[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Network Security](https://www.paloaltonetworks.com/cyberpedia/network-security?ts=markdown) 3. [What Are the Top Firewall Features? | Traditional \& NGFWs](https://www.paloaltonetworks.com/cyberpedia/top-firewall-features?ts=markdown) Table of Contents * [How do firewalls work?](#how) * [What are the main traditional firewall features?](#what) * [Packet filtering](#packet) * [Stateful inspection](#stateful) * [Network address translation (NAT)](#network) * [Logging and monitoring](#logging) * [Access control](#access) * [What are the main next-generation firewall (NGFW) features?](#features) * [Advanced threat prevention](#prevention) * [Advanced URL filtering](#filtering) * [DNS security](#dns) * [IoT security](#iot) * [Next-generation CASB](#casb) * [Firewall features FAQs](#faqs) # What Are the Top Firewall Features? | Traditional \& NGFWs 5 min. read Table of Contents * [How do firewalls work?](#how) * [What are the main traditional firewall features?](#what) * [Packet filtering](#packet) * [Stateful inspection](#stateful) * [Network address translation (NAT)](#network) * [Logging and monitoring](#logging) * [Access control](#access) * [What are the main next-generation firewall (NGFW) features?](#features) * [Advanced threat prevention](#prevention) * [Advanced URL filtering](#filtering) * [DNS security](#dns) * [IoT security](#iot) * [Next-generation CASB](#casb) * [Firewall features FAQs](#faqs) 1. How do firewalls work? * [1. How do firewalls work?](#how) * [2. What are the main traditional firewall features?](#what) * [3. Packet filtering](#packet) * [4. Stateful inspection](#stateful) * [5. Network address translation (NAT)](#network) * [6. Logging and monitoring](#logging) * [7. Access control](#access) * [8. What are the main next-generation firewall (NGFW) features?](#features) * [9. Advanced threat prevention](#prevention) * [10. Advanced URL filtering](#filtering) * [11. DNS security](#dns) * [12. IoT security](#iot) * [13. Next-generation CASB](#casb) * [14. Firewall features FAQs](#faqs) The main features of firewalls can be broken down into those found in traditional and next-generation firewall solutions, including: * Packet filtering * Stateful inspection * Network address translation (NAT) * Logging and monitoring * Access control * Advanced threat prevention * Advanced URL filtering * DNS security * IoT security * Next-generation CASB These features work together to filter out unauthorized access and threats from external sources while managing and monitoring traffic. Using both foundational security measures and advanced capabilities, firewalls are able to operate as a crucial barrier against a wide array of cyber threats. ## How do firewalls work? ![How Does a Firewall Work?](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/top-firewall-features/how-does-a-firewall-work.png) Before diving into the main features found in today's firewalls, it's worth taking a moment to establish how [firewalls](https://www.paloaltonetworks.com/cyberpedia/what-is-a-firewall?ts=markdown) actually function. Firewalls are essentially gatekeepers for the network. They manage and monitor data flow between the network and the internet. Here's [how a firewall works](https://www.paloaltonetworks.com/cyberpedia/what-does-a-firewall-do?ts=markdown): A firewall establishes a barrier at the network's entry points. This is where security policies determine whether traffic should be allowed or blocked. The process is vital for protecting networks from unauthorized access and cyber threats. ![Firewall Process](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/top-firewall-features/firewall-process.png) Firewalls, whether hardware or software, work using three main methods: * **Packet filtering:** An access control mechanism that screens small data units (packets) against a predetermined rule set. * **Proxy service:** Here, the [proxy firewall](https://www.paloaltonetworks.com/cyberpedia/what-is-a-proxy-firewall?ts=markdown) acts as an intermediary. Instead of permitting direct communication of data packets between the user and the internet, the proxy fetches the data for the user and then relays it, preventing direct system access. * **Stateful inspection:** [Stateful inspection firewalls](https://www.paloaltonetworks.com/cyberpedia/what-is-a-stateful-firewall?ts=markdown) track outgoing packets and compare incoming responses to their database of active sessions. They approve only those that match a valid corresponding outbound packet. At a basic level, firewalls use predetermined rules to inspect incoming and outgoing data packets. [Firewall rules](https://www.paloaltonetworks.com/cyberpedia/what-are-firewall-rules?ts=markdown) can be based on: * Source and destination IP addresses * Domain names * Protocols * Ports * Specific content within the data packets By applying these rules, firewalls effectively block harmful traffic while allowing legitimate communications to pass through. [![Find