Archive for the ‘Palo Alto Networks’ Category

Palo Alto Networks Joins Net-Ctrl on Stand C61

Thursday, January 10th, 2019

Net-Ctrl will be able to demo a range of Palo Alto Networks solutions on our BETT stand (C61).

Cyberattacks in the Education Sector are increasing year on year. This area is one that cybercriminals feel they can exploit more successfully as they know that IT teams are stretched. They know that due to tight budgets equipment is likely to be ageing and with the introduction of BYOD the attack surface is only increasing which has a knock-on effect adding even more pressure to schools to keep their students and their data secure.

Palo Alto Networks aims to help schools with this by putting in an Automated Security Platform that works without the need for human intervention, with their Threat Intelligence cloud they ensure that the system is constantly updated with the latest threats in the industry and with their TRAPS endpoint protection they can extend this protection out to endpoints and BYOD devices.

Outside of Core Security Palo Alto Networks are also able to assist Schools with Safe-Guarding with the following:

  • URL Filtering
  • Categorisation and Control of Websites
  • Application Control
  • Ensure that only authorised applications are in use on the School Network
  • Search Engine Alerts
  • Real-Time awareness of search queries
  • Visibility Reports
  • Show granular visibility of Network and web-based activity by user

Come and visit Net-Ctrl and Palo Alto Networks on stand C61 at BETT 2019 to learn more about how Palo Alto Networks can fit into your school’s infrastructure. We will have a dedicated team able to answer your questions and provide solution demonstrations.

BETT 2019 is going to be held at the Excel in London from the 23rd – 26th January. Book your free ticket now.

If you would like to book a meeting slot in advance email

Enhanced Network Security with Pulse Policy Secure and Palo Alto Networks Firewall

Thursday, December 13th, 2018

In today’s IT world, Internet and networking technologies have evolved to offer unprecedented services to the end users. Billions of Internet of Things devices are being deployed across all industries, and with this also means allowing access to important and confidential data and resources which brings significant security risks to business IT systems.

Organizations need to implement solutions to address challenges from a security standpoint and the best way to eliminate every possible risk associated with technology is to bring ecosystem and interoperate. One such solution is our award-winning Pulse Policy Secure (NAC) integrated with Palo Alto Networks Firewall.

Pulse Policy Secure provides a Network Access Control solution at an endpoint/user level and provides intelligent Identity-based access by quickly learning contextual data (endpoint IP address, User ID and User role) and shares this with Palo Alto Networks firewall to take appropriate actions to allow or deny access.

Pulse Policy Secure also provides enhanced network security to protect from vulnerable devices with altering based integration with PAN Firewall. Through this joint solution, organizations, users, and customers are protected from cyber threats.

In addition to the above integration, Pulse Secure offers a seamless secure access solution using session federation via IF-MAP framework. This can be achieved within an enterprise network by sharing session information across Pulse Policy Secure or Pulse Connect Secure using an IF-MAP protocol through an IF-MAP server. Once an end user connects remotely or locally to the corporate network and gets authenticated by Pulse Connect Secure or Pulse Policy Secure. The federation requires Dynamic AUTH table provisioning on the PAN firewall and allows secure access to the protected resource based on the resource access policies that are configured on PPS.

Additional information on how to deploy and implement this joint solution is available at

Check out these resources on our latest NAC release, Pulse Policy Secure 9.0r3:

Zero Trust Secure Access for The Smart Factory Floor Infographic

Pulse Secure Access for the Industrial Internet of Things (IIoT)

Pulse Secure Expands Zero Trust Security for IoT


View the original post by Pulse Secure.

Palo Alto Networks a Seven-Time Gartner Magic Quadrant Leader

Wednesday, October 10th, 2018

Palo Alto Networks® (NYSE: PANW), the global cybersecurity leader, today announced that, for the seventh consecutive time, the company has been recognized in the Leaders quadrant of the “Magic Quadrant for Enterprise Network Firewalls” by Gartner Inc.

