WildFire for PA-5020 for High Availability - Subscription license renewal (1 year) - 1 device in HA pair
Price:
For pricing or to order this product:
Call our Sales Representatives
Mon-Fri 8am-6:30pm CST
E-MailAnswer within 2 hours
Availability:
10-14+ Days
This item will be shipped directly from the manufacturer.
Leadtime to shipment will be a minimum of 10-14 working days.
Call for further shipping details.
-
(888) 912-3151
or
E-Mail
Brand:
Palo Alto Networks
MPN:
PAN-PA-5020-WF-HA2-R
Condition:
new
Returnable:
This Product Has Limited Exchange Privileges. For support on this product, please contact @ .
Modern malware has changed the way networks are attacked, and enabled criminals to target and steal an enterprise's most valuable assets. By evolving the techniques to avoid traditional antivirus controls, this malware provides attackers with a method for infecting a target and patiently attacking a network from the inside without detection. As a result, finding and controlling new and unknown malware has quickly become one of the most important requirements for enterprise network security teams. To meet this challenge, Palo Alto Networks has developed WildFire, which easily and efficiently extends the power of the next-generation firewall to automatically detect and stop threats from evolving or targeted malware. Unlike traditional antivirus solutions that look to match known malware, WildFire captures unknown files entering the network and proactively executes them in a safe cloud-based environment where any and all malicious actions and network activity are observed and recorded. Using active analysis, Palo Alto Networks proactively identifies malicious files within minutes based on their actual behavior to conclusively identify new or customized malware that may be unknown to the industry. When new malware is detected, WildFire automatically generates and delivers protections to all WildFire subscribers within an hour of the initial detection. This allows enterprises to not only find unknown or custom malware, but also stop new malware outbreaks before they spread. And as with all Palo Alto Networks analysis, this threat prevention is performed on all traffic, across all ports at up to 10 Gbps.
WildFire for PA-5020 for High Availability - Subscription license renewal (1 year) - 1 device in HA pair
General
Category:
- Online & appliance based services - intrusion detection, adware & malware removal tools
Product Type:
- Subscription license renewal - 1 year
Licensing
License Qty:
- 1 device in HA pair
- Next-generation visibility and performance
As with all Palo Alto Networks threat prevention, the process begins with the full visibility provided by the next-generation firewall. All traffic is inspected across all ports to identify potentially malicious files hidden in traffic. When a file is detected, WildFire automatically checks the hash value of the file to determine if the file has previously been analyzed. If the file is unknown, it is securely copied and uploaded from the firewall to Palo Alto Networks cloud-based environment. This upload process is protected at all times by encryption signed by Palo Alto Networks certificates on both ends of the connection. - Turning the power of the cloud against malware
Once in the cloud, the file is executed in a virtualized computing environment, where all behaviors can be observed. WildFire monitors for more than 100 malicious behaviors to identify the true nature of malicious files based on their actions as opposed to a pre-existing signature. WildFire observes all process and hooking behaviors, changes made to registries, auto-run modifications, changes to security settings and any files that are created or modified. Likewise, WildFire looks for suspicious or malicious network behaviors such as establishing backdoors, downloading additional executables, visiting dynamic DNS domains, scanning for vulnerabilities and much more. By performing this analysis in the cloud, WildFire can scale to analyze any volume of malware while providing malware with unfettered access to the Internet to ensure all command-and-control behavior is observed. - Automated prevention
Once a file is determined to be malicious, WildFire automatically develops protections for the new threat. WildFire subscribers are immediately notified of the verdict of the analysis via integrated WildFire logs in the Palo Alto Networks user interface, and also by email notification based on policy. The WildFire cloud includes an automated signature engine that generates true malware signatures for the infecting file, which are delivered to all subscribed firewalls worldwide within 1 hour of the malware first being discovered. Signatures are true malware signatures and are enforced using the stream-based malware engine to ensure that security teams can provide true in-line enforcement while maintaining high throughput and network performance. In addition to creating protections for the infecting file, WildFire also builds additional network-based detections. WildFire observes DNS behavior of the malware as well as any URLs that the malware uses, which are automatically added to Palo Alto Networks DNS-based malware signatures and PAN-DB URL filtering categorization. - Integrated logging and reporting
WildFire subscribers receive integrated WildFire logs on their firewalls, enabling teams to correlate WildFire events with other important events observed by the firewall. This ensures that staff can quickly and seamlessly tie applications, URLs, files, known threats and unknown threats into a coordinated approach to threat prevention. Additionally, Palo Alto Networks provides pre-built reports for WildFire events to provide ongoing documentation of emerging threats. - WildFire Portal
When dealing with new and emerging threats, it's important that security teams be able to quickly and easily investigate malware in order to correlate an infection with other security events or simply to aid in the cleanup in the case of an infection. The WildFire Portal provides detailed analysis and forensics for every file analyzed by WildFire. Staff can track the overall rates of malware detected, and can drill down into detailed analysis on any given file. Staff can easily see the verdict of a file, the application, IP address and/or URL that delivered the file as well as the user that was targeted. - Maintaining the privacy of your files
As with any use the cloud, an enterprise must ensure that the cloud is used safely and without exposing enterprise data. WildFire is no exception, and provides customers with full control over what data is shared with WildFire and the additional protection of multiple layers of professionally managed security to ensure data is never exposed. Security teams can set policies to determine exactly which files should be sent to the WildFire cloud. Teams may want to analyze all unknown files or simply those files coming from the Internet or other untrusted zones. In addition to control over which files are sent for analysis, policies can be set to control what relevant session information should be included with the sample for analysis. Session information refers to the context of the network session responsible for delivering the unknown file such as the application, the target user, the port number, the source IP address, AND. This data is often particularly useful for correlation purposes if a file is found to be malicious, but is not required for WildFire to determine the status of the file.
