DNS Security

DNS Security service applies predictive analytics for automated protections to thwart attacks that use DNS.

The cloud-delivered WildFire® malware analysis service uses data and threat intelligence from the industry’s largest global community, and applies advanced analysis to automatically identify unknown threats and stop attackers in their tracks.

A powerful new weapon to combat attacks

DNS is wide open for attackers. Attacks using DNS often succeed because security teams lack basic visibility into how threats use DNS to maintain control of infected devices or steal data. Current approaches drown you in uncoordinated data from independent tools or require changes to DNS infrastructure.

DNS Security service applies predictive analytics, machine learning, and automation to block attacks that use DNS. Tight integration with the next-generation firewall gives you automated protections and eliminates the need for independent tools. Now you can rapidly predict and prevent malicious domains, neutralise threats hidden in DNS tunnelling, and apply automation to quickly find and contain infected devices.

Predict and block new malicious domains

DNS Security gives the advantage back to defenders. It automatically prevents tens of millions of malicious domains identified with real-time analysis and continuously growing global threat intelligence. It predicts and stops malicious domains from domain generation algorithm-based malware with instant enforcement. And it provides limitless protection against malicious domains with a cloud-based database for infinite scale.

Safe Web Access Through Coordinated Protection

Palo Alto Networks URL Filtering service scans websites and analyzes their content using machine learning, with static and dynamic analysis, to accurately determine categories and risk ratings. URLs are classified into benign or malicious categories, which can easily be built into next-generation firewall policy for total control of web traffic. Newly categorized malicious URLs are immediately blocked upon discovery, requiring no analyst intervention.

Analytics are used to assign a risk rating to each site by examining additional layers of information, including domain history and reputation, host reputation, use of dynamic DNS, or the presence of high-risk content. URL categories and risk rating can be used together to create nuanced policies that block dangerous sites that may be used in phishing attacks, exploit kit delivery, or command and control, while still allowing employees the freedom to access web resources necessary for a business purpose.

URL Filtering works as part of the Security Operating Platform for an integrated approach to stopping threats at every opportunity. When an attack is launched against your network, URL Filtering works with your next-generation firewalls and Threat Prevention subscription to provide you with superior security. In addition to its own analysis, URL Filtering uses shared threat information from WildFire® malware prevention service and other sources, updating protections against malicious sites within seconds.