out which software firewall is right for you.](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/top-firewall-features/banner-dg-find-out-which-software-firewall-right.png)](https://www.paloaltonetworks.com/resources/infographics/software-firewall-selector?ts=markdown) ## What are the main traditional firewall features? ![Traditional firewall features](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/top-firewall-features/traditional-firewall-features.png) Traditional firewall solution features are basically the backbone of [network security](https://www.paloaltonetworks.com/cyberpedia/what-is-network-security?ts=markdown). These are the functionalities found in early firewall solutions that are still important today. Basic firewall features include: * Packet filtering * Stateful inspection * Network address translation (NAT) * Logging and monitoring * Access control Together, these features create the network security foundation for ensuring that only authorized and safe communications are allowed through. ## Packet filtering Packet filtering is the process of evaluating data packets as they pass through a firewall. Based on predetermined criteria, like source and destination IP addresses or port numbers, the firewall decides whether to allow or block each packet. Think of packet filtering like a network traffic checkpoint. Every data packet attempting to enter or leave the network has to pass through. More specifically, the firewall scrutinizes each packet's header. The header contains important details such as IP addresses and port numbers. Which determines whether the packet should be allowed to continue to its destination **or** be rejected based on the rules defined in the firewall. Here's how: ![How packet filtering works](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/top-firewall-features/how-packet-filtering-works.png) **For example:** Let's say a packet shows up claiming to come from a trusted source, but the source IP has been flagged previously for suspicious activity. The firewall recognizes the discrepancy through its predefined security rules, and immediately identifies the packet as a spoof. It then drops the packet before it can penetrate the network. Like this: ![Packet filtering function prevents IP spoofing attack](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/top-firewall-features/packet-filtering-function-prevents-ip-spoofing-attack.png) While packet filtering is a basic form of firewall protection, it's still essential even in modern network security strategies. It provides the first line of defense by eliminating packets that don't meet simple, yet crucial, criteria quickly. However: It's important to note that packet filtering alone isn't a sufficient measure to take on more sophisticated threats. Which is why it's commonly integrated with other, more advanced [types of firewall](https://www.paloaltonetworks.com/cyberpedia/types-of-firewalls?ts=markdown) technologies like next-generation firewalls (NGFW) and [intrusion prevention systems (IPS)](https://www.paloaltonetworks.com/cyberpedia/what-is-an-intrusion-prevention-system-ips?ts=markdown). *** ** * ** *** ***Further reading:** [What Is a Packet Filtering Firewall?](https://www.paloaltonetworks.com/cyberpedia/what-is-a-packet-filtering-firewall?ts=markdown)* *** ** * ** *** ## Stateful inspection Stateful inspection is another fundamental feature of traditional firewalls. And it's crucial for monitoring and managing the traffic that flows through a network. Unlike simple packet filtering, stateful inspection tracks each connection's ongoing state and context. This makes the process more like a conversation versus isolated exchanges. So, stateful inspection is a dynamic process. It tracks connections by logging various details such as source and destination IP addresses, port numbers, and the sequence and acknowledgment numbers involved in the communication. This is what it looks like in practice: ![Stateful packet inspection example](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/top-firewall-features/stateful-packet-inspection-example.png) Stateful inspection is not unlike a vigilant receptionist that remembers the flow of visitors, checking each against a list of expected guests. It examines every packet that attempts to enter the network, referencing a state table, such as this example below, that logs active connections: | **Source address** | **Source port** | **Destination address** | **Destination port** | **Connection state** | |--------------------|-----------------|-------------------------|----------------------|----------------------| | 192.168.2.150 | 1042 | 198.51.100.25 | 80 | Established | | 192.168.2.151 | 1045 | 203.0.113.45 | 443 | Established | | 192.168.2.152 | 1049 | 192.0.2.55 | 25 | Established | | 10.45.34.67 | 2035 | 198.51.100.30 | 80 | Established | | 10.45.34.68 | 2040 | 203.0.113.50 | 8080 | Established | | 172.16.84.90 | 2123 | 192.0.2.60 | 22 | Established | | 172.16.84.91 | 2150 | 198.51.100.35 | 443 | Established | | 10.10.30.45 | 2222 | 203.0.113.55 | 80 | Established | If a packet belongs to an established connection, it passes through seamlessly. If it doesn't match or seems out of context, the firewall blocks it. Why is this method so effective, even for today's firewall products? Well, by maintaining a connection context, stateful inspection can identify and block packets that don't belong. Even if they appear harmless on the surface. And that prevents unauthorized access and attacks that rely on forging or hijacking legitimate sessions. Plus: Because it reduces the need to inspect every packet in detail once a connection is established as safe, it improves the network's performance and reduces latency. *** ** * ** *** ***Further reading:** [What Is a Stateful Inspection Firewall?](https://www.paloaltonetworks.com/cyberpedia/what-is-a-stateful-firewall?ts=markdown)* *** ** * ** *** ## Network address translation (NAT) Network address translation, or NAT, enhances network flexibility and security. Essentially, NAT allows multiple devices on a private network to access the internet using a single public IP address. It's important for conserving limited IP addresses while maintaining each device's ability to reach online resources. NAT works by modifying the IP address information in packet headers as they pass through a router or firewall. This adjustment allows outbound packets from a private network to appear as though they originate from a public IP address. In return, responses from the internet are directed back to the appropriate device on the private network. ![Network address translation between a private network and the Internet](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/top-firewall-features/network-address-translation.png) NAT maximizes the efficient use of public IP addresses. But it also adds a layer of security by keeping internal network addresses hidden from the outside world. Basically, NAT acts as a buffer between internal networks and potential external threats---making unauthorized access more challenging. For businesses, NAT provides an easy, cost-effective solution to manage internal internet access without the need for multiple public IP addresses. The functionality is integrated within firewalls to ensure all data flows are appropriately handled. ## Logging and monitoring Logging and monitoring are essential firewall functions. Together, they provide insights into network activity and security threats. Essentially, logging and monitoring features act as a comprehensive record-keeping and observation system for network traffic. Firewalls log data just about every packet that passes through, noting details like source and destination IP addresses, port numbers, timestamps, and whether the traffic was allowed or blocked based on existing security rules. This creates a detailed record that admins can review to understand traffic patterns and identify potential security breaches or unusual activities. A firewall log looks like this: ![Firewall log example](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/top-firewall-features/firewall-log-example.png) Monitoring, on the other hand, involves the real-time analysis of this data. It helps in detecting anomalies as they occur, allowing network admins to react swiftly to possible threats. And being able to respond immediately makes it a lot easier to minimize damage from attacks and maintain network integrity. ![Using PAN-OS Application Command Center dashboard to review network activity](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/top-firewall-features/using-pan-os-application-command-center-dashboard.png) Here's why logging and monitoring are so important. Together, they provide a double-layered security approach. Logging offers a historical account that can be crucial for audits, forensic analysis, and compliance with security policies. And monitoring ensures ongoing vigilance against threats, helping admins stay a step ahead. Not to mention: the dual approach also supports network performance optimization by analyzing traffic flow and user behavior. ## Access control Access control is another longstanding, fundamental firewall feature. In keeping with the goal of many firewall functions, access control determines which traffic should be allowed or blocked based on predefined security rules. Controlling access supports the security of the network, and it also ensures that only legitimate users and data can flow in and out. Access control in a firewall involves several steps: First, the firewall examines each incoming and outgoing packet against a set of rules---these could include source and destination IP addresses, protocols, ports, and even time of day. If a packet matches an allowed rule, it passes through the firewall. If not, it's blocked. ![ACL configuration example](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/top-firewall-features/acl-configuration-example.png) Why is this important? Because access control helps prevent