Skip to main content
TrustRadius
Palo Alto Networks Advanced Threat Prevention

Palo Alto Networks Advanced Threat Prevention

Overview

What is Palo Alto Networks Advanced Threat Prevention?

Palo Alto Networks Advanced Threat Prevention is an intrusion prevention system (IPS) used to stop zero-day attacks inline in real-time. In addition to the prevention of known threats, the solution helps to stop never-before-seen exploit attempts and command and control…

Read more
Recent Reviews
Read all reviews
Return to navigation

Product Details

What is Palo Alto Networks Advanced Threat Prevention?

Palo Alto Networks Advanced Threat Prevention is an intrusion prevention system (IPS) used to stop zero-day attacks inline in real-time. In addition to the prevention of known threats, the solution helps to stop never-before-seen exploit attempts and command and control with its inline deep learning engines that aims to provide prevention of zero-day injection attacks and evasive command and control.

Palo Alto Networks Advanced Threat Prevention Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(36)

Reviews

(1-2 of 2)
Companies can't remove reviews or game the system. Here's why
April 28, 2021

A Bombshell Security Suite

Derek Benson | TrustRadius Reviewer
Derek Benson
Infrastructure , Network Administrator
Dynamic Aviation (Aviation & Aerospace, 501-1000 employees)
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use the Palo Alto NTP suite of products at an organizational level, with the vast majority of our network edge traffic to the internet coming under the scrutiny of the various NTP profiles. It is great because we are able to see very clearly what is being impacted and can tailor the profiles to our policies as needed or completely remove them even without impacting the underlying firewall policy. At a management level, it makes for easy/fast firewall adjustments without sacrificing any of the protection that we need. Adding exceptions are a breeze and the firewalls get their updates on a regular basis without admin intervention.
Pros and Cons
  • Palo Alto NTP allows for a very, very granular approach to protection by the use of profiles. You can tailor as many profiles as you need say for URL Filtering or Malware scanning to accommodate different business needs. Once your profiles are all setup you can choose them to attach to your firewall policies on a policy-by-policy basis. It really couldn't be simpler.
  • Very easy to monitor the activity of the profiles in the Monitoring Pane, which makes for agile adjustments or exceptions to be made.
  • Some of the deeper features, like making exceptions for virus false-positives can be a little tricky, but I think that is just the nature of the beast. Maybe some guides/tutorials from Palo Alto would help navigate some of that more successfully. Fortunately, we haven't had many of those!
Likelihood to Recommend
Palo Alto NTP is an appropriate suite of protection for any enterprise environment or anyone that truly needs some serious perimeter protection in a one-stop, all-in-one unit. There are no modules or add-ons or clunky interfaces to deal with it; everything works out of one management plane, licensing, implementation, monitoring. updating, etc. As a network admin, that is immensely valuable to me. Additionally, I get real-time reporting on all the stuff NTP is catching, and it is nothing to shirk at. The real value in NTP comes in only after you begin doing SSL-decryption, however, to truly inspect the traffic. Short of that, you are just seeing a bunch of encrypted data and the NTP suite of tools isn't going to avail you. NTP plus decryption, though, is invaluable!
Most Important Features
  • Ease to implementation and agile management
  • Behind the scenes, automatic updating of all NTP databases, some even on an hourly basis
  • Great cost-to-value ratio
Return on Investment
  • We have various compliance standards we have to meet and the Palo Alto with its Networks Threat Protection suite has checked off pretty much all the boxes we needed and at a price point that couldn't be easily beat for comparable features, throughput, etc.
  • IT/Network staff has saved a A LOT of time using this platform for protection (coming from an ASA)
Alternatives Considered
We ended up with Palo Alto and NTP for a multitude of reasons, including price point, the clean interface, great reporting, and ease of management. NTP specifically covered all our bases and then some over the competition.
Other Software Used
November 09, 2017

Threat Review during Implementation

Alex Waitkus, CISSP-ISSAP, OSCP | TrustRadius Reviewer
Alex Waitkus, CISSP-ISSAP, OSCP
Security Architect
Securicon, LLC (Computer & Network Security, 11-50 employees)
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Threat Protection is being used on a multitude of levels- first all Internet traffic has active threat policies for protection from malicious sites and malware. Other locations utilize threat as a sanity check and second source for other IDS/IPS systems. We are continually tuning and working with Palo Alto to better their threat protection capabilities.
Pros and Cons
  • The threat engine has constant updates for important threats.
  • Wildfire helps supplement the Threat engine to help protect against 0 day threats.
  • The way the threat engine can be added at different levels to different zones and policies helps to ensure business essential traffic can have policies that are tuned to ensure traffic will flow.
  • Visibility into signatures and how they function/what triggers them would be very beneficial.
  • Lacking customizability compared to other tools.
  • Inability to write custom signatures easily and for traffic with small (less than 8 bit) signatures.
Likelihood to Recommend
I think threat prevention on a certain level could be used in all Palo Alto deployments (even if just alerting without blocking).
Return on Investment
  • New deployment hasn't been fully calculated yet.
  • With the addition of Panorama and central logging, event investigation has become more streamlined.
Alternatives Considered
It is comparable but not as robust as other stand alone IPS/IDS.
Other Software Used
Return to navigation