Gartner is introduced to deal with the current and next generation network security threats that firewall must once again to upgrade to a" next generation firewall". An example, first generation firewall has been basically cannot detect the zombie network as transmission method of threat (see" case study: computer early detection function is zombie network client threat ."). Due to the current used is based on service-oriented architecture and Web2.0popularization, more communication amount just by a few ports ( such as: HTTP and HTTPS ) and the use of a limited number of protocol, which means based on port / protocol security policy relevance and efficiency are becoming more and more low. Deep packet inspection intrusion prevention system ( IPS ) according to the known attacks on the operating system and leakage deployed patch software inspections, but not effective recognition and prevent the application of abuse, not to mention the application specific characteristic protection.
PA L O A LT O N E T W O R K S : C u s t o m e r P r o f i l e Chia Nan University of Pharmacy & Science Adopts Next-Generation Firewall from Palo Alto Networks Securing the campus network against all kinds of online threats “ The next-generation firewall from Palo Alto Networks offers high visibility and a high interception rate, making it the best choice for the campus network where security and stability is a must.” Organization: - Hai-lin Lu, Library Director and Chief of Information Security, CHNA Chia Nan University of Pharmacy & Science About the Chia Nan University of Pharmacy & Science Industry: Chia Nan University of Pharmacy & Science (CHNA) is located in Tainan City’s Rende Education District. It was founded in 1964 by Chen Wang as the Chia Nan Junior College of Pharmacy with the support of the pharmaceutical industry and the academic Challenge: community. The CHNA specializes in pharmaceutical science but has expanded to Evolving internet threats. include the humanities in recent years, giving medicine a more humanitarian touch Solution: that brings it closer to society. Today, the CHNA consists of six colleges, these being Palo Alto Networks PA-4020 Pharmacy & Science, Human Ecology, Humanities & Social Sciences, Health and to replace conventional firewalls Information, Environment, and Leisure & Recreation Management. Results: Campus Network Problems • Performance issues with conventional Student use of the network can lead to all kinds of problems. Intellectual property UTM overcome with packet process- rights, virus protection and traffic management for student dormitories all pose chal- ing performance improved by nearly lenges for network administrators on campus. Students are often ignorant about the 100%. • Overall protection and detection law as well and so tend to neglect regulations governing network usage. Apart from mechanisms improved to offer high educating students about information security and laws, the university must also be visibility proactive in using firewalls or network management equipment to protect students against illegal behavior on the network. Hai-lin Lu, the Library Director and Chief of Information Security at CHNA, said that malicious programs and software pose a major threat to the campus network. Some malicious programs are hard to prevent as they use Port 80 to avoid being blocked by the firewall. At one point, CHNA had foreign exchange students using the QQ messaging soft- ware on campus and this software had a major impact on information security. For a period of time, whenever students entered the school’s domain name the QQ screen would appear. As this type of activities can’t be detected by conventional firewalls it became a major headache. Network administrators had to manually go through the logs to identify abnormal usage and track the security problem to its source. PA L O A LT O N E T W O R K S : C u s t o m e r P r o f i l e PA-4020 Next-Generation Firewall Blocks All Kinds of Threats The CHNA takes network security very seriously and has achieved third-party BSI ISO 27001 Information Security Management certification. The introduction of Palo Alto Network’s next-generation firewall PA-4020 in August, 2010, made the IT secu- “Conventional UTM proved ineffec- rity management system at CHNA more complete. tive and we were also unable to block many of the emerging online Conventional IP-based UTM equipment are unable to effectively block and detect new emerging applications. The high visibility provided by Palo Alto Networks’ applications on campus. The next-generation firewall is able to identify user, content, and application, giving PA-4020 provided an effective CHNA network administrators the means to effectively identify student programs and solution. It now plays an important block potential threats. The problems caused by the use of QQ messaging software role in the campus network gate- mentioned above were greatly reduced after the introduction of the PA-4020. The keeping, blocking hacker attacks, new firewall also helped to protect the campus network against malicious programs or BotNet. and keeping the campus network safe!” Current IT attacks on the CHNA tend to target web pages using techniques such as HTTP: SQL Injection or HTTP: Cross Site Scripting. Since Palo Alto Networks’ next-generation solution was introduced, these types of IT attacks have decreased Hai-lin Lu, significantly. The new firewall is able to effective block all types of online attacks and Library Director and can also generate reports as required for post-event auditing and tracking. Chief of Information Security, CHNA “Palo Alto Networks’ ACC (Application Command Center) is a powerful and easy-to- use tool that allows my colleagues to observe applications and URLs on the net- work,” said Lu. “Student behavior can then be quickly identified and analyzed to prevent potential threats. There have in fact been no serious IT security lapses or copyright violations since the system went live nearly 150 days ago. For the university, this is the most ideal network environment.” Director Lu is particularly satisfied with Palo Alto Networks’ dealer and distributor whose wealth of experience and professional knowledge helped the CHNA gain a better understanding of its network architecture and security. www.paloaltonetworks.com
Pages to are hidden for
"Chia Nan University of Pharmacy _ Science Adopts Next "Please download to view full document