Advanced DNS Security
Inspect every DNS request and response in real time to

Software Product Image

Palo Alto Networks Products

Advanced DNS Security

Advanced Wildfire

#ADVANCED-DNS-SECURITY
Our Price: Request a Quote

Get a Quote

Click here to jump to more pricing!

Please Note: All Prices are Inclusive of GST

Overview:

40% More DNS Threat Coverage Than Any Other Available Solution

The Domain Name System (DNS) is wide open for attackers. Its ubiquity and high traffic volume make it easy for adversaries to hide malicious activity. The Palo Alto Networks Unit 42 Threat Research team identified that 85% of malware uses DNS to initiate commandand-control (C2) procedures. Attackers can also abuse DNS using a multitude of techniques to deliver malware and exfiltrate data. Unfortunately, security teams often lack basic visibility into how threats use DNS that would enable them to respond effectively. Current approaches lack automation; drown you in uncoordinated data from independent tools; or require changes to DNS infrastructure that can not only be bypassed, but also require continual maintenance. It’s time to take back control of your DNS traffic.

The DNS Security Difference

Built in the cloud, DNS Security is a subscription service that works natively with your NGFW to secure your DNS traffic.

Shared threat intelligence and machine learning (ML) rapidly identify any threats hidden in DNS traffic. Cloud-based protections are delivered instantly, scale infinitely to all users, and are always up to date. A purpose-built analytics dashboard provides full visibility into your DNS traffic along with one-click context for any attack the DNS Security service detects. DNS Security delivers:

Unparalleled protection from DNS-based threats through groundbreaking inline ML algorithms that predict and identify new and advanced threats, disrupting attacks.
Security that can’t be bypassed by changing DNS settings.
Incredible ease of deployment simply turn on and manage your subscription through your NGFW.
Maximized operational efficiency by securing DNS traffic through the Palo Alto Networks platform.

Precision AI

Precision AI® leverages machine learning, deep learning and generative AI to analyze rich and diverse threat data to deliver real-time protection for the entire network.

Detect and Prevent in Real Time

Analyze real network traffic inline and instantly stop known, unknown and highly evasive threats to prevent patient zero.

Improved Accuracy

Analyze real network traffic inline and instantly stop known, unknown and highly evasive threats to prevent patient zero.

Consistently Delivered Everywhere

Comprehensive and real-time protection from advanced threats delivered consistently via a robust global infrastructure.

Key Capabilities

Protect Against the Latest and Most Advanced DNS-Based Attacks

Beyond malware, phishing, and other traditional threats, adversaries also exploit DNS to establish reliable C2, attack hosts inside the corporate network from the internet, perform distributed denial-of-service (DDoS) attacks, and even cause reputational harm by taking over your domains. Modern DNS-layer security must be able to identify and disrupt these attacks.

Detecting and preventing sophisticated DNS-layer network attacks and data exfiltration techniques requires ML algorithms that can rapidly analyze DNS traffic and get ahead of threats. It also requires robust threat intelligence to inform those algorithms and measures designed to protect against specific attack techniques. Finally, it requires enforcement points to block or sinkhole malicious DNS activity once identified.

The DNS Security service predicts and stops malicious domains with instant enforcement through the NGFW, protecting you against automated attacks. Our ML-enabled detection engines (see table 2) solve key emerging DNS-based attacks, such as ultra-slow DNS tunneling, dangling DNS, and DNS rebinding. DNS Security can even predict new malicious domains right after their registration, before they can be used against you. DNS Security’s comprehensive, market-leading protections provide you with the most effective security regardless of DNS settings, configurations, and deployment model.