According to the report, “The Leaders quadrant contains vendors that build products that fulfil enterprise requirements. These requirements include a wide range of models, support for virtualization and virtual LANs, and a management and reporting capability that is designed for complex and high-volume environments, such as multitier administration and rule/policy minimization. A solid NGFW capability is an important element, as enterprises continue to move away from having dedicated IPS appliances at their perimeter and remote locations. Vendors in this quadrant lead the market in offering new features that protect customers from emerging threats, provide expert capability rather than treat the firewall as a commodity and have a good track record of avoiding vulnerabilities in their security products. Common characteristics include handling the highest throughput with minimal performance loss, offering options for hardware acceleration and offering form factors that protect enterprises as they move to new infrastructure form factors.”

The Magic Quadrant for Enterprise Network Firewalls(1) evaluates vendors’ ability to execute as well as their completeness of vision.


“We’re thrilled that Gartner has recognized our leadership over the past seven times in its Gartner Magic Quadrant for Enterprise Network Firewalls. In the past 15 months, we have introduced updated versions of almost every next-generation firewall we offer, and have delivered new models which allow us to solve additional use cases for our customers. We believe our cloud-delivered subscriptions are natively integrated into our firewalls and offer best-in-class network security protection, as well as eliminate the need for our customers to deploy multiple point product offerings.”
– René Bonvanie, CMO, Palo Alto Networks

More than 54,000 customers in more than 150 countries have chosen Palo Alto Networks for its continuous innovation in security, automation and analytics.

To learn more about the Palo Alto Networks Security Operating Platform, visit:

To learn more about the Palo Alto Networks Next-Generation Firewall, visit:

To read a complimentary copy of the complete report, visit:

  1. Gartner, Magic Quadrant for Enterprise Network Firewalls, Adam Hils, Jeremy D’Hoinne, Rajpreet Kaur, October 4, 2018.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

View the original posts at

You Don’t Know What You’re Missing on Your Network

Tuesday, March 27th, 2018

Today’s cyber threats hide in plain sight amidst your network traffic, making them nearly impossible to defend against. These advanced threats use applications as their infiltration vector, exhibit application-like evasion tactics and they leverage commonly used network applications for exfiltration.

Legacy point products are blind to much of what goes on in the network. Hackers exploit this.

Net-Ctrl and Palo Alto Networks are offering an assessment that reveals the Unknown in your network.

Here is some of what you will see:

  • Malware and spyware on your network
  • Unauthorised applications
  • Violations of your security policies
  • Malicious websites employees are accessing
  • Non-work-related applications and activity
  • Shadow IT

How it works: We put the Palo Alto Networks® Next-Generation Security Platform on your network to passively monitor traffic for just one week.

We deliver to you the Security Lifecycle Review (SLR). The SLR reveals under-the-radar activity on your network and the risks to your business. We meet with you to explain the findings, answer your questions, and offer practical recommendations. The SLR is cost-free, risk-free and obligation-free.

To schedule or learn more about the SLR, please complete our Contact Form and we will schedule a call with one of our engineers.

Announcing PAN-OS 8.1: Streamline SSL Decryption, Accelerate Adoption of Security Best Practices

Friday, February 23rd, 2018

Palo Alto Networks are pleased to announce PAN-OS 8.1, the latest version of the software that powers our next-generation firewalls. This release enables you to easily adopt application-based security, removes barriers to securing encrypted traffic, simplifies management of large networks and helps you quickly identify advanced threats in conjunction with Magnifier for behavioral analytics.

Let’s look at some of these enhancements in detail.

Simplified App-Based Security

App-ID classifies all traffic, including SaaS, traversing your network so you can safely enable desired applications and block unwanted ones. PAN-OS 8.1 makes it easier to adopt and maintain an application-based security policy.

