>
    Cloud-Delivered Security Services (CDSS)
    Focus
    Download PDF
    Focus
    1. Home
    2. Cloud NGFW for AWS
    3. Protect
    4. Cloud-Delivered Security Services (CDSS)
    Download PDF
    Cloud NGFW for AWS

    Cloud-Delivered Security Services (CDSS)

    Table of Contents

    Cloud-Delivered Security Services (CDSS)

    Learn about Cloud-Delivered Security Services (CDSS).
    Where Can I Use This?What Do I Need?
    • Cloud NGFW for AWS
    • Cloud NGFW subscription
    • Palo Alto Networks Customer Support Account (CSP)
    • AWS Marketplace account
    • User role (either tenant or administrator)
    Palo Alto Networks suite of Cloud-Delivered Security Services (CDSS) provide access to specialized subscription-based security solutions, designed specifically to defend against known, unknown, and advanced evasive threats. The threat data that is generated through advanced analysis is shared across the Palo Alto Networks security platforms to provide complete coverage across all threat vectors.
    To secure and protect your traffic using CDSS, Cloud NGFW for AWS provides Palo Alto Networks protections such as:
    • App-ID. Based on patented Layer 7 traffic classification technology, the App-ID service allows you to see the applications on your network, learn how they work, observe their behavioral characteristics, and understand their relative risk. Cloud NGFW for AWS identifies applications and application functions via multiple techniques, including application signatures, decryption, protocol decoding, and heuristics. These capabilities determine the exact identity of applications traversing your network, including those attempting to evade detection by masquerading as legitimate traffic by hopping ports or using encryption.
    • Threat Prevention. The Palo Alto Networks Threat Prevention service protects your network by providing multiple layers of prevention to confront each phase of an attack. In addition to essential intrusion prevention service (IPS) capabilities, Threat Prevention possesses the unique ability to detect and block threats on any ports—rather than simply invoking signatures based on a limited set of predefined ports.
    • Advanced URL Filtering. This critical service built into Cloud NGFW for AWS stops unknown web-based attacks in real-time to prevent patient zero with the industry’s only ML-powered Advanced URL Filtering. Advanced URL Filtering combines the renowned Palo Alto Networks malicious URL database with the industry’s first real-time web protection engine so organizations can automatically and instantly detect and prevent new malicious and targeted web-based threats.
    • DNS. DNS Security gives you real-time protection, applying industry-first protections to disrupt attacks that use DNS. Tight integration with a Palo Alto Networks Next-Generation Firewall (NGFW) gives you automated protections, prevents attackers from bypassing security measures, and eliminates the need for independent tools or changes to DNS routing. DNS Security gives your organization a critical new control point to stop attacks.
    • WildFire. Palo Alto Networks Advanced WildFire® is the industry’s largest cloud-based malware prevention engine that protects organizations from highly evasive threats using patented machine learning detection engines, enabling automated protections across network, cloud, and endpoints. Advanced WildFire analyzes every unknown file for malicious intent and then distributes prevention in record time—60 times faster than the nearest competitor—to reduce the risk of patient zero.

    © 2024 Palo Alto Networks, Inc. All rights reserved.