Automation is helping attackers evade network security defenses with sophisticated red-team tools that are improving the speed and success rate of covert and long term attacks. The latest trend of widely available, highly evasive attack tools (like the easily available Cobalt Strike tools) have the potential to elevate any attacker’s skill to a nation-state level of sophistication. Signatures and databases simply aren’t enough to stop these next-generation threats.
To successfully protect against such highly-evasive modern day threats, network security must be able to quickly detect and validate unknown threats, operate on real, live traffic to see and stop attacks as they’re happening, and do all of this at lightning speed with no impact to user productivity. Nebula achieves network security innovation and prevention with inline deep learning.
Network security speed and performance limitations are the Achilles heel preventing the cybersecurity industry from bringing deep learning inline. Solutions historically have analyzed data offline or out-of-band, resulting in two big challenges for network security teams.
First, analysis is performed in a simulated environment that is unable to identify the newest highly evasive tactics. For example:
- Web crawling is too easy to evade with cloaking and other tricks.
- Sandboxing, while useful, can't ensure visibility of the real attack.
Second, since the analysis is happening offline the threat can’t be prevented in real-time.
Instead, security teams are reliant on preventing the attack further down the attack chain, identifying an alert then performing investigation and manual response, or updating to deliver a prevention signature minutes or days later after the initial victim has already been compromised.
Finally, the infrastructure needed to re-invent this process wasn't available. Silicon in yesterday's chips did not allow the processing speed necessary to efficiently compute today’s complex algorithms, and cloud infrastructure couldn't be scaled fast enough to meet the needs.
How do we know inline deep learning is the answer? As one of the most sophisticated variants of machine learning, it’s already used to solve today’s most difficult classification problems. However the computational power needed to enable deep learning analysis of real-time attack traffic has restricted its use to offline applications.
Nebula, the 10.2 release of PAN-OS brings massive, deep learning firepower to every network security location from small branch to campus to cloud to data center – on premise and in the cloud, everywhere.
The ability to perform this degree of inline supercomputing has only come together within the last year or so. To achieve it, we actually re-engineered a unique processing architecture through a special collaboration with a chip manufacturer to gain a 6x performance improvement in deep learning computation. In combination with this new high-powered processor we architected a unique, ultra-low latency, global, cloud infrastructure. We secure every corner of the enterprise, across every configuration in which the enterprise does business – from on-prem appliances, to software firewalls, to cloud-delivered SASE. We do it faster and better than ever.
PAN-OS 10.2 Nebula can stop zero-day attacks as they attempt to break in by leveraging the power of data and deep learning in real time without sacrificing performance. Nebula collects, analyzes and interprets potential zero-day threats in real time (a network security first) to deliver 6x faster prevention and 48% more evasive threats detected, surpassing anything previously available.
Nebula also introduces new and enhanced security services. In concert with Palo Alto Networks firewalls, these services maximize ROI and extend best-in-class security without requiring independent infrastructures. Key Nebula innovations include next-generation security for IoT devices and 10th security service, AIOps by Palo Alto Networks.
Our product and engineering teams are gearing up to demonstrate all of the new innovations and enhancements at our Nebula in-person launch event on March 22:
- Gain 3x security performance for data centers, campus, and branches.
- Predict and prevent up to 51% of disruptions in your network.
- Prevent 96% of web-based Cobalt Strike C2 in real-time.
- Prevent 40% more web-based attacks, 48 hours faster than traditional web-filtering databases.
- Prevent up to 95% of new file and web-based threats in-line.
- Get 40% more DNS-layer threat coverage than other leading vendors with predictive detections no other vendor offers.
- Discover 90% of IoT, including unmanaged devices, in 48 hours and automate enforcement of risk-reducing Zero Trust least-privileged access policies.
Each of the network security innovations in Nebula are built to do what other solutions simply can’t – stop today’s most sophisticated attacks as they happen. You can now stop up to 48% more zero-day threats 6x faster. When facing a cyberattack, every second matters, and these improvements literally mean the difference between protection and reaction.
These remarkable statistics aren’t hype and we’re ready to prove it to you at our live launch on March 22. Register to learn about the benefits of Nebula and gain a deeper understanding of everything that went into making this enormous leap forward in network security. Or you can read more about what’s new on our PAN-OS 10.2 Nebula page.