Cloud-Delivered DNS Signatures and Protections

Learn about how cloud-delivered DNS signatures generated using predictive analytics and machine learning can disrupt DNS-based attacks.
As a cloud-based service, DNS Security allows you to access an infinitely scalable DNS signature and protections source to defend your organization from malicious domains. Domain signatures and protections generated by Palo Alto Networks are derived from a multitude of sources, including WildFire traffic analysis, passive DNS, active web crawling & malicious web content analysis, URL sandbox analysis, Honeynet, DGA reverse engineering, telemetry data, whois, the Unit 42 research organization, and third party data sources such as the Cyber Threat Alliance. This on-demand cloud database provides users with access to the complete Palo Alto Network’s DNS signature set, including signatures generated using advanced analysis techniques, as well as real-time DNS request analysis. Locally available, downloadable DNS signature sets (packaged with the antivirus and WildFire updates) come with a hard-coded capacity limitation of 100k signatures and do not include signatures generated through advanced analysis. To better accommodate the influx of new DNS signatures being produced on a daily basis, the cloud-based signature database provides users with instant access to newly added DNS signatures without the need to download updates. If network connectivity goes down or is otherwise unavailable, the firewall uses the onbox DNS signature set.
dns-security-real-time.png

Related Documentation