High-Performance Threat Prevention

Enterprises of all sizes are at risk from a variety of increasingly sophisticated threats that have evolved to avoid many of the industry’s traditional security measures. Our Content-ID™ technology delivers a new approach based on the complete analysis of all allowed traffic, using multiple advanced threat prevention technologies in a single, unified engine.

Content-ID is based on a single-pass architecture, which is a unique combination of software and hardware that was designed from the ground up to integrate multiple threat prevention technologies (IPS, anti-malware, URL filtering, etc.) into a single stream-based approach that simplifies management, streamlines processing, and maximizes performance.

The user and application visibility and control of App-ID™ and User -ID™, coupled with the content inspection enabled by Content-ID, empowers IT teams to regain control over application traffic and related content. Watch this video to see how to retake control.

 

Learn more about the IPS, Antivirus, URL Filtering, and Data Filtering features.

As with all Palo Alto Networks analysis, threat prevention is applied in full application and protocol context – across all of your traffic and ports – to ensure that threats are detected and blocked, despite evasion attempts. Content-ID provides you with fully integrated protection from vulnerability exploits, malware and malware-generated command and control traffic. Our threat prevention technologies include:

  • IPS – IPS functionality blocks vulnerability exploits, buffer overflows, and port scans. Additional capabilities, like blocking invalid or malformed packets, IP defragmentation and TCP reassembly, protect you from the evasion and obfuscation methods used by attackers (available as part of our Threat Prevention subscription).
  • Anti-Malware – Known malware as well as future variations of known malware are detected by a stream-based engine that blocks in-line at very high speeds; updated protection for unknown malware is available within as little as 5 minutes for WildFire customers (available as part of our Threat Prevention subscription).
  • Command and Control – Stops malware outbound communications, as well as passively analyzes DNS queries, and will identify the unique patterns of botnets. This reveals infected users, prevents secondary downloads and data from leaving your enterprise (available as part of our Threat Prevention subscription).
  • URL Filtering – Our fully integrated URL Filtering database lets you more easily and effectively enforces your policies for Web browsing, as well as reduces malware incidents by blocking access to known malware and phishing download sites (available as part of our URL Filtering PAN DB subscription).
  • File and Data Filtering – The data filtering features in Content-ID enable you to implement policies that reduce the risks associated with the transfer of unauthorized files and data, such as file blocking by type; data filtering to control the transfer of sensitive data patterns, including credit card and Social Security numbers in application content or attachments; and file transfer function control that provides control over file transfer functionality within an individual application, allowing application use while preventing undesired inbound or outbound file transfers (available on all Next-Generation Firewalls).

 

CONTENT-ID Tech Brief

Overview of our technology that delivers real-time threat prevention and content control.

  • 2
  • 3852

Regio IT

IT service provider regio iT is a partner for city and district municipal authorities. With branches in Aachen and Gütersloh, regio iT helps around 320 customers and 20,500 clients from the municipal field meet challenges brought on by rapid development in the IT world and increasing cost pressures. regio iT’s current 340 employees take on the tasks of operating and supporting database and server systems as well as entire IT infrastructures for energy suppliers, waste disposal companies, schools, and non-profit organizations, and of managing the data of citizens within the region. Available in German.

  • 4
  • 994

Security Platform for Healthcare Providers

Palo Alto Networks® enterprise security platform is well suited for healthcare providers. Our ability to provide full visibility into all network traffic based on application (App-ID™), users (User-ID™) and content (Content-ID™) enables your security staff to rapidly assess the current state of your information and network security without any disruption to daily operations. You can discover where the organization is most at risk and make informed decisions about where to implement tighter controls. This Solution Brief available in Italian, Portuguese, and Spanish.

  • 7
  • 1258