Download Datasheet

Solution Brief

VM-Series Firewall on EndaceProbes

For more information about the deploying Palo Alto Networks VM-Series Firewall for KVM on EndaceProbes login to our
Endace Support Portal

More Information

For more information about combining the power of Endace and Palo Alto Networks contact us.

Contact Us

Palo Alto Networks

Palo Alto Networks® next-generation firewalls safely enable all applications and deliver highly automated, preventive protection against cyber threats at all stages in the attack lifecycle without compromising performance.

Integrating with Palo Alto Networks firewalls accelerates security incident investigation and lets you extend your security monitoring coverage without hardware rollouts, wherever you have EndaceProbe Network Recorders deployed.

See it in action

Watch this short video demo to see how integrating Palo Alto Networks firewalls and Panorama Security Management can streamline security investigations and dramatically reduces the time to respond to threats.

Hosting Palo Alto Networks VM-Series Firewall on EndaceProbes

Palo Alto Networks VM-Series Firewall for KVM can be hosted in Application Dock™ on EndaceProbe Network Recorders in IDS mode. This lets you deploy security detection to anywhere on the network that you have EndaceProbes deployed.

The VM-Series Firewall runs in a single, double or quad-dock instance in Application Dock. You can download the full deployment guide from our Support Portal. If you don't have a Support Portal account, you can request one here.

Deployment Guide

Integrating Palo Alto Networks Firewalls with Network History

Integrating EndaceProbes with Palo Alto Networks firewalls or Panorama lets analysts go directly from a security alert to view the related packets in EndaceVision. This streamlines the investigation process and allows security teams to respond to security threats quickly and conclusively.

The integration leverages the EndaceProbe's Pivot-to-Vision™ API to provide a Loglink from each security alert directly to the related, packet-level Network History. Using the IP address and time range of the trigger event, Pivot-To-Vision focuses the analyst directly on pre-filtered incident data.

EndaceVision lets analysts extract, dissect and review the relevant traffic from the terabytes of Network History recorded by EndaceProbes on the network. They can zoom in to view packet detail, or zoom out for a big-picture view of the network activity that took place before, during and after the alert.

For technical information on how to integrate Palo Alto Networks firewalls and Panorama with EndaceProbes for rapid access to Network History, download the Technical Brief.

Technical Brief