and configuration and the future of virtualization. Learn more today. Register below to learn more and be entered to win an Archos 605 Portable Media Player.
Saying "all security with cisco is shot in the foot" is not a very intelligent thing to say. Name me...- y0da
Western & Southern Financial Group had what it considered defense in depth for its IP network but recognized that there were still ways that sensitive data
might leave the network undetected, so it looked for more protection. The company, which manages $47 billion in assets, chose to add Palo Alto Networks' next-generation firewall
to its existing traditional firewall, intrusion prevention system, URL filtering and data-loss prevention gear.
The result is that Western & Southern now has better visibility into traffic leaving the network, says Doug Ross, CTO of the Cincinnati, Ohio financial firm.
Palo Alto’s PA-4000 appliances perform deep packet inspection on traffic originating in business networks that is perhaps destined for servers outside the company. The devices identify what applications are running on the network and apply filters based on them.
Click to see: Diagram of Western and Southern Group's network
Layer 7 firewalls, sometimes called next-generation firewalls, can parse traffic to the point of detecting content, and traditional firewall vendors are adding intrusion prevention to their products to attain this type of support, analysts say.
“A next-generation firewall needs to look within traffic streams and determine whether this is the traffic I expected,” says Rob Whiteley, an analyst with Forrester Research. The key to protection is peering deep into packets to decide what poses a threat and what doesn’t, not merely on what ports it uses, he says.
Palo Alto, for instance, can detect peer-to-peer traffic such as file sharing and Skype, applications that seek random ports and so are more difficult to block with traditional firewalls. Such applications can be simply unwanted or even dangerous - letting sensitive data leave the corporate network -- and Palo Alto gear can at least reveal that they are running, Ross says, allowing network security staff to deal with them.
“Data-loss prevention doesn’t give you insight into what applications are running out there,” he says.
Western & Southern doesn’t trust the Palo Alto gear yet to enforce policies; it is installed in monitoring mode, he says. “We have found significant value in understanding the geographic and application profiles of our network traffic. Long term, we intend to block,” he says.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com The Industry Standard IDG List Services |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
