Know - and control - the applications that are really traversing your network.Learn more
Since the beginning of the Internet TCP and UDP port numbers have been used to discriminate between applications crossing a network. Over the last decade there have been two shifts that impact the security of networks. Firstly, many applications have shifted to using the secure SSL/TLS protocol on its standard port of 443. Secondly, attackers utilise port numbers of benign applications to run their nefarious services. In both instances the reuse of standard port numbers blind traditional firewalls to the actual application traversing the network.
Palo Alto Networks’ AppID technology both looks at the TCP/UDP ports of a session and also the actual data crossing the network to determine the application in question. This permits the firewall to discern valid applications on the same port or detect prohibited applications hijacking a normally acceptable port number.
If you plan to migrate from a port-based firewall policy such as on a Cisco ASA we can manage the discovery of applications and customise your policy to match the applications you use, following Palo Alto Networks best practice.