New Features - Advanced IP Defense - June 2026

Attackers increasingly use IP-based techniques to evade traditional domain-based security controls, such as connecting directly to command-and-control servers by IP address, routing traffic through anonymizing proxies, and hosting malicious infrastructure on bulletproof networks. Advanced IP Defense is a new cloud-delivered security service that provides real-time IP intelligence to detect and block these threats before they reach your network. The service continuously evaluates publicly routable IPv4 addresses and assigns security attributes across seven categories: Anonymizers and Proxies, Netblock Owner, Abuse, Malware and C2, High Risk, No DNS (Direct-to-IP), and Vulnerable Services. You create an Advanced IP Defense security profile to define policy actions for each threat category and attach it to your Security policy rules to automatically alert on or block connections to high-risk IP addresses. Advanced IP Defense also detects direct-to-IP connections that bypass DNS resolution, a common technique malware uses to communicate with command-and-control servers without triggering DNS-based security detections.