Protection From Known and Unknown Threats
Problem: Your network is facing a rapidly evolving threat landscape full of modern applications, exploits, malware and attack strategies that are capable of avoiding traditional methods of detection. Threats are delivered via applications that dynamically hop ports, use non-standard ports, tunnel within other applications or hide within proxies, SSL or other types of encryption. Additionally, enterprises are exposed to targeted and customized malware, which can easily pass undetected through traditional antivirus solutions.
Solution: Palo Alto Networks addresses these challenges with unique threat prevention abilities not found in other security solutions. First, the next-generation firewall removes the methods that threats use to hide from security through the complete analysis of all traffic, on all ports regardless of evasion, tunneling or circumvention techniques. Then Palo Alto Networks leverages multiple threat prevention disciplines including IPS and anti-malware along with URL filtering and file and content blocking to control known threats.Finally, WildFire provides automated sandbox analysis of suspicious files to reveal unknown and targeted malware and uses the Behavioral Botnet Report to identify the unique patterns of botnet infections in a network.
- Learn More
- See Demo
- Next Steps
Unique visibility and threat prevention architecture.
Palo Alto Networks threat prevention is built on the unique ability to inspect all traffic on all ports regardless of evasion. The solution decodes more than 100 applications and protocols decoders to look for threats hidden within streams of application data. Your IT team can selectively decrypt SSL by policy to ensure threats are not allowed to hide inside the encrypted stream, and can control the use of proxies, circumventors and encrypted tunnels which attackers use to hide. Additionally, Palo Alto Networks designed a unique approach that performs all threat analysis in a single unified engine and leverages a common signature format. This means that content is processed only once, and performance remains steady even as additional protections are enabled.
Multiple coordinated threat disciplines for known threats.
Palo Alto Networks brings multiple security disciplines into a single context and a single threat prevention engine. This context enables your security team to easily see beyond individual security events and recognize the full extent of a threat. Your security managers can now see interconnection of applications, exploits, malware, URLs, anomalous network behaviors and targeted malware in a uniform context. This context leads us to important conclusions faster, streamlines management and reporting, and ensures predictable performance by analyzing traffic once instead of progressive scanning in multiple engines.
WildFire: Protection from targeted and unknown threats.
Modern attackers have increasingly turned to targeted and new unknown variants of malware in order sneak past traditional security solutions. To meet this challenge, Palo Alto Networks has developed WildFire, which provides the ability to identify malicious behaviors in executable files by running them in a virtual environment and observing their behaviors. This enables Palo Alto Networks to identify malware quickly and accurately, even if the particular sample of malware has never been seen in the wild before.
Once a file is determined to be malicious, WildFire automatically generates signatures for both the infecting malware and the resulting command and control traffic. Signatures are delivered with regular security updates to provide automated in-line protection from these highly advanced threats. Your IT team is provided with a wealth of forensics to see exactly who was targeted, the application used in the delivery and any URLs that played a part in the attack.