Home  :  Solutions  :  Real-time Threat Prevention

Prevent Threats in Real-Time

Existing gateway threat prevention products use multiple threat prevention technologies that often proxy the entire payload before scanning for viruses, spyware and malware, resulting in unacceptable throughput performance. The lack of a true high speed threat prevention solution at the internet gateway has forced enterprises to rely on a set of disparate, hard-to-manage point-products. The ideal threat prevention solution should include the following capabilities:

  • Detects and blocks viruses, spyware, worms, and application vulnerability exploits with little or no increase in latency.
  • Performs at multi-Gbps throughput levels with threat prevention enabled.
  • Prevents propagation of malware across all applications – not just traditional applications and protocols.
  • Reduces operational costs with a unified policy management interface.

 

Hardware-Accelerated, Stream-based Threat Prevention

The PA-4000 Series firewalls detect and block a wide range of malware and application vulnerability exploits at multi-Gbps throughput speeds with low latency through a combination of dedicated processing and innovative software features. The threat prevention engine leverages the application identity as a method of knowing exactly where to look for each type of threat, thereby improving accuracy and performance. A stream-based architecture, as opposed to file-based, means that scanning is performed inline, as soon as the first packet hits the scan engine. And rather than scan traffic multiple times for different threats, Palo Alto Networks has developed a uniform signature format that looks for a wide range of threats in a single pass. To simplify management, threat prevention policies are created using the same rule-based interface that drives firewall policy creation, thereby eliminating any possible learning curve associated with multiple interfaces.


Customer Examples

Customers are deploying the PA-4000 Series at the internet gateway to control applications as well as block a wide range of threats – without sacrificing performance.

  • In addition to controlling applications, both Mercy Medical Center and the State of Pennsylvania Bipartisan Committee are blocking a wide range of malware - with no degradation in performance.
  • A large Midwestern manufacturing company is protecting their network against application vulnerability exploits while controlling network access.

 

 

RELATED LINKS :

Datasheet Download

Learn more about Content-ID MORE

Datasheet Download

Learn more about the PA-4000 Series MORE

"Palo Alto Networks has given us the ability to identify what’s really going on with our network at a much more granular level. We’ve been able to identify malicious software on desktops, shut down evasive applications and threats, as well as geographically pinpoint application sources and destinations."

Doug Ross
Chief Technology Officer
Western & Southern Financial Group