According to Palo Alto one of the most significant enhancement is to its Wildfire service that enables quick discovery and elimination of previously unknown malware, zero-day exploits and advanced persistent threats (APTs).
Palto Alto senior vice president of product management Lee Klarich says “Quickly detecting and eliminating previously unknown threats across all applications is key to protecting an organisation from today’s advanced threats. Only Palo Alto Networks offers its customers the closed loop capabilities to most efficiently and effectively stop sophisticated threats.”
“Cyber criminals are employing new stealth methods to evade traditional security measures, such as stateful firewalls, intrusion prevention systems and anti-virus (AV) systems. These legacy approaches often address only a single threat vector across a limited range of network traffic, resulting in a higher attack penetration rate and costly human incident response,” Klarich cautioned.
“The Palo Alto Networks enterprise security platform is pioneering this approach. It starts with its next-generation firewall as the core enforcement vehicle within the network, and is extended by the advanced detection and analysis capabilities delivered by the WildFire service, which is now used by more than 2,400 customers worldwide.”
According to Phil Cummings, Security Administrator, Health Information Technology Services-Nova Scotia, the Palo Alto Networks security platform with WildFire gives the organisation “an extra layer of security we didn't have before – extra inspection and comfort that we can stay ahead of breaches by not just detecting them, but also by easily blocking them.”
“By having our firewall, URL filtering, threat prevention natively integrated and managed from a single dashboard – instead of multiple niche products, we have a clearer picture of our threat landscape. Ultimately, the platform gives us what we need to effectively detect, analyse, block, and, more importantly, quickly remediate issues.”
New advancements in the latest release from Palo Alto include:
• Extended file visibility – all common file types, including PDFs, Office documents, Java, and APKs, operating systems, and applications (encrypted or not) are now seen and filtered
• Zero-day exploit detection – using behavioural analysis, this signature independent capability in the WildFire cloud quickly identifies exploits in common applications and operating systems and distributes the intelligence to subscribing customers in as little as 30 minutes to prevent future attacks
• Discovery of malicious domains – blocks the critical command-and-control phase of an advanced attack by building a global database of compromised domains and infrastructure
• Single “pane of glass” view into incident response data – in a single view, security administrators have access to a wealth of information on malware, its behaviour, compromised hosts, and more, so that incident response teams can quickly address threats and build proactive controls.