Palo Alto Networks recently announced availability of PAN-OS 6.1, the newest version of our operating system. As with all our operating system releases, there is an amazing list of new features to help our customers better secure their networks, respond more quickly to incidents and reduce operational overhead. Given my focus on cybersecurity for Industrial Control Systems, the one feature I am particularly excited about is the capability of the WildFire appliance, the WF-500, to generate threat prevention signatures on premises.
WildFire is of course a service available in our security platform that isolates suspicious payloads (e.g. executables, MS-Office documents) at the network, detonates them in our Threat Intelligence Cloud, then sends a report back to the user about the nature of a payload. Not only that, if the payload is malicious, the cloud sends threat prevention signatures (anti-virus, malicious URL, malicious DNS) back to the firewall, essentially converting the unknown threat into a known, stoppable threat.
Many of the critical infrastructure and manufacturing asset owners I work with have told me they like the idea of WildFire and the threat intelligence cloud, but faced constraints in sending files out to the public cloud. Many have general privacy concerns, some have regulatory constraints, and on occasion, they cite the unavailability of an internet connection (airgap).
We are excited to announce with the release of PAN-OS 6.1 that we can now address these concerns via the WF-500’s ability to generate on-premise malware signatures in as little as 5 minutes. This update will come in very handy in securing several perimeters and even internal zone traffic within the automation environment -- assuming you have proper segmentation! – and here’s how:
Remember: one WF-500 supports multiple next-generation firewalls, essentially transforming each firewall into a sensor for detecting unknown threats in hundreds of file-bearing applications across standard and non-standard ports, with the ability to automatically prevent them as well. This is a fundamental difference from other detection-only, point solutions which require one or more application-specific sandboxing appliances at each point of inspection in the network, resulting in partial, open-loop security at high costs to you.
WildFire is of course one element of our entire solution. For more details on our complete security platform which spans network security (Next-Generation Firewall), endpoint (Traps Advanced Endpoint Protection) and the cloud (Threat Intelligence Cloud), please feel free to read our brief whitepaper on protecting critical infrastructure.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.