A powerful new weapon to combat attacks
DNS is wide open for attackers. Attacks using DNS often succeed because security teams lack basic visibility into how threats use DNS to maintain control of infected devices or steal data. Current approaches drown you in uncoordinated data from independent tools or require changes to DNS infrastructure.
DNS Security service applies predictive analytics, machine learning, and automation to block attacks that use DNS. Tight integration with the next-generation firewall gives you automated protections and eliminates the need for independent tools. Now you can rapidly predict and prevent malicious domains, neutralize threats hidden in DNS tunneling, and apply automation to quickly find and contain infected devices.
Predict and block new malicious domains
DNS Security gives the advantage back to defenders. It automatically prevents tens of millions of malicious domains identified with real-time analysis and continuously growing global threat intelligence. It predicts and stops malicious domains from domain generation algorithm-based malware with instant enforcement. And it provides limitless protection against malicious domains with a cloud-based database for infinite scale.
Neutralize DNS tunneling
DNS Security enables you to quickly detect command and control or data theft employing DNS tunneling with machine learning-powered analysis. It builds on the signature-based protection of PAN-OS® to identify advanced tunneling attempts, enabling you to rapidly neutralize DNS tunneling attempts with automated policy action.
Simplify security with automation
With integrated DNS Security on the next-generation firewall, there’s no need for independent DNS security tools or changes to DNS routing. It automates dynamic response to find infections quickly and respond with policy. And it makes it easy to take advantage of the latest DNS security innovations through our extensible cloud-based architecture, which continues to improve detection and prevention.