With an active Threat Prevention license operating on supported
network security platforms, customers can sinkhole DNS requests
using a list of domains generated by Palo Alto Networks. These locally-accessed,
customizable DNS signature lists are packaged with
antivirus and WildFire updates and
include the most relevant threats for policy enforcement and protection
at the time of publication. For improved coverage against threats
using DNS, the DNS Security subscription enables users to access
real-time protections using advanced predictive analytics. Using
techniques such as DGA/DNS tunneling detection and machine learning,
threats hidden within DNS traffic can be proactively identified
and shared through an infinitely scalable cloud service. Because
the DNS signatures and protections are stored in a cloud-based architecture,
you can access the full database of ever-expanding signatures that
have been generated using a multitude of data sources. This allows
you to defend against an array of threats using DNS in real-time
against newly generated malicious domains. To combat future threats,
updates to the analysis, detection, and prevention capabilities
of the DNS Security service will be available through content releases.