  • Eliminate security risk: The new rule usage tracking tools empower organizations to review and confidently remove obsolete application-based policy rules as well as retire legacy rules – based on when a rule was last hit – to eliminate holes that create security risks.
  • Easily adopt new apps: Adopting new App-IDs, which used to be released weekly, usually requires a policy review. Now, new App-IDs are released on the third Tuesday of every month, giving you time to review the effect of the new App-ID and change policy if needed. New capabilities enable you to easily understand the impact of new and modified App-IDs on your traffic and policy.
  • Safely enable SaaS usage: SaaS applications host sensitive data, and you need to ensure data is stored in secure, compliant SaaS services. To add to existing capabilities, such as application filters, application characteristics and visibility, you can now use new SaaS application characteristics, such as lack of certifications, poor terms of service, history of data breaches and so on, to view and control their usage. In addition, the next-generation firewall can now add HTTP headers to SaaS app requests to granularly allow access to enterprise accounts while preventing access to free and consumer accounts.

Streamlined SSL Decryption

Decryption image 2Most enterprise web traffic is now encrypted, and attackers exploit this to hide threats from security devices. The new Decryption Broker feature removes all barriers to securing encrypted traffic. Our next-generation firewall now decrypts the traffic, applies security and load balances decrypted flows across multiple stacks of security devices for additional enforcement. This eliminates dedicated SSL off-loaders, reducing network complexity and making decryption simple to operate.

Performance Boost for Internet-Edge Security

  • Secure the high-speed internet edge: The Palo Alto Networks PA-3200 Series of next-generation firewalls comprises the PA-3260, PA-3250 and PA-3220. These appliances deliver up to five times the performance, up to seven times the decryption performance and up to 20 times greater decryption session capacity of existing hardware, making them ideal for securing all internet-bound traffic, including encrypted traffic.
  • Secure large data centers and high-performance mobile networks: The Palo Alto Networks PA-5280 is the latest addition to the PA-5200 Series appliances. It prevents threats, safely enables applications, and is suitable for mobile network environments as well as large enterprise datacenters. The PA-5280 offers security at throughput speed of 68 Gbps and session capacity of 64 million.
  • Secure industrial deployments: Palo Alto Networks PA-220R ruggedized appliance brings next-generation capabilities to industrial applications in harsh environments. Read the blog post for more information.

Improved Efficiency and Performance for Management

Panorama 8.1 provides greater efficiency for teams that manage physical and virtual appliances running PAN-OS. Using variables in templates, you can now leverage common configuration across many devices while substituting device-specific values in place of IP addresses, IP ranges, FQDNs and more. With device health monitoring, Panorama provides a deployment-wide view into the health and status of your next-generation firewalls. Trending of critical system resources up to 90 days helps you identify gradual changes in your environment. Proactive monitoring automatically creates alerts when substantial changes occur in the utilization of critical device resources, ensuring you’re the first to know.

In addition, new M-600 and M-200 appliances deliver high-performance management.

Advanced Threat Detection and Prevention

  • Advanced threat detection. Updates to WildFire include dynamic unpacking, which defeats packing techniques attackers use to evade detection.
  • Prevention everywhere. This update has improved detection of malware targeting Linux servers and IoT devices. Plus, you can detect and prevent malware moving freely inside the network with new SMB protocol support and find malware hiding in less common file archive formats, including RAR and 7z (from 7-Zip).
  • Rich data for analytics. Enhanced application logs evolve next-generation firewalls into advanced network sensors for analytics, including Application Framework apps. Magnifier uses this data to allow customers to identify advanced attacks, insider threats and malware with precision.

Palo Alto Networks Next-Generation Firewall provides effective protections you can use, automates tasks so you can focus on what matters and enables you to consume innovations quickly. The new capabilities in PAN-OS 8.1 allow you to accelerate the adoption of next-generation security best practices so you can prevent the most advanced threats and safely enable your business.

To learn more, visit the PAN-OS 8.1 security page.

View the original post by Palo Alto Networks.

Palo Alto Networks Adds to Its Next-Generation Firewall Lineup With New Hardware That Speeds Decryption and Improves Performance

Thursday, February 22nd, 2018

New PAN-OS Release Simplifies Decryption and Helps Organizations Use Best Practices to Improve Security Posture

Palo Alto Networks®, the next-generation security company, today announced new hardware and updates to its PAN-OS® operating system that further enable organizations to easily implement and automate best practices for application-based controls that strengthen security. With today’s announcement, Palo Alto Networks introduces PAN-OS version 8.1, the PA-3200 Series, the PA-5280, the ruggedized PA-220R and two new models in the M-Series management appliances.

