Cloud NGFW for Azure
Configure Advanced Threat Prevention
Table of Contents
Configure Advanced Threat Prevention
Learn about advanced threat prevention, an intrusion prevention system
(IPS).
| Where Can I Use This? | What Do I Need? |
|---|---|
|
|
To configure Advanced Threat Prevention:
- use the Cloud NGFW console to enable Advanced Threat Prevention.
- administer Advanced Threat Protection using Panorama.
Enable Advanced Threat Prevention using the Cloud NGFW Console
Advanced Threat Prevention (ATP) is configured automatically when you create a
new local rulestack.
For rulestacks that you previously created
before March 2024, manually enable ATP using the Cloud NGFW for Azure
console.
To enable ATP for a rulestack:
- Log into the Cloud NGFW console.Select Rulestacks.Select Security Profiles.In the Threat Prevention section, use the toggle to enable Advanced Threat Prevention.
![]()
A confirmation dialog appears, indicating that the ATP feature may result in charges being applied. Click Enable. View your Azure billing subscription for details.You use Panorama to configure your ATP subscription within your network security deployment. While it may not be necessary to implement all of the processes comprising ATP, Palo Alto Networks recommends reviewing all of the tasks to familiarize yourself with the available options for a successful deployment.Use Panorama to Setup Advanced Threat Prevention
Advanced Threat Prevention (similar to other Palo Alto Networks security services) is administered through security profiles, which in turn is dependent on the configuration of network enforcement policies as defined through security policy rules.You use the Cloud NGFW for Azure to enable Advanced Threat Prevention for the rulestack, however, you must use Panorama to configure the policies that comprise the security service.To configure Advanced URL Filtering policy rules using Panorama:Before configuring Advanced URL Filtering policy rules, first enable the feature using the Cloud NGFW console. See Enable Advanced Threat Prevention using the Cloud NGFW Console.- Login to Panorama.Check that you have the appropriate license subscription for Advanced URL Filtering. In Panorama, select . Verify that the license expiration date is in the future.Set up Advanced Threat Prevention using Panorama.Commit your changes.Palo Alto Networks provides several options to monitor activity processed by the Advanced Threat Prevention security service. See Monitor Advanced Threat Prevention for more information.
