We offer leading Next-Generation Intrusion Prevention System (NGIPS) capabilities through the Threat Prevention subscription, preventing known vulnerability exploits, malware and command-and-control activity.



Native Integration With Palo Alto Networks Next-Generation Security Platform

NGIPS functionality is a core capability of our platform, preventing threats across the full attack lifecycle, including those hiding in all application traffic regardless of port or protocol, including SSL encrypted content, with full user context.

Vulnerability Exploit Prevention

Vulnerability-based protections detect and block exploits and evasive techniques on both the network and application layers, including port scans, buffer overflows, packet fragmentation and obfuscation. IPS protections include both anomaly detection and signature matching, using stateful pattern matching to understand packet arrival order and sequence.


Malware Prevention

In-line malware prevention is automatically enforced, stopping malware delivery and installation through our proprietary payload-based signatures, which are updated through daily content updates. Payload-based signatures do not rely on easily changed attributes, instead detecting patterns in the body of the file that can be used to identify future variations of the malware, even if the content has been slightly modified. Users can extend this capability with the WildFire® threat analysis service to detect and prevent zero-day exploits and malware, bringing the daily content updates to near-real time.


Command-and-Control Prevention

Command-and-control (C2) activity is stopped from being used to exfiltrate data, deliver secondary malware payloads, or provide additional instructions for future stages of the attack. The service employs a revolutionary approach to shutting down this critical threat vector by automatically generating C2 signatures that go beyond basic domain and URL matching, producing research-grade protections at machine speed and scale.

Stop Exploits on the Endpoint

Attackers target endpoints, which is why you must also protect desktops, laptops, servers and mobile devices from exploits. Traps™ advanced endpoint protection prevents exploits, including zero-days exploits, on the endpoint by zeroing in on and stopping the small set of techniques that all exploits must execute in order to be successful, making it very effective in securing the endpoint from attacks.

World-Class Threat Research

Palo Alto Networks conducts all signature generation in-house, without repackaging third-party content. This allows us to develop and enforce the highest efficacy protections for our customers, without compromise.

Our signature developers and threat research team leverage third-party intelligence during the course of their research efforts to enrich their understanding and ensure we have the widest possible visibility into vulnerability exploits. Furthermore, the Palo Alto Networks® threat research team, Unit 42, has discovered more than 130 critical zero-day vulnerabilities in Microsoft®, Adobe®, Apple®, Android™ and other ecosystems, allowing us to create signatures for never-before-seen threats.


Nexon Asia Pacific

Nexon Asia Pacific is a Managed Security Service Provider (MSSP) that delivers infrastructure and software to provide secure connectivity and productivity applications, unified communications, business intelligence and continuity, and cloud services. Nexon’s 120 employees support small to medium to enterprise-sized customers in the retail, manufacturing, telephony, insurance, hospitality, health, and not-for-profit industries in Australia, Asia Pacific, the United States, and Europe.
  • 3
  • 1541

NSS Labs
2016 Data Center IPS Recommendation

It’s exciting when we’re recognized in the market as the security vendor customers can count on to protect their users and their data. Now, we have a third-party report that publicly corroborates what our customers have been saying: that Palo Alto Networks is effective when it comes to protecting the data center.
  • 1
  • 3044


OSRAM is one of the two leading light manufacturers in the world. The company’s portfolio covers the entire value chain from components—including lamps, electronic control gear, and opto semiconductors such as light-emitting diodes (LED)—as well as luminaires, light management systems, and lighting solutions. The company, which is internationally oriented, had more than 34,000 employees worldwide and generated revenue of almost 5.1 billion Euros at the end of fiscal year 2014. The company’s business activities have been focused on light—and hence on quality of life—for over 100 years. This customer story is available in German.
  • 5
  • 1867

University of Southampton

A research-intensive university with over 23,000 students, the University of Southampton is a leading entrepreneurial ­institution in the United Kingdom. When the University sought to significantly expand throughput to support an increase in students, improve network stability and services to users, heighten security, and lower IT management burdens, they ­selected Palo Alto Networks Nextwave Channel Program Platinum ASC CPSP Partner Khipu Networks, working with ­European ­Electronique under the NEUPC procurement framework, to partner with them to meet their long-term strategic goals.
  • 6
  • 1659

Austrian Airlines

Austrian Airlines is Austria’s largest carrier and operates a global network of routes to around 130 destinations. The company’s hub at Vienna International Airport is an ideal gateway between East and West. Austrian Airlines is part of the Lufthansa Group, Europe’s largest airline group. This Customer Story is available in German.
  • 5
  • 1149

MSC Cruises

MSC Cruises sails year round in the Mediterranean and offers a wide range of seasonal voyages in northern Europe, the Atlantic Ocean, the French Antilles and the Caribbean, South America, South Africa, and other popular destinations. In 2014, the 12 ships in its ultramodern fleet carried about 1.7 million travelers. This Customer Story is available in Italian.
  • 3
  • 1365