Palo Alto Networks CYBERSECURITY

A comprehensive security ecosystem offering comprehensive protection against various types of threats and sophisticated attacks on your network infrastructure, cloud, or endpoints.

Palo Alto Networks NGFW

Palo Alto Networks

It is a technology company, leader in the field of enterprise firewalls and security solutions, comprehensive defense against various types of cyberattacks in the field of Cloud Security, Next-Genaration Firewalls and Advanced Endpoint Protection.

Palo Alto Networks Security Platform offers:

  • Automated protection against attacks within the cloud, networks and endpoints.
  • Traffic classification based on advanced application identification, not just port and protocol.
  • View encrypted SSH and SSL traffic and applications.
  • Blocking exploits, ransomware, malware and fileless attacks, etc.
  • Real-time threat blocking.
  • Detection of hitherto unknown threats, so-called zero-day attacks.
  • Multi-gigabit without performance degradation.
  • Palo Alto Cortex - endpoint protection products.
  • Cloud security features.

Next-Genaration Firewall

Palo Alto firewalls enable the overview and control of applications, users and content using three patented technologies App-ID, User-ID and Content-ID.

App-ID - identification of applications based on signatures, heuristics, behavior, independent of port, protocol and SSL encryption. It continuously monitors the status of applications, operation and used functions of given applications. Overview and information about identifiable applications More+

User-ID - Identification of users by name independent of IP address. It simplifies the creation of security policies, allowing applications to users or groups, forensic retrieval no matter where the user is located. It obtains user information from Microsoft AD, LDAP, etc.

Content-ID - Content recognition and control. It constantly monitors whether the content of the communication is correct, standard, not infected with a virus, etc. by using the functions Threat Prevention, URL Filtering, File and Data Filtering.

Optional functions and features

The basic features of the firewall are extended by purchasing time subscriptions.

Threat Prevention (TP) - protection at the level of network signatures - detects and stops the exploitation of vulnerabilities, port scanning and attack suite using signatures, heuristics and statistical anomaly detection.

URL Filtering - allows secure access to the web and protects users from servers with malicious code or phishing.

WILDFIRE™ - Palo Alto Networks cloud service, designed to analyze unknown threats, provides automatic signature downloads, typically within five minutes of detecting a zero-day attack.

GlobalProtect™ - provides mobile workers with all the security of the security platform during remote VPN access.

DNS Security - uses predictive analytics to automatically protect against attacks that use DNS.

High Availability

Solution in active / active mode, where power is distributed to two equally configured devices, or active / passive, where the configuration is synchronized from the master node. Software Palo Alto Panorama™ can be used to provide central monitoring and management.

Product lines

Palo Alto Networks offers a portfolio of Next-Generation Firewall models that cover security requirements from small to medium-sized businesses to large data centers where high data throughput is required.
More +

Proof of Concept (PoC)

To verify the feasibility and benefits of implementing Palo Alto Networks security technologies, we offer customers free consulting services and the deployment of a firewall with a full set of features in your production environment, Proof of Concept (PoC).

Palo Alto Networks Endpoint Protection

Cortex XDR™ Palo Alto Networks

With Cortex XDR, you can prevent, detect, investigate, and respond to all threats on a single platform.

Cortex XDR ™ defines a new category for advanced detection and response that integrates endpoint, network, and cloud data to stop sophisticated attacks. It offers consistent security throughout the enterprise.

It is a sophisticated and comprehensive 24/7 endpoint protection against never-before-seen attacks using cloud-delivered Cortex XDR agents.

The solution provides excellent prevention, continuously using AI to adapt to rapidly changing threats. More +
 

Agent Cortex XDR™

Protects endpoints from malware, exploits, and fileless attacks, identifies threats with unmatched accuracy by continuously profiling user and endpoint behavior with analytics.

Eliminates Zero-Day Malware, Ransomware and Fileless attacks, uses local analysis based on AI and Behavioral Analysis.

Cortex XDR also suppresses injection techniques used to load and execute malicious code from the kernel, such as the code used in WannaCry and NotPetya attacks.

It also provides security and management when using various USB devices, not just flash drives.

Key benefits

  • Detection of advanced attacks by proactive security analysis using AI, behavioral analysis and custom detection rules.
  • Stop known and unknown attacks before compromising systems even without knowledge of previous threats.
  • Protection of end-points without reducing their performance, "light agent", min. HW requirements.
  • 8x faster threat verification and obtaining a complete information of attacks using root cause analysis
  • 50x faster examination thanks to unified incident management with intelligent grouping of related alerts.

How Cortex XDR™ works

Full visibility - eliminates blind spots by integrating endpoints, network and cloud data, for highly accurate attack detection, simplification and acceleration of subsequent investigation.

Best in class prevention - uses behavioral protection and artificial intelligence-driven local analysis to stop attacks, all while collecting data for detection and response.

Unified incident engine - uses advanced analytics and intelligent grouping of related alerts into incidents to display incidents, reducing investigation time and dramatically reducing the number of alerts that require review.

 

AI-driven detection - uses in-depth analytics and uses Cortex XDR machine learning to continuously profile user and endpoint behaviors and find unusual attack behaviors.

Automated cause analysis - a patented analytics tool continuously checks billions of security events to identify and visualize a chain of causation for each threat, making it easier to understand complex attacks.

Itegrated response - stops threats with quick and accurate remediation. It limits the diffuse of malware, limits network activity, etc. The powerful Live Terminal allows you to quickly investigate and end attacks on endpoints with wide and flexible response options.

 

On-Premise Broker Service - agents can use the Broker Service as a communication proxy to Cortex XDR management services, to the latest security console, and send content to Cortex ™ Data Lake and WildFire without the need for direct Internet access.

Comprehensive security ecosystem - through tight integration with Palo Alto Networks products, the Cortex XDR agent exchanges threat information and data with WildFire and endpoint incident and event logs with Cortex Data Lake.

Support for various types of stations - desktops, servers, industrial control systems, virtual desktops and machines, across Windows, macOS, Linux and Android operating systems. Compatibility Matrix

Contact us

© 2021   S A L T O spol. s r. o.