attackers from exploiting vulnerabilities within the network. It ensures that sensitive areas of the network are only accessible to authorized users. And that significantly reduces the risk of data breaches. Also, it allows network admins to enforce policies that align with organizational security standards. Which helps to maintain a secure, efficient network environment. In practice, access control within firewalls is continuously refined and updated to adapt to new threats and changes within the network. It's a dynamic tool that provides a critical security layer. ## What are the main next-generation firewall (NGFW) features? ![NGFW features](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/top-firewall-features/ngfw-features.png) The genesis of firewall technology is rooted in age-old methods of physical defense. All the way back when people first began building walls to stop intruders. The real [history of firewalls](https://www.paloaltonetworks.com/cyberpedia/history-of-firewalls?ts=markdown) began in the 1980s with basic packet filtering firewalls, continually evolving into the modern next generation firewall of today. ![The History of Firewalls](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/top-firewall-features/the-history-of-firewalls.png) As technology and business evolve, protection methods have to adapt. It's important to note that traditional firewalls do provide basic defense, but modern firewalls, or next-generation firewalls, including [ML-powered NGFWs](https://www.paloaltonetworks.com/cyberpedia/what-is-an-ml-powered-ngfw?ts=markdown), reflect today's advanced digital threats. These firewalls blend proven, durable functionalities with new technologies for better, more effective network security. NGFW products include modern firewall features ranging from application awareness and SSL inspection to threat intelligence and deep packet inspection (DPI). The primary NGFW features include: * Advanced threat prevention * Advanced URL filtering * DNS security * IoT security * Next-generation CASB [![Secure private clouds and virtual networks. Try VM-Series virtual firewalls free for 30 days.](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/top-firewall-features/banner-dg-secure-private-cloud-virtual-networks.png)](https://www.paloaltonetworks.com/vm-series-trial?ts=markdown) ## Advanced threat prevention ![Advanced threat prevention powered by Precision AI](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/top-firewall-features/advanced-threat-prevention-powered-by-precision-ai.png) Advanced threat prevention (ATP) is a key feature of NGFWs. ATP goes beyond traditional security measures with multiple layers of defense to detect, analyze, and block malicious activities before they can cause harm. ATP incorporates modern technologies like machine learning and behavior analysis to identify and counteract malware that evades standard detection. It works by scrutinizing network traffic and files in real-time. Then it applies a combination of signature-based, heuristic, and behavioral techniques to pinpoint suspicious patterns and activities. The multifaceted approach allows ATP to provide comprehensive protection against both known **and** emerging threats. This is significant because the threat actors of today evolve their tactics at a previously unthinkable rate. And traditional security solutions simply can't keep up. ATP addresses this gap by continuously updating detection mechanisms with the latest threat intelligence. This way, the firewall can adapt to new vulnerabilities and attack methods. This dynamic capability is vital for protecting sensitive data and maintaining network integrity against complex attacks like ransomware, zero-day exploits, and advanced persistent threats (APTs). [![Learn how Cloud-Delivered Security Services protect your network from the most advanced threats.](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/top-firewall-features/banner-dg-learn-how-cdss-protect-your-network.png)](https://www.paloaltonetworks.com/resources/test-drives?topic=cdss&ts=markdown) ## Advanced URL filtering ![Advanced URL Filtering architecture](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/top-firewall-features/advanced-url-filtering-architecture.png) Advanced URL filtering in NGFWs is a critical security feature that blocks access to malicious websites. It assesses URLs in real-time, using updated databases and dynamic analysis to categorize and evaluate web traffic. This process helps identify and prevent access to sites known for hosting malware, phishing, and other cyber threats. Here's how it works: The system uses machine learning to adapt to emerging threats, analyzing new or unknown websites to detect harmful content swiftly. If a site poses a risk, the firewall restricts access---which protects the network from potential security breaches. Advanced URL filtering is vital for enforcing safe web browsing practices. It also supports compliance with organizational policies, and protects