Secure Application Enablement
App-ID is a Palo Alto Networks firewall capability that examines network traffic using up to four separate traffic classification mechanisms to determine the identity of any application traffic on the network. App-ID continuously monitors the traffic and examines its activity while security policies decide whether the application should be allowed, blocked, or securely analyzed.
The User-ID feature available with all Palo Alto Networks firewalls gives organizations the ability to monitor user activity through user- or group-based enablement policies rather than through IP addresses alone.
Once App-ID has blocked unauthorized and/or malicious applications, Content-ID can securely enable allowed applications by blocking vulnerability exploits, malware, viruses, and other threats from spreading on the network–regardless of port or encryption. Content-ID also provides a URL database to provide additional data filtering and web browsing controls.
Malware Detection and Prevention
Threat Prevention Service – Integrating with Palo Alto Networks NGFWs, the Threat Prevention service protects organizations with an extra layer of intrusion detection and prevention capabilities to keep critical assets secure. The service also carries the ability to block vulnerability exploits and protect against attacker evasion and obfuscation methods.
- Buffer overflows and port scans
- Anti-malware capabilities
- Command-and-control protection
WildFire – WildFire is a cloud-delivered malware protection service that uses machine learning and various analysis methods to detect highly advanced and previously unknown threats across the enterprise. Leveraging shared data from intelligence communities and third-party partners, WildFire is able to block new and evasive threats with rich context into the attack without having encountered the threat before.
- Bare metal analysis environment
- Detect zero-day attacks
- Automated orchestration of prevention
- Highly scalable
Available on all Palo Alto Networks NGFWs, the DNS Security service provides extra network protection for DNS-based attacks, including advanced DNS tunneling threats. Any DNS-based attacks detected are automatically identified and sinkholed to quickly neutralize the threat with minimal to no manual input from the security team.
- URL Filtering
- Predict and block malicious domains
- Signature-based protection
- Extensible cloud-based architecture
Panorama Security Management
Panorama – Panorama is Palo Alto Networks NGFWs security management platform that allows security teams to view firewall traffic, manage firewall configurations, streamline security automation, and manage a variety of other critical security tasks from a single, centralized management console.
- Graphical views and analytics
- Manage rules and dynamic updates
- Customizable Application Command Center (ACC)
- Log collection mode
- Physical or virtual appliance
Auto-Focus – Auto-Focus is a global threat intelligence tool that enriches all threat prevention and analysis efforts provided by Palo Alto Networks NGFWs. AutoFocus helps organizations catch previously unknown high-impact threats with the threat intelligence and context needed to mitigate the threat successfully.
- High-fidelity threat intelligence
- Priority alerts
- Automatic extraction and sharing of prevention indicators
- Native integration with Palo Alto Networks products