Threat Prevention

In today’s threat landscape, traditional malware has become highly targeted and evasive, and specifically designed to be completely undetectable. The goal is to breach the network perimeter by delivering malware that can move laterally across an organization, extracting valuable data as it spreads – all while remaining invisible to traditional network defenses.

Palo Alto Networks® protects your network against these threats by providing multiple layers of prevention, confronting threats at each phase of the attack. Our Threat Prevention subscription protects the network from advanced threats by identifying and scanning all traffic – applications, users, and content – across all ports and protocols.


Block Threats At The Perimeter

Intrusion Prevention

Vulnerability-based protections detect and block exploit attempts and evasive techniques on both the network and application layers, including port scans, buffer overflows, protocol fragmentation and obfuscation. 

  • Protections are based on both signature matching and anomaly detection.
  • Anomaly detection decodes and analyzes protocols, and uses the information learned to block malicious traffic patterns.
  • Stateful pattern matching detects attacks across multiple packets, taking into account arrival order and sequence.

Check out Intrusion Prevention at a glance.

SSL Decryption

A large portion of today’s network traffic – nearly 35% – is encrypted with SSL, leaving a gaping hole in network defenses if left unchecked. Palo Alto Networks next-generation firewalls have built-in SSL decryption capabilities, eliminating this blind spot. All traffic is inspected and advance security services, all without the need for a separate device – removing the complexities of having to manage separate, non-integrated technology.

File Blocking

Reduce the likelihood of a malware infection by preventing file types known to hide malware from entering your network. Further narrow your window of exposure by sending allowed file types to the WildFire® threat analysis service for analysis.


Shut Down Malware Delivery

Network Anti-Malware

Palo Alto Networks Threat Prevention security service protects against malware delivery through custom-built signatures that are based on content – not hash – to protect against known malware, including variants that haven’t been seen in the wild yet. Protections against newly discovered malware are delivered daily by WildFire, keeping the latest threats from breaching your network.


Prevent Threats From Exploring the Network

Because our platform is flexible, highly available, and supports high throughput with its single-pass scanning architecture, it can be implemented anywhere in the network:

  • At the perimeter (next-generation firewall).
  • At the data center edge (PA-7050).
  • Between virtual machines in the data center (VM-Series).
  • On a distributed enterprise – remote and mobile users, branch offices and operations plants (GlobalProtect™ network security for endpoints and Traps™ advanced endpoint protection).
  • At all points of segmentation.

Put a Stop to Data Exfiltration

Command-and-Control (Spyware)

We know there’s no silver bullet when it comes to preventing all threats from entering your network. This is why we focus on preventing attackers from leaving with important data. Our C2 signatures flag on both inbound and outbound requests to malicious domains, protecting your data from being stolen.

DNS Sinkhole

Our exfiltration protection goes a step further by providing sinkhole capabilities for outbound requests to malicious DNS entries. Any outbound request to a malicious domain or IP address can be redirected to an internal IP address set up by an administrator. This feature prevents those requests from ever leaving the network and compiles a report of compromised machines making those requests on which incident response teams can act.


Leverage Global Threat Intelligence

Detailed logs of all threats aren’t merely housed within the same management interface, but are shared between all prevention mechanisms to provide context. We leverage global threat intelligence through the close integration of Threat Prevention security services, URL Filtering and WildFire to automatically discover unknown malware and deliver protections to our entire customer base, keeping them secured against the latest advanced threats. 

The Palo Alto Networks threat research team, Unit 42, analyzes threat data amassed by our global intelligence community to identify and investigate cutting-edge attack methods and malware, and report on unfolding trends within the black hat space.


Related Content


Traps Advanced Endpoint Protection AV-Comparatives Award

AV-Comparatives, the independent organization that tests and assesses antivirus (AV) software, announced the completion of its 2017 “Comparison of Next-Generation Security Products” and presented Traps advanced endpoint protection with its “Approved” award. The firm conducted a series of malware protection and exploit prevention tests on Traps during September and October 2017. Download the report to view the results of this test.
  • 2
  • 11708

Product Summary Specsheet

Key features, performance capacities and specifications for all Palo Alto Networks firewalls.
  • 83
  • 223330

VM-Series Specsheet

The VM-Series has been optimized and expanded to deliver industry-leading performance of up to 16Gbps of App-ID-enabled firewall throughput across five models.
  • 5
  • 53912

Traps: Advanced Endpoint Protection

Palo Alto Networks Advanced Endpoint Protection represents a complete paradigm shift from identification to pure prevention. Providing comprehensive exploit and malware prevention that is not designed to identify; instead, it prevents an attack before the malware can be successful.
Santa Clara, CA
  • 29
  • 62791

Traps Advanced Endpoint Protection Technology Overview

Most organizations deploy a number of security products to protect their endpoints, including one or more traditional antivirus solutions. Nevertheless, cyber breaches continue to increase in frequency, variety and sophistication. Faced with the rapidly changing threat landscape, current endpoint security solutions and antivirus can no longer prevent security breaches on the endpoint. Palo Alto Networks® Traps™ advanced endpoint protection replaces traditional antivirus with a unique combination of the most effective, purpose-built, malware and exploit prevention methods that pre-emptively block known and unknown threats from compromising a system.
Santa Clara, CA
  • 8
  • 40589

VM-Series on VMware

Key features, performance capacities and specifications of VM-Series for VMWare.
  • 4
  • 24259