Palo Alto Networks Firewall Ties In With Active Directory
Integration with Active Directory in the firewall product allows companies to set granular, user-based policies.Palo Alto Networks officials are hoping integration with Microsoft Active Directory will serve as an accelerant of sorts for their new firewall product. The Alviso, Calif.-based company is enhancing the PAN-OS software running on the PA-4000 Series firewall. The product now transparently integrates with Active Directory, offering a window into application use by either individual user names or groups. The technology is in direct contrast to legacy firewalls that define policies based on IP addresses.
"The problem, of course, with IP addresses is they dont equal users," said Lee Klarich, vice president of product management for Palo Alto Networks. "In a server farm, they typically equal the server, but in a large user network, they dont really mean anything. They are dynamically assigned when the user logs in the network. The result of that is you have all these firewalls deployed today with generic policies for all of the users because there is no way to distinguish between different users on the network."