In what it bills as its biggest release to date, Palo Alto Networks said its new GlobalProtect security software, one of its three new releases, extends the same policies, visibility and control of the company's "next-generation firewall" to any user's network connections, regardless of their location.

"We've had a bunch of customers who loved our firewall product, loved that they can see the CEO playing World of Warcraft and the CFO trading files on BiTtorrent, but they also noted that when a salesperson leaves the building they lose that visibility," Chris King, director of product marketing at Palo Alto Networks, told InternetNews.com.

The company's new solution is GlobalProtect, a small software agent that connects to the nearest Palo Alto Networks firewall to extend security policies.

"What we did was separate the policy perimeter from the physical perimeter so network policy can be enforced wherever the user is," King explained. This includes typical functions of the company's firewall product, which includes scanning content and applications without having to drive all that traffic back to the original gateway.

King said that while antivirus products provide a level of file-system security on notebooks and mobile devices, network security is another matter.

"When you're on the network, it's really easy to download and install malware and grab a botnet," he said. Admins and security managers can also use Palo Alto Networks' firewall to control what applications can be run on the network, which could be further regulated. So, for example, access to Facebook might be read-only.

The release of GlobalProtect is part of Palo Alto Networks' push for the concept of a "logical perimeter," a framework for integrating a standardized and consistent approach to security into every network connection regardless of location. The company said the benefit of such an approach is that an enterprise's rules and policies remain consistent and the best intelligence and protections are universally applied.

"Enterprises want to embrace an architecture that provides consistent protection and enforcement to their remote workforce, making network security a fundamental part of every connection by design, as opposed to something that is tacked on at the end," Rene Bonvanie, vice president of marketing at Palo Alto Networks, said in a statement.

New firewall, open software

In addition to GlobalProtect, Palo Alto Networks also announced the PA-5000 Series, the latest release of its network firewall product, offering a performance breakthrough for all applications and ports of up to 20 Gbps.

The third bit of news is the release of PAN-OS 4.0, a more open version of the company's software. With PAN-OS 4.0, enterprises can now write custom application IDs for their internally developed applications, and benefit from new capabilities to identify previously unknown applications and suspicious traffic that could indicate botnet infections.

The PA-5000 Series, GlobalProtect and PAN-OS 4.0 are all available immediately. Pricing for PA-5000 Series, which includes PA-5020, PA-5050 and PA-5060, starts at $40,000.

David Needle is the West Coast bureau chief at InternetNews.com, the news service of Internet.com, the network for technology professionals.