Share Threat Intelligence with Palo Alto Networks

Advanced Threat Prevention

Share Threat Intelligence with Palo Alto Networks

Table of Contents

Share Threat Intelligence with Palo Alto Networks

Where Can I Use This?
What Do I Need?
  • Prisma Access
  • NGFW
  • Advanced Threat Prevention or Threat Prevention License
Telemetry is the process of collecting and transmitting data for analysis. When you enable telemetry on the firewall, the firewall periodically collects and sends information that includes applications, threats, and device health to Palo Alto Networks. Sharing threat intelligence provides the following benefits:
  • Enhanced vulnerability and spyware signatures delivered to you and other customers worldwide. For example, when a threat event triggers vulnerability or spyware signatures, the firewall shares the URLs associated with the threat with the Palo Alto Networks threat research team, so they can properly classify the URLs as malicious.
  • Rapid testing and evaluation of experimental threat signatures with no impact to your network, so that critical threat prevention signatures can be released to all Palo Alto Networks customers faster.
  • Improved accuracy and malware detection abilities within PAN-DB URL filtering, DNS-based command-and-control (C2) signatures, and WildFire.
Palo Alto Networks uses the threat intelligence extracted from telemetry to deliver these benefits to you and other Palo Alto Networks users. All Palo Alto Networks users benefit from the telemetry data shared by each user, making telemetry a community-driven approach to threat prevention. Palo Alto Networks does not share your telemetry data with other customers or third-party organizations.
To read more about telemetry, including its benefits, usages, and configuration, see Device Telemetry.

Recommended For You