LONDON, UK: Glasswall, a global leader in Content Disarm and Reconstruction (CDR) technology, today announced the availability of a powerful new plug-in that enables its CDR platform to be integrated with Palo Alto Networks’ next-generation firewalls. The Glasswall Palo Alto plug-in provides an additional layer of protection for Palo Alto Networks’ firewall solutions, ensuring users are secured against file-based threats.
Next generation firewalls are effective in protecting against most attack vectors, but there is a protection gap, which can be as much as 18 days. File-based threats such as malware and ransomware can go undetected when the security filter is not aware of the structure of the document. Glasswall’s patented ISG*-compliant CDR engine supports a wide range of business files and can identify malware hiding in files to provide sub-second processing speed, ensuring that threats are removed at the speed of business.
The Glasswall Palo Alto plug-in employs Glasswall’s CDR engine, with which supported files are automatically protected whilst the user is browsing the internet with negligible perceptible delay. All files that are uploaded or downloaded are restored to the known-good manufacturer's specification, removing the risk posed by file-based threats as they pass through the Palo Alto firewall. By delivering worry-free internet browsing, the plug-in offers policy-based file protection that can be configured to match administrator risk appetite.
Palo Alto Networks’ next-generation firewall range uses machine learning to protect an organization's network security against viruses, ransomware, spyware, phishing, and other common attack vectors. The integration leverages the Decryption Broker on the firewall to decrypt traffic, passing it to an internal proxy which in turn communicates via the Internet Content Adaptation Protocol (ICAP) to the Glasswall CDR Platform.
The solution is designed for a variety of crucial cybersecurity use cases, including protecting against compromised websites; file-based threat defense; supporting the implementation of zero-trust architecture; detecting and removing malware and ransomware; and preventing file metadata from persisting in uploaded files.
“Palo Alto Networks users who implement the Glasswall Palo Alto plug-in will benefit from a complete security package powered by industry-leading firewall and CDR solutions, removing the reliance on AV databases that cause protection lag on file-based threats,” commented Paul Farrington, chief product officer, Glasswall. “This gives security teams line of sight on the file-based threats that are escaping protection due to encryption or due to tooling that can’t identify risks quickly enough inside business documents and files.”
The plug-in supports Palo Alto Networks’ firewall products, including the PA-7000 Series, PA-5200 Series, PA-3200 Series devices, and VM-300, VM-500, and VM-700 models. It requires SSL Forward Proxy decryption to be enabled, where the firewall is established as a trusted third party (or man-in-the-middle) to session traffic.