Palo Alto's Vulnerability Protection (IPS) has a good rating from NSS Labs and allows the use of Suricata and Snort signatures. The PAN-OS 10 release includes local machine learning that protects against zero-day attacks.

You must perform a vulnerability assessment on all your devices, for example with Tenable Vulnerability Management. Then you must remedy the critical and high vulnerabilities.

You can use Palo Alto Cortex XDR networks to protect against this type of attack at the endpoint level.

The SD-WAN does not have any vulnerability, since that feature can be natively integrated with a security platform, such as an SD-WAN gateway that uses security as a virtual network function (Velocloud + Palo Alto Networks , Citrix + Palo Alto Networks), or a native security…

EDR is an add-on for Endpoint Protection. EDR is for detecting post-intrusion threats or persistent advanced threats. EDR enables identification and prevention of reconnaissance attack, lateral movement, command and control channel and data filtering. EDR can also analyze…

SIP is a VoIP telephony protocol, it is not a firewall configuration. In the firewall, the only item you can configure is SIP ALG in disabled or enabled mode. You can configure NAT Transversal when you need to implement site-to-site VPN where the VPN hub is behind a router.

Cortex XDR de Palo Alto Networks is the best solution in the market, because it has protection methods multiples, like are Local Machine Learning/IA, Static Analysis, Dynamic Analysis, Network Profiling, Baremetal, Exploits Protection (By technical or method, no by exploit)…

I recommended Cortex XDR of Palo Alto Networks. You use like sensors the firewall and the endpoints agents.

Both devices have the same architecture (UTM), but FortiGate has more granularity in networking security, it´s more friendly for management, and it has more performance. In the Gartner and NSS Lab reports, FortiGate has a better ranking.

Eso depende de la experiencia de servicio de soporte e implementación que tienes con tu proveedor actual. La plataforma puede ser muy buena, pero si se maneja mal, vas a experimentar la misma mala experiencia que equivaldría un mal producto. Es como ir en una super autopista…

Auto-Scale Palo Alto Networks VM-Series Firewalls in a Public Cloud Environment For environments that require an automatic deployment as scale out of the security services is required, you can combine bootstrapping with additional automation that monitors the security…

Entre las dos opciones recomiendo Fortifate sobre Cisco ASA por las siguientes razones. Si requiere funcionalidades de IPS en el Cisco ASA, se realizan a través del módulo Firepower (Antes Sourcefire) que Cisco nunca pudo integrar de manera nativa con el ASA y que por eso…