Nir Zuk, Founder and CEO of Palo Alto Networks, lacks neither confidence nor wit. In only 18 months, Palo Alto already claims $100 million in bookings and 3000 users, including top corporations and governments. But Zuk’s larger claim is that Palo Alto Networks has "the world’s only next generation firewall."
Now the phrase “next generation firewall” has been bantered about for some time. Most industry observers expect firewalls and IPS (Intrusion Prevention System) to somehow consolidate into a single box to create the legendary next generation firewall (NGF).
No one seems to be rushing to deliver this solution while public discussion already gives them credit for the idea. On the other hand, Zuk says Palo Alto Networks has what is a true next generation firewall: a radically new architecture built from scratch with a revolutionary approach.
At NetEvents EMEA, Zuk delivered a keynote that lambasted the firewall industry. In that speech, he pointed out that all the firewall technology we see is from 1995. (Zuk knows this fact well because he lays claim to inventing the first firewall while at Check Point.)
Nir Zuk began his career far from Silicon Valley as a 16 year-old Israeli whizz kid, creating some of the world’s first computer viruses on his Dragon 64. Happily for the industry, he then u-turned his passion to address protection, working at Check Point Software to pioneer stateful inspection technology – the basis of all today’s firewall security systems – and the first commercially viable firewall. From there he founded OneSecure and built the world’s first IPS system, which was bought by NetScreen then sold on to Juniper for over four billion dollars.
Zuk underlined the fact that security today is directed at protecting email and web: the incumbents, say Zuk, do not even attempt to protect in applications such as Facebook, Skype, WebEX, Twitter, Salesforce, DropBox etc). He claims 96% of enterprises have Facebook in use somewhere and 15% have LogMeIn or the equivalent that can bypass most network security.
Security is a $10 billion industry and to say the industry has put on blinders and secures just two apps...well, it’s a pretty condemning statement. But by all accounts it’s true.
Yet Zuk insists, “We’re not creating a new product category...we’re extending a current category.” In a high tech world populated by the need to access capital, it's often counterproductive to get caught "creating a new category." VCs prefer to be the victorious pillaging Indians and not the pioneers with arrows in their backs.
Most firewalls want to merely block those attractive consumer apps that employees want to bring in to work. That security mentality, quipped Zuk, turns IT managers into Dr. No: "No, you can’t use that app. No, you can’t have DropBox. No, no, and no...."
Palo Alto Networks’s new architecture, bolstered by custom hardware, will perform up to 20GB per second, says Zuk. It’s designed “to secure all applications”.
There were some competitors at NetEvents that rolled their eyes at Zuk’s analysis and product claims. Yet the claim that network security must switch to application-based security rings true.