sensitive data. It also provides valuable insights into how web traffic moves through the network. These insights help admins manage web usage more effectively. And make it easier to identify and address potential issues before they escalate. *** ** * ** *** ***Further reading:** [What Is URL Filtering?](https://www.paloaltonetworks.com/cyberpedia/what-is-url-filtering?ts=markdown)* *** ** * ** *** [![See how our Advanced URL Filtering solution can prevent unknown and sophisticated web-based threats in real time.](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/top-firewall-features/banner-dg-see-how-our-advanced-url-filtering-solution.png)](https://www.youtube.com/watch?v=zongzX1yOjc) ## DNS security The objective of DNS security is to secure the Domain Name System (DNS), which is fundamental to internet communication. DNS security ensures that the DNS infrastructure is reliable and efficient. Which prevents attacks that could redirect users to malicious sites or disrupt network services. DNS security is so critical because DNS is a primary target for cyber attacks, mostly because of its essential role in network addressing. Which means that securing it helps prevent a wide range of attacks, including cache poisoning and [denial of service (DoS)](https://www.paloaltonetworks.com/cyberpedia/what-is-a-denial-of-service-attack-dos?ts=markdown). DNS security uses predictive analytics and machine learning to thwart sophisticated attacks leveraging DNS. Its tight integration with the firewall automates protections, provides deeper insights into threats, and eliminates the need for separate tools. ![DNS security as an integrated feature of an NGFW](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/top-firewall-features/dns-security-as-an-integrated-feature-of-an-ngfw.png) DNS security works by monitoring DNS requests and responses. It uses advanced algorithms to detect anomalies and potential threats. By applying security measures like DNSSEC (Domain Name System Security Extensions), NGFWs can authenticate DNS responses. And that ensures their integrity **and** blocks forged information that could lead to [phishing](https://www.paloaltonetworks.com/cyberpedia/what-is-phishing?ts=markdown) or [malware](https://www.paloaltonetworks.com/cyberpedia/what-is-malware?ts=markdown) infections. Enhanced DNS security within NGFWs also includes filtering to prevent access to known malicious domains. Which reduces the risk of malware infections and data breaches. [![Stop new DNS-layer attacks today. Get a 90-day DNS Security free trial.](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/top-firewall-features/banner-dg-stop-new-dns-layer-attacks.png)](https://start.paloaltonetworks.com/dns-security-free-trial.html) ## IoT security IoT security within NGFWs is a crucial feature designed to protect the vast array of interconnected devices within modern networks. As the Internet of Things (IoT) expands, so does the potential for security vulnerabilities. And that makes robust IoT security mechanisms indispensable. Plus, with the proliferation of IoT devices in both corporate and consumer environments, the attack surface has significantly increased. Devices often have varying levels of security, making some highly vulnerable to attacks. ![The attack surface of an IoT device](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/top-firewall-features/the-attack-surface-of-an-iot-device.png) IoT security within NGFWs offers a robust [Zero Trust](https://www.paloaltonetworks.com/cyberpedia/what-is-a-zero-trust-architecture?ts=markdown) security approach for IoT devices, combining visibility, prevention, and enforcement. With the integration of machine learning, modern firewalls can segment networks based on context. This reduces risk and protects both IoT and IT devices from various threats. ![Integrated IoT Security Framework within NGFW](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/top-firewall-features/integrated-iot-security-framework-within-ngfw.png) NGFWs equipped with IoT security capabilities use advanced techniques to monitor and manage the traffic from these devices. This includes identifying device types, tracking behavior patterns, and ensuring that all communications adhere to established security policies. This monitoring helps detect and prevent anomalous behavior that could indicate a security threat, such as unauthorized access or data exfiltration attempts. By implementing predefined security rules, NGFWs can automatically block suspicious activities, providing real-time threat prevention. *** ** * ** *** ***Further reading:** [What Is IoT Security?](https://www.paloaltonetworks.com/cyberpedia/what-is-iot-security?ts=markdown)* *** ** * ** *** [![Never leave IoT to its own devices. Get a 30-day Enterprise IoT Security free trial.](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/top-firewall-features/banner-dg-never-leave-iot.png)](https://start.paloaltonetworks.com/enterprise-iot-free-trial.html) ## Next-generation CASB A