Telemetry and Threat Intelligence Sharing
You can now participate in telemetry, a community-driven approach to threat prevention. Telemetry allows the firewall to periodically collect and share information about applications, threats, and device health with Palo Alto Networks. Sharing threat intelligence provides the following benefits:
- Enhanced intrusion prevention system (IPS) and spyware signatures delivered to you and other customers worldwide. For example, when a threat event triggers vulnerability or spyware signatures, the firewall shares the URLs associated with the threat with the Palo Alto Networks threat research team, so they can properly classify the URLs as malicious.
- Rapid testing and evaluation of experimental threat signatures with no impact to your network, so that critical threat prevention signatures can be released to all customers faster.
- Improved accuracy and malware detection abilities within PAN-DB URL filtering, DNS-based command-and-control (C2) signatures, and WildFire.
You can choose which telemetry data to share with Palo Alto Networks. The firewall collects the data from your firewall logs; the combination of log types and log data depend on the Telemetry settings you enable.
An enhancement of the Statistics Service feature in firewalls running PAN-OS 7.1 and earlier, telemetry is an opt-in feature. Palo Alto Networks does not share your telemetry data with other customers or third-party organizations.
- Select DeviceSetupTelemetry, and edit the Telemetry settings.
- Select the telemetry data you want to share with Palo
Alto Networks. For more specific descriptions of this data, see What Telemetry Data Does the Firewall Collect?If you have previously configured your firewall to share data through the Statistics Service (PAN-OS 7.1), the Telemetry settings that match the Statistics Service settings are selected and enabled by default.
- View the telemetry data (or examples of the data) that the firewall collects. See Enable Threat Intelligence Sharing.
- Click OK and Commit your changes.
Share Threat Intelligence with Palo Alto Networks
Share Threat Intelligence with Palo Alto Networks Telemetry is the process of collecting and transmitting data for analysis. When you enable telemetry on the firewall, ...
Device > Setup > Telemetry
Device > Setup > Telemetry Telemetry is the process of collecting and transmitting data for analysis. When you enable telemetry on the firewall, the firewall ...
Content Inspection Features
Content Inspection Features New Content Inspection Features Description Credential Phishing Prevention Phishing sites are sites that attackers disguise as legitimate websites with the aim to ...
Content Inspection Features
Content Inspection Features Credential Phishing Prevention Telemetry and Threat Intelligence Sharing Palo Alto Networks Malicious IP Address Feeds Enhanced Coverage for Command and Control (C2) ...
Enable Telemetry When you enable telemetry, you define what data the firewall collects and shares with Palo Alto Networks. For some telemetry settings, you can ...
What Telemetry Data Does the Firewall Collect?
What Telemetry Data Does the Firewall Collect? The firewall collects and forwards different sets of telemetry data to Palo Alto Networks based on the Telemetry ...
Palo Alto Networks Malicious IP Address Feeds
Palo Alto Networks Malicious IP Address Feeds With an active Threat Prevention license, Palo Alto Networks provides two feeds with malicious IP addresses that you ...
Best Practices for Completing the Firewall Deployment
Best Practices for Completing the Firewall Deployment Now that you have integrated the firewall into your network and enabled the basic security features, you can ...
Upgrade/Downgrade Considerations The following table lists the new features that have upgrade or downgrade impacts. Make sure you understand all potential changes before you upgrade ...