Every organization requires visibility into network traffic in order to prevent successful cyberattacks, but the proliferation of encryption has obstructed the view security teams once had into the data traversing their networks. Gartner predicts that “Through 2019, more than 80 percent of enterprises’ web traffic will be encrypted.”1 Gartner also predicts that “During 2019, more than fifty percent of new malware campaigns will use various forms of encryption and obfuscation to conceal delivery, and to conceal ongoing communications, including data exfiltration.”1

According to Palo Alto Networks, many organizations have not yet addressed the lack of visibility associated with encrypted traffic due to the complexity and performance impact of decryption, leaving those that do not decrypt network traffic without the ability to find and prevent over half of malware campaigns.

The new Palo Alto Networks PAN-OS operating system, version 8.1, reduces the complexity surrounding the implementation of cybersecurity best practices, including those associated with SSL-decryption within multi-vendor environments. New next-generation firewall models improve overall performance and enable customers to decrypt traffic at high speeds. Enhanced application logging adds additional richness to log data to improve the precision of Magnifier’s behavioural analytics with which customers rapidly hunt down and stop advanced threats.

Key benefits of the capabilities announced today include:

  • Easier adoption of SSL-decryption in multi-vendor environments: Streamlined SSL decryption provides high-throughput decryption on the next-generation firewall and enables sharing of cleartext traffic with chains of devices for additional enforcement, such as DLP. This further eliminates the need for dedicated SSL offloaders, simplifying deployment, network architecture and operations.
  • 20X decryption sessions capacity boost at internet edge: With 20 times more SSL-decryption sessions capacity compared to its predecessor, the new PA-3200 Series appliances deliver high-performance decryption at the internet edge. The new PA-5280 appliance brings higher performance and doubles the session capacity for securing large data centers and mobile network operators, or MNO, infrastructures.
  • Efficient adoption of best practices: App-ID™ technology-based security can now be achieved with even simpler workflows and policy review tools, allowing administrators to more effectively and confidently enforce best practices for application controls. Further, administrators can maintain a tight and effective app-based security policy with enhanced rule usage tracking.
  • Management at scale: New capabilities simplify the management and operational complexities of large, distributed deployments. The proactive device monitoring feature in Panorama™ management alerts the administrator if device behaviour is deviating from the norm. With little manual effort, the feature can be integrated into an automated workflow to enable operations teams to quickly perform remediation actions. New M-600 and M-200 management appliances deliver high-performance, with log ingestion rates up to two times compared to their predecessors, and double the log storage capacities.
  • Advanced threat detection and prevention: Updates to the WildFire® cloud-based threat analysis service enable customers to detect zero-day malware using evasive packing techniques, spot malware targeting Linux servers and IoT devices, and find malicious files hiding in less common file archive formats, such as 7-Zip and RAR.
  • Quick detection of targeted attacks: The next-generation firewall evolves to become an advanced network sensor that collects rich data for analytics, which can be easily expanded with content-based updates. As part of the Application Framework, Magnifier uses this data to enable customers to identify advanced attacks, insider threats and malware, with precision.

“The increasing volume of encrypted traffic means that visibility is now more important than ever. Buyers are rolling out tightly integrated security solutions, and are looking for network traffic decryption that’s built into existing cybersecurity infrastructure because it removes complexity, allowing security to function as a business enabler, rather than an inhibitor.”
– Jeff Wilson, senior research director, Cybersecurity Technology, IHS Markit

“PAN-OS version 8.1 introduces many new features to help organizations improve their security and manageability in easy-to-implement ways. The new next-generation firewall and management appliances allow for significantly greater throughput, especially for encrypted traffic, and greater scale. The combined capabilities of our next-generation firewalls and PAN-OS version 8.1 are a major step forward in our mission to help organizations prevent successful cyberattacks.”
– Lee Klarich, chief product officer, Palo Alto Networks


PAN-OS 8.1 will be available to all current customers of Palo Alto Networks with valid support contracts in March. The PA-220R, PA-3200 Series, PA-5280, M-200 and M-600 are orderable on February 26, starting from $2,900 up to $200,000.


