Explore new content inspection features introduced in
New Content Inspection Feature
Advanced Threat Prevention Subscription
Palo Alto Networks Advanced Threat Prevention subscription—a
new flagship intrusion prevention service—detects and prevents the
latest advanced threats from infiltrating your network by leveraging
deep learning models trained on high fidelity threat intelligence gathered
by Palo Alto Networks. This inline cloud-based threat detection
and prevention engine defends your network from evasive and unknown command-and-control
(C2) threats by inspecting all network traffic.
Prevention includes all of the existing capabilities found in Threat
Prevention, including a proven signature-based threat prevention
solution to defend against known exploits, command-and-control, and
commodity malware, and expands on that foundation with an extensible
cloud architecture, providing scalable threat detection mechanisms
to keep your network protections up to date without sapping firewall
resources or relying on regular update packages.
Domain Fronting Detection
Firewalls now have a unique threat ID signature
to identify and block domain fronting, also known as SNI spoofing,
through your Anti-Spyware security profile as a spyware signature.
This allows you to protect your network from malicious attackers
using a crafted packet to indicate a fake website in the SNI while
surreptitiously connecting to a different website via the HTTP Host Header
— a possible vector for the distribution of malware.