Now more than ever, advanced firewall capabilities are needed by organizations in order to withstand the increasingly sophisticated assault on their networks. This is particularly true for midsize enterprises, which lack budget, security personnel, and other resources to effectively manage their risk. Buying, testing, integrating, and managing next-gen firewalls is just too complex and expensive. OPAQ’S FWaaS powered by Palo Alto Networks gives you robust enterprise-grade firewall protection that’s cost-effective, flexible, and simple to manage.

Palo Alto Networks Next-Generation Firewall from the OPAQ Cloud

OPAQ Firewall-as-a-Service (FWaaS) provides affordable, on-demand Palo Alto Networks Next-Generation Firewall protection from the OPAQ Cloud. It is instantly scalable and is simply managed through a single interface. OPAQ’s backend management automation and orchestration, and fully encrypted SD-WAN deliver the advanced firewall protection midsize enterprises need in the most simplified, cost-effective and flexible way.

No more configuring firewall appliances and patching devices. No more settling for “good enough” firewall protection, because you are unable to cope with the cost and complexity associated with enterprise-grade security.

With OPAQ FWaaS powered by Palo Alto Networks, you will have the ability to:

  • Stop network attacks in their tracks and keep business moving forward safely
  • Detect known and unknown threats earlier
  • Remotely enforce and manage policy

Features of Firewall-as-a-Service

OPAQ Protect Agent

• Virtual Edge Connect securely connects hosts and mobile devices to OPAQ Cloud platform service

• Secures Windows, MacOS, Linux, iOS and Android devices

Network Intrusion Prevention and Detection (IPS/IDS)

• Examines network traffic flows to prevent and detect vulnerability exploits

• Blocks network and application layer vulnerability exploits, buffers, overflows and port scans to protect data

Network Anti-Virus and Anti-Spyware

• Finds and removes millions of types of malware variants, such as Ransomware and other malicious software

• Blocks malware hidden in compressed files or web traffic, such as compressed HTTP/HTTPS, as well as flagged PDF viruses

Network URL Inspection and Filtering

• Controls web surfing and access to Internet sites by permitting or denying access to specific websites

• Granular web-browsing policies can be applied, complementing application visibility and control policies that protect the network from unnecessary risks

DNS Sinkholing

• Provides known malicious and high-risk IP addresses and DNS that are automatically blocked from accessing restricted assets

• Intercepts and sinkholes DNS queries for malicious domains

Network Encrypted Packet Inspection (SSL Decryption)

• Allows for application of policy-based decryption, which inspects the traffic for threats, regardless of port, and then re-encrypts the data to continue transfer of communications

Zero-Day Packet Inspection and Threat Prevention

• Automatically prevents highly evasive zero-day exploits and malware

• Dynamic and static analysis, machine learning techniques, and bare metal analysis environment to detect and prevent evasive threats.

• Directly observes and executes unknown files in a virtualized sandbox environment within the secure platform

OPAQ Cloud Edge Connect

• No configuration-needed appliance provides direct secure connection to the OPAQ Cloud for offices and data centers

• Supports high-availability and load balancing on multiple Internet connections

• Available in rack-mountable and table-top small form factors

NG Firewall Policy and Configuration Management

• Inbound, Outbound, and internal firewall routing policies

• Configuration and level-setting for features such as URL filtering, IP filtering, IPS/ IDS, anti-virus/ anti-spy, file auditing, SSL decryption

• Integrated directory services for host and user groups

OPAQ 360 Portal

• Configurable real-time information tiles with traffic and threat statistics

Network IP Inspection and Filtering

• Monitor and block known malicious IP addresses and high risk IP addresses recently featured in trusted threat activity advisories

Network File Auditing and Blocking

• Analyzes all files for malware or other malicious behavior and logs details in the OPAQ 360 portal

• Details include the application used, user, file type, target OS and information on the irregularities or malicious behavior that caused the file to be blocked

Secure Cloud Access

• Secures communications to third party SaaS cloud vendors

Directory Integration

• Lightweight Directory Access Protocol (LDAP) integration with directory services such as Microsoft Active Directory

Security Log Forwarding

• Log forwarding service to third party log aggregation and analysis platforms

Software-Defined Segmentation

• Define policies that prevent lateral east-west spread of malicious threats throughout your network

• Users on the same local network segment can be granted access to different resources depending upon their job function.

• Enforce access control based on user identity device state and multi-factor authentication

• Seamless integration with OPAQ’s FWaaS for comprehensive policy enforcement.