An advanced endpoint solution, when built right, should prevent and significantly eliminate both known and unknown threats across all applications. In an enterprise, that means a solution that can:
- Protect against zero-day attacks that have no known signatures or behaviors
- Compensate and protect unpatched or unpatchable systems
- Consistently secure the growing number of applications from advanced cyber threats
- Share real-time intelligence from both endpoints and network devices
- Maintain real-time protection without the need for continuous manual updates,
- Maintain business flexibility and continuity while protecting workstations, servers and VMs
Today Palo Alto Networks is very excited to announce Traps 3.2, an integral part of our enterprise security platform, to bring next-generation security to all stages of the attack kill chain. Traps 3.2 takes the best of our endpoint technology and makes it even better, and here are some of the exciting things you can expect in the new release.
New and improved prevention modules: Our unique focus on exploit and malware technique prevention is the center of our Advanced Endpoint Protection solution, intercepting the attacker at the core of the attack and preventing “patient zero.” We’ve added three new EPMs that allow Traps to prevent sophisticated attacks that bypass other security products.
Enhanced Unknown Malware Prevention: Building upon the initial WildFire integration capabilities, Traps now allows an automatic upload of unknown executable files to the Palo Alto Networks WildFire threat intelligence cloud for further analysis. Advanced Execution Control enhances the ability to harden critical or closed systems that require stricter policies in their environment. Additional execution restriction granularity is now available to control child processes, external media (media control), local and network folders, and unsigned executables, all of which increases business flexibility while minimizing the security risk. With 3.2, Traps also enables more granular control over which applications or hashes should or should not be allowed to run. The administrator system receives hardening capabilities that allow it to decide whether to revoke or override a WildFire verdict locally.
Forensics and Security Event Analysis: Even more relevant endpoint activity at the time of the prevention is now captured, with expanded reporting capabilities and customizable on-demand forensics. A secondary analysis of a Traps security event is added to automatically analyze memory records and scan for traces of malicious activity, such as Heap Spray and ROP chains. Traps is also now natively integrated with Splunk, a third-party monitoring tool to analyze log data.
Improved Scalability: Over the past year we’ve thought long and hard about the unique needs of customers with large deployments. It’s for those deployments that Traps now offers extended support for 50,000 Traps agents per ESM and multiple ESM Servers, each with its own network forensic folder, to be managed from a central ESM Console. Connectivity enhancements also make better use of bandwidth and allow the endpoints to find the best ESM to reach.
Traps is one of the few products that can protect all applications across nearly every Windows based platform, both virtual and physical. But we always push for more.
Traps now also supports Windows Vista and Windows Server 2008 and non-English Windows Operating Systems. The Traps Console is also available in seven languages; English, German, French, Spanish, Japanese, Simplified Chinese, and Traditional Chinese.
The market got to know Palo Alto Networks when our next-generation firewall disrupted network security. Now we’re disrupting again: a new approach to endpoint security as part of a true next-generation security platform.
Good technology speaks for itself. Take the time to evaluate Traps and see for yourself what advanced endpoint protection can do.