Palo Alto Security Subscriptions
Security subscriptions allow you to safely enable applications, users, and content by selectively adding fully integrated protection from both known and unknown threats, classification and filtering of URLs, and the ability to build logical policies based on the specific security posture of a user's device. Most importantly, these subscriptions are seamlessly integrated, sharing the context generated by App-ID and allowing you to generate policies that protect your network while also enabling your business.
The Threat Prevention subscription adds integrated protection from a variety of network-borne threats including exploits, malware, dangerous files, and content. This powerful subscription includes NSS recommended IPS functionality, stream-based blocking of millions of known malware samples, protection from spyware, command-and-control traffic, and a variety of hacking tools.
The Threat Prevention subscription even goes beyond simply blocking malicious content to include the control of specific file types by policy, as well as inspecting traffic for specific content to prevent data loss. As a result, this critical subscription not only provides you with critical protection from threats, but also gives you important additional policy controls that keep your network secure.
URL filtering is enabled through an annual subscription that provides you with a URL filtering database that controls web activity based on users through URL category level controls, or through customizable white- and black-lists. The URL filtering subscription is not bound by any user limitations, which provides you with greater flexibility in terms of growth and more predictable operational expenses. The URL filtering subscription includes continual updates to the URL filtering database, as well as problem resolution.
GlobalProtect delivers consistent security to users in all locations. It may be deployed in many different scenarios for extending the protection of your next-generation firewall to endpoints both within and outside of the organization. With a GlobalProtect gateway subscription, you can apply the state of the endpoint device as part of the context for security policy using the Host Information Profile (HIP). In addition, users with mobile devices can use GlobalProtect apps for iOS and Android to connect to the next-generation firewall.
The GlobalProtect Portal license extends the range of coverage by enabling you to deploy GlobalProtect gateways in a greater number of configurations. For example, with a Portal license, you can deploy multiple external gateways in order to support users in different geographies. In addition, with the Portal license, gateways may also be deployed internally to protect local and wireless networks.
The WildFire subscription provides integrated protection from advanced malware and threats. WildFire adds the increasingly important ability to proactively identify and block unknown threats such as custom or polymorphic malware, which are commonly used in modern cyberattacks.The subscription provides you with following advanced capabilities:
- WildFire signature feed – receive new malware protections every 30 minutes covering newly discovered malware identified by WildFire.
- Integrated WildFire logs – logs automatically delivered to the firewall including analysis verdicts for all analyzed files and malware.
- WildFire API – Enables you to programmatically submit files to WildFire, as well as take advantage of WildFire integration with Bit9 and Mandiant solutions.
Industry’s only open and integrated AI-based continuous security platform
Enable AI-based innovations for cybersecurity
Cortex Data Lake is the industry’s only approach to normalizing and stitching together your enterprise’s data.
A new approach to detection and response
Cortex XDR detection and response breaks silos to stop sophisticated attacks by natively integrating endpoint, cloud and network data.
Discover innovative apps
Access Cortex on the hub to use your apps and discover new capabilities.
Coordinated, comprehensive endpoint protection and response
Simple cloud-based management
With the Traps management service, a cloud-based endpoint security service, you save the time and cost of having to build out your own global security infrastructure. Deployment is simple and fast, requiring no server licenses, databases or other infrastructure to get started.
Intuitive user experience
Traps provides an intuitive interface that makes it easy to manage policies and events and accelerate incident response – helping to minimize the operational challenges associated with protecting your endpoints. From the Traps management service web console, you can manage the endpoint security policy, review security events as they occur, and perform additional analysis of associated logs.
Lightweight, non-disruptive agent
The Traps agent enforces your security policy on the endpoint and reports when it detects a threat. The Traps endpoint agent consists of various drivers and services yet requires minimal memory and CPU usage to ensure a non-disruptive user experience. Following its deployment, system administrators have complete control over all Traps agents in the environment through the Traps management service.