Threats do not discriminate between application delivery vectors, requiring an approach that has full visibility into all application traffic, including SSL encrypted content, with full user context. Threat Prevention leverages the visibility of our next-generation firewall to inspect all traffic, automatically preventing known threats, regardless of port, protocol or SSL encryption.
In order for adversaries to be successful, they must move through multiple stages of the attack lifecycle, representing opportunities to stop them at each step. Threat Prevention automatically blocks multiple phases of the attack, including exploitation of known vulnerabilities, known malware and command-and-control activity. If zero-day malware or exploits are used, other elements of the Palo Alto Networks Next-Generation Security Platform can keep your organization safe.
Threat Prevention leverages our unique single-pass scanning architecture, so traffic is only scanned once, even with all subscription services enabled, including Threat Prevention, WildFire and URL Filtering. The single-pass architecture allows full threat detection and enforcement of prevention controls, without sacrificing performance.