Threat Prevention

In today’s threat landscape, traditional malware has become highly targeted and evasive, and specifically designed to be completely undetectable. The goal is to breach the network perimeter by delivering malware that can move laterally across an organization, extracting valuable data as it spreads — all this while remaining invisible to traditional network defenses.

Palo Alto Networks protects your network against these threats by providing multiple layers of prevention, confronting threats at each phase of the attack. Our Threat Prevention subscription protects the network from advanced threats by identifying and scanning all traffic — applications, users, and content across all ports and protocols.

 

Block Threats At The Perimeter

Intrusion Prevention

Vulnerability-based protections detect and block exploit attempts and evasive techniques on both the network and application layers, including port scans, buffer overflows, protocol fragmentation, and obfuscation. 

  • Protections are based on both signature matching and anomaly detection
  • Anomaly detection decodes and analyzes protocols, and uses the information learned to block malicious traffic patterns
  • Stateful pattern matching detects attacks across multiple packets, taking into account arrival order and sequence 

Check out Intrusion Prevention at a glance

SSL Decryption

A large portion of today’s network traffic — nearly 35% — is encrypted with SSL, leaving a gaping hole in network defenses if left unchecked. Palo Alto Networks next-generation firewalls have built-in SSL decryption capabilities, eliminating this blind spot. All traffic is inspected and advance security services, all without the need for a separate device — removing the complexities of having to manage separate, non-integrated technology.

File Blocking

Reduce the likelihood of a malware infection by preventing file types known to hide malware from entering your network. Further narrow your window of exposure by sending allowed file types to WildFire™ for analysis.

 

Shut Down Malware Delivery

Network Anti-Malware

Palo Alto Networks Threat Prevention security service protects against malware delivery through custom-built signatures that are based on content — not hash — to protect against known malware, including variants that haven’t been seen in the wild yet. Protections against newly discovered malware are delivered daily by WildFire, keeping the latest threats from breaching your network.

 

Prevent Threats From Exploring the Network

Because our platform is flexible, highly available, and supports high throughput with its Single-Pass scanning architecture, it can be implemented anywhere in the network:

Put a Stop to Data Exfiltration

Command-and-Control (Spyware)

We know that there’s no silver bullet when it comes to preventing all threats from entering your network. This is why we focus on preventing attackers from leaving with important data. Our CnC signatures flag on both inbound and outbound requests to malicious domains, protecting your data from being stolen.

DNS Sinkhole

Our exfiltration protection goes a step further by providing sinkhole capabilities for outbound requests to malicious DNS entries. Any outbound request to a malicious domain or IP address can be redirected to an internal IP address set up by an administrator. This feature prevents those requests from ever leaving the network and compiles a report of compromised machines making those requests on which incident response teams can act.

 

Leverage Global Threat Intelligence

Detailed logs of all threats aren’t merely housed within the same management interface, but are shared between all prevention mechanisms to provide context. We leverage global threat intelligence through the close integration of Threat Prevention security services, URL filtering, and WildFire to automatically discover unknown malware and deliver protections to our entire customer base, keeping them secured against the latest advanced threats. 

Palo Alto Networks threat research team, Unit 42, analyzes threat data amassed by our global intelligence community to identify and investigate cutting-edge attack methods and malware, and report on unfolding trends within the black hat space.

 

Related Content


 

Product Summary Specsheet

Key features, performance capacities and specifications for all Palo Alto Networks firewalls.

  • 32
  • 72351

Firewall Feature Overview Datasheet

This eight-page datasheet provides a comprehensive overview of the critical PAN-OS features that power all next-generation firewalls from Palo Alto Networks. This datasheet is available in Chinese Simplified, Chinese Traditional, German, Italian, Portuguese, Spanish, Russian, and Turkish.

  • 8
  • 36319

PA-7000 Series Specsheet

Key features, performance capacities and specifications for our PA-7000 Series.

Palo Alto Networks, Santa Clara, CA
  • 13
  • 29258

Traps: Advanced Endpoint Protection

Palo Alto Networks Advanced Endpoint Protection represents a complete paradigm shift from identification to pure prevention. Providing comprehensive exploit and malware prevention that is not designed to identify; instead, it prevents an attack before the malware can be successful.

Santa Clara, CA
  • 20
  • 34868

PA-220 Datasheet

Palo Alto Networks PA-220 brings next-generation firewall capabilities to distributed enterprise branch offices and retail locations.

  • 1
  • 4236

GlobalProtect Datasheet

GlobalProtect extends the protection of the Palo Alto Networks Next-Generation Security Platform to your mobile workforce, no matter where they may go.

  • 2
  • 30035