1 Gartner, “Predicts 2017: Network and Gateway Security,” Lawrence Orans et al, 13 December 2016

View the original press release by Palo Alto Networks.

Palo Alto Networks Announcing New Cloud Security Capabilities

Wednesday, February 7th, 2018

By Anuj Sawani at Palo Alto Networks.

At Palo Alto Networks we have committed to helping organizations accelerate their move to the cloud. And today, we’re taking another big step forward.

With the expansion of our comprehensive cloud security offering, we can now deliver consistent, automated protections across all three major public cloud environments, which prevent data loss and business disruption and meet a number of needs our customers have asked for. This expansion includes the ability to integrate into the cloud app development lifecycle, making cloud security frictionless for the development and security teams.

Let’s talk about why this is so important.

Rethinking Security for the Public Cloud

For many organizations, the public cloud has become the sole route to market for new application deployment, which, in turn, is reducing their data centre footprint. Along with that, developers now increasingly leverage easy-to-consume PaaS components, in addition to on-demand IaaS components, to harness the true efficiency of the cloud.

This trend is causing all of us to rethink security for our cloud apps and realize that what’s available the market today is insufficient: clunky approaches, pieced together from multiple vendors, resulting in a fragmented security environment where IT teams must manually correlate data to implement actionable security protections.

This level of human intervention increases the likelihood of human error, leaving organizations exposed to threats and data breaches. What’s more, security tools that are not built for the cloud significantly limit the agility of your development teams.

3 Key Capabilities

Ideally, cloud security should speed application development and business growth while preventing data loss and business downtime. This requires three key capabilities to be successful: advanced application and data breach prevention, consistent protection across locations and clouds, and “frictionless” deployment and management.

Our cloud security approach addresses all three capabilities, and we achieve this with inline, API and host protection technologies working together to eliminate the wide range of cloud risks.

Our new release includes the following:

  • Consistent protections across locations and clouds: For the first time, our Next-Generation Security Platform will extend cloud workload protections to the Google Cloud Platform, in addition to enhancing our existing capabilities for AWS and Azure environments.
  • Cloud-resident management with Panorama: Panorama now supports all major cloud environments. This provides flexibility for customers to deploy security management within their cloud architecture. They have multiple options including Panorama on-premise with distributed Log Collectors for a hybrid approach, or Panorama within their cloud environment for a cloud-only approach.
  • Better integrations for frictionless workflows in multi-cloud environments: Adding enhanced auto-scaling for AWS along with support for Azure Security Center and Google Cloud Deployment Manager simplifies security deployments and enables scaling based on changing cloud demands. Integrations with tools such as Terraform and Ansible automate workflows and policy management across clouds.
  • Continuous security with Aperture for all three major cloud environments: Aperture now helps to prevent data loss and enables compliance for public clouds. It achieves this by enabling discovery of cloud resources, providing advanced data classification, monitoring for risky or suspicious administrator behaviour, and adding more protection against security misconfigurations and malware propagation.
  • Prevention of zero-day attacks: Traps advanced endpoint protection can now prevent zero-day attacks for Linux workloads across all three major cloud environments, in addition to its existing support of Windows workloads.

That’s just the start of new capabilities for cloud and SaaS security we’re pleased to be able to offer. To learn more about these new features and our advanced approach, visit our cloud security page.


Updates to VM-Series virtualized next-generation firewalls, Aperture security service, Panorama and Traps are targeted for general availability in March 2018.

For more:

Watch: Palo Alto Networks Chief Product Officer Lee Klarich highlights our new features
Download: Securing Your Business in a Multi-Cloud World
Read: Today’s official press release
Experience: The Epic Cloud Security Event

View the original press release by Palo Alto Networks.

