Offering a new methodology and shift in perspective, Traps from Palo Alto revolutionizes the network security space. Instead of analyzing attacks and whether they’ve been seen before, Traps focuses on the attacks themselves–and on stopping them.
Imagine this: While patrolling, a police officer sees a suspicious-looking man wandering the neighborhood. He pulls over, opens his trunk and grabs a giant book filled with mug shots and descriptions of the area’s convicted burglars and criminals. After sifting through page after page of pictures, the police officer doesn’t see the suspicious-looking man in any of the mug shots or descriptions, so he gives up and drives away. As soon as he does, the suspect breaks into someone’s home and steals thousands of dollars worth of valuables.
Seems like a less than effective approach to police work, right?
Now, apply the same scenario to network security. Unfortunately, many organizations take approaches that are all too similar—right down to security deficiencies that jeopardize the integrity of their networks and all the sensitive data they contain.
Revolutionizing the security space
Two years ago, Palo Alto Networks took major steps to address this shortcoming. Recognizing the need for improvement, the company completely reinvented its approach to endpoint security by developing Traps, Advanced Endpoint Protection.
Instead of allowing or denying access strictly based on which unique threats have already been identified and proven malicious, Traps stops and questions anything trying to enter your “house,” or in this case, your network, before it has a chance to do damage.
The product revolutionizes the security space. Instead of analyzing an attack and whether it’s been seen before, Traps focuses on the attacks themselves (and then stopping them. It’s a new methodology and shift in perspective.
Disrupting the endpoint security space
Palo Alto’s unique and robust network intelligence is exactly what distinguishes Traps from other anti-virus programs. The program identifies threat behaviors and techniques that hackers typically use, then leverages existing WildFire to further analyze other potentially malicious threats.
And then there’s how Traps functions—a distinction in and of itself.
When deployed, Traps runs on an endpoint, and looks at all startup processes from the majority of the applications run by users on a day to day basis. Next, it looks for any malformed or modified executables that will start when you open an application or file. The result? Traps prevents anything abnormal, along with any spun-off processes, from executing.
Instead of trying to identify something once it hits an endpoint and successfully executes a virus or piece of malware, Traps proactively monitors the machine, stopping threats before they can detonate, giving you full protection against zero-day attacks.
Government clients have much to gain
As with any new technology, government organizations have extra steps and processes for deploying Traps. Palo Alto and the federal government are working closely to add this product to its deployment list so it can be incorporated into government program security postures.
Within the next year, if not sooner, we hope to see Traps on the new products list and ready for federal implementations. Once approved, Traps offers significant benefits for government organizations—including some that are unique to the public sector in several ways.
Government organizations in particular need to focus on stopping the kinds of zero-day unknown attacks that Traps is designed to stop. After all, when facing attacks from well-funded countries around the world, protecting against the unknown is critical. Government organizations experience a higher percentage of these attacks compared to other industries, such as healthcare or insurance.
As a lightweight product, Traps fits on top of whatever structure is already in place. That said, it won’t provide many of the management, reporting and logging functions that some government customers require. We recommend layering Traps over another antivirus product to provide additional protection.
Palo Alto shifts the paradigm—again
While revolutionary in its own right, this isn’t Palo Alto’s first prominent entry into a new market. This company prides itself on a proactive approach to network security, starting with its original next-generation firewall.
With the introduction of Traps, Palo Alto once again solidifies their stance as leaders at introducing new security approaches and forces our industry to reevaluate how we identify vulnerabilities. With Traps, Palo Alto not only identified a need for something more, they offered a solution.
Endpoint protection remains crucial to any security infrastructure—and will be for a long time. No matter how much user-training organizations do, employees will still open malicious emails, click on faulty links and download virus-infested files. For better endpoint protection, Traps could be your answer.
Authors: Gregory Kushto and Pete Burke
How can we help your agency achieve its mission?
Maximize your IT investments. Learn more about solutions and services from Force 3.