Palo Alto Networks has announced the launch of the PAN-OS 3.0 operating system software for firewalls.
It includes new functionality such as quality of service, enabling multi-gigabit shaping and fully integrated SSL VPN remote access. Pal Alto claimed that PAN-OS 3.0 will further enable enterprise customers to embrace new applications while managing the risks inherent in using those applications.
PAN-OS 3.0 introduces traffic shaping in the firewall, enabling enterprises to ensure that priority is given to business critical functions. Administrators are able to manage the bandwidth consumed by applications, as well as their priority – all in firewall policy, instead of simply killing applications or having no visibility or control over them.
The quality of service features in PAN-OS 3.0 enable organisations to shape and prioritise traffic based on application with multi-gigabit throughput, due to the single pass software married to hardware accelerated queuing. Similarly, the new SSL VPN capabilities in PAN-OS 3.0 enjoy the benefits of application visibility and control, coupled with specific SSL hardware acceleration.
Lee Klarich, vice president of product management at Palo Alto, claimed that one of the key features of PAN-OS 3.0 is that it has protection, as applications can be bad and can be misused, companies used to be able to block applications that you do not allow, and you need to be able to shape them.
Klarich said: “I asked a company what applications are you running on your enterprise networks? We have seen circumvention tools being used, ‘Tor' can tunnel information as it appears to browsers and the firewall that it is encrypted information that is being sent.
“There is also the issue of bandwidth use, and how many people are using P2P file sharing networks, there is all sorts of issues intertwined together. The same bandwidth that is used for videos maybe the same that is required for payroll, as soon as this impacts the business applications you have a problem.”
He further claimed that with PAN-OS 3.0, you can specify who can use what. It is not that applications are good or bad, you need to see them to determine who is allowed to use them and how much bandwidth they use.
“This is where PAN-OS 3.0 comes in. It offers remote access support and it is integrated to scan content and provide easy application methods. This is the first to identify an application, we're not the first to do quality of service, but a traditional firewall will only look at it,” said Klarich.