Stop Known Threats

The DNS Security subscription offers limitless protection against tens of millions of malicious domains, identifying them with real-time analysis and continuously growing global threat intelligence. Our cloud database scales with data from a large and ever-expanding threat intelligence sharing community, adding to Palo Alto Networks sources that include:

Advanced WildFire malware prevention service to find new C2 domains, file download source domains, and domains in malicious email links.
URL Filtering to continuously crawl newfound or uncategorized sites for threat indicators.
Passive DNS and device telemetry to understand domain resolution history seen from thousands of deployed NGFWs, generating petabytes of data per day.
Unit 42 threat research to provide human-driven adversary tracking and malware reverse engineering, including insight from globally deployed honeypots.
More than 30 third-party sources of threat intelligence to enrich data and ensure you have coverage

Identify and Quarantine Infected Systems

Use automation to prevent the spread of infection. Automate dynamic response to find infected machines and quickly respond in policy. When attacks using DNS are identified, security administrators can automate the process of sinkholing malicious domains on the NGFW to cut off C2, rapidly identify infected users on the network, and even isolate them. Combining malicious domain sinkholing, Dynamic Address Groups (DAGs), and logging actions enables automation of detection and response workflows, saving analysts time by removing the slow and manual processes other solutions require.

Get Insight from DNS Analytics

Give your security personnel the context they need to take action. Threat reporting capabilities allow deeper insights into threats than ever before, delivering full visibility into DNS traffic with:

Give your security personnel the context they need to take action. Threat reporting capabilities allow deeper insights into threats than ever before, delivering full visibility into DNS traffic with:
Context around DNS events that will show you what kind of domains are being queried and with what frequency, time stamps, passive DNS information for each domain, WHOIS information, and any associated malware tags.
Security hygiene to keep track of what security capabilities are enabled by your NGFWs across your estate, allowing you to quickly eliminate any blind spots.

Best-in-class IPS

Decrease risk by 45% and get a return on spend in six months versus stand-alone network threat protection.

Safeguard the web in real time with inline protection

Benefit from inline deep learning capabilities that can detect and prevent threats faster than the time it takes to blink — stopping 88% of malicious URLs 48 hours before other vendors.

Prevent the latest and most sophisticated phishing attacks

Get layers of prevention to protect your organization from advanced and highly evasive phishing attacks, all in real time.

Complete control of your web traffic

Fine-grained controls and policy settings give you complete control of your web traffic and enable you to automate security actions based on users, risk ratings and content categories.

Eliminate security silos and keep users safe

We can help you attain proper security posture 30% faster compared to point solutions.

Flexible deployment options

We offer flexible deployment options for those who use a proxy to secure their web traffic, giving you a seamless transition to explicit or transparent proxy.

Product	Description
Advanced Threat Prevention	Stop known and unknown exploits, malware, spyware, and command-and-control (C2) threats with the industry’s first prevention of zero-day attacks, stopping 60% more zero-day injection attacks and 48% more highly evasive command-and-control traffic than traditional IPS solutions.
Advanced WildFire	Ensure safe access to files with the industry’s largest malware prevention engine, blocking 26% more evasive malware and turning detection into prevention 60× faster.
Advanced URL Filtering	Ensure safe access to the web and prevent 40% more threats in real time than traditional filtering databases with the industry’s first prevention of known and unknown phishing attacks, stopping up to 88% of malicious URLs at least 48 hours before competitors.
Advanced DNS Security	Protect your DNS traffic and stop advanced DNS-layer threats, including DNS hijacking, all in real time with 2× more DNS-layer threat coverage than competitors.
Next-Generation Cloud Access Security Broker	Discover and control all SaaS consumption in your network with visibility into 60K+ SaaS apps and protect your data with 28+ API integrations.
IoT Security	Secure your blind spot and protect every connected device unique to your vertical with the industry’s most comprehensive Zero Trust solution for IoT devices, discovering 90% of devices within 48 hours.
AIOps	AIOps for NGFW redefines firewall operational experience by empowering security teams to proactively strengthen security posture and resolve firewall disruptions.

Documentation:

Download the Advanced DNS Security Datasheet (PDF).

Pricing Notes:

All Prices are Inclusive of GST
Pricing and product availability subject to change without notice.