Palo Alto Networks NGFW

Over half of network attacks today use encrypted traffic. Traditional security controls are blind to these attacks and under perform without the proper visibility. Venafi makes it easy to unlock encrypted traffic with your Palo Alto Networks NGFW and stop attacks at the firewall.
Business Outcomes
  • Get started fast with inventories of existing keys and certificates

  • Maximize inspection with full discovery of keys and certificates 

  • Eliminate gaps in visibility due to manual processes around certificate renewals

Integration Features
  • Onboard-discovery provides a complete machine identity inventory from the start

  • Increased performance of inspection with automated distribution of keys and certificates 

  • Automated distribution of replacement keys when new keys are generated

Solution Overview

Industry experts believe over 70% of web malware will be carried by encrypted traffic in 2020. That’s a huge blind spot for enterprise security systems, which may not have threat detection or protection against these attacks. With the widespread adoption of SSL/TLS encryption, the ability to ensure every key and certificate is available for decryption and then decrypt and inspect SSL/TLS traffic in real time, is more important than ever. 

Palo Alto Networks NGFW and Venafi Platform work together to protect privacy, secure network transactions and defend intellectual property. The integrated solution helps you identify which encrypted channels should be trusted and which are being used as part of an attack. With Venafi in place, Palo Alto Networks NGFWs have secure and unhindered access to machine identities, allowing them to detect and prevent attacks that hide in encrypted channels.