The Palo Alto Networks® next-generation firewall protects and defends your network from commodity threats and advanced persistent threats (APTs). The multi-pronged detection mechanisms of the firewall include a signature-based (IPS/Command and Control/Antivirus) approach, heuristics-based (bot detection) approach, sandbox-based (WildFire) approach, and Layer 7 protocol analysis-based (App-ID) approach.
Commodity threats are exploits that are less sophisticated and more easily detected and prevented using a combination of antivirus, anti-spyware, and vulnerability protection features along with URL filtering and Application identification capabilities on the firewall.
Advanced threats are perpetuated by organized cyber adversaries who use sophisticated attack vectors to target your network, most commonly for intellectual property theft and financial data theft. These threats are more evasive and require intelligent monitoring mechanisms for detailed host and network forensics on malware. The Palo Alto Networks next-generation firewall together with WildFire™ and Panorama™ provide a comprehensive solution that intercepts and breaks the attack chain and provides visibility to prevent security infringement on your network infrastructure—both mobile and virtualized.
After you implement your threat prevention configurations, Export Configuration Table Data to create a PDF or CSV report of your configurations to use for internal review or for auditing.
- Best Practices for Securing Your Network from Layer 4 and Layer 7 Evasions
- Set Up Antivirus, Anti-Spyware, and Vulnerability Protection
- DNS Security
- Use DNS Queries to Identify Infected Hosts on the Network
- Set Up Data Filtering
- Predefined Data Filtering Patterns
- Create a Data Filtering Profile
- Set Up File Blocking
- Prevent Brute Force Attacks
- Customize the Action and Trigger Conditions for a Brute Force Signature
- Enable Evasion Signatures
- Prevent Credential Phishing
- Monitor Blocked IP Addresses
- Threat Signature Categories
- Create Threat Exceptions
- Custom Signatures
- Learn More About and Assess Threats
- Share Threat Intelligence with Palo Alto Networks
- Threat Prevention Resources
What Is a Best Practice Internet Gateway Security Policy?
What Is a Best Practice Internet Gateway Security Policy? A best practice internet gateway security policy has two main security goals: Minimize the chance of ...
Threat Signature Categories
Threat Signature Categories There are three types of Palo Alto Networks threat signatures, each designed to detect different types of threats as the firewall scans ...
What Telemetry Data Does the Firewall Collect?
What Telemetry Data Does the Firewall Collect? The firewall collects and forwards different sets of telemetry data to Palo Alto Networks based on the Telemetry ...
About DNS Security
Learn how the Palo Alto Networks DNS Security service can help protect your network from advanced DNS-based threats. ...
Enable DNS Security to access the full database of Palo Alto Networks signatures, including those generated using advanced machine learning and predictive analytics. ...
Dynamic Content Updates
Palo Alto Networks frequently publishes updates to equip the firewall with the latest threat prevention and intelligence. ...
Create Best Practice Security Profiles for the Internet Gat...
Use these File Blocking settings as a best practice at your internet gateway. ...
DNS Security DNS Security is an on-demand cloud subscription service designed to protect your organization from advanced threats using DNS. By applying advanced machine learning ...
Subscriptions You Can Use With the Firewall
Subscriptions You Can Use With the Firewall The following Palo Alto Networks subscriptions unlock certain firewall features or enable the firewall to leverage a Palo ...