PALO ALTO NETWORKS INC Pricing & Demo

Palo Alto Networks offers advanced threat prevention that reduces the threats of the networks and examines the accessible traffic for vulnerabilities. It stops the suspicious applications or features to protect the surface of the networks. It includes a range of applications and technologies that are constantly used by attackers to hide their attacks such as proxies, encryption, and encrypted tunnels. It thoroughly examines all allowed traffic irrespective of port or evasion attempts which helps in identifying all threats even if they are transmitted over non-standard ports or tunnelled within other applications or protocols. Additionally, the cloud-based WildFire engine recognizes all kinds of threats that may have no known signature. This provides organizations the unique ability to reduce their exposure, ensure visibility into evasive traffic, and protect from all types of threats in a single pass of traffic.

Some of the features of products:

Control the application, block the threat

Applications are essential to virtually all advanced threats. In some cases, the application is the threat, in other cases the threat is enabled by an application that provides a vector for the threat or obscures it from security solutions. By leveraging App-ID, Palo Alto Networks provides visibility into all applications, where they can be controlled by policy and fully inspected for threats.

Scan for all threats in a single pass

Palo Alto Networks’ threat aversion engine identifies and blocks both malware and threats in a single pass. Palo Alto Networks takes advantage of a integrated signature format for all threats and malware and ensures quick processing by executing the entire analysis in a single combined scan. The uniform signature format removes unwanted processes that are common to multiple scanning engine solutions such as TCP reassembly, policy lookup, inspection, etc. and improves performance.

Independent vulnerability research

Palo Alto Networks undertakes all IPS research and analysis through their own independent team of researchers. The team has discovered a higher number of Microsoft and Adobe Flash threats than any other security vendor research team. Additionally, the IPS solution has been authenticated by NSS Labs and received their highest rating of ‘Recommended’ based on the high observed high block rate, performance, resistance to evasion, and overall value.

Proven IPS: Validated by NSS Labs

The Palo Alto Networks IPS defends businesses from all kinds of threats including vulnerability exploits, buffer overflows, DoS/DDoS attacks, and port scans using proven threat detection and prevention (IPS) mechanisms. Palo Alto Networks also offers the exclusive ability to identify and block threats on non-standard ports. By leveraging App-ID, which detects all traffic, on all ports, the threat prevention engine never loses sight of threat regardless of port evasion.

• Protocol decoder-based analysis decodes the protocol and then intelligently applies signatures to detect vulnerability exploits.
• Protocol anomaly-based protection detects non-RFC compliant protocol usage such as the use of overlong URI or overlong FTP login.
• Stateful pattern matching detects attacks across more than one packet, taking into account elements such as the arrival order and sequence.
• Statistical anomaly detection prevents rate-based DoS flooding attacks.
• Heuristic-based analysis detects anomalous packet and traffic patterns such as port scans and host sweeps.
• Other attack protection capabilities such as blocking invalid or malformed packets, IP defragmentation and TCP reassembly are utilized for protection against evasion and obfuscation methods employed by attackers.
• Custom vulnerability or spyware phone home signatures that can be used in either the anti-spyware or vulnerability protection profiles.