Glasswall has announced the availability of a powerful new plug-in which enables its Content Disarm and Reconstruction (CDR) platform, to be integrated with Palo Alto’s next-generation firewalls. The Glasswall Palo Alto plug-in provides an additional layer of protection for Palo Alto firewall solutions, ensuring users are secured against file-based threats.
Next generation firewalls are effective in protecting against most attack vectors, but there is a protection gap which can be as much as 18 days. File-based threats such as malware and ransomware can go undetected when the security filter is not aware of the structure of the document. Glasswall’s patented ISG*-compliant CDR engine supports a wide range of business files and can identify malware hiding in files to provide sub-second processing speed, ensuring that threats are removed at the speed of business.
The Glasswall Palo Alto plug-in employs Glasswall’s CDR engine, with supported files automatically protected whilst the user is browsing the Internet, with negligible perceptible delay. All files that are uploaded or downloaded are restored to the known-good manufacturer’s specification, removing the risk posed by file-based threats as they pass through the Palo Alto firewall. By delivering worry-free internet browsing, the plug-in offers policy-based file protection that can be configured to match administrator risk appetite.
Palo Alto’s next generation firewall range uses machine learning to protect an organization’s network security against viruses, ransomware, spyware, phishing, and other common attack vectors. The integration leverages the Decryption Broker on the firewall to decrypt traffic, passing it to an internal proxy which in turn communicates via the Internet Content Adaptation Protocol (ICAP) to the Glasswall CDR Platform
The solution is designed for a variety of crucial cybersecurity use cases, including protecting against compromised websites; file-based threat defense; supporting the implementation of Zero-Trust architecture; detecting and removing malware and ransomware, and preventing file metadata from persisting in uploaded files.
“Palo Alto users who implement the Glasswall Palo Alto plug-in will benefit from a complete security package powered by industry-leading firewall and CDR solutions, removing the reliance on AV databases that cause protection lag on file-based threats,” commented Paul Farringdon, Chief Product Officer, Glasswall. “This gives security teams line of sight on the file-based threats which are escaping protection due to encryption or due to tooling that can’t identify risks quickly enough inside business documents and files.”
The Plug-in supports Palo Alto Firewall products, including the PA-7000 Series, PA-5200 Series, PA-3200 Series devices, and VM-300, VM-500, and VM-700 models. It requires SSL Forward Proxy decryption to be enabled, where the firewall is established as a trusted third party (or man-in-the-middle) to session traffic.
*ISG – Inspection and Sanitization Guidance standards – National Security Agency (NSA)
For further information about the Glasswall Palo Alto Plug-in, click here. Glasswall will also be attending RSA in San Francisco, CA on June 6-9 and Infosec Europe in London, UK on June 21-23 – our teams at both events will be on hand to discuss this news in more detail.