Glasswall, a global leader in content disarm and reconstruction (CDR) technology, announced the availability of a plug-in that enables its CDR platform to be integrated with Palo Alto Networks’ next-generation firewalls. The Glasswall Palo Alto plug-in provides an additional layer of protection for Palo Alto Networks’ firewall solutions, ensuring users are secured against file-based threats.
Next-generation firewalls are effective in protecting against most attack vectors, but there is a protection gap, which can be as much as 18 days. File-based threats such as malware and ransomware can go undetected when the security filter is not aware of the structure of the document.
Glasswall’s patented ISG-compliant CDR engine supports a range of business files and can identify malware hiding in files to provide sub-second processing speed, ensuring threats are removed.
The Glasswall Palo Alto plug-in employs Glasswall’s CDR engine, with which supported files are protected while the user browses the internet with negligible perceptible delay. All files uploaded or downloaded are restored to the known-good manufacturer’s specification, removing the risk posed by file-based threats as they pass through the Palo Alto firewall
Palo Alto Networks’ next-generation firewall range uses machine learning to protect an organization’s network security against viruses, ransomware, spyware, phishing and other common attack vectors. The integration leverages the decryption broker on the firewall to decrypt traffic, passing it to an internal proxy that communicates via the internet content adaptation protocol (ICAP) to the Glasswall CDR Platform.
The solution is designed for crucial cybersecurity use cases, including protecting against compromised websites; file-based threat defense; supporting the implementation of zero-trust architecture; detecting and removing malware and ransomware; and preventing file metadata from persisting in uploaded files.
The plug-in supports Palo Alto Networks’ firewall products, including the PA-7000 Series, PA-5200 Series, PA-3200 Series devices, and VM-300, VM-500, and VM-700 models. It requires SSL Forward proxy decryption to be enabled, where the firewall is established as a trusted third party (or man-in-the-middle) to session traffic.
Learn more at www.glasswall.com