Traps Management Service
As new malware variants pop up around the globe and new software bugs and vulnerabilities are discovered, it is challenging to ensure that your endpoints remain secure. With the Traps™ management service, a cloud-based endpoint security service, you save the time and cost of building out your own global endpoint security infrastructure. This simplified deployment, which requires no server licenses, databases, or other infrastructure to get started, enables you to quickly protect your endpoints.
Additionally, you can forward logs generated by the Traps components to the Cortex Data Lake, and view the logs directly from the Traps management service.
With Traps management service, Palo Alto Networks deploys and manages the security infrastructure globally to manage endpoint security policy for both local and remote endpoints and to ensure that the service is secure, resilient, up to date, and available to you when you need it. This allows you to focus less on deploying the infrastructure and more on defining the polices to meet your corporate usage guidelines.
Traps management service is comprised of the following components:
- Traps Management Service Web Interface—A cloud-based security infrastructure service that is designed to minimize the operational challenges associated with protecting your endpoints. From Traps management service, you can manage the endpoint security policy, review security events as they occur, and perform additional analysis of associated logs.You can host your Traps management service tenant in either the US Region or EU Region.
- Traps Agents—Each local or remote endpoint is protected by the Traps agent. The Traps agent enforces your security policy on the endpoint and sends a report when it detects a threat. Traps agents support secure communication with Traps management service using Transport Layer Security (TLS) 1.2.
- Palo Alto Networks cloud-delivered security services:
Data Lake (formerly the Logging Service)—A cloud-based logging
infrastructure that allows you to centralize the collection and
storage of logs generated by your Traps agents regardless of location.
The Traps agents and Traps management service forward all logs to
the Cortex Data Lake. You can view the logs for your agents in Traps
management service. With the Log Forwarding app, you can also forward
logs to an external syslog receiver. You can host your Cortex Data Lake instance in either the United States (US) Region or European Union (EU) Region.
- Directory Sync Service—The Directory Sync Service enables Palo Alto Networks cloud-based applications to leverage computer, user, and group attributes from your on-premise Active Directory for use in policy and endpoint management. The Directory Sync Service uses an on-premise agent to collect those attributes from your on-premise Active Directory. The Directory Sync Service agent runs in the background to collect the Active Directory information and syncs it with the cloud-based Directory Sync Service that you configure using the Cortex Hub.You can host your Directory Sync Service instance in either the US Region or EU Region.
- WildFire cloud service—The WildFire® cloud service identifies previously unknown malware and generates signatures that Palo Alto Networks firewalls and Traps management service can use to then detect and block that malware. When a Traps agent detects an unknown sample (an attempt to run a macro, DLL, or executable file), Traps management service can automatically forward the sample for WildFire analysis. Based on the properties, behaviors, and activities the sample displays when analyzed and executed in the WildFire sandbox, WildFire determines the sample to be benign, grayware, phishing, or malicious. WildFire then generates signatures to recognize the newly-discovered malware and makes the latest signatures globally available every five minutes. For more information, see WildFire Analysis Concepts.
- Cortex Data Lake (formerly the Logging Service)—A cloud-based logging infrastructure that allows you to centralize the collection and storage of logs generated by your Traps agents regardless of location. The Traps agents and Traps management service forward all logs to the Cortex Data Lake. You can view the logs for your agents in Traps management service. With the Log Forwarding app, you can also forward logs to an external syslog receiver.
Activate the Traps Management Service
Activate the Traps Management Service After you purchase Traps licenses, you will receive an email with an Auth code that you can use to activate ...
Traps Management Service Release Information
Review the current Traps™ Management Service release notes. ...
Get Started with Traps Management Service
Get up and running with Traps management service quickly and easily. ...
Plan Your Traps Management Service Deployment
Plan Your Traps Management Service Deployment Before you get started with the Traps management service, plan your deployment: Use the Cortex Data Lake Calculator to ...
Set Up Directory Sync Service
Set Up Directory Sync Service The Directory Sync Service is an optional service that enables you to leverage your user directory when you configure policies ...
Migrate from the Traps Endpoint Security Manager to the Tra...
Migrate from Traps Endpoint Security Manager to Traps Management Service You can easily migrate the Traps agent from management by the Endpoint Security Manager (ESM) ...
Cortex XDR – Analytics Components and Architecture
Cortex XDR – Analytics is comprised of a collection of software components, some installed on-premise, some in the cloud. ...
Set Up Traps
Set Up Traps Also available with Cortex XDR are Traps agents and Traps management service. If you choose to use Traps to monitor and collect ...