WildFire for PA-200 for High Availability - Subscription license (1 year) - 1 device in HA pair - for P/N: PAN-PA-200
Price:
For pricing or to order this product:
Call our Sales Representatives
Mon-Fri 8am-6:30pm CST
E-MailAnswer within 2 hours
Availability:
10-14+ Days
This item will be shipped directly from the manufacturer.
Leadtime to shipment will be a minimum of 10-14 working days.
Call for further shipping details.
-
(888) 912-3151
or
E-Mail
Brand:
Palo Alto Networks
MPN:
PAN-PA-200-WF-HA2
Condition:
new
Returnable:
This Product Has Limited Exchange Privileges. For support on this product, please contact @ .
The modern threat landscape has fundamentally evolved, and cyber-security teams face threats on a daily basis that rely on stealth, persistence and the skilled avoidance of traditional security measures. Such a fundamental shift in one's adversary demands more than an incremental response, and modern security teams are re-evaluating some of their most basic security assumptions concerning how they look at network traffic, how threats are identified, and ultimately how they are blocked. These core principles are the foundation of Palo Alto Networks WildFire solution, in which full visibility, scalable analysis, and automated protection all work together to secure the network and its data. Only the next-generation firewall provides full-stack analysis and enforcement of all network traffic regardless of evasion and encryption, ensuring that hidden or anomalous threats are exposed. WildFire then proactively runs any unknown files in a safe, scalable sandbox environment where malware is conclusively identified and new protections are automatically developed. The result is a completely unique, closed loop approach to controlling cyber-threats based on next-generation visibility, cloud-based malware sandboxing, and reliable in-line blocking of threats. This style of sandbox analysis is computationally intense by nature, and as a result, WildFire is designed on a cloud-based architecture that ensures seamless scalability. The WildFire public cloud enables any Palo Alto Networks customer to perform true malware sandboxing of unknown files without the need for any additional hardware. However, a hardware-enabled private cloud option is available to extend the WildFire architecture to customers who cannot use public cloud resources due to regulatory or privacy requirements.
WildFire for PA-200 for High Availability - Subscription license (1 year) - 1 device in HA pair - for P/N: PAN-PA-200
General
Category:
- Online & appliance based services - intrusion detection, adware & malware removal tools
Product Type:
- Subscription license - 1 year
Licensing
License Qty:
- 1 device in HA pair
Compatibility Information
Designed For:
- P/N: PAN-PA-200
- Abandoning port-based assumptions
For all of the advancements in IT security, virtually all security products fall back on outdated assumptions based on port. Traffic is allowed or blocked based on port, signatures are applied based on port, and additional decoders and analysis are applied based on the port. Palo Alto Networks forgoes these assumptions and performs a full-stack identification and decode of all traffic across all ports. This context is constantly monitored and updated to reflect any changes in the application or protocol. This process remains fundamentally unique in network security and ensures attackers can't hide by routing traffic in non- standard ways or tunneling within other approved traffic. - Visibility into SSL encrypted traffic
As more applications move to the web, SSL has become an increasingly common fact of life. And while SSL provides improved session security, it also has the effect of potentially creating an opaque vector where threats can flow without the prying eyes of security. Palo Alto Networks offers on-box SSL decryption that can be selectively applied based on policy. Decrypt only the traffic that interests you, and set policies to ensure traffic is never decrypted to sensitive sites web as health care or banking sites. - Visibility into unknown traffic
By positively classifying all traffic, Palo Alto Networks can further reveal the presence of any unknown or custom traffic. Such custom traffic is strongly correlated with malware and advanced threats, and simple next-generation firewall policies allow you to see this traffic and automatically enforce policy on it. - Changes made to the host
WildFire observes all process and hooking behaviors, changes made to registries, auto-run modifications, changes to security settings and any files that are created or modified. All changes are documented in WildFire reports. - Malicious traffic and hacking
WildFire looks for suspicious or malicious network behaviors such as establishing backdoors, downloading additional executables, visiting dynamic DNS domains, scanning for vulnerabilities and much more. - Security avoidance behaviors
WildFire also constantly looks for malware techniques used to avoid analysis such as attempting to avoid executing while being monitored, injecting into running or trusted processes and disabling host-based security features. - Using the power of cloud-computing for malware analysis
Virtualized malware analysis requires massive amounts of computing resources, because the solution must provide a fully independent virtual environment to analyze every unknown or suspicious file. This means that computing requirements can swing wildly depending on the amount and type of traffic hitting the network. This has the potential to require a great deal of hardware for analysis, and even worse to create bottlenecks that limit the analysis of malware. To solve this problem, WildFire leverages a cloud-based architecture that allows computing resources to scale elastically based on need. - Automated prevention
Once a file is determined to be malicious, WildFire automatically develops protections for the new threat and generates integrated and correlated logs for security staff. Within minutes of submitting a file to WildFire, subscribers receive an integrated log with the verdict of the malware analysis, which is correlated with any other relevant logs in the Palo Alto Networks user interface. Additionally, all WildFire users can receive notifications via email based on policy. The WildFire public cloud also develops a range of protections for all newly discovered malware. - Integrated logging and reporting
WildFire subscribers receive integrated WildFire logs on their firewalls, enabling teams to correlate WildFire events with other important events observed by the firewall. This ensures that staff can quickly and seamlessly tie applications, URLs, files, known threats and unknown threats into a coordinated approach to threat prevention. Additionally, Palo Alto Networks provides pre-built reports for WildFire events to provide ongoing documentation of emerging threats. - WildFire portal
When dealing with new and emerging threats, it's important that security teams be able to quickly and easily investigate malware in order to correlate an infection with other security events or simply to aid in the cleanup in the case of an infection. The WildFire portal provides detailed analysis and forensics for every file analyzed by WildFire. Staff can track the overall rates of malware detected, and can drill down into detailed analysis on any given file. Staff can easily see the verdict of a file, the application, IP address and/or URL that delivered the file as well as the user that was targeted. - Maintaining the privacy of your files
As with any use of the cloud, an enterprise must ensure that the cloud is used safely and without exposing enterprise data. WildFire is no exception, and provides customers with full control over what data is shared with WildFire and the additional protection of multiple layers of professionally managed security to ensure data is never exposed. In addition to control over which files are sent for analysis, policies can be set to control what relevant session information should be included with the sample for analysis. Session information refers to the context of the network session responsible for delivering the unknown file such as the application, target user, port number, source IP address, user and host name, as well as the attacking IP or URL. This data is often particularly useful for correlation purposes if a file is found to be malicious, but is not required for WildFire to determine the status of the file.
