Palo Alto Networks Next-Gen Intrusion Prevention System
HomePartnersPalo Alto Networks — Palo Alto Networks Next-Gen Intrusion Prevention System

Palo Alto Networks offers the Palo Alto Networks Next-Gen Intrusion Prevention System (NGIPS) capabilities through the Threat Prevention subscription, preventing known vulnerability exploits, malware and command-and-control activity. Native integration with Palo Alto Networks Next-Gen Intrusion Prevention System Platform. Palo Alto Networks Next-Gen Intrusion Prevention System functionality is a core capability of our platform, preventing threats across the full attack lifecycle, including those hiding in all application traffic regardless of port or protocol, including SSL encrypted content, with full user context. Vulnerability-based protections detect and block exploits and evasive techniques on both the network and application layers, including port scans, buffer overflows, packet fragmentation and obfuscation. IPS protections include both anomaly detection and signature matching, using stateful pattern matching to understand packet arrival order and sequence. Attackers target endpoints, which is why you must also protect desktops, laptops, servers and mobile devices from exploits.

In-line malware prevention is automatically enforced, stopping malware delivery and installation through our proprietary payload-based signatures, which are updated through daily content updates. Payload-based signatures do not rely on easily changed attributes, instead detecting patterns in the body of the file that can be used to identify future variations of the malware, even if the content has been slightly modified. Users can extend this capability with the WildFire threat analysis service to detect and prevent zero-day exploits and malware, bringing the daily content updates to near-real time. Command-and-control activity is stopped from being used to exfiltrate data, deliver secondary malware payloads, or provide additional instructions for future stages of the attack. The service employs an approach to shutting down this critical threat vector by automatically generating C2 signatures that go beyond basic domain and URL matching, producing research-grade protections at machine speed and scale.

Palo Alto Networks Next-Gen Intrusion Prevention System — World-Class Threat Research

Palo Alto Networks conducts all signature generation in-house, without repackaging third-party content. This allows us to develop and enforce the highest efficacy protections for our customers, without compromise. Palo Alto Networks signature developers and threat research team leverage third-party intelligence during the course of their research efforts to enrich their understanding and ensure we have the widest possible visibility into vulnerability exploits. Furthermore, the Palo Alto Networks threat research team, Unit 42, has discovered more than 130 critical zero-day vulnerabilities in Microsoft, Adobe, Apple, Android and other ecosystems, allowing us to create signatures for never-before-seen threats. Attackers target endpoints, which is why you must also protect desktops, laptops, servers and mobile devices from exploits. Traps advanced endpoint protection prevents exploits, including zero-days exploits, on the endpoint by zeroing in on and stopping the small set of techniques that all exploits must execute in order to be successful.

Traps Advanced Endpoint Protection

Preemptively block known and unknown malware, exploits and zero-day threats. With the unique multi-method prevention approach of Traps advanced endpoint protection from a single, lightweight agent. Automatically reprogram your endpoints to block known and unknown threats. Without human intervention — using threat intelligence gained from our global community of customers and partners across endpoints, networks and SaaS applications. Empower users to use web, mobile and cloud-based applications without fearing cyberthreats. Protect users from inadvertently compromising their systems without depending on burdensome virus scans. Traps replaces legacy antivirus and secures endpoints with a multi-method prevention approach that blocks malware and exploits. Both known and unknown, before they compromise endpoints, such as laptops, desktops and servers.
Palo Alto Networks Next-Gen Intrusion Prevention System

Aperture SaaS Security

Allowing you to define granular, context-aware policy control, Palo Alto Networks Aperture gives you the ability to drive enforcement. And the quarantine of users and data, as soon as a violation occurs. This enables you to quickly and easily satisfy data risk compliance requirements, such as PCI and PII. While still maintaining the benefits of cloud-based applications. The use of SaaS applications is creating new risks and gaps in security visibility for malware propagation, data leakage and regulatory non-compliance.

Palo Alto Networks Aperture delivers complete visibility and granular enforcement across all user, folder and file activity within sanctioned SaaS applications, providing detailed analysis and analytics on usage without requiring any additional hardware, software or network changes. Palo Alto Networks Aperture provides complete visibility across all user, folder and file activity. Providing detailed analysis that helps you transition from a position of speculation to one of knowing exactly what’s happening at any given point in time.


Preventing successful cyber attacks. The end goal of security is to enable your operations to flourish and keep your organization out of the headlines associated with cyber breaches. This means reducing the likelihood of a successful attack. By focusing on preventing successful attacks. The Palo Alto Networks next-gen security platform reduces cybersecurity risk so that it is manageable and quantifiable, allowing organizations to compartmentalize their biggest threats and focus on business operations.

The Palo Alto Networks next-gen security platform protects your digital way of life by safely enabling applications and preventing known and unknown threats across the network, cloud, and endpoints. The native integration of the platform delivers a prevention architecture that can provide superior security at lower total cost of ownership. Palo Alto Networks Panorama network security management lets you view all firewall traffic, manage device configuration, push global policies, and generate reports on patterns or incidents. All from one central location. Palo Alto Networks Panorama network security management provides static rules and dynamic security updates in an ever-changing threat landscape.


With a few clicks, you gain visibility into the application bandwidth and session consumption. The associated threats, as well as the source and destination of the application traffic. With this knowledge, you can proactively align application usage with your business requirements. Palo Alto Networks malware protections reduce the number of available attack vectors by terminating malware downloads. The blocked malware name, malicious URL or application, and the victim user are logged within the UI, so you have the contextual information needed to apply additional policies, if necessary.

Palo Alto Networks IPS, available within the threat prevention subscription, prevents exploits at the network level, using targeted vulnerability and exploit kit based signatures to thwart multiple variations of exploits and a wide variety of exploit kits. The Palo Alto Networks skilled threat research team, whose job it is to continuously investigate and reverse engineer network and application vulnerabilities, creates these protections and automatically pushes them to all subscribed devices on a weekly and emergency basis, fortifying your network against the latest exploits.

Virtualized Next-Generation Firewalls

Defined as an environment in which you are responsible for the management of all aspects of the virtualization, hardware, compute, networking and security. A private cloud is often considered to be synonymous with your data center, and in fact, many data centers are 100 percent virtualized using VMware, Microsoft Hyper-V, KVM or other private cloud technologies. The Palo Alto Networks VM-Series allows you to protect your private cloud infrastructure using application enablement policies while simultaneously preventing known and unknown threats.

The Palo Alto Networks VM-Series supports the following private cloud environments: VMware ESXi and NSX, Citrix NetScaler SDX, Microsoft Hyper-V and KVM/OpenStack. In a public cloud, ensuring your applications and data are kept safe from attackers is your responsibility, and that is where the Palo Alto Networks VM-Series can help. The Palo Alto Networks VM-Series protects your public cloud infrastructure using application enablement policies while simultaneously preventing known and unknown threats. The Palo Alto Networks VM-Series supports the following public cloud environments: VMware vCloud Air, Amazon Web Services (AWS) and Microsoft Azure.