PAN OS 10 – The world’s first machine learning-powered Next-Generation Firewall

9 July 2020
Why PAN OS 10 should part of your 2021 planning

With many Palo Alto Networks’ customers still planning their upgrade to PAN-OS 9.1, why should you be interested in PAN-OS version 10.0 now?

As you will already know, PAN‑OS® is the software that runs all Palo Alto Networks® next-generation firewalls. By leveraging the three key technologies that are natively built into PAN‑OS—App‑ID, Content‑ID, and User‑ID— businesses using Palo Alto Next Generation Firewalls (NGFWs) can achieve complete visibility and control of applications in use across all users in all locations all the time. And, because the application and threat signatures automatically reprogramme the firewall with the latest intelligence, any traffic you decide to allow is protected from known and unknown threats.

When Palo Alto Networks recently announced the new PAN-OS 10.0, we were immediately taken by the headline ability to prevent unknown threats with in-line Machine-Learning (ML). The Palo Alto Networks press release stated that “PAN-OS version 10.0 ushers in the world’s first machine learning-powered next-generation firewall to proactively assist in stopping threats and recommending security policies.”

Essentially, this means that while traditional security requires signatures to identify and prevent both new variants of threats & new devices, PAN-OS 10.0 uses in-line ML to proactively stop new threats. By leveraging machine learning, PAN OS-10 can identify malware and “phishing” attacks that were previously undetectable by traditional firewall services. According to Palo Alto Networks, the problem is that as attackers use computers to change attacks automatically, signatures become less valuable in preventing the attacks. PAN-OS 10 thus prevents previously unknown attacks using in-line machine learning models. In addition, the firewall offers “zero-delay protection” that helps reduce reaction times to threats from days to just minutes, resulting in a 99.5% reduction in infected systems. Finally, the use of machine learning to analyse the massive amounts of telemetry data that networks generate will help recommend better security policies.

Other PAN-OS 10 highlights include:

  • New decryption features based on enhancements and extensions to the 12-year-old decryption technology found in Palo Alto Networks’ next-generation firewalls. Encryption has been getting more complex every day, and the ability to break that down and figure out how to best secure environments has become vital. These new features enable customers to fully deploy decryption and include support for the new TLS 1.3 standard.
  • Palo Alto Networks is also launching a containerized version of its ML-Powered NGFW, called the CN-Series, designed especially for customers running container-based applications in Kubernetes environments. 
  • The new operating system also extends more visibility and security to un-managed IoT devices without needing to deploy additional sensors.

Watch out for more details about PAN OS-10 over the coming months,or talk to one of our Account Directors today. 

Book a consultation