next-generation cloud access security broker (CASB) is an advanced NGFW feature designed to provide robust security across various cloud applications. This functionality is especially important because businesses are increasingly relying on SaaS applications that reside outside traditional security controls. What exactly does a next-generation CASB do? It acts as a gatekeeper between users and cloud services, monitoring all data traffic and enforcing security policies. Which prevents unauthorized access and data breaches (while ensuring compliance with internal policies and external regulations). The CASB integrates seamlessly into the firewall to extend security measures beyond traditional network perimeters, directly into cloud environments. ![Seamless integration of next-gen CASB with NGFW for enhanced SaaS security](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/top-firewall-features/seamless-integration-of-next-gen-casb-with-ngfw.png) The CASB continuously evaluates the risk levels of cloud services, providing real-time security postures and visibility across all cloud platforms. This matters because organizations continue to adopt more cloud-based tools. And that means that the risk of data leaks and security breaches increases. A next-generation CASB addresses these challenges by offering granular control over data access and usage across all cloud services. Including sanctioned and unsanctioned applications. So organizations can embrace the benefits of cloud computing **and** maintain stringent security controls. ## Firewall features FAQs ### What are the main features of a firewall? The main features of firewalls include packet filtering, stateful inspection, network address translation (NAT), logging and monitoring, access control, advanced threat prevention, advanced URL filtering, DNS security, IoT security, and next-generation CASB. ### What are the most important firewall features to consider? The most important firewall features can be considered context-dependent, varying greatly based on the specific security requirements and the network architecture of an organization. However, when considering a broad application, the following features are generally critical across various setups: packet filtering, stateful inspection, and advanced threat prevention. ### What are basic firewall features? Basic firewall features generally include packet filtering, stateful inspection, and network address translation (NAT). ### What are advanced firewall features? Advanced firewall features include but aren't limited to advanced threat prevention, advanced URL filtering, DNS security, IoT security, and next-generation CASB. ### What are the most common firewall features? The most common firewall features generally include but aren't limited to packet filtering, stateful inspection, NAT, logging and monitoring, and access control. ### What are the 3 main functions of a firewall? Three main functions of a firewall are to filter traffic based on rules (access control), monitor and log traffic details for analysis (logging and monitoring), and prevent unauthorized access to network resources (security enforcement). ### What feature does a firewall provide? A firewall provides multiple features like traffic filtering, intrusion prevention, and enhanced security measures against various cyber threats through stateful inspection and advanced threat detection techniques. ### What are the features of a network firewall? Features of a network firewall include packet filtering, stateful inspection, NAT, and logging activities for real-time monitoring and threat mitigation, enhancing overall network security and management. Related content [Explore all hardware appliances Learn about the top performance and security ML-powered NGFWs bring.](https://www.paloaltonetworks.com/network-security/next-generation-firewall-hardware?ts=markdown) [Product comparison Compare NGFWs, including physical appliances and virtualized firewalls.](https://www.paloaltonetworks.com/products/product-selection?ts=markdown) [Study: Total Economic Impact^™^ of Palo Alto Networks NGFW See the ROI Palo Alto Networks NGFWs have to offer.](https://www.paloaltonetworks.com/resources/research/ngfw-forrester-tei-report?ts=markdown) [eBook: Software Firewalls For Dummies^®^ Learn how to achieve better security for application workloads in cloud \& virtualized environments.](https://start.paloaltonetworks.com/software-firewalls-for-dummies.html) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20Are%20the%20Top%20Firewall%20Features%3F%20%7C%20Traditional%20%26%20NGFWs&body=Firewall%20features%20include%20those%20found%20in%20traditional%20and%20NGFW%20solutions%2C%20including%20packet%20filtering%20stateful%20inspection%2C%20NAT%2C%20ATP%2C%20URL%20filtering%2C%20and%20more.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/top-firewall-features) Back to Top {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2025 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language