In today’s threat landscape, traditional malware has become highly targeted and evasive, and specifically designed to be completely undetectable. The goal is to breach the network perimeter by delivering malware that can move laterally across an organization, extracting valuable data as it spreads — all this while remaining invisible to traditional network defenses.
Palo Alto Networks protects your network against these threats by providing multiple layers of prevention, confronting threats at each phase of the attack. Our Threat Prevention subscription protects the network from advanced threats by identifying and scanning all traffic — applications, users, and content across all ports and protocols.
Vulnerability-based protections detect and block exploit attempts and evasive techniques on both the network and application layers, including port scans, buffer overflows, protocol fragmentation, and obfuscation.
Check out Intrusion Prevention at a glance
A large portion of today’s network traffic — nearly 35% — is encrypted with SSL, leaving a gaping hole in network defenses if left unchecked. Palo Alto Networks next-generation firewalls have built-in SSL decryption capabilities, eliminating this blind spot. All traffic is inspected and advance security services, all without the need for a separate device — removing the complexities of having to manage separate, non-integrated technology.
Reduce the likelihood of a malware infection by preventing file types known to hide malware from entering your network. Further narrow your window of exposure by sending allowed file types to WildFire™ for analysis.
Palo Alto Networks Threat Prevention security service protects against malware delivery through custom-built signatures that are based on content — not hash — to protect against known malware, including variants that haven’t been seen in the wild yet. Protections against newly discovered malware are delivered daily by WildFire, keeping the latest threats from breaching your network.
Because our platform is flexible, highly available, and supports high throughput with its Single-Pass scanning architecture, it can be implemented anywhere in the network:
We know that there’s no silver bullet when it comes to preventing all threats from entering your network. This is why we focus on preventing attackers from leaving with important data. Our CnC signatures flag on both inbound and outbound requests to malicious domains, protecting your data from being stolen.
Our exfiltration protection goes a step further by providing sinkhole capabilities for outbound requests to malicious DNS entries. Any outbound request to a malicious domain or IP address can be redirected to an internal IP address set up by an administrator. This feature prevents those requests from ever leaving the network and compiles a report of compromised machines making those requests on which incident response teams can act.
Detailed logs of all threats aren’t merely housed within the same management interface, but are shared between all prevention mechanisms to provide context. We leverage global threat intelligence through the close integration of Threat Prevention security services, URL filtering, and WildFire to automatically discover unknown malware and deliver protections to our entire customer base, keeping them secured against the latest advanced threats.
Palo Alto Networks threat research team, Unit 42, analyzes threat data amassed by our global intelligence community to identify and investigate cutting-edge attack methods and malware, and report on unfolding trends within the black hat space.