eBooks/eGuides

38 Data Center & Hybrid Cloud Security For Dummies, Palo Alto Networks Special Edition These materials are © 2020 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited. Content identification Content identification infuses next-generation firewalls with capabilities previously unheard of in enterprise firewalls, including: » Threat prevention: This component prevents malware and exploits from penetrating the network, regardless of the application traffic in which they are hiding. • Application decoder: Pre-processes data streams and inspects for specific threat identifiers. • Stream-based malware scanning: Scanning traffic as soon as the first packets of a file are received — as opposed to waiting until the entire file is in memory — maximizes throughput and minimizes latency. • Uniform threat signature format: Performance is enhanced by avoiding the need to use separate scanning engines for each type of threat. Viruses, command-and-control (C2) communications, and vulnerability exploits can all be detected in a single pass. • Vulnerability attack protection: Similar to the functionality provided in intrusion prevention systems (IPS), protocol anomaly, behavior anomaly, and heuristic detection mechanisms are used for protection from known and unknown threats. • Cloud-based intelligence: For content that's unknown, the ability to send to a cloud-based security service ("sand- boxing") for rapid analysis and a "verdict" that the firewall can then use. » Uniform Resource Locator (URL) filtering: URL filtering is a tool used to classify content. An integrated URL database allows administrators to monitor and control web surfing activities of employees and guest users. Employed in conjunc- tion with user identification, web usage policies can even be set on a per-user basis, further safeguarding the enterprise from an array of legal, regulatory, and productivity-related risks. » File and data filtering: Taking advantage of in-depth application inspection, file and data filtering enables enforcement of policies that reduce the risk of unauthorized information transfer, or malware propagation. Capabilities

• Cover
• Title Page
• Copyright Page
• Table of Contents
• Introduction
• About This Book
• Icons Used in This Book
• Chapter 1 The Evolution of the Data Center
• Understanding the Impact of the Cloud on the Data Center
• Recognizing Security Challenges in the Data Center and Hybrid Cloud
• Looking at Why Legacy Security Infrastructure is Ineffective
• Firewalls
• Intrusion prevention
• Proxies
• Defining Security Requirements
• Gain complete visibility
• Minimize the attack surface
• Automate threat protection
• Chapter 2 Security Challenges in Hybrid Clouds
• Cloud Security and The Shared Responsibility Model
• The Dynamic Nature of Modern Threats
• Ransomware
• Credential theft
• DNS-based attacks
• Targeted "Low-and-Slow" Attacks and APTs
• Chapter 3 Delivering Consistent Security Using Zero Trust
• Gaining Complete Visibility
• Application identification
• User identification
• Content identification
• Minimizing Your Attack Surface with Segmentation
• Using Dynamic Security to Support Moves and Changes
• Chapter 4 Leveraging Unmatched Threat Protection
• The Challenges of Defense in Depth
• What Is a Perimeter?
• Threat Protection Components
• Endpoint protection
• Security orchestration and automation
• Cloud-based threat intelligence
• Chapter 5 Ten Evaluation Criteria for Network Security in the Data Center and Hybrid Cloud Environment
• Safe Enablement of Applications in the Hybrid Cloud
• Identify Users and Enable Appropriate Access
• Comprehensive Threat Protection
• Flexible, Adaptive Integration
• Secure Access for Mobile and Remote Users
• One Comprehensive Policy, One Management Platform
• Cloud Ready
• Automate Routine Tasks and Focus on the Threats That Matter
• Flexible Deployment Options
• Consume New Innovations Easily in a Broad Partner Ecosystem
• Glossary
• EULA