Palo Alto announces software update and ML-enabled firewalls

Palo Alto Networks updated its PAN-OS software with deep learning and online AIOps capabilities and introduced two firewall appliances to work in tandem with the update.

The upgraded software, called PAN-OS 10.2 or Nebula, uses real-time, cloud-based deep learning to analyze incoming traffic and identify threats, even when those threats don’t resemble previously recorded attacks. The two new next-generation firewalls, the PA-3400 and PA-5400, provide more processing power to support the latency needs of traffic to and from the cloud for analysis.

Nebula differs from previous versions of PAN-OS in two important ways. First, it uses deep learning rather than static machine learning to analyze traffic threats. Deep learning processes a lot more data, allowing AI to identify threats other than those that closely resemble recorded attacks.

Second, Nebula analyzes network traffic in real time. Previous Palo Alto machine learning (ML)-powered next-generation firewalls also sent suspicious traffic to the cloud for analysis, but processed that traffic with a delay of minutes to hours.

Using real-time deep learning, Nebula provides six times faster prevention and detects 48% more evasive threats than the previous version of PAN-OS, according to Palo Alto.

The PA-3400 is intended for edge and small campus deployments and the PA-5400 for large campus and data center deployments. The appliances offer three times the security performance of previous generations of Palo Alto firewall appliances, the company said.

Although Palo Alto’s next-generation firewalls face competition from vendors such as Cisco, Check Point and Fortinet, Enterprise Strategy Group analyst John Grady said Palo Alto’s focus on ML is a constant differentiator. As SASE security grows, enterprises continue to need appliance-based firewalls for the data center.

“I think [ML for firewalls] is where the market is going; that’s where everyone works,” Grady said. “[Palo Alto] aligning these detections with real traffic is a big step forward.”

Palo Alto also announced AIOps for next-generation firewalls to provide insight into a network’s security posture and functionality. The company’s 10th subscription service joins other security features such as advanced URL filtering, DNS security and IoT security.

The Nebula update is available for all Palo Alto devices running PAN-OS software. The PA-3400 and PA-5400 will be available in March.

Enterprise Strategy Group is a division of TechTarget.

Madelaine Millar is a news writer covering networking technology at TechTarget. She has previously written about science and technology for MIT’s Lincoln Laboratory and the Khoury College of Computer Science, as well as community news coverage for Boston Globe Media.

Comments are closed.