Call a Specialist Today! 844-294-0778


Advanced DNS Security
Apply predictive analytics to disrupt attacks that use DNS for command and control or data theft


Palo Alto Networks DNS Security service applies predictive analytics to disrupt attacks that use DNS for C2 or data theft. Tight integration with Palo Alto Networks next-generation firewalls gives you automated protection and eliminates the need for independent tools. Threats hidden in DNS traffic are rapidly identified with shared threat intelligence and machine learning. Cloud-based protections scale infinitely and are always up to date, giving your organization a critical new control point to stop attacks that use DNS.

DNS Security Service

Figure 1: Rich DNS data powers machine learning for protection

Benefits

Predict and Block New Malicious Domains

DNS is a massive and often overlooked attack surface present in every organization. Adversaries take advantage of the ubiquitous nature of DNS to abuse it at multiple points of an attack, including reliable C2. Security teams struggle to keep up with new malicious domains and enforce consistent protections for millions of emerging domains at once.

The DNS Security service takes a different approach to predicting and blocking malicious domains, giving the advantage back to overwhelmed network defenders. Now, your Palo Alto Networks next-generation firewalls can:

Neutralize DNS Tunneling

Advanced attackers use DNS tunneling to hide data theft or C2 in standard DNS traffic. The sheer volume of DNS traffic often means defenders simply lack the visibility or resources to universally inspect it for threats. Our DNS Security service lets you:

Simplify Security with Automation and Replace Stand-Alone Tools

Security teams need integrated innovations that extend the value of their existing security investments without complicating operations. DNS Security takes advantage of the next-generation firewall platform to stop attacks using DNS, with full automation to reduce manual effort.

Protection Without Performance Impact

Advanced security is seamlessly applied to DNS queries in real time with no business impact. The service is hosted on Palo Alto's global security service delivery network to provide the low latency and high performance necessary to minimize impact to DNS traffic on customer networks.

DNS Security Requirements

To use Palo Alto Networks DNS Security service, you will need:

Licensing Information

The DNS Security license is available as an integrated, cloud-based service for the Palo Alto Networks next-generation firewall platform. It is also available as part of the Palo Alto Networks Subscription ELA or VM-Series ELA.

Download the Palo Alto Networks Advanced DNS Security Datasheet (PDF).