2018 Predictions & Recommendations: The Ransomware Plague Is Just Beginning

Thursday, December 21st, 2017

It’s not exactly a no-brainer, but the success of ransomware in 2017 leads us to a logical prediction that more successful ransomware attacks will continue to plague organizations in 2018. These attacks will increase both in volume and sophistication, which will make it even more challenging for security vendors of yesteryear to prevent these attacks and fulfil their basic promise of protecting their customers.

It isn’t just legacy vendors that are challenged, however. Ransomware causes headaches for shiny “next-gen” products that rely heavily on detection-and-response capabilities because, once ransomware has evaded prevention techniques, the damage has already been done: files/folders are encrypted, and the business is impacted. (But hey, if you need a pretty process tree, they’re your vendor.) Rollback features are the equivalent of rolling the dice, crossing your fingers and hoping for the best, which is not a strategy.

Ransoms Beyond Bitcoin

Mao Tse-tung allegedly said, “Political power grows out of the barrel of a gun.” While it’s a stretch to say ransomware will produce the same result, in 2018, ransomware motives will shift to increasingly political, instead of commercial, gains. The business model for ransomware has been simple: as an attacker, I’ll hold your files or folders hostage (encrypt them), and you pay me money (in the form of cryptocurrency). In 2017, we observed attacks that used ransomware, but the motives were political, rather than commercial, in nature. In March 2017, RanRan was a ransomware variant in the Middle East that, instead of money, demanded the victims speak out against a political leader in the region through the creation of a website. In 2018, we anticipate more uses of ransomware attacks that go beyond commercial. In another recent example, NotPetya focused its encryption, not on files and folders that could be later decrypted after payment but instead encrypted the Master Boot Record, crashing systems.

Ransomware for the Masses

According to our latest Unit 42 threat intelligence report, Ransomware: Unlocking the Lucrative Criminal Business Model, ransomware variants are increasing, with total numbers at least 150, if not hundreds more. Another reason driving this increased volume is how much easier it is to launch attacks. Given that cybercriminals with limited technical skills can execute these attacks, making it even more convenient and reducing the barrier to launch attacks, ransomware as a service has become a viable way to launch ransomware attacks (think having to leave the house and shop vs. order from DoorDash). In 2018, unfortunately, the number of successful ransomware attacks will continue to increase, and couch potato cybercriminals will be successful.

Down, Z, Up, X, A, Y, B, C

Do that on an Super Nintendo back in the day, and voila! Your sophisticated “Street Fighter II” champion codes were enabled. Now, think of something similar happening for ransomware. In 2017, a sophisticated set of tools was leaked by a group called The Shadow Brokers, which claimed the tools had been created by a U.S. government entity for offensive operations. These tools were quickly leveraged by attackers in some of the most talked-about attacks of 2017. We had already seen innovative distribution models used in ransomware attacks, including exploit kits, macros, malicious DLLs and others. In addition, kernel exploits were heavily used in these attacks, making them even more difficult for security vendors to prevent. (Learn how kernel exploits work.)

Keep On Keepin’ On

Self-propagation of ransomware attacks will likely continue. The combination of worm-like capabilities as a way to rapidly distribute ransomware has been proven and wildly successful. From a business perspective eliminating any friction needed to propagate the attack makes good business sense, which is why this type of ransomware worm will likely continue in 2018 and beyond.

More Platforms

While 2017 was a quiet year for Mac-specific ransomware, in 2018, we can expect the volume of Mac ransomware to increase. A ransomware attack has already targeted OS X hosts – KeRanger, which Unit 42 identified in 2016 – and given the increase in Mac usage, the attractive targets Mac users make, and with additional tools and the commoditization of ransomware, it’s a good bet we’ll be hearing more about organizations getting hit with ransomware targeting Macs.


As we mentioned upfront, based on the success in 2017, it doesn’t take Nostradamus to see that ransomware will continue in 2018. In fact, we believe adversaries will begin expanding their mission to more sophisticated attacks and targeting more platforms. Ransomware will likely continue as a thin veneer to more dangerous attacks that go through legacy security solutions like a hot knife through butter. The only defense is a coordinated security system that works together where endpoints communicate with firewalls to automatically convert threat intelligence into prevention at both locations, regardless of where a threat is first discovered. This level of integration also enables SecOps to correlate threat events and conduct forensic investigations using data from endpoints, firewalls, and global threat intelligence in ways that may not be possible with disparate security products.

