Palo Alto Networks Advanced Threat Prevention is an intrusion prevention system (IPS) used to stop zero-day attacks inline in real-time. In addition to the prevention of known threats, the solution helps to stop never-before-seen exploit attempts and command and control with its inline deep learning engines that aims to provide prevention of zero-day injection attacks and evasive command and control.
Having used Palo Alto Firewalls for years, implementing threat protection was the next step in perimeter security. Works much better than the few competitors I have personally used. Frequent content updates occur which may impact some policy rules, but that is normal across …
We ended up with Palo Alto and NTP for a multitude of reasons, including price point, the clean interface, great reporting, and ease of management. NTP specifically covered all our bases and then some over the competition.
Palo Alto NTP is an appropriate suite of protection for any enterprise environment or anyone that truly needs some serious perimeter protection in a one-stop, all-in-one unit. There are no modules or add-ons or clunky interfaces to deal with it; everything works out of one management plane, licensing, implementation, monitoring. updating, etc. As a network admin, that is immensely valuable to me. Additionally, I get real-time reporting on all the stuff NTP is catching, and it is nothing to shirk at. The real value in NTP comes in only after you begin doing SSL-decryption, however, to truly inspect the traffic. Short of that, you are just seeing a bunch of encrypted data and the NTP suite of tools isn't going to avail you. NTP plus decryption, though, is invaluable!
We have various compliance standards we have to meet and the Palo Alto with its Networks Threat Protection suite has checked off pretty much all the boxes we needed and at a price point that couldn't be easily beat for comparable features, throughput, etc.
IT/Network staff has saved a A LOT of time using this platform for protection (coming from an ASA)