PAN-OS 8.0: Protection. Delivered.
To provide organizations with the best security capabilities to prevent successful cyberattacks, PAN-OS® 8.0, includes a colossal amount of enhancements and capabilities, including:
- Secure any cloud! AWS, Azure and more
- Secure SaaS (Office 365®, Box, Slack®) with visibility and enforcement
- Prevent sandbox evasion, automate C2 detection, and leverage advanced intel sharing
- Prevent credential theft usage and abuse
- Simplify security operations with enhanced management, speed and automation
- New high-performance hardware models to tackle encrypted traffic and more
Learn more about the new Features Introduced in PAN-OS 8.0.
For questions about PAN-OS 8.0 visit the Live Community.
Accelerating Multi-Cloud Deployments
Organizations are rapidly embracing multi-cloud architectures that span software-defined data centers (private clouds) and public cloud environments. To help organizations protect their cloud-based applications and data from cyberattacks, PAN-OS 8.0 expands the VM-Series with new models and optimized performance, making it the broadest, most powerful line of virtualized firewall appliances on the market. New scalability and resiliency features for Microsoft® Azure® and Amazon® Web Services enable organizations to build secure cloud centric architectures. Workflow automation features for VMware® NSX® and KVM with OpenStack® help streamline VM-Series deployments.
Enabling the Safe Use of SaaS Applications
Software-as-a-service (SaaS) applications are changing the way organizations do business. Despite being incredibly useful tools to drive productivity, they pose high levels of risk.
PAN-OS 8.0 introduces several new capabilities helping our customers gain unprecedented levels of SaaS visibility and control based on users, content and applications. Prisma™ SaaS security service, a key component of our platform for securing sanctioned SaaS applications, is now available globally with the launch of new data centers in Europe and Asia. This global expansion also introduces enhanced data leakage prevention (DLP) and machine learning capabilities for documents written in native regional languages, such as German and Japanese. Furthermore, Prisma SaaS has added support for complete automation of policy violations, enabling our customers to remediate large volumes of risk with minimal overhead.
Our integrated platform provides detailed SaaS visibility and granular control, data governance, automated risk remediation, and malware prevention, so organizations can achieve complete SaaS protection.
Preventing Credential-Based Attacks
The theft and use of stolen passwords is one of the oldest attacks in the book, yet it remains highly effective. With stolen credentials, an adversary can bypass the entire attack lifecycle by impersonating a valid user, move uninterrupted throughout the organization's network, and shift to the abuse of credentials from within.
PAN-OS 8.0 neutralizes credential theft by providing prevention capabilities across the attack lifecycle to stop the theft and subsequent abuse of stolen credentials.
The platform identifies and prevents attempts to steal credentials by stopping the submission of valid corporate credentials to illegitimate websites, and neutralizes an attacker’s ability to use stolen credentials for lateral movement and network compromise by enforcing authentication policies at the network layer.
High-Performance, Intelligent, Centralized Management
The most innovative, advanced technology loses value if not managed effectively. The Panorama™ network security management 8.0 release introduces new capabilities that provide organizations with access to the richest, most comprehensive set of actionable data from the network as well as from the endpoints secured by Palo Alto Networks Traps™ advanced endpoint protection or from other third-party sources in the future. Combined with complete network visibility and increased automation, organizations are able to streamline management workflows and focus on the issues that matter most.
New Family of Breakthrough Performance Hardware
The increasing use of encrypted traffic and rapid consumption of cloud-based applications, coupled with ever-increasing data center consolidation, are driving new processing power, performance and capacity requirements. Powered by PAN-OS 8.0, the new hardware appliances help deliver next generation of security capabilities anywhere in the network including datacenter cores, enterprise perimeters, as well as branch and remote offices.
Simplifying User-ID Deployments at Scale
User-ID™ technology, a standard feature on Palo Alto Networks next-generation firewalls, enables you to leverage user information stored in a wide range of repositories. PAN-OS 8.0 introduces powerful enhancements that make it easier for organizations of all sizes to control access to their resources based on user identity. By ensuring that only the right users have access to the right resources at all times, User-ID mitigates problems associated with identity theft and helps prevent modern-day breaches.
Security for Service Providers
The expanded line of virtual network functions (VNFs) or VM-Series Firewalls provides new capabilities and increased performance to service providers with deployment flexibility, agility and scalability to support an expanded range of deployment scenarios.
- Managed security service providers (MSSPs) can leverage a broader portfolio of VNFs to expand their business across multiple enterprise virtualized CPE (vCPE) use cases.
- Mobile network operators (MNOs) can leverage VNFs with high performance and scalability to support various core network virtualization (NFV/SDN) scenarios.
- Innovation Page: Security for Service Providers
- Managed Security Service Providers
- Features Introduced in PAN-OS 8.0
Technology Integration With Palo Alto Networks
PAN-OS 8.0 provides capabilities to better enable our tech partners to integrate with and take advantage of our Next-Generation Security Platform. These partnerships extend our platform with new log filtering and logging capabilities, SAML support and third-party threat intelligence integrations with the new MineMeld application for AutoFocus.