BrightCloud® IP Reputation Service for

Palo Alto Networks

Protect Your Enterprise from Unknown, Malicious IP Threats

BrightCloud IP Reputation Service for Palo Alto Networks, from the BrightCloud for Next Generation Firewall (NGFW) solution family, allows enterprise customers to easily integrate BrightCloud IP threat intelligence into their Palo Alto Networks NGFW devices to strengthen their defense against new and unknown IP threats. It provides Palo Alto Networks NGFW devices with a customized and continuously updated feed of malicious IP addresses so it can detect and block them from penetrating to the rest of the customer network and reduce the frequency of incident response for the security team.

To keep the list of 12 million malicious IPs updated and accurate, Webroot uses a prosecution methodology:

  • Deploy an automated algorithm to identify suspicious IPs
  • Examine the IP's activities and associations and correlate them
  • Apply machine learning and automated classification algorithm
  • Judge and sentence the IP as malicious for a term
  • Re-evaluate IP after serving sentence
  • Resentence or release IP on parole with heavy monitoring

Customized IP Threat Intelligence for each customer

To counteract directed attacks, enterprises need customized threat intelligence, rather than generic, free intelligence that is neither pertinent nor actionable. The BrightCloud IP Reputation Service includes an innovative Intelligence Customization feature that automatically analyzes the customer environment and tailors the IP reputation data accordingly to protect the customer from malicious IPs that have targeted them in the past as well as malicious IPs that are likely to attack them in the future. Security teams will benefit from more malicious IPs blocked at the Palo Alto Networks NGFW, less IP attacks in their infrastructure and less incident response.

Easy integration

Customers can use the BrightCloud Connector to add BrightCloud IP Reputation to their Palo Alto Networks NGFW devices. The BrightCloud Connector is a virtual appliance that can be easily deployed in a VMware virtual environment.