Vendors information


Palo Alto Networks Dealing with Unknown Traffic in Your Data Center


Thu, 31 May 2012

In previous posts, we have explored various data center security best practices in protecting the data center, and of course Palo Alto Network’s fundamental approach starts off with application visibility. Applications in the data center can largely be divided into:

  • Known data center applications – enterprise off-the-shelf, custom and home-grown.
  • Management applications using RDP, Telnet, SSH to control the enterprise applications in (1)
  • Rogue or misconfigured applications.

 

The first set of applications should be allowed for authorized employees, the second set of applications should be enabled only for a select group of IT users, and the third set of applications should be remediated or dropped.

 

We can achieve each of the objectives above with a combination of App-IDTM and User-IDTM. With our App-ID technologies, we not only identify enterprise applications but we can also create custom App-IDs for unique applications within the individual enterprise. But more importantly, any traffic that cannot be identified is categorized as unknown.

 

Click HERE to read the full article from the Palo Alto Networks Research Centre