View the original post by Palo Alto Networks.

Palo Alto Networks Webinar: A Day in the Life of a Modern Cyber Attack

Wednesday, November 8th, 2017

Palo Alto Networks will be running a webinar on the 16th November at 10.30-11.10. They will be investigating and reviewing the lucrative business of exploits, ransomware and the ever-evolving threat landscape.

Register Now

The session is being run by Alex Hinchliffe, Threat Intelligence Analyst with Palo Alto Networks® Unit 42 threat intelligence team.

During this exclusive event, Alex will dive into a real-life scenario of a cyber-attack and analyse who the criminals are and how vulnerable your organisation may be.

In this webinar, you will get an understanding of:

  • How the lucrative business of cyberattacks is evolving
  • What the new cyber-threats are and how they penetrate your systems
  • Solid prevention strategy to avoid your organisation falling victim to cyber-attacks

Register Now



Palo Alto Networks Strengthens Ransomware Prevention Capabilities With New Traps Advanced Endpoint Functionality

Monday, September 25th, 2017

New Features Enable Customers to Prevent Malware and Kernel Exploit Attacks.

Palo Alto Networks, the next-generation security company, today announced enhancements to its Traps™ advanced endpoint protection offering that strengthens current ransomware prevention by monitoring for new techniques and ransomware behaviour and, upon detection, prevents the attack and resulting encryption of data.

As ransomware attacks continue to escalate in both sophistication and frequency, organisations are working quickly to protect themselves from falling victim to the next attack. According to Cybersecurity Ventures, ransomware will cost organisations more than $5 billion in 2017 – more than 15 times the cost of damages absorbed in 2015.

To protect themselves from the evolving threat of ransomware, most organisations deploy multiple security point-products and software agents on their endpoint systems, including one or more legacy antivirus products. The protections provided by these signature-based products continue to lag behind the speed of ransomware attacks, which can impact and spread throughout organisations in a matter of minutes compared to the hours or days it could take a customer to receive a signature update.

When combined with its existing ransomware prevention and other multi-method prevention capabilities, Traps offers effective ransomware protection and helps organisations avoid the business productivity losses associated with inaccessible data. Traps effectively secure endpoints with its unique multi-method prevention capabilities by combining multiple defensive techniques, preventing known and unknown attacks before they can compromise endpoints.


“Traps 4.1 takes endpoint security to the next level and continues to bring more innovative and impressive capabilities to address the modern threat landscape. The added ransomware capabilities and ease of deployment across Windows and MacOS clients further cement Traps as a necessary standard for any organisation serious about their endpoint security strategy.”
Bryan Norman, chief executive officer, Norlem Technology Consulting

“Ransomware attacks will continue to increase in frequency and sophistication for the foreseeable future, and with the new capabilities introduced today in version 4.1, Traps is better able to preemptively stop these attacks and protect our way of life in the digital age.”
Lee Klarich, chief product officer, Palo Alto Networks

Key advancements introduced in Traps version 4.1 include:

Behavior-based ransomware protection adds a layer of malware prevention to pre-existing capabilities without reliance on signatures or known samples. By monitoring the system for ransomware behaviour, upon detection, Traps immediately blocks the attack and prevents encryption of end-user data.

Enhanced kernel exploit prevention protects against new exploit techniques used to inject and execute malicious payloads, like those seen in the recent WannaCry and NotPetya attacks, by stopping advanced attacks from initiating the exploitation phase.

Local analysis for macOS provides added protection against unknown attacks for a growing macOS® user base.

Traps version 4.1 is generally available to Palo Alto Networks customers with an active support contract.

Traps advanced endpoint protection
Traps: Expanding Ransomware Protection for Current and Future Threats (blog post)
Palo Alto Networks Next-Generation Security Platform

View the original post by Palo Alto Networks.