Palo Alto Networks Threat Prevention Subscription 1 Year - PA-820 - PAN-PA-820-TP
- Eliminate cost and management for standalone IPS
- Gain visibility into attacks, assured your organization is protected.
- Reduce resources needed to manage vulnerabilities and patches.
- Take advantage of full threat detection and enforcement
- Manufacturer Part #:PAN-PA-820-TP
For Pricing, request a quote.
Go beyond traditional IPS to prevent all known threats across all traffic in a single pass
Todays attackers are well-funded and well-equipped. They use evasive tactics to succeed in gaining a foothold in the network, launching both high-volume and sophisticated attacks while remaining invisible to an organizations traditional defenses – from packet obfuscation, polymorphic malware and encryption to multi-phased payloads and fast-flux DNS.
Threat Prevention protects your network against these threats by providing multiple layers of prevention, confronting threats at each phase of the attack. In addition to traditional intrusion-prevention capabilities, we provide the unique ability to detect and block threats on any and all ports, instead of invoking signatures based on a limited set of predefined ports.
Key Capabilities
Enable the Application, Prevent the Threat
Applications are integral to how companies do business. Because of that, theyve been made more readily available to users by entering networks using encrypted channels through nonstandard ports (often to bypass stateful inspection firewalls) and port-hopping to guarantee users always have access.
Unfortunately, advanced threats take advantage of this behavior to get free rides into networks, undetected. They tunnel within applications, hide in encrypted traffic, and prey on unsuspecting targets to get a foothold within a network and execute malicious activity.
Eliminate Threats at Every Phase
Countless breaches over the years can be attributed to attackers bypassing single-purpose defensive tools. To ensure holistic protection, the Threat Prevention subscription, with its tight integration with our ML-Powered NGFWs, brings together multiple defensive mechanisms:
• Heuristic-based analysis detects anomalous packet and traffic patterns, such as port scans, host sweeps, and denial-of-service (DoS) attacks.
• Easy-to-configure, custom vulnerability signatures allow you to tailor intrusion prevention capabilities to your networks unique needs, even importing rules from popular open source formats such as Snort and Suricata.
• Other attack protection capabilities, such as blocking invalid or malformed packets, IP defragmentation, and TCP reassembly, protect against evasion and obfuscation techniques.
Palo Alto Networks employs natively integrated defensive technologies to ensure that, when a threat evades one technology, another catches it. The key to effective protection is to use security features that are purpose-built to share information and provide context around both the traffic theyre inspecting and the threats theyre identifying and blocking
Scan for All Threats in a Single Pass
The Threat Prevention engine represents an industry first by inspecting and classifying traffic as well as detecting and blocking both malware and vulnerability exploits in a single pass. Traditional threat prevention technologies require two or more scanning engines and multiple rule bases that need to be managed separately, adding significant latency and management overhead while dramatically slowing throughput performance. We use a uniform signature format for all threats to ensure rapid processing by performing all analysis in a single, integrated scan, eliminating redundant processes common to traditional solutions.
Leverage Intrusion Prevention
Threat-based protections detect and block exploit attempts and evasive techniques at both the network and application layers, including port scans, buffer overflows, remote code execution, protocol fragmentation, and obfuscation. Protections are based on signature matching and anomaly detection, which decodes and analyzes protocols and uses the information learned to send alerts and block malicious traffic patterns. Stateful pattern matching detects attacks across multiple packets, taking into account arrival order and sequence, and making sure all allowed traffic is wellintentioned and devoid of evasion techniques.
Use Custom Signatures for Emerging Threats
Threat Prevention also provides flexible support for Snort and Suricata rule conversion, providing rapid protection for newly discovered vulnerabilities. This support, along with ongoing custom signature development, addresses a key use case and underlying goal for IPS in addition to completely eliminating the need for standalone IPS or IDS solutions. Namely, signature coverage for unconfirmed or emerging vulnerabilities acts as a stopgap before a verified update can be deployed to all of your organizations software and applications.
Product Name | Palo Alto Networks Threat Prevention Subscription 1 Year - PA-820 |
---|---|
SKU | PAN-PA-820-TP |
Manufacturer | Palo Alto Networks |
Data Sheet | View Sheet |
Active | No |
Service Length | 1 Year License |