Palo alto firewall
Palo alto is next gen firewall with user-id and app-id. Dynamic lists/feeds (EDL) for blocking malicious traffic and allowing trusted traffic like azure and CDNs etc.
It can do its inspections on north/south traffic and east/west traffic.
It has IPS, URL, wildfire (unknown threats).
DNS sinkhole (DNS protection)
Advanced logging with cortex datalake (take in multiple log sources and apply machine learning)
Platforms
- Virtual machines for public and private cloud (you control the VM)
- Prisma access (hosted cloud based firewall as a service)
- Physical devices (physical boxes to install on site)
https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations
SP3
Single pass simultaneous traffic inspection, classification and enforcement in one pass
Traffic
Control plane
- config
- logging
- reporting
Data plane
- Signature matching
- security and network processing
