Content Inspection Features
Focus
Focus

Content Inspection Features

Table of Contents
End-of-Life (EoL)

Content Inspection Features

Explore new content inspection features introduced in PAN-OS ® 11.0.
New Content Inspection FeatureDescription
DNS Security Support for DoH (DNS-Over-HTTPS)
PAN-OS® can identify traffic contained in DoH (DNS-over-HTTPS) requests and apply DNS Security real-time protection measures. This allows you to secure all DoH traffic, which is quickly becoming the emerging standard of maintaining user privacy and data security, by leveraging the same DNS Security analytics used to defend your organization from a range of DNS-based threats.
Advanced Threat Prevention Support for Detecting Zero-Day Exploits
The Advanced Threat Prevention subscription now supports additional deep learning and heuristic analysis engines to prevent malicious zero-day Injection attacks (Inbound threats), such as SQLi and Command Injection attacks. These attacks target vulnerable applications that do not sufficiently validate, filter, or sanitize user-supplied data.
Support for Custom Layer 3 and Layer 4 Threat Signatures
PAN-OS®now supports user-defined custom threat signatures based on Layer 3 and Layer 4 header fields. This enables you to provide enhanced vulnerability coverage for old and/or deprecated TCP/IP stacks used in embedded devices, where signature protections are not readily available.